Postfix docs Search Results:

Looking for special in entire archive - Found 55 matches in 19 files
Showing results 1 - 19
Postfix Configuration Parameters, Feb 8 2008
Turn off MIME processing while receiving mail. This means that no special treatment is given to Content-Type: message headers, and that all text after the initial message headers is considered to be part of the message body.
owner_request_special
Give special treatment to owner-listname and listname-request address localparts: don't split such addresses when the recipient_delimiter is set to "-". This feature is useful for mailing lists.
The default is to comply with RFC 821. If you have to send mail to a broken SMTP server, configure a special SMTP client in master.cf:
Disabling the hostname verification can make sense in closed environment where special CAs are created. If not used carefully, this option opens the danger of a "man-in-the-middle" attack (the CommonName of this attacker will be logged).
Permit the request when the remote SMTP client certificate is verified successfully. This option must be used only if a special CA issues the certificates and only this CA is listed as trusted CA, otherwise all clients with a recognized certificate would be allowed to relay. This feature is available with Postfix version 2.2.
Use C like escapes to specify special characters such as whitespace.
Both RSA and DSA certificates are supported. When both types are present, the cipher used determines which certificate will be presented to the client. For Netscape and OpenSSL clients without special cipher choices the RSA certificate is preferred.
If you want to support this service, enable a special port in master.cf, and specify "-o smtpd_tls_wrappermode=yes" on the SMTP server's command line. Port 465 (smtps) was once chosen for this purpose.

Postfix Configuration Parameters, Feb 8 2008
Turn off MIME processing while receiving mail. This means that no special treatment is given to Content-Type: message headers, and that all text after the initial message headers is considered to be part of the message body.
owner_request_special
Give special treatment to owner-listname and listname-request address localparts: don't split such addresses when the recipient_delimiter is set to "-". This feature is useful for mailing lists.
The default is to comply with RFC 821. If you have to send mail to a broken SMTP server, configure a special SMTP client in master.cf:
Disabling the hostname verification can make sense in closed environment where special CAs are created. If not used carefully, this option opens the danger of a "man-in-the-middle" attack (the CommonName of this attacker will be logged).
Permit the request when the remote SMTP client certificate is verified successfully. This option must be used only if a special CA issues the certificates and only this CA is listed as trusted CA, otherwise all clients with a recognized certificate would be allowed to relay. This feature is available with Postfix version 2.2.
Use C like escapes to specify special characters such as whitespace.
Both RSA and DSA certificates are supported. When both types are present, the cipher used determines which certificate will be presented to the client. For Netscape and OpenSSL clients without special cipher choices the RSA certificate is preferred.
If you want to support this service, enable a special port in master.cf, and specify "-o smtpd_tls_wrappermode=yes" on the SMTP server's command line. Port 465 (smtps) was once chosen for this purpose.

Postfix LDAP Howto, Feb 8 2008
forward special lists unexpanded to a separate list server, for moderation or other processing;
Our second use case instead expands "memberdn" attributes (1), (2), (6) and (7), follows the DN references and returns the "maildrop" of the referenced user entries. Here we use the "special_result_attribute" setting from ldap_table(5) to designate the "memberdn" attribute as holding DNs of the desired member entries. The "result_attribute" setting selects which attributes are returned from the selected DNs. It is important to choose a result attribute that is not also present in the group object, because result attributes are collected from both the group and the member DNs. In this case we choose "maildrop" and assume for the moment that groups never have a "maildrop" (the "bgroup" "maildrop" attribute is for a different use case). The returned data for "auser" and "buser" is from items (11) and (13) in the example data.
special.cf: ...
search_base = dc=example, dc=com query_filter = mail=%s result_attribute = maildrop special_result_attribute = memberdn $ postmap -q agroup@example.com ldap:special.cf auser@mailhub.example.com,buser@mailhub.example.com
search_base = dc=example, dc=com query_filter = mail=%s result_attribute = maildrop special_result_attribute = memberdn $ postmap -q auser@example.com ldap:no_expand.cf ldap:expand.cf auser@mailhub.example.com $ postmap -q agroup@example.com ldap:no_expand.cf ldap:expand.cf auser@mailhub.example.com,buser@mailhub.example.com $ postmap -q bgroup@example.com ldap:no_expand.cf ldap:expand.cf bgroup@mlm.example.com
search_base = dc=example, dc=com query_filter = mail=%s result_attribute = memberaddr special_result_attribute = memberdn terminal_result_attribute = maildrop leaf_result_attribute = mail $ postmap -q auser@example.com ldap:fancy.cf auser@mailhub.example.com $ postmap -q cuser@example.com ldap:fancy.cf cuser@example.com $ postmap -q agroup@example.com ldap:fancy.cf auser@mailhub.example.com,buser@mailhub.example.com,auser@example.org,buser@example.org $ postmap -q bgroup@example.com ldap:fancy.cf bgroup@mlm.example.com
Above, delayed expansion is enabled via "terminal_result_attribute", which, if present, is used as the sole result and all other expansion is suppressed. Otherwise, the "leaf_result_attribute" is only returned for leaf objects that don't have a "special_result_attribute" (non-groups), while the "result_attribute" (direct member address of groups) is returned at every level of recursive expansion, not just the leaf nodes. This fancy example illustrates all the features of Postfix 2.4 group expansion.
The bits of schema and attribute names used in this document are just examples. There's nothing special about them, other than that some are the defaults in the LDAP configuration parameters. You can use whatever schema you like, and configure Postfix accordingly.

Postfix Configuration Parameters, Feb 8 2008
Turn off MIME processing while receiving mail. This means that no special treatment is given to Content-Type: message headers, and that all text after the initial message headers is considered to be part of the message body.
owner_request_special
Give special treatment to owner-listname and listname-request address localparts: don't split such addresses when the recipient_delimiter is set to "-". This feature is useful for mailing lists.
The default is to comply with RFC 821. If you have to send mail to a broken SMTP server, configure a special SMTP client in master.cf:
Disabling the hostname verification can make sense in closed environment where special CAs are created. If not used carefully, this option opens the danger of a "man-in-the-middle" attack (the CommonName of this attacker will be logged).
Permit the request when the remote SMTP client certificate is verified successfully. This option must be used only if a special CA issues the certificates and only this CA is listed as trusted CA, otherwise all clients with a recognized certificate would be allowed to relay. This feature is available with Postfix version 2.2.
Use C like escapes to specify special characters such as whitespace.
Both RSA and DSA certificates are supported. When both types are present, the cipher used determines which certificate will be presented to the client. For Netscape and OpenSSL clients without special cipher choices the RSA certificate is preferred.
If you want to support this service, enable a special port in master.cf, and specify "-o smtpd_tls_wrappermode=yes" on the SMTP server's command line. Port 465 (smtps) was once chosen for this purpose.

Postfix TLS Support, Feb 8 2008
You can have both at the same time, in which case the cipher used determines which certificate is presented. For Netscape and OpenSSL clients without special cipher choices, the RSA certificate is preferred.
It is strictly discouraged to use this mode from main.cf. If you want to support this service, enable a special port in master.cf
The permit_tls_all_clientcerts feature must be used with caution, because it can result in too many access permissions. Use this feature only if a special CA issues the client certificates, and only if this CA is listed as trusted CA. If other CAs are trusted, any owner of a valid client certificate would be authorized.
If the entropy source is not a regular file, you must prepend the source type to the source name: "dev:" for a device special file, or "egd:" for a source with EGD compatible socket interface.

Postfix Address Rewriting, Feb 8 2008
Once the trivial-rewrite(8) daemon has determined a default delivery method it searches the optional transport(5) table for information that overrides the message destination and/or delivery method. Typical use of the transport(5) table is to send mail to a system that is not connected to the Internet, or to use a special SMTP client configuration for destinations that have special requirements.

Postfix Address Rewriting, Feb 8 2008
Once the trivial-rewrite(8) daemon has determined a default delivery method it searches the optional transport(5) table for information that overrides the message destination and/or delivery method. Typical use of the transport(5) table is to send mail to a system that is not connected to the Internet, or to use a special SMTP client configuration for destinations that have special requirements.

Sys Admin Magazine Online, Feb 8 2008
There is another security decision you will have to make regarding Postfix's submission mechanism, that is, the attributes on directories used for mail spooling. Postfix offers two options. The first uses a world-writable, sticky (1733) directory for messages. Because it is world-writable there is no need to run any program with special privileges (setuid or setgid), and the mail files themselves are not world-writable or otherwise accessible to other users.
There is a possibility that a local user could do some small damage. For example, it would be possible to create a hard link to a mail file so that it is not removed when Postfix deletes it. Or, a local user could copy or hard link some system file to the directory to try to have it delivered as mail. Postfix does take steps to prevent this (remember, trust no one), so the likelihood that this would work is significantly diminished. However, if you have a lot of local users on the mail system, and your own security policies would not permit world-write permissions, Postfix offers an alternative. You can set the directory permissions more restrictively (1730) and install an additional program, called postdrop, provided to run setgid. You will have to create a special group that has no members and set the mail spool directory's group to the unique group you created. Postfix will automatically run postdrop when it detects that the spool directory write permission is restricted.

Postfix Queue Scheduler, Feb 8 2008
The old scheduler declares a destination "dead" when negative (-1) feedback throttles the delivery concurrency down to zero. With less-than-1 feedback per delivery, this throttling down would obviously take too long. We therefore have to separate "dead destination" detection from concurrency feedback. This is implemented by introducing the concept of pseudo-cohort failure. The Postfix 2.5 concurrency scheduler declares a destination "dead" after a configurable number of pseudo-cohorts suffers from connection or handshake failures. The old scheduler corresponds to the special case where the pseudo-cohort failure limit is equal to 1.
This noise problem gets worse as the amount of positive feedback per delivery gets smaller. A compromise is to use fixed less-than-1 positive feedback values instead of concurrency-dependent positive feedback. For example, to tolerate 1 of 4 bad servers in the above load balancer scenario, use positive feedback of 1/4 per "good" delivery (no connect or handshake error), and use an equal or smaller amount of negative feedback per "bad" delivery. The downside of using concurrency-independent feedback is that some of the old +/-1 feedback problems will return at large concurrencies. Sites that must deliver mail at non-trivial per-destination concurrencies will require special configuration.

Postfix Address Rewriting, Feb 8 2008
Once the trivial-rewrite(8) daemon has determined a default delivery method it searches the optional transport(5) table for information that overrides the message destination and/or delivery method. Typical use of the transport(5) table is to send mail to a system that is not connected to the Internet, or to use a special SMTP client configuration for destinations that have special requirements.

Postfix manual - bounce(5), Feb 8 2008
o No special meaning is given to the backslash char- acter or to leading whitespace; these are always taken literally.

Postfix and Mailman deliver enhanced e-mail security and performance, Feb 8 2008
One reassuring aspect of Postfix and Mailman is that their creators use them. Venema has depended on Postfix as the only MTA on his own node for over a year, while Ken Manheimer, John Viega, Scott Cotton, and Barry Warsaw developed Mailman largely as an extension of their own needs for more convenient and higher performing mailing list management than other products afford. Among other responsibilities, Mailman keeps the mailing lists of all python.org activities, including the Python Special Interest Groups (Python SIGs), straight.

Catching up with Wietse Venema, creator of Postfix and TCP Wrapper, Feb 8 2008
Monitoring Files with Special Permissions:

Postfix SASL Howto, Feb 8 2008
In the above example, the Postfix SMTP client will decline to use mechanisms that require special infrastructure such as Kerberos or TLS.

Postfix Architecture Overview, Feb 8 2008
The queue manager (the qmgr(8) server process in the figure) is the heart of Postfix mail delivery. It contacts the smtp(8), lmtp(8), local(8), virtual(8), pipe(8), discard(8) or error(8) delivery agents, and sends a delivery request for one or more recipient addresses. The discard(8) and error(8) delivery agents are special: they discard or bounce all mail, and are not shown in the figure above.

Postfix XFORWARD Howto, Feb 8 2008
After xtext decoding, attribute values must not contain control characters, non-ASCII characters, whitespace, or other characters that are special in message headers.

Postfix Bottleneck Analysis, Feb 8 2008
Multiple recipient groups (from one or more messages) are queued for delivery grouped by transport/nexthop combination. The destination concurrency limit for the transports caps the number of simultaneous delivery attempts for each nexthop. Transports with a recipient concurrency limit of 1 are special: these are grouped by the actual recipient address rather than the nexthop, yielding per-recipient concurrency limits rather than per-domain concurrency limits. Per-recipient limits are appropriate when performing final delivery to mailboxes rather than when relaying to a remote server.

Postfix Small/Home Office Hints and Tips, Feb 8 2008
In the above example, the Postfix SMTP client will decline to use mechanisms that require special infrastructure such as Kerberos or TLS.

Postfix VERP Howto, Feb 8 2008
Many characters must not be used as VERP delimiter characters, either because they already have a special meaning in email addresses (such as the @ or the %), because they are used as part of a username or domain name (such as alphanumerics), or because they are non-ASCII or control characters. And who knows, some characters may tickle bugs in vulnerable software, and we would not want that to happen.

New Query: Rank by:
Search results by Webglimpse Advanced Site Search Engine