Sorry for not posting this long but I’ve been doing to many things at once without finishing one single thing or getting somewhere with all the time put in it. I should really learn to focus a bit more. All these features of the new programs and requests I get are just to tempting not to touch. But back to the business at hand:

Wietse has got a new patch level release out for our beloved Postfix mailserver. Mostly bugfixes, some of them don’t bother us like problems with Redhat of FreeBSD but the others might. So I’ve compiled and checked it and I’m running it on my test servers and production servers without a problem. Just follow the install documentation and you’ll be alright.

Some of the bugfixes are:

  • Message headers longer than 65535 broke the Milter protocol. To
    make matters worse the cleanup server could then dereference a
    null pointer. When Milter support is enabled, the length of each
    message header is now limited to 60000.
  • Several fixes to improve worst-case behavior of the (new) queue
    manager with multi-recipient mail. The queue manager now reads
    new recipients earlier from the queue file, instead of becoming
    starved while waiting for the slowest in-memory recipients to
    complete; and it now reads recipients in smaller chunks to avoid
    spending too much time not talking to delivery agents.
  • With remote SMTP server tarpit delays larger than the Postfix
    SMTP client’s smtp_rset_timeout (default: 20s), the client would
    get out of sync with the server while reusing a connection. The
    symptoms were “recipient rejected .. in reply to DATA”.

As promised when delivering the DSPAM documentation I’ve finished how to setup maildrop today. I’ve got it running for a few days on my own server and I must say it works perfectly. All spam found by DSPAM is now put into a mailfolder of my choice and not in my inbox. I haven’t setup any fancy filtering yet just plain spam/nonspam filtering but it’s a start.

You can read all about how to setup maildrop in the documentation. If you have problems in using it please post your errors and problems in the forum.

Next up is to have maildrop create folders that not already exist in your inbox when needed and to have users have their own filtering rules. Hope you like it as it is currently…


I’m posting to let you know that I’ve updated the installation page of Postfix to include support for perl regular expressions in the use of tables also know as PCRE. This enables you to filter table entries you might use, if you’d want to. You can read more on PCRE and Postfix here and here.

I found out I needed it when I wanted to do some fancy stuff in my DSPAM setup. I’m almost there in releasing the documentation, still looking for more volunteers to beta test for me. The DSPAM filter is running as a content filter in Postfix and I’ve got a shell script running daily that empties my Junk folder and trains DSPAM to learn to be a better filter. More about this subject later…


Some of the users of my mailserver setup noticed a problem with postfix, they where unable to receive mail. When investigating the problem I found out that MySQL dictionary type was not supported by postfix. You can find this out by running 'postconf -m', mysql should be in the list.

It looks like the software update replaces our postfix binary with the original one. This is not listed in the knowledge base article so I didn’t know beforehand. I can’t confirm this problem is caused by the update, I need to research this or get more confirmations about it.

The problem is likely to only affect Intel macs, I haven’t installed everything on my Intel mac yet so I hadn’t noticed the problem yet but I didn’t have any problem on my G4 mac minis.

To solve the problem you need to reinstall postfix. If you still have the source tree intact on your harddrive you can do it quickly with just running a 'sudo make install'. If it’s no longer there then you need to recompile the source again from scratch.

Your existing configuration files won’t be touched so no worries there. Sorry I had not noticed this problem earlier. I’ll install my Intel mac mini asap to better understand what’s happening here and prevent any further problems with software updates.


I used yesterday to recompile Postfix, Courier-Auth, Apache and PHP with the 5.0.24a MySQL libraries. I just used my own instructions to compile everything.

I first did Postfix and Courier-auth as they would cause the least problems when it would go wrong. My backup mailserver would still receuve all mail and forward it to me when the mailserver is back online. It all went without a hitch, just did a restart of the programs and all was running as expected.

Apache posed an issue, how to compile and install, followed by compiling PHP without disturbing all the people looking at my sites. In the end it was simple. Compile and install Apache2, don’t restart Apache so the old version keeps running but the new software is available on disk. Then compile and install PHP using the new Apache installation files and when that is done restart Apache and all would be fine. Well that’s what I thought…

There was a small error in the modules that I included in the httpd.conf. Some of them, all concerning authentication, where rewritten and given different names. I was still trying to load the old ones as I didn’t update my httpd.conf to reflect these changes. So Apache2 wouldn’t start. I just commented out the old modules and added the new ones in my httpd.conf and presto, Apache 2.2.3 and PHP 5.1.6 are now running on my server, together with Postfix 2.2.3.

They’ve been running for almost a day now and I haven’t gotten any complaints yet.

If you are still running “ISP in a box” version 1 and want to upgrade but are still a bit afraid on how to do this let me know and I’ll help out.

Just found out there was an error, got a call on the phone from some of my friends that they couldn’t email anymore. When checking the logfiles I foud out I forgot a step after compiling and installing Courier auth:

sudo chmod o+x /usr/local/var/spool/authdaemon

In the logfile there was the error:

SASL authentication failure: cannot connect to Courier
      authdaemond: Permission denied

Which means I didn’t follow my own instructions !


There was always a bug in PostfixAdmin 2.1.0 that prevented the creation of a mailbox when you created a new email address because PostfixAdmin send the incorrect commands to the Postfix mailserver. It was a small error and was also noted at the forum and bugtracker at the PostfixAdmin site. The error was that the smtp_mail function was sending an ‘EHLO’ command instead of the required ‘HELO’ command. I had the change of the function documented in the install notes.

But in the ongoing endeavor to stop spammers in sending emails to us the Postfix developers set stricter rules on their server communications. One of them being the stricter rules on sending multiple commands to the mailserver without listening for an answer from the mailserver after each command, which is typical for spam software. However this was also what PostfixAdmin was doing, sending all these commands to send an email to the newly created mail address without listening properly to the answers Postfix was sending.

The bug is fixed in PostfixAdmin CVS and is, as far as I can tell, scheduled to be released in the 2.1.1 release. But we encounter the bug now, I get remarks from people who are installing PostfixAdmin on top of Postfix 2.2.0 or later.

To help myself and them I copied some of the code that would solve the problem from CVS and put it into the current 2.1.0 source of PostfixAdmin. It solves the problem of Postfix rejecting emails being send from PostfixAdmin with the error:

Data command rejected: Improper use of SMTP command pipelining.

The error is solved by changing the ‘smtp_mail’ function to listen for answers send by the Postfix server in the ‘’ source file.

To help you out you can download the edited ‘’ from here. To see what I’ve changed look at the forum entry describing the error.

I didn’t create the fix, I just copied some of the code that was available in CVS and back ported it to the current stable 2.1.0 version.


Still haven’t found the time to play with all the new features introduced in Postfix 2.3.0 and it’s already updated to 2.3.3. Is time really moving this fast or is development on Postfix that good. I will leave this one up to you to decide.

The important issues that got fixed in this release:

  • File corruption while executing a Milter “header insert” action
    with headers-only mail (found with dk-filter). Delivery agents
    would go into an infinite loop because some queue file update
    had been done in the wrong order. As a precaution, delivery
    agents now detect such loops, and the queue manager now saves
    such mail to the “corrupt” directory.
  • Segmentation fault in the SMTP client while saving a cached
    connection with unsent data. Postfix indexed some table with -1,
    because some I/O cleanup had been done in the wrong order. The
    same problem should exist in Postfix 2.2.
  • Postfix no longer announces its name in delivery status notifications.
    All other details of the default bounce text remain unchanged.
    The reason for this change is that too many people believe that
    Wietse provides a free helpdesk service that solves all their
    email problems.

I encountered a strange error when I’d installed Postfix on someone else’s system. Everything installed without a hitch and looked to be running fine. But some time later strange errors were showing up in the logfile:

postfix/master[1120]: fatal: open lock file pid/
unable to set exclusive lock: Resource temporarily unavailable

So I went looking for the file and found it in /var/spool/postfix/pid/ and it looked fine. I stopped Postfix and the file disappeared and reappeared when I started it. Why ? (more…)


I know I’m a bit late with this but for everyone who used my info to configure their mailserver needs to know this even if it is late. I don’t have a record who is using my setup and therefore I have no others means than posting this and hoping you will read this. I found out the hard way by trying to email someone who uses my setup and to find out my mails are rejected. I got emails returned with the error message:
host mail.domain.tld[xx.xx.xx.xx] said: 554 Service
unavailable; Client host [yy.yy.yy.yy] blocked using (in
reply to RCPT TO command)


First of all everybody thanks for all the congratulations and well wishes, mother and child are doing great. I’m getting the hang of it now, just the midnight feedings are killing and I hope they will soon be over.

But in the week I was off-line Postfix got updated to a new release with all new functionality as well. I haven’t tested it or got into the details yet but I wanted to get the word out on this. I will spend time this week to find what impact these new changes mean to our setup as there are some major changes made to the software: (more…)

Next Page »