OS X 10.9 Server Mail Domain Whitelisting
I just cannot understand why this isn't working.
I've added gmail, googlemail, mac, me, icloud to the whitelist, but emails from those domains still get greylisted:
$ sudo serveradmin settings Mail | grep whitelist
Mail:postfix:add_whitelist_domain:_array_index:5 = "gmail.com"
Mail:postfix:add_whitelist_domain:_array_index:6 = "googlemail.com"
Mail:postfix:add_whitelist_domain:_array_index:7 = "mac.com"
Mail:postfix:add_whitelist_domain:_array_index:8 = "me.com"
Mail:postfix:add_whitelist_domain:_array_index:9 = "icloud.com"
Mail:postfix:domain_whitelist:_array_index:5 = "gmail.com"
Mail:postfix:domain_whitelist:_array_index:6 = "googlemail.com"
Mail:postfix:domain_whitelist:_array_index:7 = "mac.com"
Mail:postfix:domain_whitelist:_array_index:8 = "me.com"
Mail:postfix:domain_whitelist:_array_index:9 = "icloud.com"
I tried:
$ sudo serveradmin settings Mail:postfix:whitelist_enabled = yes
2014-05-02 02:56:37.103 serveradmin[2894:507] Error: servermgr_mail: postconf read error: /usr/sbin/postconf: warning: whitelist_enabled: unknown parameter
2014-05-02 02:56:37.104 serveradmin[2894:507] unable to save key: whitelist_enabled (unknown parameter)
I've tried restarting the mail service and restarting the computer.
Has anyone been successful in whitelisting a domain on 10.9 Server?
May 2 02:37:47 example.com postfix/smtpd[1398]: connect from mail-oa0-f48.google.com[209.85.219.48]
May 2 02:37:47 example /usr/libexec/postfix/greylist.pl[1403]: Temporary message rejection to: <[email protected]> from: <[email protected]> sent from: [209.85.219.48] for: 60 seconds due to greylisting
May 2 02:37:48 example.com postfix/smtpd[1398]: NOQUEUE: reject: RCPT from mail-oa0-f48.google.com[209.85.219.48]: 450 4.7.1 <[email protected]>: Recipient address rejected: Service is unavailable; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<mail-oa0-f48.google.com>
May 2 02:37:48 example.com postfix/smtpd[1398]: disconnect from mail-oa0-f48.google.com[209.85.219.48]
#!/usr/bin/perl
use DB_File;
use Fcntl;
use Sys::Syslog qw(:DEFAULT setlogsock);
# Usage: greylist.pl [-v]
# Demo delegated Postfix SMTPD policy server. This server implements
# greylisting. State is kept in a Berkeley DB database. Logging is
# sent to syslogd.
# How it works: each time a Postfix SMTP server process is started
# it connects to the policy service socket, and Postfix runs one
# instance of this PERL script. By default, a Postfix SMTP server
# process terminates after 100 seconds of idle time, or after serving
# 100 clients. Thus, the cost of starting this PERL script is smoothed
# out over time.
# To run this from /etc/postfix/master.cf:
# policy unix - n n - - spawn
# user=nobody argv=/usr/bin/perl /usr/libexec/postfix/greylist.pl
# To use this from Postfix SMTPD, use in /etc/postfix/main.cf:
# smtpd_recipient_restrictions =
# reject_unauth_destination
# check_policy_service unix:private/policy
# NOTE: specify check_policy_service AFTER reject_unauth_destination
# or else your system can become an open relay.
# To test this script by hand, execute:
# % perl greylist.pl
# Each query is a bunch of attributes. Order does not matter, and
# the demo script uses only a few of all the attributes shown below:
# request=smtpd_access_policy
# protocol_state=RCPT
# protocol_name=SMTP
# helo_name=some.domain.tld
# queue_id=8045F2AB23
# [email protected]
# [email protected]
# client_address=1.2.3.4
# client_name=another.domain.tld
# instance=123.456.7
# sasl_method=plain
# sasl_username=you
# sasl_sender=
# size=12345
# [empty line]
# The policy server script will answer in the same style, with an
# attribute list followed by a empty line:
# action=dunno
# [empty line]
# greylist status database and greylist time interval. DO NOT create the
# greylist status database in a world-writable directory such as /tmp
# or /var/tmp. DO NOT create the greylist database in a file system
# that can run out of space.
# In case of database corruption, this script saves the database as
# $database_name.time(), so that the mail system does not get stuck.
$database_name="/Library/Server/Mail/Data/gldb/greylist.db";
$whitelist_host_file="/Library/Server/Mail/Data/gldb/whitelist_host";
$whitelist_domain_file="/Library/Server/Mail/Data/gldb/whitelist_domain";
$whitelist_db_name="/Library/Server/Mail/Data/gldb/whitelist.db";
$greylist_delay=60;
# Auto-whitelist threshold. Specify 0 to disable, or the number of
# successful "come backs" after which a client is no longer subject
# to greylisting.
$auto_whitelist_threshold = 10;
# Syslogging options for verbose mode and for fatal errors.
# NOTE: comment out the $syslog_socktype line if syslogging does not
# work on your system.
$syslog_socktype = 'unix'; # inet, unix, stream, console
$syslog_facility="mail";
$syslog_options="pid";
$syslog_priority="info";
sub add_whitelist {
# check for null host name
my ($_host_name) = $attr{"host_name"};
if ($_host_name eq "") {
syslog $syslog_priority, "Warning: missing whitelist host name attribute";
return 0;
# Open the database on the fly.
open_whitelist_db() unless $whitelist_db_obj;
# Is host already in white list
$value = read_whitelist_db($attr{"host_name"});
# Add host if not in database
if ($value == 0) {
syslog $syslog_priority, "adding host: %s to whitelist host", $attr{"host_name"} if $verbose;
update_whitelist_db($attr{"host_name"}, 1);
open WHITELIST_FILE, ">> $whitelist_host_file" or
syslog $syslog_priority, "Error: unable to open whitelist host file: %s", $whitelist_host_file;
print WHITELIST_FILE "$attr{\"host_name\"}\n";
close WHITELIST_FILE;
sub add_whitelist_domain {
# check for null host name
my ($_domain_name) = $attr{"domain_name"};
if ($_domain_name eq "") {
syslog $syslog_priority, "Warning: missing whitelist domain name attribute";
return 0;
# Open the database on the fly.
open_whitelist_db() unless $whitelist_db_obj;
# Is domain already in white list
$value = read_whitelist_db($attr{"domain_name"});
# Add domain if not in database
if ($value == 0) {
syslog $syslog_priority, "adding domain: %s to whitelist doman", $attr{"domain_name"} if $verbose;
update_whitelist_db($attr{"domain_name"}, 1);
open WHITELIST_FILE, ">> $whitelist_domain_file" or
syslog $syslog_priority, "Error: unable to open whitelist domain file: %s", $whitelist_domain_file;
print WHITELIST_FILE "$attr{\"domain_name\"}\n";
close WHITELIST_FILE;
# Demo SMTPD access policy routine. The result is an action just like
# it would be specified on the right-hand side of a Postfix access
# table. Request attributes are available via the %attr hash.
sub smtpd_access_policy {
my($key, $time_stamp, $now, $count, $domain);
# Open the database on the fly.
open_database() unless $database_obj;
# Open the whitelist database on the fly.
open_whitelist_db() unless $whitelist_db_obj;
# Check if domain is whitelisted
$domain = get_domain_name($attr{"client_name"});
$count = read_whitelist_db($domain);
if ($count > 0) {
syslog $syslog_priority, "domain: %s is whitelisted", $domain if $verbose;
return "dunno";
# Check if host is whitelisted
$count = read_whitelist_db($attr{"client_name"});
if ($count > 0) {
syslog $syslog_priority, "host: %s is whitelisted", $attr{"client_name"} if $verbose;
return "dunno";
# Search the auto-whitelist.
if ($auto_whitelist_threshold > 0) {
$count = read_database($attr{"client_address"});
if ($count > $auto_whitelist_threshold) {
return "dunno";
# Lookup the time stamp for this client/sender/recipient.
$key =
lc $attr{"client_address"}."/".$attr{"sender"}."/".$attr{"recipient"};
$time_stamp = read_database($key);
$now = time();
# If this is a new request add this client/sender/recipient to the database.
if ($time_stamp == 0) {
$time_stamp = $now;
update_database($key, $time_stamp);
# The result can be any action that is allowed in a Postfix access(5) map.
# To label mail, return ``PREPEND'' headername: headertext
# In case of success, return ``DUNNO'' instead of ``OK'' so that the
# check_policy_service restriction can be followed by other restrictions.
# In case of failure, specify ``DEFER_IF_PERMIT optional text...''
# so that mail can still be blocked by other access restrictions.
syslog $syslog_priority, "request age %d", $now - $time_stamp if $verbose;
if ($now - $time_stamp > $greylist_delay) {
# Update the auto-whitelist.
if ($auto_whitelist_threshold > 0) {
update_database($attr{"client_address"}, $count + 1);
return "dunno";
} else {
# Apple
syslog $syslog_priority, "Temporary message rejection to: <$attr{\"recipient\"}> from: <$attr{\"sender\"}> sent from: [$attr{\"client_address\"}] for: $greylist_delay seconds due to greylisting";
return "defer_if_permit Service is unavailable";
# You should not have to make changes below this point.
sub LOCK_SH { 1 }; # Shared lock (used for reading).
sub LOCK_EX { 2 }; # Exclusive lock (used for writing).
sub LOCK_NB { 4 }; # Don't block (for testing).
sub LOCK_UN { 8 }; # Release lock.
# Log an error and abort.
sub fatal_exit {
my($first) = shift(@_);
syslog "err", "fatal: $first", @_;
exit 1;
# Open hash database.
sub open_database {
my($database_fd);
# Use tied database to make complex manipulations easier to express.
$database_obj = tie(%db_hash, 'DB_File', $database_name,
O_CREAT|O_RDWR, 0644, $DB_BTREE);
if ( !$database_obj ) {
# don't prevent mail deliveries due to corrupt database
my $db_backup = $database_name . "." . time();
syslog $syslog_priority, "Warning: open failed for: %s : backing up to: %s",
$database_name, $db_backup;
rename $database_name, $db_backup ||
fatal_exit "Can't save %s as %s: $!", $database_name, $db_backup;
# try again
$database_obj = tie(%db_hash, 'DB_File', $database_name,
O_CREAT|O_RDWR, 0644, $DB_BTREE) ||
fatal_exit "Cannot open database %s: $!", $database_name;
$database_fd = $database_obj->fd;
open DATABASE_HANDLE, "+<&=$database_fd" ||
fatal_exit "Cannot fdopen database %s: $!", $database_name;
syslog $syslog_priority, "open %s", $database_name if $verbose;
# Open hash whitelist database.
sub open_whitelist_db {
my($whitelist_db_fd);
# Use tied database to make complex manipulations easier to express.
$whitelist_db_obj = tie(%db_hash, 'DB_File', $whitelist_db_name,
O_CREAT|O_RDWR, 0644, $DB_BTREE);
if ( !$whitelist_db_obj ) {
# don't prevent mail deliveries due to corrupt database
my $db_backup = $whitelist_db_name . "." . time();
syslog $syslog_priority, "Warning: open failed for: %s : backing up to: %s",
$whitelist_db_name, $db_backup;
rename $whitelist_db_name, $db_backup ||
fatal_exit "Can't save %s as %s: $!", $whitelist_db_name, $db_backup;
# try again
$whitelist_db_obj = tie(%db_hash, 'DB_File', $whitelist_db_name,
O_CREAT|O_RDWR, 0644, $DB_BTREE) ||
fatal_exit "Cannot open database %s: $!", $whitelist_db_name;
$whitelist_db_fd = $whitelist_db_obj->fd;
open WHITELIST_DB_HANDLE, "+<&=$whitelist_db_fd" ||
fatal_exit "Cannot fdopen database %s: $!", $whitelist_db_name;
syslog $syslog_priority, "open %s", $whitelist_db_name if $verbose;
# Read database. Use a shared lock to avoid reading the database
# while it is being changed. XXX There should be a way to synchronize
# our cache from the on-file database before looking up the key.
sub read_database {
my($key) = @_;
my($value);
flock DATABASE_HANDLE, LOCK_SH ||
fatal_exit "Can't get shared lock on %s: $!", $database_name;
# XXX Synchronize our cache from the on-disk copy before lookup.
$value = $db_hash{$key};
syslog $syslog_priority, "lookup %s: %s", $key, $value if $verbose;
flock DATABASE_HANDLE, LOCK_UN ||
fatal_exit "Can't unlock %s: $!", $database_name;
return $value;
# Read database. Use a shared lock to avoid reading the database
# while it is being changed. XXX There should be a way to synchronize
# our cache from the on-file database before looking up the key.
sub read_whitelist_db {
my($key) = @_;
my($value);
flock WHITELIST_DB_HANDLE, LOCK_SH ||
fatal_exit "Can't get shared lock on %s: $!", $whitelist_db_name;
# XXX Synchronize our cache from the on-disk copy before lookup.
$value = $db_hash{$key};
syslog $syslog_priority, "whitelist lookup %s: %s", $key, $value if $verbose;
flock WHITELIST_DB_HANDLE, LOCK_UN ||
fatal_exit "Can't unlock %s: $!", $whitelist_db_name;
return $value;
# Update database. Use an exclusive lock to avoid collisions with
# other updaters, and to avoid surprises in database readers. XXX
# There should be a way to synchronize our cache from the on-file
# database before updating the database.
sub update_database {
my($key, $value) = @_;
syslog $syslog_priority, "store %s: %s", $key, $value if $verbose;
flock DATABASE_HANDLE, LOCK_EX ||
fatal_exit "Can't exclusively lock %s: $!", $database_name;
# XXX Synchronize our cache from the on-disk copy before update.
$db_hash{$key} = $value;
$database_obj->sync() &&
fatal_exit "Can't update %s: $!", $database_name;
flock DATABASE_HANDLE, LOCK_UN ||
fatal_exit "Can't unlock %s: $!", $database_name;
# Update database. Use an exclusive lock to avoid collisions with
# other updaters, and to avoid surprises in database readers. XXX
# There should be a way to synchronize our cache from the on-file
# database before updating the database.
sub update_whitelist_db {
my($key, $value) = @_;
syslog $syslog_priority, "store whitelist host %s: %s", $key, $value if $verbose;
flock WHITELIST_DB_HANDLE, LOCK_EX ||
fatal_exit "Can't exclusively lock %s: $!", $whitelist_db_name;
# XXX Synchronize our cache from the on-disk copy before update.
$db_hash{$key} = $value;
$whitelist_db_obj->sync() &&
fatal_exit "Can't update %s: $!", $whitelist_db_name;
flock WHITELIST_DB_HANDLE, LOCK_UN ||
fatal_exit "Can't unlock %s: $!", $whitelist_db_name;
# Parse hostname to obtain domain name
sub get_domain_name {
my($in_host_name) = @_;
my($value);
my($count) = 0;
@tokens = split(/\./, $in_host_name);
$count = $#tokens;
$value=$tokens[$count-1] . "." . $tokens[$count];
return $value;
# Signal 11 means that we have some kind of database corruption (yes
# Berkeley DB should handle this better). Move the corrupted database
# out of the way, and start with a new database.
sub sigsegv_handler {
my $backup = $database_name . "." . time();
rename $database_name, $backup ||
fatal_exit "Can't save %s as %s: $!", $database_name, $backup;
fatal_exit "Caught signal 11; the corrupted database is saved as $backup";
my $wl_backup = $whitelist_db_name . "." . time();
rename $whitelist_db_name, $wl_backup ||
fatal_exit "Can't save %s as %s: $!", $whitelist_db_name, $wl_backup;
fatal_exit "Caught signal 11; the corrupted database is saved as $wl_backup";
$SIG{'SEGV'} = 'sigsegv_handler';
# This process runs as a daemon, so it can't log to a terminal. Use
# syslog so that people can actually see our messages.
setlogsock $syslog_socktype;
openlog $0, $syslog_options, $syslog_facility;
# We don't need getopt() for now.
while ($option = shift(@ARGV)) {
if ($option eq "-v") {
$verbose = 1;
} else {
syslog $syslog_priority, "Invalid option: %s. Usage: %s [-v]",
$option, $0;
exit 1;
# Unbuffer standard output.
select((select(STDOUT), $| = 1)[0]);
# Receive a bunch of attributes, evaluate the policy, send the result.
while (<STDIN>) {
if (/([^=]+)=(.*)\n/) {
$attr{substr($1, 0, 512)} = substr($2, 0, 512);
} elsif ($_ eq "\n") {
if ($verbose) {
for (keys %attr) {
syslog $syslog_priority, "Attribute: %s=%s", $_, $attr{$_};
if ( $attr{"request"} eq "smtpd_access_policy" ) {
$action = smtpd_access_policy();
} elsif ( $attr{"request"} eq "whitelist" ) {
$action = add_whitelist();
} elsif ( $attr{"request"} eq "whitelist_domain" ) {
$action = add_whitelist_domain();
} else {
fatal_exit "unrecognized request type: '%s'", $attr{request};
syslog $syslog_priority, "Action: %s", $action if $verbose;
print STDOUT "action=$action\n\n";
%attr = ();
} else {
chop;
syslog $syslog_priority, "warning: ignoring garbage: %.100s", $_;
Similar Messages
-
Hosting Multiple Mail Domains in SL server on a Mac Mini
So I have been trying to find out the answer to this question, and I keep getting conflicting information, and I am hoping someone here can help me solve this.
We are running two very small business with two different Domains (@company1 & @Company2) Each company has a website, and corporate email. All I want to do is bring all of this in-house onto one Mac Mini server. The calendars and contacts will be shared between the two principle owners of each company (my bosses) as they support each other in there individual business.
The Apple "Genius" says this is not possible, I believe and have been told by a few people and after reading posts on here that it is possible to have multiple domains on one Mac Mini Server. I would like to figure this out quickly as the companies have a need to move off the current email provider as fast as possible due to complications with iOS4 and the iPads.
Any Help from people who are doing this, or know it to be possible or impossible would be greatly appreciated!This is entirely possible, and supported by the Server Admin user interface for the mail server.
Start with the [Mac OS X Server Mail Services Administration Manual|http://images.apple.com/server/macosx/docs/MailService_Adminv10.6.pdf], page 73
Quoth the Book Of Mail:
A Mail Service Virtual Host
Virtual hosting is a method you can use to host more than one domain name on the same
computer and IP address, with overlapping mail user names.
For example, a mail server can receive mail transfer requests for two domains,
mail.example1.com and mail.example2.com, both of which resolve to the same IP
address. For mail.example1.com, the server delivers mail to “[email protected]”
to a user mailbox for “bob,” while it also delivers mail to “[email protected]” to
a different user mailbox. Virtual hosts are essentially the converse of local host aliases.
One subtlety here is that the domains sharing the same mail server and all co-resident on the IP address will all tend to have the same public host name listed as their MX (mail exchange) server of record in the public DNS. This so that forward and reverse DNS and MX server all line up for the mail server for all the domains involved. -
Change of Mail Domain in SJS Messaging Server 2004Q2
Hi,
I've installed the SJS Messaging Server 2004Q2 with LDAP Schema 2 and a domain name abc.com. How can I change the domain name to xyz.net without any user migration and mail migration. Should I use thing like domain alias to other to achieve this task.
CliveWhat I really want to do is that users are previously using abc.com as mail address and webmail and then switch to xyz.net in both mail address and webmail but still can receive mail using abc.com. Moreover I don't want to change the DIT and add a new organization in my ldap server
Adding domain alias, I think I should use associatedDomain attribute. But, what is the meaning of change every reference to abc.com in ldap to xyz.net. Is it means changing the value of attributes in every mail user entry? -
Yosemite Server Mail and Google Domain Relay
I want to simply use the server to send automated emails from scripts. I have server installed. Over the course of two days I've have followed several posts:
http://www.anujgakhar.com/2011/12/09/using-macosx-lion-command-line-mail-with-gm ail-as-smtp/
http://blog.anupamsg.me/2012/02/14/enabling-postfix-for-outbound-relay-via-gmail -on-os-x-lion-11/
And the updated Yosemite version here:
http://blog.anupamsg.me/2013/12/22/enabling-postfix-on-osx-as-a-relay-revisited/
Yosemite Server configuration
http://krypted.com/mac-security/configure-the-os-x-yosemite-server-mail-service/
I've gotten no where. In my last attempt all sasl errors and no mech connections had stopped but mail did not appear to go anywhere. No trace. I stumbled across a post that said ssl connections from Mac OS X Yosemite are broken and just don't work.
Now the real rub. I have gotten the same thing working with Linux in 5 minutes following this post:
https://rtcamp.com/tutorials/linux/ubuntu-postfix-gmail-smtp/
Then within an hour my crontab and scripts were written, debugged, and blissfully sending email.
I would rather run this from my Mac server. I understand that this may become an in-depth discussion/debug session (remember the old sendmail.cf day?!) and would greatly appreciate someone's mentoring here.
-TimHi,
maybe it helps or not, I solve a other performance problem which is more related to the mailbox speed but this error on client side is gone afterwards:
In Yosemite there is still also a problem with the automatic settings detection in Mail.
That means that the application try's to find a working authentication mechanism in combination with different ports and encryption.
So far so good, this feature would be okay but the application never stops to do that. So we are shortly connected but the connection becomes invalid again.
This leads to performance issues and the application becomes very slow!
If you refer your client log file maybe you can see some "Failed to start the SASL connection" issues (coming from Mail.app).
In case that you are running a OS X Server which is used by Mail you will see in /var/log/mail* /Library/Logs/mail* various login failures. In case that you have enabled the Adaptive Firewall it can be happen that your IP is blocked for 15 minutes.
Of course this must not be a issue for everyone I believe it strongly depends on your email server / provider which auth. stuff is supported or enabled.
To solve it:
1.) Open the Mail Preferences
2.) Goto "Accounts" and select your Provider/Account
3.) Klick Enhanced (the last right tab)
4.) Disable the automatic settings detection (first checkbox)
5.) In case you didn't enable "MailDrop"
This works in Mail 8.1 on Yosemite 10.10.1 -
Help with OSX server mail setup
Please if anyone can tell me what I am doing wrong, I would be very grateful. I have a company with an externaly hosted website and an an internally hosted email (OSX server). I have everything kind of working, but some things don't seem quite right. I'll explain below:
I have a purchased domain: mycompany.com hosted by godaddy.
I am using Godaddy name servers: ns65.domaincontrol.com and ns66.domaincontrol.com
The external godaddy DNS has an a name entry for my mail server: mail pointing to 123.123.123.123 (which is my companies external static IP address).
There is also a null (@) a name record for my website hosting service (squarespace) pointing to 456.456.456.456
There is a cName record www pointing to the squarespace domain "www.squarespace6.com" (know this is unusual, but it is how squarespace asks this to be set up and does not work otherwise)
There is an MX record with priority 10 and host name @ pointing to mail.mycompany.com
I have a airport extreme router with the appropriate ports forwarded to the OSX server.
The DNS servers on the router are pointed to the internal IP address of the OSX server
I did not change the domain name on the router (mistake?) it is currently san.rr.com
On the OSX server I have set up host name to be mycompany.comDNS is set up with primary zone being mycompany.com
Primary Zone entries include
nameserver = mycompany.com
machine record host name is mycompany.com and the IP address is the internal IP address of the OSX server
another machine record with host name "mail" and IP address is the internal IP address of the OSX server.
Finally, there is a mail exchanger record with mail server "mail.mycompany.com" and priority 10
There are 2 entries autocreated in the Reverse zone
Mail is setup and running on the OSX server providing mail for "mail.mycompany.com"
Users are setup with email address: [email protected] (note: without the mail subdomain - I think this is OK?)
I am using self signed certificate.
In my clients (windows Thunderbird, Mac Mail, iOS mail), the settings are for the incoming mail server host name to be "mail.mycompany.com" and the outgoing also to be "mail.mycompany.com"
I woud have expected this to be imap.mycompany.com and smtp.mycompany.com respectively, but it doesn't work when I input these values and works with the former. Have I set this up wrong?? imap seems to require SSL on port 993 and SMTP seems to require TLS on port 587.Outlook on PC gives me an error that after googling appears to be a problem with not recognizing a fuly qualified hostname form the SMTP client. I see the fix, but wanted to know if that meant that my server didn't have a fully qualified host name and whether I should change that rather than just remove that restriction???
The final problem is that my outgoing emails seem to be getting caught up in other people's spam filters too frequently. What is the main reason for this? Is it because I have set something up wrong and it brings up flags or is it simply because I am not a huge hosting company, or somethign else althogether?
If you've gotten this far, big thanks! If you can help me, even more thanks!Well, actually they are both getting caught up in spam filters and bounced back. I actually realized that part of the problem is that I have a dynamic IP address, but it doesn't change. Regardless, on the bounce back it looks like hotmail and other domains are rejecting email from my IP and recognize it as dynamic. This was a test server that i would by physically taking to my business where there is a static business IP address (Cox).
Sorry for the very long original message, but it seems that most people don't post enough information for the problem to be solved in their original posts and I was hoping to provide as much detail as possible.
The other is the question of "are things set up right?" It seems strange to me that both my outgoing and incoming servers are "mail.mycompany.com" and not imap.mycompany.com and smtp.mycompany.com and I wonder if this is going to cause me to have problems?
Is it a problem that my email addresses are [email protected] and not [email protected]?
Was I supposed to change the domain name on the router?
Also is it going to be a problem that I am using a self signed certificate? -
Call me a dumb but I am new to our Snow Leopard Server software coming from a Windows server. I have watched tutorials at Lynda.com and went through manuals but don't understand how to set up our client mail. We are confused with the instructions because the Mac server allows you to set up "user mail" for you own company.
We are looking to set up a bunch of e-mails for all the different domains we host on our server. These are not our personal company e-mails but our client e-mails for the different websites we are hosting for them.
So how do we set up and configure (add new) e-mails for the different domains on our server?
I hope I haven't been confusing and you guys understand what I am asking. Thanks!There are a couple of ways of handling multi-domain email. The 'right' way for you depends on several factors, including exactly how you're trying to implement mail/domains, how comfortable you are with command line vs. GUI configuration, and number of users.
If you're just looking for a catch-all email for each domain it's probably easier setup using pure postfix virtual domains. that requires command-line configuration, though.
Using the GUI will require that you add every user to your directory and then give them additional 'short names' that match the email address(es) in the other domains. -
A wishlist for Apple: Leopard Server mail services
Apple,
At 10.5.2, we find that most of the problems with email accounts and VH sites are ... still broken.
After they are addressed (cull these forums for an indication of the problems the current code does not address), I'd like to suggest some other areas of improvement.
On a per-server, per-domain (or per-account) basis, can we set what happens to rejected mail. If a RBL or refuse item comes to the server, can we elect to choose between:
reject and return to sender
reject and discard
If the mail server supports such settings.
That would be lovely.Albeit, not through the GUI, you can adjust the behaviour of the content-filter to your liking.
Have a look at /etc/amavisd.conf. Many settings are explained in the file.
In-depth information available here:
http://www.ijs.si/software/amavisd/
P.S. This is a user to user forum. I recommend you use the feedback pages to send suggestions to Apple: http://www.apple.com/feedback/server.html -
Hello,
i just installed snow leopard server and noticed that when i connect to the
Network Account Server that the Mail App. is setup with the the name of the user followed by the
FQDN ([email protected] instead off [email protected]). And the account can't be change in the Mail App. preffernces (it is grayed out). When isent an e-mail it will show my address as user with FQDN. Is this normal ?I'm having the exact same issue. It auto fills in the imap account which cannot be deleted and it's using name@FQDN rather than [email protected]
I have checked address book, and all fields in workgroup manager and they all say [email protected]
The only thing I can think is that since the machine is named mail.domain.com that is what the open directory search base is so it's using that rather then grabbing the email address field from the workgroup manager.
No idea how to fix other than stop using directory services and create a fresh account for the user. -
Mavericks Server mail relay custom port
After upgrading to Mavericks i cannot enter a custom port in the mail relay section of the Mail Service
in older versions i could enter: mail.domain.com:587, but now i cannot save this setting.
Anyone an idea how to fix this ?
Thanks in advanceIt is about the mail service in OS10.9 SERVER I presume.
I got the same problem.
Via the terminal I was able to set anther portnumber (port 26) instead of standard port 25.
Now I can have mail sent via a script I have running om my website, BUT
only mails to my own domain are sent.
All other mailaddresses do not get my script-generated mails.
Same config on OSX10.8 server2 works fine, it went wrong after upgrading to OSX10.9 Server 3.
what can I do? -
Problem emailing one mail domain
Hi,
Wondering if anyone can help, we are having issues emailing one specific customer with the mail domain mail.rooftech.info. Any email we send to the company is bounced back after 3 days (the period set in our bounce profile), it's giving a SMTP 5.4.7 error bounced by destination server delivery time expired. We can do an nslookup from the Ironport for mail.rooftech.info and their correct mail exchange address appears. Any idea what could be the cause? I've attached the message tracking log.
Excuse my ignorance but I am a novice concerning email security.
We are using AsyncOS 7.1 for IronPort C160 build 017.
Regards,
RossHi Ross,
the error may be a bit misleading as it is most likely not the remote server giving that error, the system just has detected that the message is older than three days and thus bounces it. I just checked that server, and seems it does not respond to any requests:
telnet mail.rooftech.info 25
Trying 89.213.91.141...
telnet: connect to address 89.213.91.141: Operation timed out
telnet: Unable to connect to remote host
I also checked the MX record for rooftech.info, and that obviously is something different:
;; ANSWER SECTION:
rooftech.info. 14400 IN MX 5 mailscanner.rocc.co.uk.
And that connection just works fine:
telnet mailscanner.rocc.co.uk 25
Trying 135.196.30.100...
Connected to mailscanner.rocc.co.uk.
Escape character is '^]'.
220 mailscanner.rocc.co.uk ESMTP ROCC MailClean
Unfortunately your message tracking has the recipient domain and IPs obscured, so I cannot tell which of the hosts above are you trying to reach.
BTW, there is a handy tool on the CLI that you can use to troubleshoot problems like that
CLI: diagnostic network smtpping
When asked for a domain the one you wanna reach, the command will perform an MX lookup and will ask if it finds such entries. When asked if to send a message, you can answer No, after that the tool will try to connect the remote host and perform some simple checks without actually sending a message.
Hope that helps,
Andreas -
Stop emails going out to external mail domains in xdodelivery.cfg file
Hi All,
DB:11.1.0.7.0
Oracle Apps:12.1.1
O/S: Redhat Linux 64 bits
Is there a way to stop emails going out to external mail domains in xdodelivery.cfg file located at $XDO_TOP/resource
Currently we are converting all suppliers with their real email ids. Is there a way to stop emails going out to external mail domains? This issue will arise as soon as someone run the payments and then vendor will automatically start receiving the emails from our test environment.
I think XDO Bursting (Delivery) is using a separate mailer (not the standard Java mailer configuration).
xdodelivery.cfg file contents:
But for XDO bursting, we have setup separate outbound (SMTP) mailer as per requested, which is currently not have “TEST Address” set and not sure there is option to set here.
/erptest/test/apps/apps_st/appl/xdo/12.0.0/resource/xdodelivery.cfg
<?xml version="1.0" encoding="UTF-8" ?>
<config xmlns="http://xmlns.oracle.com/oxp/delivery/config">
<servers>
<server name="xyz.bo.abc.com" type="smtp_email" default="true">
<host>xyz.bo.abc.com</host>
<port>25</port>
</server>
</servers>
<properties>
<property name="ds-temp-dir">/tmp</property>
<property name="ds-buffering">true</property>
<property name="SMTP_CONTENT_TYPE:String">"application/pdf"</property>
</properties>
</config>
Thanks for your time!
Regards,Hi;
Did you check your previous thread, which many user post many notes to stop emails?It doesnt helps?
stop emails going out to external mail domains
Regard
Helios -
10.4.10 Server.
I've set up virtual mail domains. Added email addresses to the shortnames list. When anyone sends an email to [email protected] it gets delivered to all hosted domains. So i get the same email in domain2.com.
Anyone know what's causing this?
cheers
Multiple Mac OS X (10.4.10)Sydney, while you are waiting for a response, just a clarification on local DNS, MX, etc...
The MX record is only required for 'external' users, in order to discover where the responsible mail server is (because all they have to start from is a basic domain name, not a server hostname). In your LAN, your mail clients will already have this location as you put this into the sending/receiving field in the mail client - either as a hostname (which must be resolvable to the local server's IP in your local DNS) or directly as an IP address. So local DNS does not need an MX record if this scenario is applicable.
The hostname you put into your local mail client has no meaning to the mail server - it purely resolves to an IP address and then your client 'drops' that hostname and contacts the mail server at the IP address. The important bit of info used by the mail client is the user login name - this tells the mail server what account, in what domain, to access.
-david -
Wrong Mail Domain after using Profile Manager
Hi,
we've set up a Lion 10.7.2 Server with Directory Services, Web, Mail and a few other services. The hostname of our system is mail.mydomain.com, the internet hostname ist mail.mydomain.com, it's mail domain setting is of course set to mydomain.com. Now, when setting up a user using Server.app it correctly fills the Email account with [email protected] So far so good.
After logging in as the user on a client, setting the Network account server in Preferences -> Users to "mail.mydomain.com" - which happens to be the Directory Server as well - i go to https://mail.mydomain.com/profilemanager. The Administrator configured a payload in "Settings for everyone" which has been assigned to me containing the correct Mail setup preferences (Mailserver: mail.mydomain.de, CORRECT Mail adress nothing wrong noticable) In the browser, i download and install it on my machine.
Here's the problem:
Now, after opening my Apple Mail (which has been automatically setup up due to the profile) and try sending mail i'll always get the account [email protected] which is clearly not right. I could change the adress by hand in my accounts but i don't want to Could this just be a profile manager or Apple Mail bug? We've triple checked the settings and everything looks ok.Having the same problem ... setup in profile manager:
protocol: IMAP
email address: [email protected]
incomming mail: mail.company.com
username: [email protected]
on the client:
email address: [email protected]@mail.company.com
Since the outgoing server doesn't need authentication in my network (its an SSL relay), it's pulling the IMAP Email address field for identification rather than than the username, so configuring this from Profile Manager doesn't work. -
Sun One Messaging server Mail quota
I am unsing directory server 5.2 and messaging server 6.0 + iDA 4.5 .
I have quota set for a doimain test.com well i am getting "ERROR: cannot modify maildomainstatus attribute for
domain test.com: Insufficient access"
Domain: test.com
diskquota size(K) %use msgquota num %use user
no limit 1800 N/A no limit 12 N/A
[email protected]
DOMAIN SUMMARY:
| Limit Usage
Percentage
-------------+-------------------------------------------
Disk Quota(k)| 1024 1800
100Msg Quota | no limit 12
N/A
Number of users: 1
Mail Domain Status: active
New Mail Domain Status: overquota
ERROR: cannot modify maildomainstatus attribute for
domain test.com: Insufficient access
Any Ideas.
Thanks
HarisHm. You're sure you're using that particular combination of products?
iDA 4.5 was never supported for Messaging Server. We had 1.0, 1.1 and 1.2 versions, provided with Messaging 5.0, 5.1, and 5.2.
Messaging 6.0 does not come with iDA, nor is it supported, at present. . .
Are you using Schema 1 or Schema 2 for your Messaging Server?
Have you tried using the commcli provided with Messaging Server? -
Hi There:
I have some questions, will you please help me.
My Server is set
example.com
I need to set additional / Multiple E-Mail Domains, these need to be separated, like:
example1.com
example2.com
example3.com
For the E-Mail Client, what will be de In-Comming Mail Server and Out-Going / SMTP
mail.example1.com
mail.example2.com
mail.example3.com
or it will be "mail.example.com" for all 4 Domains.
I would like to say THANK YOU in advanceThis is entirely possible, and supported by the Server Admin user interface for the mail server.
Start with the [Mac OS X Server Mail Services Administration Manual|http://images.apple.com/server/macosx/docs/MailService_Adminv10.6.pdf], page 73
Quoth the Book Of Mail:
A Mail Service Virtual Host
Virtual hosting is a method you can use to host more than one domain name on the same
computer and IP address, with overlapping mail user names.
For example, a mail server can receive mail transfer requests for two domains,
mail.example1.com and mail.example2.com, both of which resolve to the same IP
address. For mail.example1.com, the server delivers mail to “[email protected]”
to a user mailbox for “bob,” while it also delivers mail to “[email protected]” to
a different user mailbox. Virtual hosts are essentially the converse of local host aliases.
One subtlety here is that the domains sharing the same mail server and all co-resident on the IP address will all tend to have the same public host name listed as their MX (mail exchange) server of record in the public DNS. This so that forward and reverse DNS and MX server all line up for the mail server for all the domains involved.
Maybe you are looking for
-
Using a dll in the JNI dll defined
Hello, I'm new to JNI and I have managed to compile and run a simple Hello world program, now this is my problem: The C++ code I'm using need to make calls to some dlls (msado15.dll and cdoex.dl) so that I have a function doing this (I have tested th
-
Im trying to download my product but im having difficulty
im trying to download the student complete package which ive purchased, it takes me to a page which says downloading but its not actually downloading. please help
-
Getting APP-AR-11228: Please define all periods....When saving transaction
Hi, EBS R12.1 I got this error: ERROR: AP-AR-11228. Please define all periods in which revenue is to be recognized or credited. Note that revenue cannot be recognized or credited in closed and close pending periods.Showing the RULES tab on the tran
-
ASR 9006 to 6509 1 gig fiber connection
I have an ASR 9006 with a SFP-GE-L connecting to a Cisco 6500. The link shows up on the ASR side but not on the 6500 side. If I move the SFP from the ASR to a different 6500 chassis the connection works so I know the SFP is working. Any ideas on m
-
Greetings everyone, I am brand new to InDesign (CS5.5), and was wondering about the fonts. I noticed that while InDesign includes a nice list of fonts, there are really so much more out there that are not included . So I did a little research, and fo