Enhancement #3135

Postfix: in-memory address verification database

Added by Davide Principi over 6 years ago. Updated about 6 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-mail-common
Target version:v6.6
Resolution: NEEDINFO:No

Description

The address verification database is now stored on disk, in /var/lib/postfix/verify.db.

It can be reset on postfix reload, preventing any possible disalignment with actual accounts, by storing it in memory.

See http://www.postfix.org/postconf.5.html#address_verify_map

main.cf (5.02 KB) Vasco Castelo Branco, 06/22/2015 12:46 PM


Related issues

Related to NethServer 6 - Task #1356: Address verification on Relay hosts CLOSED 07/27/2012 07/27/2012
Related to NethServer 6 - Enhancement #3347: Disable Postfix address_verify_negative_cache CLOSED

Associated revisions

Revision 047ba6ad
Added by Davide Principi about 6 years ago

Use in-memory DB for address verification. Refs #3135

History

#1 Updated by Davide Principi over 6 years ago

  • Related to Task #1356: Address verification on Relay hosts added

#2 Updated by Davide Principi about 6 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Davide Principi
  • % Done changed from 20 to 30

#3 Updated by Davide Principi about 6 years ago

  • Status changed from ON_DEV to MODIFIED
  • Assignee deleted (Davide Principi)
  • % Done changed from 30 to 60

Test case

  • Take note of verify.db modification date:
        # stat /var/lib/postfix/verify.db 
      File: `/var/lib/postfix/verify.db'
      Size: 90112         Blocks: 176        IO Block: 4096   regular file
    Device: fd01h/64769d    Inode: 9176011     Links: 1
    Access: (0644/-rw-r--r--)  Uid: (   89/ postfix)   Gid: (   89/ postfix)
    Access: 2015-06-11 14:39:15.557129531 +0200
    Modify: 2015-06-11 14:39:15.557129531 +0200
    Change: 2015-06-11 14:39:15.557129531 +0200
    
  • upgrade to modified version
  • send an email from an external SMTP client on port 25 to a locally delivered mailbox
  • In /var/log/maillog appears a line containing cache internal, like this:
    Jun 11 13:01:18 vm3 postfix/verify[11042]: cache internal:verify full cleanup: retained=0 dropped=0 entries
    

#4 Updated by Davide Principi about 6 years ago

  • Status changed from MODIFIED to ON_QA
  • % Done changed from 60 to 70

In nethserver-testing:
nethserver-mail-common-1.4.5-1.1.g047ba6a.ns6.noarch.rpm

#5 Updated by Vasco Castelo Branco about 6 years ago

  • Assignee set to Vasco Castelo Branco

#6 Updated by Vasco Castelo Branco about 6 years ago

Can not verify.

verify.db does not exist in /var/lib/postfix

My Test
Clean Install and full update
Installation of File server, email and SMTP connector

#7 Updated by Davide Principi about 6 years ago

Vasco Castelo Branco wrote:

verify.db does not exist in /var/lib/postfix

What does `rpm -qi nethserver-mail-common` says?

Clean Install and full update

Did you update with nethserver-testing repo enabled?

#8 Updated by Vasco Castelo Branco about 6 years ago

rpm -qi nethserver-mail-common

Name : nethserver-mail-common Relocations: (not relocatable)
Version : 1.4.5 Vendor: NethServer
Release : 1.10.geacb265.ns6 Build Date: Tue 16 Jun 2015 01:47:36 PM WEST
Install Date: Thu 18 Jun 2015 04:28:55 PM WEST Build Host: davidep1.nethesis.it
Group : Unspecified Source RPM: nethserver-mail-common-1.4.5-1.10.geacb265.ns6.src.rpm
Size : 113963 License: GPL
Signature : DSA/SHA1, Tue 16 Jun 2015 01:47:40 PM WEST, Key ID e23a79e1f25b5f70
URL : http://dev.nethserver.org/projects/nethserver/wiki/nethserver-mail-common
Summary : Common configuration for mail packages
Description :
Common configuration for mail packages, based on Postfix.

Install
yum --enablerepo=nethserver-testing install nethserver-mail-common

#9 Updated by Davide Principi about 6 years ago

Davide Principi wrote:

Vasco Castelo Branco wrote:

verify.db does not exist in /var/lib/postfix

Maybe the verify.db file does not exist in a pristine installation and is created the first time a message is delivered.

So you should check an "existing" mail server. To replicate a such one config this could be a procedure:

  • install nethserver-mail-server from nethserver-updates repo
  • send a mail to a local account
  • check verify.db existence
  • start test case

#10 Updated by Vasco Castelo Branco about 6 years ago

Install and update NethServer (main repo)
Install File server and email
Configure email and domain
Configure user1 and user2
Send a mail from user1 to user2 sucefully
Reply from user2 to user1 sucefully

Veryfy.db does not exist

#11 Updated by Vasco Castelo Branco about 6 years ago

Is not present at my main server also

#12 Updated by Davide Principi about 6 years ago

Vasco Castelo Branco wrote:

Is not present at my main server also

Could you attach /etc/postfix/main.cf?

#13 Updated by Vasco Castelo Branco about 6 years ago

/etc/postfix/main.cf

#14 Updated by Davide Principi about 6 years ago

  • Assignee changed from Vasco Castelo Branco to Giacomo Sanchietti

I don't see anything strange in main.cf. Before investigating further Vasco's setup, I'd ask Giacomo to test this issue on his side, too.

I've done some tests on real mail servers (!) and seemed all ok, so I'm pretty sure I'm missing something in my test case instructions that replicates the expected environment.

#15 Updated by Davide Principi about 6 years ago

This is the new procedure to trigger mail address verification (and subsequent verify.db creation).

[So you should check an "existing" mail server. To replicate a such one config this could be a procedure]

  • clean NethServer 6.6 installation
  • yum install @nethserver-mail
  • create an Email address for admin
  • connect to port 25 from a different host and send a mail. This is a sample nc SMTP session:
         $ nc -C 192.168.122.179 25
    220 vm5.vnet1.tld ESMTP Postfix
    ehlo gmail.com
    250-vm5.vnet1.tld
    250-PIPELINING
    250-SIZE 20000000
    250-VRFY
    250-ETRN
    250-STARTTLS
    250-ENHANCEDSTATUSCODES
    250-8BITMIME
    250 DSN
    mail from: <me@gmail.com>
    250 2.1.0 Ok
    rcpt to: <admin@vnet1.tld>
    250 2.1.5 Ok
    data
    354 End data with <CR><LF>.<CR><LF>
    .
    250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 6DB4D2968
    quit
    
  • check verify.db existence
  • start test case

#16 Updated by Giacomo Sanchietti about 6 years ago

  • Status changed from ON_QA to VERIFIED
  • Assignee deleted (Giacomo Sanchietti)
  • % Done changed from 70 to 90

#17 Updated by Davide Principi about 6 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100

In nethserver-updates:
nethserver-mail-common-1.5.0-1.ns6.noarch.rpm

#18 Updated by Davide Principi over 5 years ago

Also available in: Atom PDF