====== [[http://www.postfix.org/|Postfix MTA]] ======

===== Questions answered =====

=== Posfix ''STARTTLS'' fails ===

<note question>
Posfix ''STARTTLS'' fails with following log message:
<code>
postfix/smtpd: warning: cannot get certificate from file /etc/ssl/server/server.pem
postfix/smtpd: warning: TLS library problem: 14187:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:647:Expecting: CERTIFICATE:
postfix/smtpd: warning: TLS library problem: 14187:error:140DC009:SSL routines:SSL_CTX_use_certificate_chain_file:PEM lib:ssl_rsa.c:727:
postfix/smtpd: cannot load RSA certificate and key data
</code>
</note>
<note tip>

Make sure that the certificate starts with line ''BEGIN CERTIFICATE'' and not ''BEGIN TRUSTED CERTIFICATE''. Also, after enabling the option ''smtpd_tls_received_header=yes'' one should see in received email:

<code>
Received: from [192.168.1.12] (unknown [192.168.1.12])
    (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
    (No client certificate requested)
    by centurion (Postfix) with ESMTPS id 4940260000B9
    for <test@host>; Fri, 22 Aug 2008 01:07:14 +0200 (CEST)
</code>
</note>


=== What is the best Postfix+SpamAssasin configuration guide? ===

<note tip>[[apache>spamassassin/IntegratedSpamdInPostfix|Postfix + SpamAssasin Spamd]], [[http://www.postfix.org/FILTER_README.html|Postfix + Spampd]], about feeding of spam see [[apache>spamassassin/SingleUserUnixInstall#head-bea6b8dc4f219edd3b9976e8f922a8f1c0603125|here]] and [[apache>spamassassin/RemoteImapFolder|here]]. For spamassassin + ru locale see [[http://www.opennet.ru/openforum/vsluhforumID1/77201.html|прямая фильтрация по словам]], [[http://spamassassin.org.ru/|spamassassin.org.ru]], [[http://forum.ru-board.com/topic.cgi?forum=8&topic=3967|настройки spamassassin на русскоязычную почту]]</note>


=== What is the difference between spamassasin's ''spamd'' and ''spampd''? ===

<note tip>Read ''[[http://linux.die.net/man/8/spampd|man spampd]]''</note>


=== How to enable message forwarding (relaying) to ''smtp.google.com'' if the message sender is from ''@gmail.com'' domain? ===

<note tip>
What you need is (from [[http://ubuntu-tutorials.com/2008/11/11/relaying-postfix-smtp-via-smtpgmailcom/|here]]):

<code|/etc/postfix/main.cf>
# TLS parameters for postfix outbound connections (enable STARTTLS):
smtp_tls_CAfile=/etc/ssl/certs/ca-certificates.crt
smtp_tls_CApath=/etc/ssl/certs
smtp_use_tls=yes

# AUTH for outbound connections (authenticate postfix to relay server):
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/maps/sasl_passwd
smtp_sasl_security_options = noanonymous

# The rules that define which relay to select based on sender address:
sender_dependent_relayhost_maps = hash:/etc/postfix/maps/sender_relay
</code>

<code|/etc/postfix/maps/sender_relay>
# A sender-dependent override for the global relayhost parameter setting.
@gmail.com		[smtp.gmail.com]:587
</code>

<code|/etc/postfix/maps/sasl_passwd>
[smtp.gmail.com]:587	user@gmail.com:password123
</code>

For multiple rely hosts check [[http://ubuntu-tutorials.com/2009/03/13/configure-postfix-for-multiple-isp-client-smtp-authentication/|this]].
</note>


=== How to dequeue all messages? ===

<note tip>
''postsuper -d ALL'' will delete all queued mails.
</note>


=== How to attempt  to  deliver  all  queued  mail? ===

<note tip>''mailq -q''</note>


{{tag>Postfix mail}}