Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

comments in mynetworks file

558 views
Skip to first unread message

Jan-Frode Myklebust

unread,
May 12, 2011, 7:44:48 AM5/12/11
to
We just got bitten by a strange problem with our mynetworks-file. In
main.cf we have mynetworks = /etc/postfix/mynetworks, and the
/etc/postfix/mynetworks has been used to both include and exclude
networks for ages... using the format:

#### BLACKLISTING ###
## Only blocked systems in this block
!92.345.67.0/24 # BLACKLISTED - 17.09.10
!98.102.24.28/32 # BLACKLISTED - 11.06.09 - Some other company AS
!82.110.89.38/32 # BLACKLISTED - 01.10.10 - Some company AS
#<snip>#
## Add openings beneath this point
10.0.0.0/8
127.0.0.0/8
#<snip>

Today we forgot the "S" in "AS", i.e.:

!9.11.21.12/30 # BLACKLISTED - 12.05.11 - Another company A

instead of our normal:

!9.11.21.12/30 # BLACKLISTED - 12.05.11 - Another company AS

and suddenly postfix stopped working. It was complaining about:

postfix/smtpd[29113]: fatal: bad address pattern: "A"

So I guess our usage of comments in this file is wrong (ooops). Could
someone help us with what the rules are for this file? Are lines starting
with # interpreted as comments? Are the any way of introducing comments on
the same line as a rule ?


-jf

Wietse Venema

unread,
May 12, 2011, 7:59:02 AM5/12/11
to
Jan-Frode Myklebust:

> We just got bitten by a strange problem with our mynetworks-file. In
> main.cf we have mynetworks = /etc/postfix/mynetworks, and the
> /etc/postfix/mynetworks has been used to both include and exclude
> networks for ages... using the format:
>
> #### BLACKLISTING ###
> ## Only blocked systems in this block
> !92.345.67.0/24 # BLACKLISTED - 17.09.10

Postfix does not support trailing comments ANYWHERE.

Wietse

Jan-Frode Myklebust

unread,
May 12, 2011, 8:16:14 AM5/12/11
to

Got it, thanks!

What about lines starting with a '#'. Are these supported for comments ?


-jf

Wietse Venema

unread,
May 12, 2011, 8:22:59 AM5/12/11
to
Jan-Frode Myklebust:

That is what Postfix documentation is for. If some feature is not
in the documentation then it is not supported.

Do not use experimentation to discover how Postfix works.
That would make you dependent on unsupported behavior,

Only the supported behavior has guarantees.

Wietse

Stan Hoeppner

unread,
May 12, 2011, 7:26:19 PM5/12/11
to
On 5/12/2011 6:59 AM, Wietse Venema wrote:
> Jan-Frode Myklebust:
>> We just got bitten by a strange problem with our mynetworks-file. In
>> main.cf we have mynetworks = /etc/postfix/mynetworks, and the
>> /etc/postfix/mynetworks has been used to both include and exclude
>> networks for ages... using the format:
>>
>> #### BLACKLISTING ###
>> ## Only blocked systems in this block
>> !92.345.67.0/24 # BLACKLISTED - 17.09.10
>
> Postfix does not support trailing comments ANYWHERE.
>
> Wietse

I discovered this long ago when I saw that my 'trailing' comments in my
access file were in the 550 rejection text returned to smtp clients,
including the '#'. Some of them were less than flattering. Heheh. I'm
sure the spammers never saw them, but the occasional FP probably left a
sour taste in a legit sender's mouth...

--
Stan

0 new messages