Possibly more a Postfix question than a mailman one one but...
I want to limit the number of simultanous connections for one domain that I send email to. According ot what i've managed to find on-line, I need to put in a transport map in Postfix for that. But Mailman appears to already be using the transport map for routing incoming mail:
transport_maps = hash:/opt/mailman/mm/var/data/postfix_lmtp local_recipient_maps = proxy:unix:passwd.byname, $alias_maps, hash:/opt/mailman/mm/var/data/postfix_lmtp relay_domains = hash:/opt/mailman/mm/var/data/postfix_domains
Can i append or pre-pend another transport file in the transport_maps listing and put in the entry for this domain that's been bouncing people off my list because of too many simultaneous connections?
-- Paul Tomblin
On 6/12/26 3:03 PM, Paul Tomblin via Mailman-users wrote:
Can i append or pre-pend another transport file in the transport_maps listing and put in the entry for this domain that's been bouncing people off my list because of too many simultaneous connections?
I don't know what the transport for this domain would be, but the transport_maps setting can contain any number of lookup tables. See <https://www.postfix.org/postconf.5.html#transport_maps>.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Mark Sapiro writes:
On 6/12/26 3:03 PM, Paul Tomblin via Mailman-users wrote:
Can i append or pre-pend another transport file in the transport_maps listing and put in the entry for this domain that's been bouncing people off my list because of too many simultaneous connections?
I don't know what the transport for this domain would be, but the transport_maps setting can contain any number of lookup tables. See <https://www.postfix.org/postconf.5.html#transport_maps>.
Not sure exactly what you want; check the doc Mark recommends for syntax. This will refuse mail with some sort of 5xx (permfail) status to be relayed to example.com (and I think the "." means "and subdomains too").
transport.orig:# The error mailer can be used to bounce mail: transport.orig:# .example.com error:mail for *.example.com is not deliverable
But I think you probably want a "client-based" (host or IP) or "sender-based" (MAIL FROM) version, or perhaps a connection count throttle if you might ever want to receive mail from them. See
smtpd_client_restrictions (most flexible) sender_dependent_default_transport_maps smtpd_client_connection_rate_limit postscreen_client_connection_count_limit
Steve
-- GNU Mailman consultant (installation, migration, customization) Sirius Open Source https://www.siriusopensource.com/ Software systems consulting in Europe, North America, and Japan
On Sat, Jun 13, 2026, at 12:47 PM, Stephen J. Turnbull wrote:
Mark Sapiro writes:
On 6/12/26 3:03 PM, Paul Tomblin via Mailman-users wrote:
Can i append or pre-pend another transport file in the transport_maps listing and put in the entry for this domain that's been bouncing people off my list because of too many simultaneous connections?
I don't know what the transport for this domain would be, but the transport_maps setting can contain any number of lookup tables. See <https://www.postfix.org/postconf.5.html#transport_maps>.
Not sure exactly what you want; check the doc Mark recommends for
I'm trying to set the destination_concurrency_limit, but only for one outgoing domain (rochester.rr.com) which complains of too many incoming connections when my neighborhood announcement mailing list, which has about 50 people with rochester.rr.com email address subscribed. 39 of those members just got unsubscribed, and since this list is run for little old ladies who barely understand that their computer has to be on in order to receive email, we tend to manage the subscriptions and re-subscriptions manually rather than ask the end users to do it.
In mailman 2, I had my mailing list aliases in the virtual_alias_maps, and now in mailman 3 it's in transport-maps, and it's meant that some of the configuration I had before doesn't work.
-- Paul Tomblin
Paul Tomblin via Mailman-users writes:
Not sure exactly what you want; check the doc Mark recommends for
I'm trying to set the destination_concurrency_limit, but only for one outgoing domain (rochester.rr.com) which complains of too many incoming connections
rr.com? My condolences.
this list is run for little old ladies who barely understand that their computer has to be on in order to receive email, we tend to manage the subscriptions and re-subscriptions manually rather than ask the end users to do it.
Unless you have legal reasons to personalize or there's a bunch of sophisticated users on the same list who want it, one obvious candidate solution is to switch off personalization so that Mailman can batch outgoing mail to a given domain (Postfix will give all the recipient addresss to rr.com's MTA, but send the body content only once). Of course if rr.com rate limits by address, that's not going to work,
In mailman 2, I had my mailing list aliases in the virtual_alias_maps, and now in mailman 3 it's in transport-maps, and it's meant that some of the configuration I had before doesn't work.
For routing TO Mailman, transport_maps takes precedence over virtual_alias_maps, and that can require modifying your Postfix configuration. But mail going out FROM Mailman 3 works exactly as it did in Mailman 2 (modulo any bugs fixed in Python 3 or Mailman :-), so if you have a backup of your old configuration that will work. If you used transport_maps for this purpose, you just insert the path to the old table before Mailman's postfix_lmtp table.[1]
"transport_maps" is plural because you can put any number of tables in there. I forget the way precedence is determined within a table, but Postfix checks for a match in each table in list order, and as soon as it finds a match in a table, it sets the transport for that address and message to the transport found, and ignores the rest of the tables. I would expect your (incoming) Mailman table and (outgoing) finicky recipient table are disjoint, so order won't matter.
Steve
Footnotes: [1] Strictly speaking, you could be doing something weird with some of your Mailman 2 lists, but it seems to me to be extremely unlikely that any of them were mentioned in your old transport_maps.
-- GNU Mailman consultant (installation, migration, customization) Sirius Open Source https://www.siriusopensource.com/ Software systems consulting in Europe, North America, and Japan
On Mon, Jun 15, 2026, at 1:48 AM, Stephen J. Turnbull wrote:
Paul Tomblin via Mailman-users writes:
Unless you have legal reasons to personalize or there's a bunch of sophisticated users on the same list who want it, one obvious candidate solution is to switch off personalization so that Mailman can batch outgoing mail to a given domain (Postfix will give all the recipient addresss to rr.com's MTA, but send the body content only once). Of course if rr.com rate limits by address, that's not going to work,
I had the personalization option turned off, but I had the users email address in the footer template, which I believe overrides that. That's possibly why it's the only mailing list that does this.
configuration. But mail going out FROM Mailman 3 works exactly as it did in Mailman 2 (modulo any bugs fixed in Python 3 or Mailman :-), so if you have a backup of your old configuration that will work. If you used transport_maps for this purpose, you just insert the path to the old table before Mailman's postfix_lmtp table.[1]
Oops, I had it after.
Hopefully these two changes will make the difference and I can turn off the highly annoying (as you predicted) Notify Owner On Bounce Increment.
Fun little fact, the rr.com/Spectrum bounce message just has a url to lookup table, and a semi-numeric code to look up on the table.
-- Paul Tomblin
On Fri, Jun 12, 2026, at 6:46 PM, Mark Sapiro wrote:
On 6/12/26 3:03 PM, Paul Tomblin via Mailman-users wrote:
Can i append or pre-pend another transport file in the transport_maps listing and put in the entry for this domain that's been bouncing people off my list because of too many simultaneous connections?
I don't know what the transport for this domain would be, but the transport_maps setting can contain any number of lookup tables. See <https://www.postfix.org/postconf.5.html#transport_maps>.
It appears you set up a transport with a lower concurrency limit in master.cf like so: slow_smtp unix - - n - - smtp -o slow_smtp_destination_concurrency_limit=5
Then you put an entry in your transport map like so: example.com slow_smtp:
I believe I had something similar on my previous server, but I discarded it because I wasn't sure how well it would play with this lmtp stuff that Mailman was putting in. But remember how I was getting dozens of people bounced off one of my lists all at once, and most of them were at a particular domain? Yeah, this is the underlying cause. Our biggest local ISP doesn't like it when I've got 3 emails going out, and 30+ people at that domain on all of them.
-- Paul Tomblin
On 6/12/26 3:54 PM, Paul Tomblin via Mailman-users wrote:
Then you put an entry in your transport map like so: example.com slow_smtp:
so you could put that line in a file like /path/to/name and process it with
postmap hash:/path/to/name
and then change your transport_maps setting from
transport_maps =
hash:/opt/mailman/mm/var/data/postfix_lmtp
to
transport_maps =
hash:/opt/mailman/mm/var/data/postfix_lmtp hash:/path/to/name
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
participants (3)
-
Mark Sapiro -
Paul Tomblin -
Stephen J. Turnbull