[pfx] Re: two 2822.From header with header_checks

On Sun, 2024-01-28 at 09:05 -0500, Wietse Venema via Postfix-users wrote: > Byung-Hee HWANG via Postfix-users: > > Hellow Postfix heackers, > > > > I have some odd email [1]. That have two 2822.From headrs. I would > > like > > to filer such styl

[pfx] two 2822.From header with header_checks

Hellow Postfix heackers, I have some odd email [1]. That have two 2822.From headrs. I would like to filer such style email. Is it possible to filter with header_checks? From: Byung-Hee HWANG From: Byung-Hee HWANG Because Google Gmail don't like above style... i'm serious now... Thanks

[pfx] Re: Postfix stable release 3.5.23

On Fri, 2023-12-22 at 15:11 -0500, Wietse Venema via Postfix-users wrote: > [An on-line version of this announcement will be available at > https://www.postfix.org/announcements/postfix-3.5.23.html] > > Fixed with Postfix 3.5.23: > >   * Security: this release adds support to defend >    

[pfx] Re: SMTP Smuggling, workarounds and fix

On Sat, 2023-12-30 at 16:14 +, Scott Kitterman via Postfix-users wrote: > > > On December 30, 2023 3:17:52 PM UTC, "Håkon Alstadheim via Postfix- > users" wrote: > > Just FYI, I got postfix 3.7.9-0+deb12u1 from bookworm-updates (i.e. > > Debian) today. > > > For those still using Debian

[pfx] Re: 25 years today

Wietse Venema via Postfix-users writes: > (...thanks...) > That was a long time ago. Postfix has evolved as the Internet has > changed. I am continuing the overhaul of this software, motivated > by people like you on this mailing list. > Hellow Wietse! I am running two Postfix servers for

[pfx] Re: TAKE NOTE 3: Upcoming new Let's Encrypt intemediate issuer CAs.

raf via Postfix-users writes: > On Fri, Dec 08, 2023 at 02:00:55PM -0500, Viktor Dukhovni via Postfix-users > wrote: > >> So anyone relying on DANE-TA(2) (certificate usage 2) needs to closely >> watch for upcoming announcements from LE, and be prepared to add TLSA >> records for the new

[pfx] Re: Some TLS connections untrusted in postfix but trusted with posttls-finger

> No, it's a pure security policy thing and an overlooked line in the mysql tls > policy table. > > The policy "secure" (and I assume "dane-only") doesn't work, as github is not > using DNSSEC. Valid policies which make this work are "verify", "may" and I > assume "dane" (if you have

[pfx] Re: Some TLS connections untrusted in postfix but trusted with posttls-finger

Alexander Leidinger via Postfix-users writes: > Am 2023-12-01 12:08, schrieb Byung-Hee HWANG via Postfix-users: >>> ... >>> Nov 30 11:31:48 mailgate postfix/tlsproxy[175]: server certificate >>> verification failed for in-8.smtp.github.com[140.82.114.32]:25

[pfx] Re: Some TLS connections untrusted in postfix but trusted with posttls-finger

> ... > Nov 30 11:31:48 mailgate postfix/tlsproxy[175]: server certificate > verification failed for in-8.smtp.github.com[140.82.114.32]:25: > num=62:hostname mismatch > ... Maybe you check? root@yw-1204:/etc/postfix# postconf -n | grep CAfile smtp_tls_CAfile =

[pfx] Re: gmail failing SPF/DKIM

Wietse Venema via Postfix-users writes: > (...) > gmail rejects all messsages with that sender domain name? Some > messages? I have found that Gmail may treat some 'soft' errors (DNS > timeout) as 'hard' errors. My workaround is to retry deliveries. > > /etc/postfix/main.cf: > transport_maps

[pfx] Re: configuration to send to recipients in a spread out manner to avoid being considered spam

Byung-Hee HWANG via Postfix-users writes: > Wietse Venema via Postfix-users writes: > >> testeur via Postfix-users: >>> Hi, >>> >>> I did a request to mailman3 ML about this question, but it seems that >>> postfix can respond to my request. >

[pfx] Re: configuration to send to recipients in a spread out manner to avoid being considered spam

Wietse Venema via Postfix-users writes: > testeur via Postfix-users: >> Hi, >> >> I did a request to mailman3 ML about this question, but it seems that >> postfix can respond to my request. >> I use mailman3. But AOL, YAHOO seems to consider emails sent to >> recipients as spam or an

[pfx] Re: TAKE NOTE: "2 1 1" TLSA records vs. apparent change of Let's Encrypt default certificate chain

Ralph Seichter via Postfix-users writes: > * Byung-Hee HWANG via Postfix-users: > >> Honestly, 311 it was not easy to set up to me. > > These days, one is a bit spoiled for choice when it comes to software > which handles this automatically. LetsDNS (https://letsdns

[pfx] Re: TAKE NOTE 2: Future Let's Encrypt CA choice randomisation.

Viktor Dukhovni via Postfix-users writes: > (...) > Good job, you're set until some future change a few years down the line. > > _25._tcp.yw-0919.doraji.xyz. IN CNAME rfc7671.doraji.xyz. > _25._tcp.yw-1204.doraji.xyz. IN CNAME rfc7671.doraji.xyz. > rfc7671.doraji.xyz. IN TLSA 2 1 1 >

[pfx] Re: TAKE NOTE 2: Future Let's Encrypt CA choice randomisation.

Hellow Viktor, Viktor Dukhovni via Postfix-users writes: > On Wed, Nov 15, 2023 at 04:53:17PM +0100, Geert Hendrickx via Postfix-users > wrote: > >> On Wed, Nov 15, 2023 at 10:29:41 -0500, James Cloos via Postfix-users wrote: >> > LE announced a while back that they would not renew the cross

[pfx] Re: TAKE NOTE: "2 1 1" TLSA records vs. apparent change of Let's Encrypt default certificate chain

Hellow raf, > As Viktor pointed out, you're not affected, Welcome! And thanks a lot for confirmation. > but if you want to use "3 1 1", > and you use certbot for your LetsEncrypt certificates, as well as Viktor's > danebot program (https://github.com/tlsaware/danebot), my danectl program >

[pfx] Re: TAKE NOTE: "2 1 1" TLSA records vs. apparent change of Let's Encrypt default certificate chain

Hellow Viktor, Viktor Dukhovni via Postfix-users writes: > The DANE/DNSSEC survey () has seen a > recent spike in the number of MX hosts whose "2 1 1" TLSA records no > longer match their certificate chain. The records in question all > shar the same digest

[pfx] Re: GMail is rejecting mail I forward

Byung-Hee HWANG via Postfix-users writes: >> https://gitlab.com/soyeomul/Gnus/-/raw/karma/DKIM/setup-policy.lua?ref_type=heads > > And because i have to prove myself, See: > https://gitlab.com/soyeomul/Gnus/-/commit/59122d99bd6a0b01d293c0a2f46d5343e54bbc4e This is more power

[pfx] Re: GMail is rejecting mail I forward

> https://gitlab.com/soyeomul/Gnus/-/raw/karma/DKIM/setup-policy.lua?ref_type=heads And because i have to prove myself, See: https://gitlab.com/soyeomul/Gnus/-/commit/59122d99bd6a0b01d293c0a2f46d5343e54bbc4e Sincerely, Byung-Hee -- ^고맙습니다 _布德天下_ 감사합니다_^))//

[pfx] Re: GMail is rejecting mail I forward

> I have set up SPF for my domain, but I don't think that is relevant to > FORWARDING mail (is it?). I use Gmail forwarding like you. DKIM is my friend. This is my configuration [1]. Sincerely, Byung-Hee [1] https://gitlab.com/soyeomul/Gnus/-/raw/karma/DKIM/setup-policy.lua?ref_type=heads --

[pfx] Re: Problem setting up postfix on arch linux to forward mail to my gmail account

> Next question is where can I find accurate instructions on setting up the > configuration for arch linux to forward mail to my gmail account? Like as people said, forwarding is not easy. Though if you wish try it, use DKIM. Sincerely, -- ^고맙습니다 _布德天下_ 감사합니다_^))//

[pfx] Re: "danebot" beta release

Benny Pedersen via Postfix-users writes: > Byung-Hee HWANG via Postfix-users skrev den 2023-05-25 05:42: > >> Thanks for good tool, because still i feel very hard to make "3 1 1" >> tlsa things. Someday far later, i'll try this "3 1 1" things. >> Actu

[pfx] Re: "danebot" beta release

Viktor Dukhovni via Postfix-users writes: > On Mon, May 22, 2023 at 09:53:36PM -0400, Viktor Dukhovni via Postfix-users > wrote: > >> Key reuse as a *default* rollover approach is robust. When it is time >> to change keys, one can do so deliberately, and with due care to >> prepublish TLSA

[pfx] Re: DANE and DNSSEC

Joachim Lindenberg via Postfix-users writes: > (...) just mark your calendar to update in September 2025 ... Hellow Joachim! Thanks for remarkble tip ^^^ Sincerely, Byung-Hee ___ Postfix-users mailing list -- postfix-users@postfix.org To

[pfx] Re: DANE and DNSSEC

Benny Pedersen via Postfix-users writes: > Byung-Hee HWANG via Postfix-users skrev den 2023-05-19 04:26: > >> Thanks for advice! >> >>>[renewalparams] >>>reuse_key = True >>>preferred_chain = ISRG Root X1 > >> And

[pfx] Re: DANE and DNSSEC

Viktor Dukhovni via Postfix-users writes: > On Thu, May 18, 2023 at 09:22:34PM +0900, Byung-Hee HWANG via Postfix-users > wrote: > >> And now i added TLSA record for only *outbond* smtp server, >> . > > It is also your secondary MX host: > > https://stats.dns

[pfx] Re: DANE and DNSSEC

On Thu, May 18, 2023 at 09:22:34PM +0900, Byung-Hee HWANG via Postfix-users wrote: > Byung-Hee HWANG via Postfix-users writes: > > > Now i added DNSSEC. Currently it is being registra job. 10 minutes ago, > > i did make some DS record at Cloudfalre. > > > > Than

[pfx] Re: DANE and DNSSEC

Byung-Hee HWANG via Postfix-users writes: > Now i added DNSSEC. Currently it is being registra job. 10 minutes ago, > i did make some DS record at Cloudfalre. > > Thanks to Joachim, Patrick and raf ^^^ And now i added TLSA record for only *outbond* smtp server, <>. I rea

[pfx] Re: DANE and DNSSEC

Now i added DNSSEC. Currently it is being registra job. 10 minutes ago, i did make some DS record at Cloudfalre. Thanks to Joachim, Patrick and raf ^^^ Sincerely, Byung-Hee ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe

[pfx] Re: DKIM and DMARC

Tom Reed via Postfix-users writes: > Hello list, > > Should we reject failed message on DKIM validation stage, or DMARC > validation stage, or both? I even DKIM-sign the mail one more time. For forwarding to Gmail. See https://gitlab.com/soyeomul/Gnus/-/raw/master/DKIM/setup-policy.lua

[pfx] Re: question: "said: 550 Mail was identified as spam"

Hi lty, On Fri, May 12, 2023 at 03:32:45PM +0800, lty--- via Postfix-users wrote: > (...) > We are using postfix 2.11 version. Really? My postfix version are: yw-0919: Postfix 3.3.0 / Ubuntu 18.04 LTS yw-1204: Postfix 3.5.18 / Debian 11 Bullseye And yw-1204 have OpenDKIM 2.11 as *Outbond* SMTP

[pfx] Re: DANE and DNSSEC

raf via Postfix-users writes: > On Thu, May 11, 2023 at 03:17:21PM +0900, Byung-Hee HWANG via Postfix-users > wrote: > >> Hellow Postfix hackers, >> >> I have a questions while reading DANE docs. Is DNSSEC mandotary? For >> making DANE mail server. >&

[pfx] Re: DANE and DNSSEC

Dear Patrick, Patrick Ben Koetter via Postfix-users writes: > (...) > You don't need DNSSEC for your DNS zone *if* your server should DANE-verify > other DANE enabled receiver platforms. In this case all you need to do is run > a DNSSEC-verifying DNS resolver on your server (not

[pfx] Re: DANE and DNSSEC

Joachim Lindenberg via Postfix-users writes: > DNSSEC is mandatory for DANE. Hellow Joachim! Thanks for kind replying ^^^ Sincerely, Byung-Hee -- ^고맙습니다 _布德天下_ 감사합니다_^))// ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe

[pfx] DANE and DNSSEC

Hellow Postfix hackers, I have a questions while reading DANE docs. Is DNSSEC mandotary? For making DANE mail server. For now i'm running two postfix servers in public. Actually i'm beginner in both DANE and DNSSEC. Any comments welcome! Sincerely, Byung-Hee -- ^고맙습니다 _布德天下_ 감사합니다_^))//

[pfx] Re: Postfix documentation pitfalls. virtual_alias_maps and main.cf macros

Viktor Dukhovni via Postfix-users writes: > (...) > [ Yes, one could also craft "classless" access(5) tables, ... and rely > only on explicit transport(5) table entries, opting out of all the > taxonomy that makes it easier to reason about Postfix mail routing, > but this is not a good

[pfx] Re: TLS Library Problem? (SSL_accept error from ...)

On Fri, May 05, 2023 at 06:55:23PM -0500, E R via Postfix-users wrote: > I have setup Postfix so that internally I offer TLS to systems but do not > require it since I have no control over their configuration. I did > extensive testing to ensure that the mail gateway supports TLS and accepts >

[pfx] Re: stop bulk messages

Corey Hickman via Postfix-users writes: > Hello list, > > Some clients abuse the outgoing smtp server for sending bulk messages. > The messages have the same content of business promotion letter. > Do you know how to stop this behavior? > You can not stop it if he/she is paid user. Instead,

[pfx] Re: Domain scoring

Ken Peng via Postfix-users writes: > Do you know any plugins for scoring a domain? > For example, new registered domain, free domain get the low scores. How about dnswl.org? Sincerely, -- ^고맙습니다 _布德天下_ 감사합니다_^))// ___ Postfix-users mailing list --

[pfx] Re: forwarding questions

Tom Reed via Postfix-users writes: > (...) > How can I setup it to both reach local mailbox and forwarding? > You first have to read 3 times very carefully: https://support.google.com/mail/answer/175365?sjid=13805511033984428370-AP I read all emails at Gmail. Yes i'm forwarding user like you.

[pfx] Re: Regarding transport maps (sender_dependent_relayhost_maps not working)

Matus UHLAR - fantomas via Postfix-users writes: > (...) > for envelope from, simple access map should be enough: > http://www.postfix.org/access.5.html > > and use DISCARD Ok. Thanks for the heads-up, Matus! Sincerely, Byung-Hee -- ^고맙습니다 _地平天成_ 감사합니다_^))//

[pfx] Re: Regarding transport maps (sender_dependent_relayhost_maps not working)

Andrew Athan via Postfix-users writes: > (...) > My goal is to silently discard all inbound mail from a certain > domain. Or actually, I may wish to redirect all of that mail either to > a flat file (similar to the proposed blackhole transport) or (...) Go with easy way. See header_checks. `man

[pfx] Re: SPF: HELO does not publish an SPF Record

> 2) change smtp_helo_name to > > smtp_helo_name = $mydomain It is very strange, i think. Sincerely, -- ^고맙습니다 _地平天成_ 감사합니다_^))// ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to

[pfx] Re: forwarding setup for mailbox user

tom--- via Postfix-users writes: > Hello, > > for a mailbox user, such as my one t...@myposts.ovh, where to define > the forwarding? for example, I want messages sent to this mailbox to > be copied to gmail. Hellow tom, DKIM is good for you if you are domain's owner. This is general

[pfx] Re: invalid and non-fqdn hostname

Ken Peng via Postfix-users writes: > (...) > for instance, 腾讯.公司 is a invalid hostname, but it is a fqdn > hostname which will pass the check by the second clause. Good example, thanks! Sincerely, -- ^고맙습니다 _地平天成_ 감사합니다_^))// ___ Postfix-users

[pfx] Re: secondary MX server

Corey Hickman via Postfix-users writes: > Hello, > > Since almost every sending MTA has the queues, do I need a secondary > MX for my domain email? > > I am afraid the secondary MX was abused by spammers. > > Thanks. I am now running secondary mx. It is valuable for me. Use MTA-STS (testing is

[pfx] Re: What is best way for backup solution?

Dear Matt, Matt Kinni via Postfix-users writes: > Are you just talking about backing up the config files in /etc/postfix? > I would recommend using git for version control; there is nothing > special about backing up the postfix configs vis a vis any other > service on your machine. It also

[pfx] What is best way for backup solution?

Hellow, I am running two Postfix servers. Both are in Cloud -- Google GCP and Rimuhosting-EU VM. Recently i thought that i have to backup servers setting values. Because sometimes i meet minor accidents. Somebody say Docker is good for backup. Though i would like to hear more opinions. Any

[pfx] Re: Configuration of postfix on Ubuntu 22

Aosars Repository via Postfix-users writes: > Hi all, > I have installed postfix on Ubuntu server 22 and configured to use gmail > smtp.But it fails to send mails. > Can some share with me a step by step guide on installation and > configuration. At first, as Ralf already mentioned, make

[pfx] Re: Test Post - Please Ignore

duluxoz via Postfix-users writes: > Sorry Everyone, but I need to test if my posts are going through > > Please ignore (or feel free to send me a confirmation) > > Cheers > > Dulux-Oz Looks good. But Subject's prefix [pfx] or [P-U] are too rich. Just it is minority feedback... Sincerely, --

Re: AW: AW: transport map with TLS policies?

Dear Joachim, "Joachim Lindenberg" writes: > Couldn´t run the python script due to postfix in docker, but can run > postfix-finger domain - but this tells me what I already knew and > wrote in my first mail. The certificate is not trusted and thus verify > as default does not work, and it

Re: transport map with TLS policies?

Viktor Dukhovni writes: > (... thanks ...) > Yes. But in your case (with an overly strict default policy, requiring > may exceptions) it would be more appropriate to define a dedicated > transport for opportunistic unauthenticated TLS: > > # Or "dane" instead of "may" if you have a working

Re: tricky dual delivery challenge

Hellow charlie, charlie derr writes: > Greetings fine postfix wizards, > > We are in the process of transitioning from a local postfix and dovecot > infrastructure to using gmail. While we're in the process of copying > over all of our users' archived email to the new gmail environment, we'd >

Re: AW: transport map with TLS policies?

Hellow Joachim, "Joachim Lindenberg" writes: > Hello Byung-Hee, > I do have all of the following in my TLS policy: > domainmay > mx.domain may > [mx.domain]:25may > and it doesn´t work for me. Well you could check that your server is 'good' or 'not

Re: transport map with TLS policies?

Hellow Joachim, "Joachim Lindenberg" writes: > I wanted to send a mail to a domain yesterday, that was using dead MX records > and one > the one MX that was alive, was presenting an untrusted certificate (my server > uses verify > by default). I added a transport map (or “route” as

Re: dkim signing outbound MAILER-DAEMON messages - is it worth it?

Hellow Matt, Matt Kinni writes: > I have opendkim configured via 'smtpd_milters' to sign all outbound > mail, and my domain publishes a "quarantine" dmarc record to enforce > the consequences of this. > > I recently discovered that MAILER-DAEMON messages generated by postfix > itself bypass

Solved (Was: Re: dnswl.org lookup error)

Byung-Hee HWANG writes: > Hellow! > > I am running postfix server under Ubuntu 18.04 LTS at Google Compute > Engine. The hostname is <>, open port is 25 only. > > The server conf are bellow: > <https://gitlab.com/soyeomul/Gnus/-/raw/karma/DKIM/smtp-conf.yw-0919

Re: dnswl.org lookup error

Dear Dominic, Dominic Raferd writes: > On 08/05/2022 11:59, Byung-Hee HWANG wrote: >> Dear Bastian, >> >> Bastian Blank writes: >> >>> Hi >>> >>> On Sun, May 08, 2022 at 07:42:00PM +0900, Byung-Hee HWANG wrote: >>>

Re: dnswl.org lookup error

Dear Bjoern, Bjoern Franke writes: > Hi, > >> I think your system is using systemd-resolved for DNS lookups; this >> hands off the real work of resolving to public resolvers, so RBLs will >> block your lookups. This is a normal setup for a systemd-based distro >> but is not appropriate for a

Re: dnswl.org lookup error

Dear Bastian, Bastian Blank writes: > Hi > > On Sun, May 08, 2022 at 07:42:00PM +0900, Byung-Hee HWANG wrote: >> May 8 10:24:25 bionic190316003 postfix/smtpd[10918]: warning: >> 17.188.51.209.list.dnswl.org: RBL lookup error: Host or domain name >> not found.

dnswl.org lookup error

Hellow! I am running postfix server under Ubuntu 18.04 LTS at Google Compute Engine. The hostname is <>, open port is 25 only. The server conf are bellow: So now question. After i added 'permit_dnswl_client list.dnswl.org',

Re: what's a encrypted email?

wilson writes: > today everyone claim they are encrypted email provider. > what's the definition of an encrypted email? messages and headers and > logs were encrypted in the rest? I think RFC 8461 is worth considering, thanks! Sincerely, Linux fan Byung-Hee -- ^고맙습니다 _布德天下_ 감사합니다_^))//

Re: Postfix stable release 3.7.1 and legacy releases 3.6.6, 3.5.16, 3.4.26

Greg Klanderman writes: >> On April 18, 2022 Wietse Venema wrote: > >> * (problem introduced: Postfix 3.0) With dynamic map loading >> enabled, an attempt to create a map with "postmap regexp:path" >> would result in a bogus error message "Is the postfix-regexp >> package

Re: password security

Dear Viktor, Viktor Dukhovni writes: > On Tue, Apr 26, 2022 at 11:54:21PM +0900, Byung-Hee HWANG wrote: > >> > There is obviously a point where the server won't be capable of >> > handling the load, always. But what are the odds with "just" a >> >

Re: password security

> There is obviously a point where the server won't be capable of > handling the load, always. But what are the odds with "just" a > brute-force on passwords/accounts? > Our outbound/internal mail gateway handles the traffic for +2K > every-day users +28K occasional users. Millions emails per

Re: how other MTA talks to me

>> This is useful testing site: >> Also smtp*_tls_loglevel are useful to debug. Thanks ^^^ Sincerely, Linux fan Byung-Hee -- ^고맙습니다 _布德天下_ 감사합니다_^))//

Re: how other MTA talks to me

"ミユナ (alice)" writes: > (... thanks ...) > but for smtp service on port 25, how other MTA talks to me? they are > using plain, startTLS or SSL? This is useful testing site: Thanks ^^^ Sincerely, Linux fan Byung-Hee -- ^고맙습니다 _布德天下_ 감사합니다_^))//

Re: question about certificates usage

"ミユナ (alice)" writes: > Olivier wrote: >> Tou definitely need the certificate for box.coakmail.com because that's >> the actual server that receives all the traffic. > > does plain traffic on port 25 require a certificate? Maybe RFC 8461 is our friend. In my case, i did setup all MXs with the

Re: Best way forwarding to Gmail

(sorry i forgot one file) > After all, i did make decision. See here: > This is the full headers: (the above thing)

Re: setup postfix to send email

Dear roberts, r r writes: > Hello, > > My domain registrar has email forwarding for free. I plan to setup a > authorized SMTP in my ubuntu VPS for sending email from this domain. > I am newbie to email server and postfix. > Do you have any suggestion on doing this? Do you read rfc 8461? That

Re: Best way forwarding to Gmail

(... sorry for late ...) Byung-Hee HWANG writes: > Hellow, > > My final Inbox Provider is Gmail(soyeo...@gmail.com) for 13 years. Also > i added paid plan of Google Workspace for > > Someday far later i have to plan. That is to forward into > soyeo...@gmail.com

Re: AW: Best way forwarding to Gmail

Dominic Raferd writes: > On 06/04/2022 13:26, Byung-Hee HWANG wrote: >> "Ludi Cree" writes: >> >>> (...thanks...) >>> My advice is not to forward to GMail if you can not exclude spam. >>^^

Re: AW: Best way forwarding to Gmail

"Ludi Cree" writes: > (...thanks...) > My advice is not to forward to GMail if you can not exclude spam. ^ This is a worthwhile answer for me, thanks! > Greets, > Ludi Sincerely, Byung-Hee -- ^고맙습니다 _和合團結_ 감사합니다_^))//

Best way forwarding to Gmail

Hellow, My final Inbox Provider is Gmail(soyeo...@gmail.com) for 13 years. Also i added paid plan of Google Workspace for Someday far later i have to plan. That is to forward into soyeo...@gmail.com all emails (on soyeo...@doraji.xyz). (If True) then, i will subtract paid plan of Google

Re: Solved

Viktor Dukhovni writes: > On Tue, Apr 05, 2022 at 12:54:55PM +0900, Byung-Hee HWANG wrote: > >> soyeomul@yw-1204:~$ cat /etc/postfix/relay_clientcerts >> D7:5B:D1:A0:EA:A1:8D:9F:7A:4D:77:47:AD:DE:2D:07 yw-0919.doraji.xyz >> 01:7A:51:89:E5:C0:07:17:51:66:0D:C5:77

Solved (Was: Re: relay with permit_tls_clientcerts)

Byung-Hee HWANG writes: > (...) > There is how-to and example docs related on permit_tls_clientcerts? > (before i did try googling but failed) Oh, now i resolved! #+BEGIN_SRC text soyeomul@yw-1204:~$ cat /etc/postfix/relay_clientcerts D7:5B:D1:A0:EA:A1:8D:9F:7A:4D:77:47:AD:DE:2D:0

relay with permit_tls_clientcerts

Hello, I'm using Google Workspace and Postfix (Only Outbound). I am very interested in permit_tls_clientcerts. In particular, i would like to relay by permit_tls_clientcerts. Because it seems like very reliable and trust! There is how-to and example docs related on permit_tls_clientcerts?

Re: Recommendations on an spf record?

In Article

Re: Country IP block list

, -- Byung-Hee HWANG ∑ WWW: http://izb.knu.ac.kr/~bh/

Re: domainkey

At Wed, 19 Aug 2009 10:31:45 -0500, AMP Admin wrote: We have the following setup for dkimproxy but it's only signing with dkim and not domainkey. We would like to do both. Any ideas? Use sender_map.conf ;; -- Byung-Hee HWANG ∑ WWW: http://izb.knu.ac.kr/~bh/

Re: IPv6 and smarter relaying

server (for testing IPv6 feature), try to mx1.freebsd.org. Especially, send mail to t...@freebsd.org, which is to allow anybody with free charge. Sincerely, -- Byung-Hee HWANG ∑ WWW: http://izb.knu.ac.kr/~bh/

Re: Postfix and IDENT (RFC1413)

At Mon, 10 Aug 2009 09:30:10 +0200, Ralf Hildebrandt wrote: * Byung-Hee HWANG b...@izb.knu.ac.kr: Thanks for good point, Ralf. Then i would like to give you the question again. How can i make to enable the above IDENT feature with Postfix? There is no such thing. And nobody ever needed

Re: Postfix and IDENT (RFC1413)

Ralf Hildebrandt ralf.hildebra...@charite.de writes: * Byung-Hee HWANG b...@izb.knu.ac.kr: http://izb.knu.ac.kr/~bh/stuff/sendmail20090809001.txt Can you please explain about the example? Received: from ameno.mahoroba.org (IDENT:MAcVWWSsCq+jNgyMzEhX/rHMZDkharVcRZn2EgHiFH

Re: Warning: SASL authentication failure: no user in db

, the default authentication mechanism in FreeBSD system is pam [1]. For more information, have a look saslauthd(8) with care ;; Sincerely, [1] http://www.freebsd.org/cgi/cvsweb.cgi/ports/security/cyrus-sasl2-saslauthd/files/saslauthd.sh.in?rev=1.2;content-type=text%2Fplain -- Byung-Hee HWANG, KNU ∑ WWW

Re: help with dkimproxy

, -- Byung-Hee HWANG, KNU ∑ WWW: http://izb.knu.ac.kr/~bh/

Re: dk dkim with dkimproxy

, -- Byung-Hee HWANG, KNU ∑ WWW: http://izb.knu.ac.kr/~bh/

Re: dk dkim with dkimproxy

public DNS (eg, bitsy.mit.edu) ;; $ host -t txt fakessh.eu._domainkey.fakessh.eu. bitsy.mit.edu. Sincerely, -- Byung-Hee HWANG, KNU ∑ WWW: http://izb.knu.ac.kr/~bh/

Re: matching IP ranges in headers

Google Apps: http://www.google.com/a ;; Unfortunately, Google Apps is the best solution for spam filtering, as far as i know. Sincerely, -- Byung-Hee HWANG, KNU ∑ WWW: http://izb.knu.ac.kr/~bh/

sending email with Gnus

Hello, As far as i know, Postfix does not support GNU TLS. Nevertheless! Is it possible sending email with Gnus (MUA) via Postfix (MTA)? In the future, i'll move to Gnus from Thundirbird. For now, only problem is an association with Postfix and GNU TLS. byunghee

Re: Installing DKIM

LuKreme wrote: [...] The other question is what do most people do with the check on the DKIM if a message fails, reject outright? Won't this mess up any forwarded mail? Because of DKIM and related specifications are in a time of transition stage, it is not good to reject directly if a

Re: [OT] with ezmlm

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Wietse Venema wrote: Byung-Hee HWANG: (first of all, sorry if it is already discussed and a known issue) Is that possible to set up Postfix with ezmlm? I'm considering to make a private mailing list with ezmlm. Yep, i think ezmlm is more fast

Re: OT: Sender Header

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Brian Evans - Postfix List wrote: [...] It is added by the mail client, not the server. Can you please show me some example? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (FreeBSD) Comment: Using GnuPG with Mozilla -

[OT] with ezmlm

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 (first of all, sorry if it is already discussed and a known issue) Is that possible to set up Postfix with ezmlm? I'm considering to make a private mailing list with ezmlm. Yep, i think ezmlm is more fast than mailman. Can you please help me for

Re: free certificate over TLS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Victor Duchovni wrote: On Tue, Oct 28, 2008 at 09:34:11AM +0900, Byung-Hee HWANG wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Noel Jones wrote: This should have all the information you need: http://www.postfix.org/TLS_README.html

free certificate over TLS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Recently, actually i'm interested in a certificate over TLS on SMTP as like ISC's MX. However, i don't know how to use that. Is there anyone to use certificate over TLS? Can you please give me some hint? Or information? Thanks in advance ;; byunghee

Re: free certificate over TLS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Noel Jones wrote: This should have all the information you need: http://www.postfix.org/TLS_README.html If you have specific questions after reading the above, please see: http://www.postfix.org/DEBUG_README.html#mail Ah Noel, thank you quick

Re: [OT] What is a condition for ideal mail server?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 mouss wrote: Byung-Hee HWANG a écrit : [...] - Use the submission port (587) with TLS+SASL. What is different between using 25 and using 587? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (FreeBSD

[OT] What is a condition for ideal mail server?

Hi, i'm not a serious hacker nor a power user for Postfix. I'm just using Postfix. Recently, i'm interested in setup ideal mail server for outgoing. Already i moved my mailbox to Google Apps because i could not handle so many spam. So now making receiving SMTP is not my concern. Only my

envelope_sender VS header_sender

i saw some terms envelope _sender and header_sender in postfix docs on public postfix website. it is so confused to me. what is different between envelope_sender and header_sender? according to RFC 2822, there is described about Sender and From. is the terms (envelope_sender, header_sender)

Re: envelope_sender VS header_sender

(first, i want to send big thank you! for Vitor, mouss, Wietse ;;) On Sun, 2008-10-12 at 12:28 -0400, Wietse Venema wrote: Byung-Hee HWANG: i saw some terms envelope _sender and header_sender in postfix docs on public postfix website. it is so confused to me. what is different between

  1   2   >