On Sun, May 26, 2024 at 5:57 AM John Fawcett via Postfix-users <
postfix-users@postfix.org> wrote:
For submission I only use xbl (return code 127.0.0.4) excluding other
other data contained in zen like pbl that lists isp dynamic ip ranges from
which you would normally expect to get connections
xbl listed clients with postscreen, one would configure
xbl.spamhaus.org or zen.spamhaus.org=127.0.0.4
On 5/27/24 4:13 AM, Matus UHLAR - fantomas via Postfix-users wrote:
While they are the same, I recommend using the latter, so you can
benefit from caching DNS results in case the same source IP
> postscreen_dnsbl_sites = zen.spamhaus.org=127.0.0.[2..11]
John Hill via Postfix-users:
Is this the same thing?
On 25.05.24 15:54, Wietse Venema via Postfix-users wrote:
See https://www.spamhaus.org/faqs/dnsbl-usage/#200 for a table
with the purpose of different lookup results.
To block
Stephan Seitz via Postfix-users skrev den 2024-05-24 15:01:
Carefull, if you have „smtpd_tls_auth_only = yes” (I think), then
you’ll see AUTH after STARTTLS…
On 24.05.24 15:12, Benny Pedersen via Postfix-users wrote:
port 25 must not be tls only
if its needed use another port for tls only
On 24.05.24 20:41, Northwind via Postfix-users wrote:
my guess, submission clients were using ehlo, and a mx client uses
helo command. so postfix differ them based on this command?
EHLO is the extended HELO, supports SMTP extensions. Mail clients just like
servers may use either, but nowadays
-unreachable
so any outgoing (dst) packet from TCP port 25 to IP address in ipset
"block-smtp" will result in icmp port unreachable.
It can be changed to tcp-reset.
On 5/24/24 6:18 AM, Matus UHLAR - fantomas via Postfix-users wrote:
On 23.05.24 21:03, John Hill via Postfix-users wr
On 24/05/2024 03:15, Peter via Postfix-users wrote:
No you definately should disable auth on port 25 regardless. It is
possible for postscreen to pass a connection to smtpd and smtpd can
*then* offer auth.
To answer your original question, you can just set -o
smtpd_sasl_auth_enable=no in
On 23.05.24 21:03, John Hill via Postfix-users wrote:
I use Fail2Ban to block the failed IP. The script writes it into the
nftables table immediately.
I think this keeps Postfix waiting and times out, not a big deal. Is
there a cli that my bash script could force disconnect the ip from
Zen includes the "PBL" component, which consists largely of
residential and mobile consumer IPs.
On 24/05/24 02:12, Matus UHLAR - fantomas via Postfix-users wrote:
Yes, but these are (usually) not considered valid clients, these
should use submission/submissions(smtps) p
On 23.05.24 20:51, Alexander Kolesnikov via Postfix-users wrote:
23.05.2024 19:06, Wietse Venema via Postfix-users пишет:
Aleksandr Kolesnikov via Postfix-users:
if the user requests a DSN, he receives a delivery message via the
...
how to prohibit the sending of such DSN?
Perhaps:
thank you
Wietse.
On 2024-05-23 at 02:31:05 UTC-0400 (Thu, 23 May 2024 08:31:05 +0200)
Matus UHLAR - fantomas via Postfix-users
is rumored to have said:
not, unless they are listed in zen.spamhaus.org, which should not
happen.
On 23.05.24 09:45, Bill Cole via Postfix-users wrote:
Ze
Don't accept mail from home networks. For example, use "reject_dbl_client
zen.spamhaus.org". For this you must use your own DNS resolver,
not the DNSresolver from your ISP.
On 23.05.24 07:00, Northwind via Postfix-users wrote:
will this also stop the valid client's SMTP connection? thank you
On 21.05.24 15:13, Kevin Cousin via Postfix-users wrote:
We are using Postfix as relay for our internal apps. This apps are
sending mails to final users with from nore...@example.net, but
sometimes, adresses are wrong and a Non delivery notification is
generated ans sent back to
Richard Rosner via Postfix-users:
I have a mailing server setup based on Debian Stable that uses
postfix for IMAP and SMTP and dovecot for internel mail handling,
You mean, Postfix for SMTP, Dovecot for IMAP.
Possible.
like filtering, sorting into users inboxes etc. I now wanted to
set
reverses the ipv6 ip, thus
not recognizing it like postscreen?
Matus UHLAR - fantomas via Postfix-users skrev den 2024-05-15 11:29:
This is how DNSBLs work, so you can simple block 2607:f8b0:4864:: by
defining *.4.6.8.4.0.b.8.f.7.0.6.2.bl.spamcop.net
On 15.05.24 12:17, Benny Pedersen via Postfix
On 15.05.24 11:25, Jos Chrispijn via Postfix-users wrote:
Recently I noticed this in my logfile:
0.3.9.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.bl.spamcop.net:
Host or domain name not found. Name service error for
On 11.05.24 23:55, Jason Hirsh via Postfix-users wrote:
Still chasing ssl/tls issue
I have they error message
postfix/smtps/smtpd[39559]: warning: TLS library problem: error:14094416:SSL
routines:ssl3_read_bytes:sslv3 alert certificate
On 07.05.24 17:13, Дилян Палаузов via Postfix-users wrote:
I try to understand the difference between alias_database and alias_maps.
Or, does postalias/newaliases use is alias_database as input, ignoring
alias_maps, while local ignores alias_databases and uses alias_maps?
Precisely.
On 02.05.24 12:53, Tim Coote via Postfix-users wrote:
I think that I’ve now fixed this in my domain, so I thought I’d just note
the route to finding it, more as a comment on the complexity of working
out what’s going on.
After making a simple robot to send emails with long headers and
On Apr 24, 2024, at 09:05, John Levine via Postfix-users
wrote:
I suppose, but sending bare LF in SMTP is definitely wrong, so he needs to
fix that first.
On 28.04.24 19:15, Doug Hardie via Postfix-users wrote:
Well, the header lines are properly terminated by CRLF. However, the text
lines
On 15/04/24 10:14, Benny Pedersen via Postfix-users wrote:
Authentication-Results list.sys4.de; dkim=pass
header.d=porcupine.org; arc=none (Message is not ARC signed);
dmarc=pass (Used From Domain Record) header.from=porcupine.org
policy.dmarc=none
On 25.04.24 19:19, Peter via
On 22.04.24 22:55, Doug Hardie via Postfix-users wrote:
This is probably not the right place to be asking this as it is not
directly Postfix related, but I don't know a better group to ask. For
years I have sent text messages and just let the lines run on. Only
inserting a \n for the start
On 13.04.24 12:51, Paul van der Vlis via Postfix-users wrote:
Unfortunately, I have quite a few customers who want to receive email
from their own domain at a different email address, such as a Gmail or
Hotmail address. I forward this in /etc/postfix/virtual.
But I actually don't understand
On 14.04.24 00:53, Marek Podmaka via Postfix-users wrote:
When/how does postfix prevent duplicate deliveries when delivering to an
alias and explicitly also to the alias result? For example all@domain + Cc
to one of the members of that alias. I have found parameters
"duplicate_filter_limit" and
Στις 11/4/24 10:59, ο/η Matus UHLAR - fantomas via Postfix-users έγραψε:
It still works, but you may need supplementary software as amavis,
sagator, spamass-milter or mimedefang because SpamAssassin only
focuses on classification, not about delivery.
On 11.04.24 11:54, Dimitris via Postfix
On 11.04.24 15:41, Mr. Peng via Postfix-users wrote:
BTW, is spamassassin still a popular option for antispam today? or should I
use rspamd instead?
It still works, but you may need supplementary software as amavis, sagator,
spamass-milter or mimedefang because SpamAssassin only focuses on
, Matus UHLAR - fantomas via Postfix-users wrote:
I use them on many servers.
I just use postscreen which supports scoring and only block when
more than one blocklist hits.
On 11.04.24 09:55, DL Neil via Postfix-users wrote:
For the benefit of those of us following-along with the conversation
Dnia 10.04.2024 o godz. 10:22:52 Bill Cole via Postfix-users pisze:
> I have been using spamhaus, spamcop, sorbs as the RBL providers for
> antispam.
> But some of the customers speak to me about the FP issues caused by RBL.
> Do you think the three RBL above are reliable in a practical system?
On 10.04.24 17:46, Mr. Peng via Postfix-users wrote:
I have been using spamhaus, spamcop, sorbs as the RBL providers for
antispam.
But some of the customers speak to me about the FP issues caused by RBL.
Do you think the three RBL above are reliable in a practical system?
I use them on many
Dnia 9.04.2024 o godz. 11:11:31 Paul van der Vlis via Postfix-users pisze:
When I want to make an alias, I try this in /etc/aliases:
"al...@domain.nl": j...@domain.nl
But when I sent mail, I get a bounce with "user unknown".
When I do this in /etc/aliases:
alias: j...@domain.nl
This works
server
and deliver it to the outside world, and supply bounce/error
notifications.
So, where did you see the error? Can you post the whole syslog message?
On 3/28/2024 7:15 AM, Matus UHLAR - fantomas via Postfix-users wrote:
Please use plaintext for list mail.
On 28.03.24 06:39, Samuel Goodies via Postfi
Please use plaintext for list mail.
On 28.03.24 06:39, Samuel Goodies via Postfix-users wrote:
Ok, I got it installed and running, but any mail from the server to be
relayed gets this error.
--> DATA
<-- 530 5.7.0 Authentication required
--> QUIT
are you trying to send mail to this
On 25.03.24 16:11, Daniel Marquez-Klaka via Postfix-users wrote:
I have a problem with check_sender_access that I can't find a solution
to.
My setup actually works very well with the exception of bounce handling.
More on that later, first to describe my setup:
2 postfix mail server, one,
On Thu, Mar 21, 2024 at 03:20:23PM +0100, Matus UHLAR - fantomas via
Postfix-users wrote:
Wietse Venema via Postfix-users:
smtpd_discard_ehlo_keyword_address_maps =
cidr:{ {!10/8 silent-discard,dsn} }
On 23.02.24 11:12, Wietse Venema via Postfix-users wrote:
But that does
Matus UHLAR - fantomas via Postfix-users:
> as I maintain some mail gateways with postfix, I would like to discard the
> DSN ehlo keyword, from all hosts but internal network.
>
> I see that with smtpd_discard_ehlo_keyword_address_maps
> "Tables will be searched in the s
On 19.03.24 07:10, Fourhundred Thecat via Postfix-users wrote:
All these aliases are delivered to the users home / maildir.
Now I would like to have yet another alias/email address, but instead of
having the emails delivered to my main user, I would like to just
collect the emails in some
On 15.03.24 15:06, Noel Jones via Postfix-users wrote:
Postscreen by design only looks at the IP, and has no mechanism to
consider other envelope data.
The solution is to not use a DNSBL that routinely blocks wanted mail
in postscreen.
Or, set postscreen_dnsbl_threshold high enough so it
Stephen Satchell via Postfix-users skrev den 2024-03-08 06:52:
grep relay= mail.log | grep -v relay=local
I can then use the message ID to get all the log information for
each questioned transaction.
Am I on the right road? Please disabuse me of any incorrect notions.
On 08.03.24 12:47,
On 07.03.24 12:14, Wietse Venema via Postfix-users wrote:
The Postfix SMTP server counts only the recipients that it accepts,
not the ones that it rejects.
That is, a DATA or BDAT command after all recipients are rejected
will result in a "554 5.5.1 Error: no valid recipients".
So I guess
On 07.03.24 21:52, Stephen Satchell via Postfix-users wrote:
Assuming that one's configuration has open relay, what does a log
entry for relayed mail look like?
It looks like any other mail, just it was received without authentication,
from unstrusted clients and sent to remote (not in
You can also configure a non-zero smtpd_client_message_rate_limit
On 07.03.24 17:21, Colin McKinnon via Postfix-users wrote:
H, not so sure about that. The docs do advise against this for
legitimate traffic - and I've yet to see anything in the documentation that
describes what happens
On 07.03.24 11:16, Ralf Hildebrandt via Postfix-users wrote:
I'm using postfwd3 as a policy service for rate limiting based on the
envelope sender address and number of recipients.
not authenticated user? ;-)
We're both limiting "freemailer" senders (they can only reach a low
number of
On 3 Mar 2024, at 19:24, Matus UHLAR - fantomas via Postfix-users
wrote:
The question was if there is other solution for this.
On 04.03.24 11:52, Gerben Wierda via Postfix-users wrote:
Indeed. If I use an alias in /etc/aliases, mail from X to that alias gets
delivered to my original
Matus UHLAR - fantomas via Postfix-users skrev den 2024-03-03 15:59:
milters vrfydmn and milterfrom, which allow you to reject mail where
envelope and header from: are different
On 03.03.24 17:20, Benny Pedersen via Postfix-users wrote:
ok if smtpd_milter_maps knows all maillist ips to not use
Gerben Wierda:
Aliases are nice, to receive mail. But when you reply, the address behind the
alias is exposed.
On 03.03.24 17:59, David Bürgin via Postfix-users wrote:
I’m puzzling a bit over this statement … I also use aliases but was not
aware that they would expose my real address?
You
On 03.03.24 10:40, Paul Menzel via Postfix-users wrote:
A user had their password guessed/leaked, and the account was used to
send spam/phishing messages – but only once an hour or so, so it
wasn’t detected as abnormal traffic. One thing detectable thing would
have been, that the sent
On 28.02.24 21:31, Scott Techlist via Postfix-users wrote:
As I understand from your explanation, if I keep my
parent_domain_matches_subdomains = smtpd_access_maps
Then the preceding dot format is moot/not needed. Only
outbound.protection.outlook.com OK
I recommend keeping
On 24.02.24 07:43, lists--- via Postfix-users wrote:
https://www.dnswl.org/?page_id=15
I get your point but this is for a different blocking list. That is
spamcop and spamassassin have different blocking lists.
you can still use postscreen which supports multiple weighed block/allow
lists,
:03:54 AM Matus UHLAR - fantomas via Postfix-users
:
What's in /etc/postfix/rbl_override ? It obviously does not match 40.107.93.98
On 24.02.24 06:12, lists--- via Postfix-users wrote:
The rbl_override file only contains domain names with "space OK". If I
whitelisted that IP addres
On 24.02.24 00:49, lists--- via Postfix-users wrote:
I have set up rbl_override for the sender's domain. However it
occasionally gets blocked by spamcop. The user owns a domain but relays
the mail from outlook.
Here is the bounce message the user received:
Remote server returned '550
hello,
as I maintain some mail gateways with postfix, I would like to discard the
DSN ehlo keyword, from all hosts but internal network.
I see that with smtpd_discard_ehlo_keyword_address_maps
"Tables will be searched in the specified order until a match is found."
but is it possible to
Matus UHLAR - fantomas via Postfix-users wrote in
:
...
|I can now also say that these milters:
|
|pyspf-milter
|opendkim
|opendmarc
|
|(at least their versions in Debian 12)
|
|do NOT remove existing Authentication-Results: and thus this ste is
|necessary to avoid possible confusion of mail
On Tue, Feb 20, 2024 at 06:02:22PM -0500, Wietse Venema via Postfix-users wrote:
- You'd better add $$ at the end of the pattern, to anchor the regular
expression.
On 20.02.24 20:22, Viktor Dukhovni via Postfix-users wrote:
Actually, that hostname is typically followed by additional data
Am 22.02.24 um 15:58 schrieb Wietse Venema via Postfix-users:
michaelof--- via Postfix-users:
2024-02-22T13:56:15.715392+01:00 vserver postfix/submission/smtpd[150038]: connect
from
2024-02-22T13:56:15.715607+01:00 vserver postfix/submission/smtpd[150038]: improper
command pipelining after
On 22.02.24 15:28, michaelof--- via Postfix-users wrote:
Postfix 3.7.3 on OpenSuse Leap 15.5
I've set up my private Postfix for outgoing SMTP traffic with authentication,
port 587, starttls, password normal.
Works fine for years now (2016 or so) for outgoing email sent via Thunderbird,
Reviving my a bit old question.
Matus UHLAR - fantomas via Postfix-users:
RFC 8601 section 5. requires deleting Authentication-Results headers from
incoming messages. This should be done at trusted border, so when receiving
message via SMTP from clients or the world, except MX gateways
On 15.02.24 15:27, Simon Hoffmann via Postfix-users wrote:
> - it took 4h for the sender to get a notification that the domain was not
found
Matus UHLAR - fantomas via Postfix-users wrote:
this should be configuable by tuning delay_warning_time
On 15.02.24 16:10, Simon Hoffmann via Post
On 15.02.24 15:27, Simon Hoffmann via Postfix-users wrote:
I have a dedicated postfix machine that I use as a smarthost for all my outgoing
email from my internal servers. The smarthost even has only ports 465 and 587
enabled/opened.
Recently we had the case that an internal used composer an
On Wed, 2024-02-07 at 12:15 -0500, Viktor Dukhovni via Postfix-users
wrote:
I prefer to have logs that record what I'm blocking. With firewall
rules there's not sufficient forensic evidence left behind.
On 14.02.24 19:11, Nikolai Lusan via Postfix-users wrote:
Here's a tip - try the 'LOG'
On 13.02.24 09:39, Aleksandar Ivanisevic via Postfix-users wrote:
so far so good, but on mail2.v2.eentf.com:
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_domains = 2e-systems.com
[root@mail2.v2] fgrep 943B8CCEE05 /var/log/maillog
Feb 13 08:32:38 mail2
On 09.02.24 14:58, natan via Postfix-users wrote:
Feb 2 09:02:45 mail134 opendkim[27903]: 888B43B0063:
smtpfarm4.allegro.pl [91.207.xxx.xxx] not internal
Feb 2 09:02:45 mail134 opendkim[27903]: 888B43B0063: not authenticated
Feb 2 09:02:45 mail134 opendkim[27903]: 888B43B0063: DKIM
On Feb 8, 2024, at 01:56, Matus UHLAR - fantomas via Postfix-users
wrote:
I have removed postgrey from servers I manage a few years ago.
- without good exemption lists, you'll run into hours long waiting for
email from various mail services that attempt multiple times from
multiple IP
On 07.02.24 21:51, Christophe Kalt via Postfix-users wrote:
+1 on setting up SRS, it helps with Gmail and I believe ARC does too
(although I don't have hard data on this). Interesting note about postgrey,
I didn't think that was effective any longer but maybe it is.
I have removed postgrey
Op 08-02-2024 om 04:09 schreef Peter via Postfix-users:
My recommendations are as follows (other people's recommendations
will vary):
1. Don't forward mail.
2. If you must forward mail then relay it using a different IP
address to mail that originates from you, that way if the IP gets
On 2/7/24 10:48, Matus UHLAR - fantomas via Postfix-users wrote:
postscreen is great against bots, but fail2ban with firwall are still better
against abusers.
On 07.02.24 10:52, Phil Stracchino via Postfix-users wrote:
And once you get the "Aha!" insight into how its configuration wo
On 07.02.24 10:41, John Hill via Postfix-users wrote:
This site sends nothing but junk. IN fact the domain is known for it.
I tried just rejecting the email address. But they just change it.
So I blocked the IP, they have several.
I have watched them do constant connections over and over. 20
On 07.02.24 07:59, John Hill via Postfix-users wrote:
Do mail servers as a whole stop sending an email after a few errors?
abusers never stop, others possibly.
I have a server I have blocked in my firewall. It continues to try and
is blocked as many as 4000+ times a day.
If postscreen was
On 05.02.24 16:59, Mark via Postfix-users wrote:
Hi again Matus, oh, now I got it!
After your reply, I now have in my master.cf ($mua_*);
submission inet n - y - - smtpd
-o smtpd_sasl_auth_enable=yes
-o smtpd_tls_auth_only=yes
-o
On 05.02.24 15:46, Mark wrote:
Thanks for the idea below. I'm going to try wrapping them in $mua in main.cf
.
However, you said;
"Looking at your smtpd_recipient_restrictions and using reject_rbl_client,
you need to override them too."
I really didn't get this, by "overriding" could you
On 04.02.24 22:06, Mark via Postfix-users wrote:
->"Best practice is to require submission users sending outbound mail do so
via ports 465 and/or 587."
Indeed here, I'm able to connect my smtp service *only* through;
port 465 - SSL only
port 587 - TLS only
Authentication/login is not enabled
t is your
load balancer, you should fix its reverse DNS (i.e. a PTR record at
79.157.202.186.in-addr.arpa.)
this is needed if e-mail comes from that IP.
On 2024-01-31 at 03:32:20 UTC-0500 (Wed, 31 Jan 2024 09:32:20 +0100)
Matus UHLAR - fantomas via Postfix-users
is rumored to have said:
In fact
On 30.01.24 20:20, Israel britto via Postfix-users wrote:
hello, I'm having a problem with spamhaus that I don't know how to solve.
Today I have 1 domain that uses 2 exclusive IPs 1.1.1.1 and 2.2.2.2
The PTR and rDNS entries are correctly configured:
1.1.1.1 > a1.domain.com
2.2.2.2 >
On 30.01.24 10:12, Scott Kitterman via Postfix-users wrote:
It looks to me like it does fix it.
Isn't/was't the sort important? (I'd expect it to be)
On Tuesday, January 30, 2024 9:14:09 AM EST Wietse Venema via Postfix-users
wrote:
Scott Kitterman via Postfix-users:
> In case anyone is
On 22.01.24 12:34, Taco de Wolff via Postfix-users wrote:
Sorry, this was a problem with the system-wide cryptographic policies. I
set it to DEFAULT and it works. This is unexpected though, since at least
two TLS1.3 ciphersuites are enabled with FIPS:OSPP and TLS1.3 works with
Nginx (Dovecot is
> I am currently planning to switch from OpenSMTPd to postfix for two reasons
>
> - smtpd_sender_login_maps functionality not really implemented in OpenSMTPd
> - always_bcc not possible on OpenSMTPd
Viktor Dukhovni wrote:
FWIW, I'd like to recommend "recipient_bcc_maps" over always_bcc.
Matus UHLAR - fantomas:
Do you remove those headers on your servers?
On 17.01.24 08:57, David Bürgin via Postfix-users wrote:
In my chain of milters, the very first one simply deletes incoming
Authentication-Results whose authserv-id equals $myhostname … The rest
of the milters can then
Hello,
RFC 8601 section 5. requires deleting Authentication-Results headers from
incoming messages. This should be done at trusted border, so when receiving
message via SMTP from clients or the world, except MX gateways or possibly
backup MX srevers.
I'm curious if there is a recommended
On 16.01.24 06:50, jungle.hunt--- via Postfix-users wrote:
Mail from root.brezen.example.net is rejected.
to be more precise, mail to r...@example.net is rejected:
(expanded from ): host
creampuff.example.net[fd00::11] said: 550 5.1.1
: Recipient address rejected: User
On 15.01.24 10:15, Admin Beckspaced via Postfix-users wrote:
somoene is trying to use your postfix as http proxy server.
Looks like security scanner.
do you know the type of encoding?
I would like to decode and see the actual commands.
after CONNECT usually TLS negotiation occurs, that
On 15.01.24 09:34, Admin Beckspaced via Postfix-users wrote:
dear postfix users,
since the recent SMTP smuggling issue I applied the short term
workaround by setting smtpd_forbid_unauth_pipelining = yes
I also do a daily scan on journalctl with some keywords, e.g. 'pipelining'
the following
On 11.01.24 14:08, natan via Postfix-users wrote:
I know it may seem quite strange, but I need it for my MX ...
I need a mapping every single email to the same one in pcre for
sender_login_maps.cf for
reject_sender_login_mismatch
...
smtpd_sender_login_maps =
On 10.01.24 20:18, Nikolaos Milas via Postfix-users wrote:
Unfortunately at this time I don't have the luxury to invest time in
more complex configuration scenarios as mail server management is only
a small fraction of our tiny department... I guess I have to trust
Postscreen and avoid false
On 10.01.24 17:12, Nikolaos Milas via Postfix-users wrote:
Our postfix v3.8.3 mail gateway server (for incoming mail) filters
clients using postscreen as follows:
postscreen_dnsbl_sites =
zen.spamhaus.org*3
b.barracudacentral.org*2
bl.spameatingmonkey.net*2
On 07.01.24 10:17, John Hill via Postfix-users wrote:
First I am really amazed at the amount of support, that's not true
everywhere. I also like the tone of the posts, very respectful.
I have 3.7.9 and all the settings.
Outlook protection is slamming me, 6 to 10 worthless emails every day.
Hello,
due to spam issue I'm trying to implement rate limits for outgoing mail.
I looked at postfwd and its rate limit looks promising, supporting different
limits per IP/sasl_user for internal network, webmail:
http://www.postfwd.org/ratelimits.html
Of course, if there is any other tool
On 18.12.23 13:52, Kristoff via Postfix-users wrote:
Yes, I guess it are spam or phishing mails.
The trick with "smtpd_recipient_restrictions" looks interesting. Thanks!
As I understand it now, there are three steps in this:
1/ the spammer sends us an email with destination
On 17.12.23 23:12, Kristoff via Postfix-users wrote:
I don't know if this question has already been ask, but I did not find
anything in the archive of the mailing-list.
I co-manage a postfix-server for an hobby-club. We provide
email-addresses to our members, which are linked to aliases, so
> Bill Cole via Postfix-users escribi? el 11/12/2023 a las 15:31:
>> On 2023-12-10 at 16:37:16 UTC-0500 (Sun, 10 Dec 2023 22:37:16 +0100)
>> Carlos Velasco via Postfix-users
>> is rumored to have said:
>> [...]
>>> And doing the same work in 2 different places can be called software
>>>
On 2023-12-10 at 16:37:16 UTC-0500 (Sun, 10 Dec 2023 22:37:16 +0100)
Carlos Velasco via Postfix-users
is rumored to have said:
And doing the same work in 2 different places can be called software
efficiency?
Bill Cole via Postfix-users escribió el 11/12/2023 a las 15:31:
since it was
On 09.12.23 13:53, Doug Hardie via Postfix-users wrote:
I am using postfix with postsrsd. Is there a way for postfix to log the
from address as originally received? The only addresses I find in
postfix's log are the converted addresses from postsrsd. Both addresses
are logged by postsrsd,
enter the zeitgeist and
perpetuate (see mandatory rotating passwords every 90 days) :-)
On 29/11/2023 19:45, Matus UHLAR - fantomas via Postfix-users wrote:
I completely agree, perhaps if you sent us a link we could comment.
There is of course security practice of turning off everything you
don't use, b
On 28.11.23 20:38, Matthew McGehrin via Postfix-users wrote:
I was able to replicate this error, however it's not a
misconfiguration in Postfix, but rather a policy change by Google. I
didn't notice the bounce message sooner, since it was routed to my
SPAM folder on Gmail.
The change is not
On Wed, Nov 29, 2023 at 03:00:24PM +1100, duluxoz via Postfix-users wrote:
I was reading an on-line guide about hardening Postfix and came across
a line that said that the Verify service could/should be turned off I
the master.cf file.
Is this actually good advice, or is there some sort of
On 20.11.23 22:00, Joseph Castry via Postfix-users wrote:
On my postfix server I receive some mails who are not for my domain
(jcingenierie.fr)
For exemple, I receive mails from oysu...@jipstalles.de to jcrh...@izac.fr on
my mailbox cont...@jcingenierie.fr
do you mean, you receive spam
On 18.11.23 18:16, Danil Smirnov via Postfix-users wrote:
I want to manipulate the headers (add and replace) of the outgoing mail
before the message is signed by Opendkim. If using smtp_header_checks I see
that the signature is broken - probably because Opendkim has signed the
message earlier in
On 18.11.23 07:30, Alexander Kolesnikov via Postfix-users wrote:
192.168.250.35:27 inet n - n - - smtpd -o
syslog_name=postfix/$service_name -o smtpd_delay_reject=no -o
smtpd_sender_restrictions=pcre:/etc/postfix/senders_cgp.pcre,reject_non_fqdn_sender,reject
telnet
Dino Edwards via Postfix-users skrev den 2023-11-14 13:43:
I would appreciate some assistance.
On 14.11.23 18:13, Benny Pedersen via Postfix-users wrote:
https://amavisd-milter.sourceforge.net/
just use that, it replace all milters you have
Matus UHLAR - fantomas via Postfix-users skrev
Dino Edwards via Postfix-users skrev den 2023-11-14 13:43:
I would appreciate some assistance.
On 14.11.23 18:13, Benny Pedersen via Postfix-users wrote:
https://amavisd-milter.sourceforge.net/
just use that, it replace all milters you have
it's the same as
this does not make sense unless you use it somewhere.
Can you elaborate?
yes, the configuration variable you showed is not used by anything, unless
you refer to it elsewhere in postfix configuration.
what do logs say?
On 14.11.23 11:16, Dino Edwards via Postfix-users wrote:
Logs don't
On 14.11.23 07:43, Dino Edwards via Postfix-users wrote:
I have been using OpenDKIM and OpenDMARC as smtpd_milters in Postfix and
Amavis as a content filter. I'm trying to replace OpenDKIM with Amavis for
DKIM verify and signing. The problem is that since Amavis is setup as an
after-queue
1 - 100 of 228 matches
Mail list logo
