On 1/16/2020 6:06 AM, Wietse Venema wrote:
Viktor Dukhovni:
Therefore, if this were to be made possible, the right mechanism would
be to to somehow expedite message expiration, with normal processing
on message expiration happening earlier than it would otherwise.
I have a list of
I found that when clients are using common software like Windows 7 and
Windows Live Mail, Outlook 2013, or recent versions of Thunderbird you
are still likely to see TLS 1.0 connections. If your mail server only
serves an organization where you control the client software you could
probably
Matus UHLAR - fantomas wrote on 6/25/2019 6:34 AM:
On 24.06.19 21:42, Stefan Bauer wrote:
we're publishing lookup tables through our control git repo but
hashing all
tables before commiting them to git is cumbersome. What do you
recommend?
...
Whate do you recommend?
you can try rbldnsd
The majority of blacklists work on the individual host level (IPv4 /32
or IPv6 /64). If your provider's entire /22 is being listed by public
blacklists then I suspect you either have a very disreputable provider
or the provider has indicated that the /22 is intended for use by
I don't have experience with FreeBSD provided Postfix, but in general,
you should be able to copy your config file to newer versions of postfix
with little or no changes. An alternative would be to run postconf -n on
server A to find your customizations and only copy these items to server B.
Allen Coates wrote on 9/9/2016 6:47 AM:
On 09/09/16 11:47, Wietse Venema wrote:
Is there a way of segregating IPv4 and IPv6 tests in postfix?
Not at this time. What would a segregated user interface look like
in smtpd? In postscreen?
Wietse
I was thinking along the lines of using
/dev/rob0 wrote on 9/8/2016 9:24 AM:
On Thu, Sep 08, 2016 at 02:18:41PM +0100, Danny Horne wrote:
Thanks for the reply, I found the following site which showed me I
was seriously lacking in my IPv6 config. I think I've got it fixed
now (email from GMail came through on an IPv6 address)
Viktor Dukhovni wrote on 3/10/2016 11:57 AM:
On Thu, Mar 10, 2016 at 05:22:22AM -0700, @lbutlr wrote:
smtpd_tls_exclude_ciphers =
EXPORT, LOW, MD5, SEED, IDEA, RC2
smtp_tls_exclude_ciphers =
EXPORT, LOW, MD5, aDSS, kECDHe, kECDHr, kDHd, kDHr, SEED, IDEA, RC2
With
Eero Volotinen wrote on 3/3/2016 1:12 AM:
Hi,
Can some one give working migation intructions for postfix 2.3
(postfix-2.3.3-7.el5) many of instructions are not working correctly
on so old version. (as settings are not supported)
thanks,
--
Eero
Eero, I believe you simply need to apply the
Viktor Dukhovni wrote on 3/1/2016 11:16 AM:
# Suggested, not strictly needed:
#
smtpd_tls_exclude_ciphers =
EXPORT, LOW, MD5, SEED, IDEA, RC2
smtp_tls_exclude_ciphers =
EXPORT, LOW, MD5, aDSS, kECDHe, kECDHr, kDHd, kDHr, SEED, IDEA, RC2
I noticed your exclude
Thank you Viktor.
li...@rhsoft.net wrote on 10/2/2014 9:16 AM:
Am 02.10.2014 um 16:10 schrieb Daniele Nicolodi:
I have a system with a few local users where some of them are configured
for forwarding all incoming messages to external addresses via the use
of .forward.
One of those users forwards mail to an
Homer Wilson Smith wrote the following on 3/4/2014 4:38 PM:
Dear Gentle Folk,
What is the state of the art in dealing with users whose SASL password
has been compromised?
Running CentOS, and latest postfix.
When a password gets compromised, spam starts to pour out of the
server
Blake Hudson wrote the following on 10/18/2013 4:40 PM:
Leonardo Rodrigues wrote the following on 10/17/2013 2:04 PM:
Em 17/10/13 15:09, Blake Hudson escreveu:
Based on your suggestion, I did find the following bug report for
glibc from 2008 (that looks like Wietse had an indirect hand
Leonardo Rodrigues wrote the following on 10/17/2013 2:04 PM:
Em 17/10/13 15:09, Blake Hudson escreveu:
Based on your suggestion, I did find the following bug report for
glibc from 2008 (that looks like Wietse had an indirect hand in):
http://sourceware.org/bugzilla/show_bug.cgi?id=5790
Peter wrote the following on 10/16/2013 5:32 PM:
On 10/16/2013 04:03 AM, Blake Hudson wrote:
Thanks for the reminder about where to locate the test programs Wietse.
I confirmed this appears to be an issue with RHEL5 (all patches applied
today). The issue is resolved in RHEL6. I am running
/dev/rob0 wrote the following on 10/17/2013 12:17 PM:
On Thu, Oct 17, 2013 at 12:01:39PM -0500, Blake Hudson wrote:
Peter wrote the following on 10/16/2013 5:32 PM:
On 10/16/2013 04:03 AM, Blake Hudson wrote:
Thanks for the reminder about where to locate the test programs
Wietse. I confirmed
Jeroen Geilman wrote the following on 10/14/2013 7:05 PM:
On 10/14/2013 08:41 PM, Blake Hudson wrote:
I'm seeing the following errors when a prominent North American life
insurance vendor attempts to send me email.
Oct 14 12:57:07 twinc postfix/smtpd[12194]: NOQUEUE: reject: RCPT
from
Wietse Venema wrote the following on 10/15/2013 9:55 AM:
Wietse Venema:
The DNS query is made by the SYSTEM LIBRARY functions getnameinfo()
and getaddrinfo(). Postfix has no control over how they work.
When I test this with Postfix test programs for these functions:
% ./getnameinfo
I'm seeing the following errors when a prominent North American life
insurance vendor attempts to send me email.
Oct 14 12:57:07 twinc postfix/smtpd[12194]: NOQUEUE: reject: RCPT from
unknown[216.163.249.229]: 450 4.7.1 Client host rejected: cannot find
your reverse hostname,
Just hoping to get a consensus on this. Postfix is stating that a host
(in fact several hosts from the same ISP) does not have rDNS, because
our DNS (Bind 9.8) returns SERVFAIL when looking up a PTR record for it.
The IP in question is 63.171.0.212. From my perspective, this IP does
not have a
KSB wrote the following on 3/4/2013 12:13 PM:
On 2013.03.04. 20:06, Blake Hudson wrote:
Just hoping to get a consensus on this. Postfix is stating that a host
(in fact several hosts from the same ISP) does not have rDNS, because
our DNS (Bind 9.8) returns SERVFAIL when looking up a PTR record
Pau Amma wrote the following on 3/4/2013 12:40 PM:
On Mon, March 4, 2013 6:31 pm, Blake Hudson wrote:
OK, so we ask for a PTR on 212.0.171.63.in-addr.arpa and instead receive
a CNAME (with additional). Did anyone notice that the CNAME does not
resolve?
Does for me. *shrug*
$ dig +noall
Robert Schetterer wrote the following on 3/4/2013 12:37 PM:
Am 04.03.2013 19:31, schrieb Blake Hudson:
OK, so we ask for a PTR on 212.0.171.63.in-addr.arpa and instead receive
a CNAME (with additional). Did anyone notice that the CNAME does not
resolve?
yeah ,my dns cache didnt resolved
/dev/rob0 wrote the following on 3/4/2013 12:56 PM:
On Mon, Mar 04, 2013 at 12:31:08PM -0600, Blake Hudson wrote:
KSB wrote the following on 3/4/2013 12:13 PM:
On 2013.03.04. 20:06, Blake Hudson wrote:
Just hoping to get a consensus on this. Postfix is stating that a
host (in fact several
Robert Schetterer wrote the following on 3/4/2013 1:08 PM:
Am 04.03.2013 19:46, schrieb Blake Hudson:
Robert Schetterer wrote the following on 3/4/2013 12:37 PM:
Am 04.03.2013 19:31, schrieb Blake Hudson:
OK, so we ask for a PTR on 212.0.171.63.in-addr.arpa and instead receive
a CNAME
I was under the impression that hosts using SMTP were required to have a
valid reverse DNS entry. The reject_unknown_reverse_client_hostname
restriction would then enforce this requirement. However, I can't find a
basis for this in RFC 821, 2821, or 5321. The closest I can find is
helo/ehlo
I've read the manual on smtpd_restriction_classes
(http://www.postfix.org/RESTRICTION_CLASS_README.html) and have one
question that remains unanswered.
Per the example, if I had the following configured:
---
/etc/postfix/main.cf:
Ok, that was not lucid, i agree. I clarified this on the about page,
respectively left it the reject-part out to prevent misunderstandings.
However, the Detective server actually can bounce the mail, if he is
configured to do so in the spam.handle directive. There are four different
Larry Vaden wrote:
Larry Vaden vaden at texoma.net writes:
What are the URLs which describe BCP for this situation?
THANKS for your response(s).
kind regards/ldv
I note Ralf encountered a very similar problem (see
http://old.nabble.com/Rate-
limiting--td20671270.html), but he's
Original Message
Subject: safe way to retire postfix gateway
From: Robert Lopez rlopez...@gmail.com
To: Postfix users postfix-users@postfix.org
Date: Tuesday, August 18, 2009 3:52:11 PM
Having built new email gateways, it is time to retire the old ones.
I have removed one
What about adding this to main.cf?:
inet_interfaces = loopback-only
I believe that that would work as well. Basically, the idea is to cut
off outside access to postfix so that new messages don't get in the
queue. Simultaneously, postfix is attempting to empty the queue as
normal.
Original Message
Subject: thunderbird 3.0, cram-md5 failing
From: Jay G. Scott g...@arlut.utexas.edu
To: postfix-users@postfix.org
Date: Thursday, August 13, 2009 3:03:38 PM
Greetings,
client = thunderbird 3.0 beta 3
postfix 2.3.3
linux, host == jgstoy
doing TLS encryption
receive_override_options=no_unknown_recipient_checks is an often
recommended amavis optimization that can be performed post content
filter (so likely would *not be in your main.cf* and would instead be in
your master.cf as an option to your post content filter smtpd).
What this option states
Original Message
Subject: Re: Header Time
From: Linux Addict linuxaddi...@gmail.com
I dont think this is something to do with outlook as I tested with
yahoo and gmail as well. I see the same pattern.
Looks to me message leaves postfix with updated time stamp. �Is there
35 matches
Mail list logo