On 02/23/2015 02:27 PM, Ian Eiloart wrote:
If your goal is to separate authenticated from unauthenticated mail, the place
to do it is not at the port, but at the IP address. Use a different server, and
publish new MX records. Here, we don’t use a different physical server, we have
two IP
On 22 Feb 2015, at 02:13, Daniel Spies ds20150222c...@pskx.net wrote:
On 02/22/2015 02:47 AM, Noel Jones wrote:
Anyway, if your goal is to disable scanning on submission, it's
probably best to edit the master.cf submission service to not call
clamav-milter at all. (I would strongly
On 23.02.15 14:46, Daniel Spies wrote:
The process configured to use msa.example.com (or more likely
smtp.example.com to satisfy some autoconfiguration algorithms) would
listen on ports 587, 25, and 465 (unfortunately, there are still clients
that like to use this port for ssl-on-connect)
On
On Monday, February 23, 2015 03:35:57 PM Matus UHLAR - fantomas wrote:
On 23.02.15 14:46, Daniel Spies wrote:
The process configured to use msa.example.com (or more likely
smtp.example.com to satisfy some autoconfiguration algorithms) would
listen on ports 587, 25, and 465 (unfortunately,
On 02/23/2015 03:35 PM, Matus UHLAR - fantomas wrote:
just a week or two ago I read discussion where the 465 was preferred,
because SSL is mandatory there, so there's no chance for clients to
authenticate without SSL encryption.
...just FYI.
Encryption in my setup is mandatory, too. I just
On 23.02.15 14:46, Daniel Spies wrote:
The process configured to use msa.example.com (or more likely
smtp.example.com to satisfy some autoconfiguration algorithms) would
listen on ports 587, 25, and 465 (unfortunately, there are still clients
that like to use this port for ssl-on-connect)
On
On 02/23/2015 03:35 PM, Matus UHLAR - fantomas wrote:
just a week or two ago I read discussion where the 465 was preferred,
because SSL is mandatory there, so there's no chance for clients to
authenticate without SSL encryption.
...just FYI.
On 23.02.15 15:45, Daniel Spies wrote:
Encryption in
Daniel Spies ds20150222c...@pskx.net wrote:
I don't get how you find it more appropriate to silently reject someone's
e-mail
I don't. I don't know where you got that from - perhaps it's from seeing so
many examples of bad practice that's become the norm so you assume everyone is
that bad ?
On 2/22/2015 12:18 AM, Benny Pedersen wrote:
Daniel Spies skrev den 2015-02-22 03:19:
Yes, but I have (still) enabled sending e-mail to port 25. This would
only work for submission (see my other e-mail).
yes i remember that problem here aswell, so far i think postfix does
not honner it to
Daniel Spies ds20150222c...@pskx.net wrote:
In my opinion, it doesn't make any sense to scan e-mail leaving the server.
The recipient will never trust these tags anyway. So why scan at all? It's
important to scan incoming mail, be it from a local or an external client.
I disagree.
On 02/22/2015 10:08 AM, Simon Hobson wrote:
Recipients may not trust the tags, but it *should* stop outbound spam/infected
mail should your machine (or one of the clients) get compromised. IMO spam and
malware is not just something to stop coming in, it's something to porevent
going out - if
OK, this is getting well off-topic for this list, this will be my final say on
the matter - and from some of the other comments I see I'm not alone in
considering you part of the problem.
Daniel Spies ds20150222c...@pskx.net wrote:
Recipients may not trust the tags, but it *should* stop
On 02/22/2015 07:13 PM, Matus UHLAR - fantomas wrote:
sure it makes sense to scan outgoing mail.
Maybe in a company network, yes. But I don't care for the computers of
my clients -- these are their computers. *If* they get infected somehow,
I have measures to stop them from doing harm
On 2/22/15 12:32 PM, Daniel Spies wrote:
On 02/22/2015 09:18 PM, Dennis Peterson wrote:
While I disagree with everything you've said I am glad you've spoken
out. My job would be far easier if everyone did so.
Could you be more precise? The quintessence of my last message was:
1. A company
On 02/22/2015 10:43 PM, Simon Hobson wrote:
OK, this is getting well off-topic for this list, this will be my final say on
the matter
Agreed.
Which is one reason it's very important to make sure you are not part of the problem. Allowing a
customer to sent nasties through your mail server
On 2/21/2015 7:28 PM, Daniel Spies wrote:
On 02/22/2015 01:54 AM, Benny Pedersen wrote:
LocalNet localdomain
This gives no error, but clamav-milter is still scanning/tagging
outgoing e-mail. I'm sending e-mail from port 587 (smtp/submission,
postfix).
The originating client is the system
On 02/22/2015 02:47 AM, Noel Jones wrote:
Anyway, if your goal is to disable scanning on submission, it's
probably best to edit the master.cf submission service to not call
clamav-milter at all. (I would strongly recommend scanning all
mail, but that's a local policy decision)
As already
Daniel Spies skrev den 2015-02-22 03:19:
Yes, but I have (still) enabled sending e-mail to port 25. This would
only work for submission (see my other e-mail).
yes i remember that problem here aswell, so far i think postfix does not
honner it to disable smtp auth on port 25 while have it
On 02/22/2015 01:54 AM, Benny Pedersen wrote:
LocalNet localdomain
This gives no error, but clamav-milter is still scanning/tagging
outgoing e-mail. I'm sending e-mail from port 587 (smtp/submission,
postfix).
PS: why does 127.0.0.1 not resolve ?
It does though:
LocalNet 127.0.0.1 --
Daniel Spies skrev den 2015-02-22 02:28:
Maybe LocalNet is the wrong option (?) but how else would I stop
clamav-milter from scanning outgoing e-mail then?
in postfix master.cf:
for the pickup add
-o non_smtpd_milters=
eg no milter for this service
or much better dont add milters in
20 matches
Mail list logo
