Hi,
We currently have mail infrastructure setup like:
mail.domain.co.za (primary in our dc)
ptamail.domain.co.za (pta office)
jhbmail.domain.co.za (jhb office)
Currently we use mail.domain.co.za as the outgoing server for all
users, but I want to change that so that user will use
* Victor Duchovni victor.ducho...@morganstanley.com:
On Thu, Feb 10, 2011 at 10:50:20PM +0100, Jeroen Geilman wrote:
and I'm not sure how
smtp_connection_reuse_time_limit = 300s
could be lowered in such a way that busy destination MXes are not
keeping a lot of mail in the active
Thank you Noel,
After searching for a while, I found your info/solutions were complete
and accurate.
Locking sender addresses with authenticated users appears to be a good
practice, anyway.
Here, I have two questions about reject_sender_login_mismatch:
1. If sender is in the form
Am 11.02.2011 10:08, schrieb Nikolaos Milas:
Thank you Noel,
After searching for a while, I found your info/solutions were complete and
accurate.
Locking sender addresses with authenticated users appears to be a good
practice, anyway.
Here, I have two questions about
Thank you Harald,
Please, let me ask for some clarifications, cause I'm confused:
If we have (SASL) UNauthenticated clients (who are allowed to send
emails from mynetworks) AND (SASL) authenticated clients (in mynetworks
or anywhere), what will happen to our UNauthenticated clients (in
Hello i've a new question about two postfix server with the same mail
domain for different users.
Example
server a - a...@example.com
a...@example.com
server b -b...@example.com
b...@example.com
this is my question, is it possibile to receive to the
Ralf Hildebrandt:
* Victor Duchovni victor.ducho...@morganstanley.com:
On Thu, Feb 10, 2011 at 10:50:20PM +0100, Jeroen Geilman wrote:
and I'm not sure how
smtp_connection_reuse_time_limit = 300s
could be lowered in such a way that busy destination MXes are not
keeping a lot
On Fri, Feb 11, 2011 at 01:35:51PM +0100, Matteo Cazzador wrote:
Hello i've a new question about two postfix server with the same mail
domain for different users.
Example
server a - a...@example.com
a...@example.com
server b -b...@example.com
Thank's, i explain better why i need it, i need to do sò because i need
to reduce
the traffic between server b to server a and viceversa this is
for me the first priority.
Il 11/02/2011 14:28, Victor Duchovni ha scritto:
On Fri, Feb 11, 2011 at 01:35:51PM +0100, Matteo Cazzador wrote:
Hello
Matteo Cazzador:
Thank's, i explain better why i need it, i need to do s? because i need
to reduce
the traffic between server b to server a and viceversa this is
for me the first priority.
OK. If you know a better solution, how would a REMOTE SMTP host
know that it must send mail for
On Fri, Feb 11, 2011 at 02:56:47PM +0100, Matteo Cazzador wrote:
Thank's, i explain better why i need it, i need to do s? because i need to
reduce
the traffic between server b to server a and viceversa this is
for me the first priority.
If a and b are the MX hosts for a single email domain,
On 2/10/2011 11:58 PM, Gary Smith wrote:
-Original Message-
From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org]
On Behalf Of Gary Smith
Sent: Thursday, February 10, 2011 8:34 PM
To: 'postfix-users@postfix.org'
Subject: hold after permit question
I have
On 2/11/2011 6:08 AM, Nikolaos Milas wrote:
Thank you Harald,
Please, let me ask for some clarifications, cause I'm confused:
If we have (SASL) UNauthenticated clients (who are allowed to
send emails from mynetworks) AND (SASL) authenticated clients
(in mynetworks or anywhere), what will
On 02/11/2011 09:25 AM, Pieter Steyn wrote:
Hi,
We currently have mail infrastructure setup like:
mail.domain.co.za (primary in our dc)
ptamail.domain.co.za (pta office)
jhbmail.domain.co.za (jhb office)
Currently we use mail.domain.co.za as the outgoing server for all
users, but I want to
Thanks Noel,
for the detailed info.
In the meantime, I had already tested, and here are the test
results, for reference (tested by removing ownership of f...@example.com
by foo and logging in (in scenario II) as user foo):
I. 1 ---a
(I'm sending again, because by mistake the message I sent before was in
html form.)
Thanks Noel, for the detailed info.
In the meantime, I had already tested, and here are the test results,
for reference (tested by removing ownership of f...@example.com by foo
and logging in (in scenario II)
Hi everyone.
We've been using postfix + AuthSMTP for quite awhile for our outgoing email
notifications. AuthSMTP is getting kind of expensive, so I'm trying to switch
to Amazon's Simple Email Service. I've successfully configured postfix to send
through SES and it works great, but Amazon
Zach Wily:
[ Charset UTF-8 unsupported, converting... ]
Hi everyone.
We've been using postfix + AuthSMTP for quite awhile for our outgoing emai
-l notifications. AuthSMTP is getting kind of expensive, so I'm trying to swi
-tch to Amazon's Simple Email Service. I've successfully configured
On Fri, Feb 11, 2011 at 04:54:00PM +0100, Jeroen Geilman wrote:
I've tried simply setting:
fallback_transport = mail.domain.co.za
fallback_transport means use this route if other routes are not
functional.
This is unrelated to sepcific recipients; it only deals in mail
destinations
On 02/11/2011 05:36 PM, Victor Duchovni wrote:
On Fri, Feb 11, 2011 at 04:54:00PM +0100, Jeroen Geilman wrote:
I've tried simply setting:
fallback_transport = mail.domain.co.za
fallback_transport means use this route if other routes are not
functional.
This is unrelated to
This was designed to implement a graveyard service for mail
that can't be delivered via the preferred service.
http://www.postfix.org/postconf.5.html#smtp_fallback_relay
I tried this, but when a message to aws-email fails, it enters SOFTBOUNCE state
and sits in the queue. What I'd like is for
HOLD always take place last, and only accepted mail is put on
HOLD. Since this server is for user submission and all mail
is either authenticated or rejected, it doesn't matter too
much where you put the hold.
Good to know. I probably asked the same question years ago, but this helps.
On 11/02/2011 14:56, Matteo Cazzador wrote:
Thank's, i explain better why i need it, i need to do sò because i need to
reduce
the traffic between server b to server a and viceversa this is
for me the first priority.
Why don't share email storage between server to solve the problem?
--
On 02/11/2011 05:50 PM, Zach Wily wrote:
This was designed to implement a graveyard service for mail
that can't be delivered via the preferred service.
http://www.postfix.org/postconf.5.html#smtp_fallback_relay
I tried this, but when a message to aws-email fails, it enters
On 02/11/2011 05:56 PM, Simone Caruso wrote:
On 11/02/2011 14:56, Matteo Cazzador wrote:
Thank's, i explain better why i need it, i need to do sò because i
need to reduce
the traffic between server b to server a and viceversa this is
for me the first priority.
Why don't share email storage
Anyway, the question is, how does the community as a whole deal with
big ISP's losing email? It seems that some companies (like ATT) seem
to have less and less access to tools necessary for communicating with
them on things like this. Is there any know lists of contact/support
On Friday, February 11, 2011 at 10:03 AM, Jeroen Geilman wrote:
On 02/11/2011 05:50 PM, Zach Wily wrote:
This was designed to implement a graveyard service for mail
that can't be delivered via the preferred service.
http://www.postfix.org/postconf.5.html#smtp_fallback_relay
I
On 2/11/2011 10:55 AM, Gary Smith wrote:
smtpd_recipient_restrictions =
permit_mynetworks,permit_sasl_authenticated,reject
This line is sufficient to limit access to mynetworks and
authenticated users.
Do I even need this at all if I'm using smtpd_sender_restrictions since this is
an
You must have permit_sasl_authenticated in
smtpd_recipient_restrictions to allow users to relay.
Typically on the outgoing only server, only
smtpd_recipient_restrictions is used and the other
smtpd_*_restrictions sections are empty.
Gotcha
The one that's repeated ;)
On 2/11/2011 11:36 AM, Gary Smith wrote:
You must have permit_sasl_authenticated in
smtpd_recipient_restrictions to allow users to relay.
Typically on the outgoing only server, only
smtpd_recipient_restrictions is used and the other
smtpd_*_restrictions sections are empty.
Gotcha
The one
On 2/11/2011 11:57 AM, Benny Pedersen wrote:
postscreen_access_list = permit_sasl_authenticated, permit_mynetworks,
cidr:/etc/postfix/cidr/postscreen_access.cidr
will it work ?
No. Authentication happens in smtpd after postscreen is done.
to avoid sasl users being tested in dnsbl
On Fri, 11 Feb 2011 12:00:30 -0600, Noel Jones njo...@megan.vbhcs.org
wrote:
On 2/11/2011 11:57 AM, Benny Pedersen wrote:
postscreen_access_list = permit_sasl_authenticated, permit_mynetworks,
cidr:/etc/postfix/cidr/postscreen_access.cidr
will it work ?
No. Authentication happens in smtpd
On Fri, Feb 11, 2011 at 07:07:15PM +0100, Benny Pedersen wrote:
not the best option for me, but my users can live with it, but remote
servers will need tls on port 25 still
TLS != SASL. Postscreen supports TLS/SSL, but not SASL, which belongs
largely on port 587.
--
Viktor.
On 2/11/2011 12:07 PM, Benny Pedersen wrote:
On Fri, 11 Feb 2011 12:00:30 -0600, Noel Jonesnjo...@megan.vbhcs.org
wrote:
On 2/11/2011 11:57 AM, Benny Pedersen wrote:
postscreen_access_list = permit_sasl_authenticated, permit_mynetworks,
cidr:/etc/postfix/cidr/postscreen_access.cidr
will it
On Fri, 11 Feb 2011 13:10:35 -0500, Victor Duchovni
victor.ducho...@morganstanley.com wrote:
On Fri, Feb 11, 2011 at 07:07:15PM +0100, Benny Pedersen wrote:
not the best option for me, but my users can live with it, but remote
servers will need tls on port 25 still
TLS != SASL. Postscreen
It's clear thank's a lot everybody
Il 11/02/2011 15:09, Victor Duchovni ha scritto:
On Fri, Feb 11, 2011 at 02:56:47PM +0100, Matteo Cazzador wrote:
Thank's, i explain better why i need it, i need to do s? because i need to
reduce
the traffic between server b to server a and viceversa this is
Gary Smith wrote:
Anyway, the question is, how does the community as a whole deal with
big ISP's losing email? It seems that some companies (like ATT) seem
to have less and less access to tools necessary for communicating with
them on things like this. Is there any know lists of
Benny Pedersen:
On Fri, 11 Feb 2011 13:10:35 -0500, Victor Duchovni
victor.ducho...@morganstanley.com wrote:
On Fri, Feb 11, 2011 at 07:07:15PM +0100, Benny Pedersen wrote:
not the best option for me, but my users can live with it, but remote
servers will need tls on port 25 still
On 2/11/2011 12:17 PM, Benny Pedersen wrote:
On Fri, 11 Feb 2011 13:10:35 -0500, Victor Duchovni
victor.ducho...@morganstanley.com wrote:
On Fri, Feb 11, 2011 at 07:07:15PM +0100, Benny Pedersen wrote:
not the best option for me, but my users can live with it, but remote
servers will need
Sorry, Noel,
Now that I re-read your last post, I can see there is no discrepancy at
all between my findings and your description in the two cases I mentioned.
In fact, what happens is exactly what you describe. The email message is
rejected because the client specifies a MAIL FROM listed in
On Fri, Feb 11, 2011 at 11:58:10AM -0600, Noel Jones wrote:
On 2/11/2011 11:36 AM, Gary Smith wrote:
Um, if you put the restriction twice doesn't it give it a
greater effect? ;)
To increase the effect, google for the
reject_unknown_sender_domain_dammit feature patch.
This opens up a whole
On 2/11/2011 1:22 PM, /dev/rob0 wrote:
On Fri, Feb 11, 2011 at 11:58:10AM -0600, Noel Jones wrote:
On 2/11/2011 11:36 AM, Gary Smith wrote:
Um, if you put the restriction twice doesn't it give it a
greater effect? ;)
To increase the effect, google for the
reject_unknown_sender_domain_dammit
On 02/11/2011 06:22 PM, Zach Wily wrote:
On Friday, February 11, 2011 at 10:03 AM, Jeroen Geilman wrote:
On 02/11/2011 05:50 PM, Zach Wily wrote:
This was designed to implement a graveyard service for mail
that can't be delivered via the preferred service.
On 02/11/2011 08:59 PM, Jeroen Geilman wrote:
On 02/11/2011 06:22 PM, Zach Wily wrote:
On Friday, February 11, 2011 at 10:03 AM, Jeroen Geilman wrote:
On 02/11/2011 05:50 PM, Zach Wily wrote:
This was designed to implement a graveyard service for mail
that can't be delivered via the
I've discovered something odd: permit_mynetworks seems to be allowing
invalid addresses in rather than just allowing relaying. The symptom is
that if I connect from a local client, any rcpt to is accepted; if I
connect from a non-local client, it's properly rejected.
moving
Alan Batie:
I've discovered something odd: permit_mynetworks seems to be allowing
invalid addresses in rather than just allowing relaying. The symptom is
You changed smtpd_reject_unlisted_recipient from its default.
Wietse
On 2/11/2011 3:38 PM, Alan Batie wrote:
I've discovered something odd: permit_mynetworks seems to be allowing
invalid addresses in rather than just allowing relaying. The symptom is
that if I connect from a local client, any rcpt to is accepted; if I
connect from a non-local client, it's
On 2/11/11 12:57 PM, Noel Jones wrote:
No, the reject_unlisted_{sender, recipient} checks only apply to domains
that postfix is responsible for. External domains are not checked.
Perfect, that's what I needed to know. Thanks!
smime.p7s
Description: S/MIME Cryptographic Signature
Dear Postfix experts,
I'm new to mailing servers and need advice. Is it reasonable for my
small company to use my own mail server? How much configuration is
needed for a secure setup on a CentOS box? The requirements are: I
have three domain names and only one user with some aliases. Google
apps
On Fri, Feb 11, 2011 at 11:38:41PM +0100, Gergely Buday wrote:
Dear Postfix experts,
I'm new to mailing servers and need advice. Is it reasonable for my
small company to use my own mail server? How much configuration is
needed for a secure setup on a CentOS box? The requirements are: I
On 2/11/2011 4:38 PM, Gergely Buday wrote:
Dear Postfix experts,
I'm new to mailing servers and need advice. Is it reasonable for my
small company to use my own mail server? How much configuration is
needed for a secure setup on a CentOS box?
Not too much.
On Fri, Feb 11, 2011 at 3:38 PM, Gergely Buday gbu...@gmail.com wrote:
Dear Postfix experts,
I'm new to mailing servers and need advice. Is it reasonable for my
small company to use my own mail server? How much configuration is
needed for a secure setup on a CentOS box? The requirements are:
On 02/11/2011 04:54 PM, Noel Jones wrote:
On 2/11/2011 4:38 PM, Gergely Buday wrote:
Dear Postfix experts,
I'm new to mailing servers and need advice. Is it reasonable for my
small company to use my own mail server? How much configuration is
needed for a secure setup on a CentOS box?
Not too
53 matches
Mail list logo