On Wed, 19 Dec 2012 23:58:49 -0500
John Hinton articulated:
I have heard some reports that browsers such as Chrome and MSIE balk
at 1024 bit certs and that one should use 2048. I wonder if this is
now a good idea when generating mailserver certs as well? Try to be
more future proof? Or am I
On 12/19/2012 06:31 PM, /dev/rob0 wrote:
On Wed, Dec 19, 2012 at 02:38:52PM -0500, Robert Moskowitz wrote:
I am looking at a number of tutorials for setup.
This is a formula for failure. :) Stick to the documentation.
http://www.postfix.org/documentation.html
I asked some questions over on
On 12/19/2012 11:58 PM, John Hinton wrote:
On 12/19/2012 6:40 PM, Reindl Harald wrote:
[root@buildserver:~]$ cat /buildserver/ssl-cert/openssl.conf.template
[ req ]
prompt = yes
default_bits= 1024
I have heard some reports that browsers such as
I have a mailhost with most of the domain users delivered locally and
some users (same domain) residing in other machines.
The relevant configuration:
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
local_recipient_maps = proxy:unix:passwd.byname, $alias_maps,
On Thu, Dec 20, 2012 at 12:24:30AM -0500, Simon Brereton wrote:
newu...@example.org direc...@example.org, newu...@example.org
But it occurs to me that this will create a loop - no?
No, there is no loop, virtual alias expansion eliminates exactly
this kind of loop and delivers email
BTW Reply-To: is set, and the offlist Cc: is not necessary.
On Wed, Dec 19, 2012 at 07:40:10PM -0500, Robert Moskowitz wrote:
On 12/19/2012 06:31 PM, /dev/rob0 wrote:
On Wed, Dec 19, 2012 at 02:38:52PM -0500, Robert Moskowitz wrote:
I am looking at a number of tutorials for setup.
This is a
On 12/20/2012 08:08 AM, /dev/rob0 wrote:
BTW Reply-To: is set, and the offlist Cc: is not necessary.
On Wed, Dec 19, 2012 at 07:40:10PM -0500, Robert Moskowitz wrote:
On 12/19/2012 06:31 PM, /dev/rob0 wrote:
On Wed, Dec 19, 2012 at 02:38:52PM -0500, Robert Moskowitz wrote:
I am looking at a
On Thu, Dec 20, 2012 at 01:57:43PM +0100, Ignacio Vazquez wrote:
I have a mailhost with most of the domain users delivered locally and
some users (same domain) residing in other machines.
Instead of resolving an unmodified rfc822 address to a different
transport:nexthop, rewrite the rfc822
Hi,
I've seen the tutorials on how to create your own bounce templates and that
any option/variable form the main.cf can be put in there... but what I'd
like to have, is the subject line contain a date/timestamp of the failure
as well as the failed email address... Are there variables I can put
Paul:
Hi,
I've seen the tutorials on how to create your own bounce templates and that
any option/variable form the main.cf can be put in there... but what I'd
like to have, is the subject line contain a date/timestamp of the failure
as well as the failed email address... Are there variables
On Thu, Dec 20, 2012 at 08:40:42AM -0500, Robert Moskowitz wrote:
That is the only place in the documentation where I have found
openssl command examples. Are there other place(s) that I have
missed?
What would you like to see in the documentation? Instructions for
creating a self-signed
Wietse Venema:
I use gmail and I'm getting really annoyed with these messages being
grouped into one thread because of the generic Undelivered Mail Returned
to Sender subject..
1) The people who provide Gmail should be clever enough to extract
the original subject from the returned
On Thu, Dec 20, 2012 at 02:15:35PM +, Viktor Dukhovni wrote:
People who want a more compact recipe for a self-signed cert on
a single SMTP server can use my one-liner (for machines whose
hostname is an FQDN):
$ tmp=$(mktemp smtpd.pem.XX)
openssl req -new \
Viktor Dukhovni:
People who want a more compact recipe for a self-signed cert on
a single SMTP server can use my one-liner (for machines whose
hostname is an FQDN):
...
With the -nodes option in most cases:
$ tmp=$(mktemp smtpd.pem.XX)
openssl req -new \
Thank you for your interest, Viktor.
2012/12/20 Viktor Dukhovni postfix-us...@dukhovni.org:
Instead of resolving an unmodified rfc822 address to a different
transport:nexthop, rewrite the rfc822 address (via virtual_alias_maps)
to a domain which is routed (via MX records or per-nexthop
On Thu, Dec 20, 2012 at 10:02:19AM -0500, Wietse Venema wrote:
Viktor Dukhovni:
People who want a more compact recipe for a self-signed cert on
a single SMTP server can use my one-liner (for machines whose
hostname is an FQDN):
...
With the -nodes option in most cases:
$
On Thu, Dec 20, 2012 at 04:05:26PM +0100, Ignacio Vazquez wrote:
2012/12/20 Viktor Dukhovni postfix-us...@dukhovni.org:
Instead of resolving an unmodified rfc822 address to a different
transport:nexthop, rewrite the rfc822 address (via virtual_alias_maps)
to a domain which is routed (via
On 20 December 2012 08:07, Viktor Dukhovni postfix-us...@dukhovni.org wrote:
On Thu, Dec 20, 2012 at 12:24:30AM -0500, Simon Brereton wrote:
newu...@example.org direc...@example.org, newu...@example.org
But it occurs to me that this will create a loop - no?
No, there is no loop,
On Thu, Dec 20, 2012 at 12:25:03PM -0500, Simon Brereton wrote:
I did postmap the virtual_alias_maps. Is there something else I should I
do?
No, but you've likely misconfigured other elements of the system.
I think this is ok. Output is:
mail:/etc/postfix# postconf -h
On 20 December 2012 12:44, Viktor Dukhovni postfix-us...@dukhovni.org wrote:
On Thu, Dec 20, 2012 at 12:25:03PM -0500, Simon Brereton wrote:
I did postmap the virtual_alias_maps. Is there something else I should I
do?
No, but you've likely misconfigured other elements of the system.
On Thu, Dec 20, 2012 at 01:39:07PM -0500, Simon Brereton wrote:
To check that the result of the expansion of the user via
$virtual_alias_maps.
Here I ran into problems.
mail:/etc/postfix# postmap -fq newu...@example.org $maps
postmap: fatal: usage: postmap
On Thu, Dec 20, 2012 at 10:58:01PM +0530, Sreenivas Reddy T wrote:
I have set up the postfix server for catch-all email address.
Whenever an email arrives, my script (Command Based Filter) will do headers
parsing and store it in the database, But whenever some error occurs in
the
On 12/20/2012 10:30 AM, Viktor Dukhovni wrote:
We could follow the herd and recommend 2048 bits, since SMTP servers
rarely do enough RSA-ops for RSA performance to be a bottleneck. On
the other-hand, for people wielding self-signed certs almost certainly
1024 is plenty strong at 2^80, and 1280
Would like to know if there is a way of modifying the ACTION in body_checks
Currently have in main.cf
body_checks = regexp:/etc/postfix/body_checks
Currently have in /etc/postfix/body_checks
/oranges/ REDIRECT secur...@example.commailto:secur...@example.com
On Thu, Dec 20, 2012 at 08:52:05PM +, Jim Nalepa - US wrote:
Would like to know if there is a way of modifying the ACTION in body_checks
Currently have in main.cf
body_checks = regexp:/etc/postfix/body_checks
Postfix does not support the BCC action via
I am doing the admin work for a small group, about 30 people.
While this setup works I have the feeling that I am missing something in
the Submission stanza of master.cf which might leave me vulnerable.
Another thing I wondering about is the order of the various tests in the
smtpd_*_
On 12/20/2012 09:32 AM, Viktor Dukhovni wrote:
On Thu, Dec 20, 2012 at 02:15:35PM +, Viktor Dukhovni wrote:
People who want a more compact recipe for a self-signed cert on
a single SMTP server can use my one-liner (for machines whose
hostname is an FQDN):
$ tmp=$(mktemp
On 12/20/2012 10:02 AM, Wietse Venema wrote:
Viktor Dukhovni:
People who want a more compact recipe for a self-signed cert on
a single SMTP server can use my one-liner (for machines whose
hostname is an FQDN):
...
With the -nodes option in most cases:
$ tmp=$(mktemp smtpd.pem.XX)
On 12/20/2012 10:30 AM, Viktor Dukhovni wrote:
On Thu, Dec 20, 2012 at 10:02:19AM -0500, Wietse Venema wrote:
Viktor Dukhovni:
People who want a more compact recipe for a self-signed cert on
a single SMTP server can use my one-liner (for machines whose
hostname is an FQDN):
...
With the
Oh, and thank you for answering my questions, helping me work through
understanding this small portion of the problem space, and adding the
lessons I am taking away from the exchanges to the documentation.
On 12/20/2012 10:30 AM, Viktor Dukhovni wrote:
On Thu, Dec 20, 2012 at 10:02:19AM
On 12/20/2012 08:29 PM, Wietse Venema wrote:
Robert Moskowitz:
With the -nodes option in most cases:
$ tmp=$(mktemp smtpd.pem.XX)
openssl req -new \
-newkey rsa:1280 -nodes -keyout /dev/stdout \
-x509 -days $((365 * 10)) -subj /CN=$(uname -n)
On 12/20/2012 08:29 PM, Wietse Venema wrote:
Robert Moskowitz:
With the -nodes option in most cases:
$ tmp=$(mktemp smtpd.pem.XX)
openssl req -new \
-newkey rsa:1280 -nodes -keyout /dev/stdout \
-x509 -days $((365 * 10)) -subj /CN=$(uname -n)
32 matches
Mail list logo