Sorry if this is a bit simple, but I can't seem to figure out how the
components fit together.
Given the following:
1) MX/Relay machine running postfix: relay.domain1.com
2) Client machine: client.domain2.com
I'd like to restrict/deny (5xx permanent error) incoming messages from the
Hello,
some of my users were complaining about losing incoming mail, namely Amazon
shipping notifications, newsletters and such things that they were absolutely
sure were sent out, but never reached their inbox. After doing some digging,
increasing log verbosity and such, I found a lot of
Am 10.09.2014 um 09:56 schrieb Sean Durkin:
The first question is:
Can I rule out it's my fault?
have you changed anything last days/month upgrades/updates software
hardware ?
please send you postfix config , search list archive lost connection
after DATA
Best Regards
MfG Robert Schetterer
On Tue, Sep 09, 2014 at 10:52:38PM -0500, Noel Jones wrote:
But it's not too hard to make such a feature with either a policy
service (eg. postfwd) or a log scraper (eg. fail2ban or just a shell
script) to update a blacklist file.
I'm currently setting up an project for a policy daemon at
LuKreme:
I had a user account on my system many years ago (like 12) that
continues to get many email attempts. Is it possible to add servers
trying to send to this address to a blacklist.
The mail is rejected before Postfix accepts the DATA command.
If you must, you can configure an access map
On 9/10/2014 1:24 AM, Michael Fox wrote:
Sorry if this is a bit simple, but I can’t seem to figure out how
the components fit together.
Given the following:
1) MX/Relay machine running postfix: relay.domain1.com
2) Client machine: client.domain2.com
I’d like to
On 9/10/2014 1:24 AM, Michael Fox wrote:
I'd like to restrict/deny (5xx permanent error) incoming messages
from the Internet to client.domain2.com if they contain
attachments. But no such restriction should be applied to other
clients or to users on relay.domain1.com.
Noel Jones:
Hi,
We need to send a lot of raw eml files.
I decided to use sendmail as a solution for this process.
We have approx 6000 files in maildrop queue, messages are going out from
maildrop but i would like to speed up this process.
I wonder is there any configuration option in postfix to control
On Wed, Sep 10, 2014 at 10:30:03AM +0200, Markus Benning wrote:
On Tue, Sep 09, 2014 at 10:52:38PM -0500, Noel Jones wrote:
But it's not too hard to make such a feature with either a policy
service (eg. postfwd) or a log scraper (eg. fail2ban or just a shell
script) to update a blacklist
On Wed, Sep 10, 2014 at 09:56:48AM +0200, Sean Durkin wrote:
Some of my users were complaining about losing incoming mail,
namely Amazon shipping notifications, newsletters and such things
that they were absolutely sure were sent out, but never reached
their inbox. After doing some digging,
Konstantin:
Hi,
We need to send a lot of raw eml files.
I decided to use sendmail as a solution for this process.
We have approx 6000 files in maildrop queue, messages are going out from
maildrop but i would like to speed up this process.
I wonder is there any configuration option in
Hi everyone,
I have a question about the new pipemap functionality that is in the 2.12
experimental release.
If I chain two lookup tables, and the first produces multiple results, it
seems the lookup in the second table is done with all of the results at once.
That means that the pipemap
On Wed, Sep 10, 2014 at 04:51:31PM +0200, Roel van Meer wrote:
Would it be difficult to extend the pipemap functionality so it does a
lookup in the second map for each of the results produced by the first map?
Unfortunately, yes. The Postfix dictionary abstraction is a simple
key-value
Viktor Dukhovni:
On Wed, Sep 10, 2014 at 04:51:31PM +0200, Roel van Meer wrote:
Would it be difficult to extend the pipemap functionality so it does a
lookup in the second map for each of the results produced by the first map?
Unfortunately, yes. The Postfix dictionary abstraction is a
Wietse Venema writes:
Would it be difficult to extend the pipemap functionality so it does a
lookup in the second map for each of the results produced by the first
map?
Unfortunately, yes. The Postfix dictionary abstraction is a simple
key-value service, and has no notion of
Am 10.09.2014 um 16:10 schrieb Markus Benning:
On Wed, Sep 10, 2014 at 10:30:03AM +0200, Markus Benning wrote:
On Tue, Sep 09, 2014 at 10:52:38PM -0500, Noel Jones wrote:
But it's not too hard to make such a feature with either a policy
service (eg. postfwd) or a log scraper (eg. fail2ban or
Hmmm. O.K. Thanks to both of you. It will take me some time to think this
through.
The level of indirection between main.cf and master.cf sure adds
flexibility. But, as someone who doesn't work in postfix every day or even
every week, it also leaves my head spinning. ;-)
Thanks again.
This question is actually two questions - neither of which are
Postfix-specific but email-generic - but this list is the best resource
I have to ask such questions.
First - I've been contributing to Project Tarbaby, which means I have
a pair of secondary MX records below my primary which
On Wed, Sep 10, 2014 at 09:55:16AM -0700, Michael Fox wrote:
Hmmm. O.K. Thanks to both of you. It will take me some time to think this
through.
The level of indirection between main.cf and master.cf sure adds
flexibility. But, as someone who doesn't work in postfix every day or even
Roel van Meer:
That would be overkill. I had thought something like:
- The first map returns a result;
- The second maps splits this result by newline or comma, does a lookup for
each of the keys, concats this back together, and passes it on as the new
result.
I can imagine that using
On Wed, Sep 10, 2014 at 10:02:30AM -0700, Daniel Miller wrote:
This question is actually two questions - neither of which are
Postfix-specific but email-generic - but this list is the best resource I
have to ask such questions.
First - I've been contributing to Project Tarbaby, which means
Hello,
I know it’s fairly common for people to use postfix as a spam-eating/tagging
gateway in environments where Exchange or some other MTA is mandatory. In my
case, I’m fronting an old qmail/vpopmail setup which is probably never going to
go away. Right now I have basic transport rules
hi-
i have a mail submission server [submission/587 only] [msa.example.com]
for our users [config below]. in that context, it's working as desired.
we also have another, separate, msa [msa.systems.example.com], which
servers and other infrastructure devices use for submitting mail. how
Daniel Miller:
This question is actually two questions - neither of which are
Postfix-specific but email-generic - but this list is the best resource
I have to ask such questions.
First - I've been contributing to Project Tarbaby, which means I have
a pair of secondary MX records below
On Wed, Sep 10, 2014 at 01:28:17PM -0400, CSS wrote:
In the interest of efficiency and making sure I?m actually doing
this correctly, is there any other option (especially with qmail,
and on the same host) to inject the mail into qmail? smtp to smtp
works, and I think I have my user/alias
On Wed, Sep 10, 2014 at 01:18:22PM -0400, Wietse Venema wrote:
Instead of changing the syntax we could use a different name and
call it pipemaps or spipemap (like pipemap, but split on ',').
Should it be split on comma, or parse as a list of addresses?
The latter is perhaps more correct if
--On Tuesday, September 09, 2014 9:02 AM +0200 Stefan Foerster
cite+postfix-us...@incertum.net wrote:
* Wietse Venema wie...@porcupine.org:
Viktor Dukhovni:
Which works just fine with a single certificate, because TLS in
SMTP in generally unauthenticated. If all the various domains
share
Viktor Dukhovni:
On Wed, Sep 10, 2014 at 01:18:22PM -0400, Wietse Venema wrote:
Instead of changing the syntax we could use a different name and
call it pipemaps or spipemap (like pipemap, but split on ',').
Should it be split on comma, or parse as a list of addresses?
apipemap, then?
Hi Robert,
Am 10.09.2014 um 10:11 schrieb Robert Schetterer:
Am 10.09.2014 um 09:56 schrieb Sean Durkin:
The first question is:
Can I rule out it's my fault?
have you changed anything last days/month upgrades/updates software
hardware ?
Hardware is unchanged.
The Ubuntu postfix package
On 9/10/2014 10:24 AM, Viktor Dukhovni wrote:
If your system ever responds with a 4XX, retries will hit the
secondaries. You need to at least exclude clients that first tried the
primary and tempfailed. However, transient connection or DNS problems
can also cause a legitimate client to skip
On Wed, Sep 10, 2014 at 10:38:49AM -0700, Quanah Gibson-Mount wrote:
Interestingly enough, there does seem to be a number of hosts using TLS when
communicating with smtpd, including sites such as google, cloud9, yahoo,
hotmail, dropbox, linkedin, etc. We have 2,253 (non unique domain)
On 9/10/2014 10:35 AM, Wietse Venema wrote:
Daniel Miller:
This question is actually two questions - neither of which are
Postfix-specific but email-generic - but this list is the best resource
I have to ask such questions.
First - I've been contributing to Project Tarbaby, which means I have
On Wed, Sep 10, 2014 at 10:55:47AM -0700, Daniel Miller wrote:
Temporarily at least I'll drop the secondaries from my DNS and see if it
helps - but I still think there's something broken on their end. I just
don't know how to express it properly beyond, it's wrong, and it's on your
end.
btb:
hi-
i have a mail submission server [submission/587 only] [msa.example.com]
for our users [config below]. in that context, it's working as desired.
we also have another, separate, msa [msa.systems.example.com], which
servers and other infrastructure devices use for submitting
--On Wednesday, September 10, 2014 6:56 PM + Viktor Dukhovni
postfix-us...@dukhovni.org wrote:
While the above might be seen as an attempt to dissuade you from
looking into this further, the goal is to get past any magical
wouldn't it be nice if thinking and find out whether people really
That's helpful. Thanks.
-Original Message-
From: owner-postfix-us...@postfix.org [mailto:owner-postfix-
us...@postfix.org] On Behalf Of Viktor Dukhovni
Sent: Wednesday, September 10, 2014 10:11 AM
To: postfix-users@postfix.org
Subject: Re: Restricting relay of attachments
On
Wietse:
Tricks with MX-priority spamtraps share the problem that they make
assumptions about the behavior of all legitimate MTAs.
For a related approach, see, for example, nolisting.
Daniel Miller:
Do I infer from that MX-priority spamtraps are a Bad Idea - at least in
the real world? This
Hi!
I'm running Postfix 2.11.1.
I have amavisd-new as content filter (content_filter =
amavisfeed:[127.0.0.1]:10024).
I want to bypass this check (amavisd-new) for some recipient (mail
to). It's for recipient, not for sender (mail from).
How can I accomplish that? Using
Hi Viktor,
Am 10.09.2014 um 16:19 schrieb Viktor Dukhovni:
Have you tried disabling TCP window scaling? It might be confusing
some middle-box (firewall, NAT device, ...) on path between the
remote systems and your MTA.
I would not have thought of that... I've tried that now, but it does not
On 9/10/2014 2:01 PM, M. Rodrigo Monteiro wrote:
Hi!
I'm running Postfix 2.11.1.
I have amavisd-new as content filter (content_filter =
amavisfeed:[127.0.0.1]:10024).
I want to bypass this check (amavisd-new) for some recipient (mail
to). It's for recipient, not for sender (mail from).
Sean Durkin:
[ Charset windows-1252 converted... ]
Hi Viktor,
Am 10.09.2014 um 16:19 schrieb Viktor Dukhovni:
Have you tried disabling TCP window scaling? It might be confusing
some middle-box (firewall, NAT device, ...) on path between the
remote systems and your MTA.
I would not
Thank you for your reply.
On 08.09.14, 21:11, Viktor Dukhovni wrote:
On Mon, Sep 08, 2014 at 10:47:02PM +0200, giacomo wrote:
I send you the configuration of Postfix.
Change the password for this account:
Username: d.lis...@gruppoisil.com
Compromised Password: lisaia
This
On Wed, Sep 10, 2014 at 09:19:58PM +0200, Sean Durkin wrote:
For at least one such session, post all related messages from the
postfix/smtpd[pid] that occur between connect from and
disconnect from.
Here's one: http://pastebin.com/twb3Z8Eg
This trace has an insane level of debugging
On Wed, Sep 10, 2014 at 10:46:43PM +0200, giacomo wrote:
So you're using Cyrus SASL, but not showing any details of the SASL
configuration, available plugins, ...
The configuration of SASL is in /usr/local/lib/sasl2/smtpd.conf
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
On Wed, Sep 10, 2014 at 01:43:49PM -0400, Wietse Venema wrote:
Should it be split on comma, or parse as a list of addresses?
apipemap, then?
Sure, a pipeline of 1-to-n address mappings.
Yes, the external/internal address form is a pain.
The lookup keys should be in internal form. For
45 matches
Mail list logo