On Tue, Jan 15, 2019 at 08:58:57PM -0500, Wietse Venema wrote:
> Mayuresh:
> > On Tue, Jan 15, 2019 at 01:31:44PM -0500, Wietse Venema wrote:
> > > This example can be simplified by using smtpd_relay_restrictions
> > > (Posfix 2.10 and later).
> > >
> > > smtpd_relay_restrictions =
> > >
Mayuresh:
> On Tue, Jan 15, 2019 at 01:31:44PM -0500, Wietse Venema wrote:
> > This example can be simplified by using smtpd_relay_restrictions
> > (Posfix 2.10 and later).
> >
> > smtpd_relay_restrictions =
> > permit_mynetworks
> > permit_sasl_authenticated
> >
On Tue, Jan 15, 2019 at 01:31:44PM -0500, Wietse Venema wrote:
> This example can be simplified by using smtpd_relay_restrictions
> (Posfix 2.10 and later).
>
> smtpd_relay_restrictions =
> permit_mynetworks
> permit_sasl_authenticated
> reject_unauth_destination
>
Wietse Venema:
> Michael:
> > On 1/14/19 11:19 AM, Wietse Venema wrote:
> >
> > > The 'invalid parameter supplied' is an error message the local SASL
> > > library. This error happens while Postfix prepares to send the AUTH
> > > command.
> > >
> > > Why does the Cyrus SASL library return
Michael:
> On 1/14/19 11:19 AM, Wietse Venema wrote:
>
> > The 'invalid parameter supplied' is an error message the local SASL
> > library. This error happens while Postfix prepares to send the AUTH
> > command.
> >
> > Why does the Cyrus SASL library return 'invalid parameter supplied'?
> > I
> On Jan 15, 2019, at 3:39 PM, Stefan Bauer wrote:
>
> I just want to set allowed ciphers but can not enforce encryption generally.
You cannot enforce encryption on the submission port? Why not?
> this seems to be a limitation and not possible right?
The ciphers are configurable, but the
now i got it. sorry and thank you for your help.
Am Dienstag, 15. Januar 2019 schrieb Viktor Dukhovni <
postfix-us...@dukhovni.org>:
>> On Jan 15, 2019, at 8:39 AM, Stefan Bauer
wrote:
>>
>> -o smtpd_tls_mandatory_ciphers=high
>> -o tls_preempt_cipherlist=yes
>> -o
I just want to set allowed ciphers but can not enforce encryption
generally. this seems to be a limitation and not possible right?
Am Dienstag, 15. Januar 2019 schrieb Viktor Dukhovni <
postfix-us...@dukhovni.org>:
>> On Jan 15, 2019, at 8:39 AM, Stefan Bauer
wrote:
>>
>> -o
On 1/15/19 1:05 PM, Viktor Dukhovni wrote:
On Jan 15, 2019, at 2:47 PM, Michael wrote:
Using Angelo's testing methodology, I can see this:
250-smtp.gmail.com at your service, [68.226.113.229]
250-SIZE 35882577
250-8BITMIME
250-AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH
> On Jan 15, 2019, at 2:47 PM, Michael wrote:
>
> Using Angelo's testing methodology, I can see this:
>
> 250-smtp.gmail.com at your service, [68.226.113.229]
> 250-SIZE 35882577
> 250-8BITMIME
> 250-AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH
> 250-ENHANCEDSTATUSCODES
>
It may be time to crank up debug level on Postfix or do tcpdump capture to see
what you are sending over the wire when it works and when it doesn't ?
-ANGELO FAZZINA
ang...@uconn.edu
University of Connecticut, ITS, SSG, Server Systems
860-486-9075
-Original Message-
From:
On 1/14/19 11:19 AM, Wietse Venema wrote:
The 'invalid parameter supplied' is an error message the local SASL
library. This error happens while Postfix prepares to send the AUTH
command.
Why does the Cyrus SASL library return 'invalid parameter supplied'?
I can only speculate that it does not
On 1/14/19 11:09 AM, Fazzina, Angelo wrote:
Hi, can you manually use commands to test the U/P are working from your postfix
server ?
1. Run this to test connectivity to your server
openssl s_client -starttls smtp -connect your.host.name:587
Typical OUTPUT =
250 DSN
Mayuresh:
> I am using postfix 3.1.4 on NetBSD 8.
>
> I am trying the idea of setting up a mailing list for a fairly static
> group of size not exceeding around 300, with postfix. I am doing this on a
> VPS server and want a solution that is conservative on resource footprint,
> hence considering
I am using postfix 3.1.4 on NetBSD 8.
I am trying the idea of setting up a mailing list for a fairly static
group of size not exceeding around 300, with postfix. I am doing this on a
VPS server and want a solution that is conservative on resource footprint,
hence considering doing it with MTA
> On Jan 15, 2019, at 8:39 AM, Stefan Bauer wrote:
>
> -o smtpd_tls_mandatory_ciphers=high
> -o tls_preempt_cipherlist=yes
> -o
>
stefan Bauer:
> Nessus reports for example TLS_RSA_WITH_SEED_CBC_SHA as weak on our
> submission port. So i was using the following to disable all SEED ciphers
> on submission port but it has no effect:
>
> -o smtpd_tls_mandatory_ciphers=high
> -o tls_preempt_cipherlist=yes
> -o
>
Hello,
does anyone use pflogsumm and reject based on header/body checks?
If so, can you test or provide me (privately) same logs of those rejections?
On 11.01.19 15:43, Matus UHLAR - fantomas wrote:
I have made a small patch for counting milter rejections in pflogsumm.
I put it on
Nessus reports for example TLS_RSA_WITH_SEED_CBC_SHA as weak on our
submission port. So i was using the following to disable all SEED ciphers
on submission port but it has no effect:
-o smtpd_tls_mandatory_ciphers=high
-o tls_preempt_cipherlist=yes
-o
Awesome. Thank you. That did the trick.
Am Di., 15. Jan. 2019 um 13:22 Uhr schrieb Wietse Venema <
wie...@porcupine.org>:
> Stefan Bauer:
> > Hi,
> >
> > i would like that postfix always sends DSN, when requested by client and
> > mail got forwarded to next-hop / final destination.
>
> Postfix
Stefan Bauer:
> Hi,
>
> i would like that postfix always sends DSN, when requested by client and
> mail got forwarded to next-hop / final destination.
Postfix implements a published RFC, and according to that RFC,
Postfix will send a 'relayed' DSN if:
1 - The sender requested DSN notification.
Hi,
i would like that postfix always sends DSN, when requested by client and
mail got forwarded to next-hop / final destination.
Thats works on some recipients, but not on all. postfix always sends DSN on
specific destinations (e.g. web.de)
: delivery via mx-ha02.web.de[212.227.17.8]:25: 250
22 matches
Mail list logo
