On Mon, 2019-06-24 at 08:00 +1200, Peter wrote:
> On 24/06/19 3:38 AM, Chris Pollock wrote:
> > I still have some that are going to /var/spool/mail/nobody however.
> > Headers below:
>
> And your logs show what exactly?
>
>
> Peter
The pastes are from my mail.log
https://pastebin.com/2kn42CRa
John Plate:
> Hi
>
> I introduced "smtpd_reject_unlisted_sender=yes" in main.cf to avoid
> attempts to login to my smtpd.
smtpd_reject_unlisted_sender does not prevent logins.
> This morning it looks like an unknown ip-number succeded:
>
> Jun 23 07:38:02 lunar postfix/smtpd[14806]: connect
* Lefteris Tsintjelis:
> There is nothing to disappear from cache for the new key.
Lefteris, I am fully aware. As I wrote, I don't trust every caching
resolver out there to do the right thing (meaning to query for new
information while older data is still in the cache). It should happen,
but I
> I just sent an email via the contact form.
Thanks!
> Yes, incorrect handling of empty-non-terminals. I don't enable
> qname minimization on the unbound instance on my MTA. Still tends
> to run into bugs like this now and then.
Yes, I now also disabled it.
- tmolitor
On 23/6/2019 23:25, Ralph Seichter wrote:
* Lefteris Tsintjelis:
In case DNS does not use notify then yes you should wait for the zone
refresh time in SOA (not TTL) for all slaves to sync.
I recommended the zone's TTL because it is the upper limit for all
cached data to disappear
There is
Hi
I introduced "smtpd_reject_unlisted_sender=yes" in main.cf to avoid
attempts to login to my smtpd.
This morning it looks like an unknown ip-number succeded:
Jun 23 07:38:02 lunar postfix/smtpd[14806]: connect from
unknown[185.137.111.22]
Jun 23 07:38:05 lunar amavis[15407]: starting.
* Lefteris Tsintjelis:
> In case DNS does not use notify then yes you should wait for the zone
> refresh time in SOA (not TTL) for all slaves to sync.
I recommended the zone's TTL because it is the upper limit for all
cached data to disappear, but yes, data newly added to the zone should
usually
On 24/06/19 3:38 AM, Chris Pollock wrote:
I still have some that are going to /var/spool/mail/nobody however.
Headers below:
And your logs show what exactly?
Peter
On 24/06/19 5:21 AM, A. Schulze wrote:
while running postscreen and postgrey I still see some connections deferred by
postgrey...
no more details available on a sunday.
If you're running the after-220 tests in postscreen then these messages
are actually deferring twice, and the fact that
On 22/06/19 12:49 PM, Rich Wales wrote:
I'm running Postfix 3.1.0 on an Ubuntu 16.04 LTS system.
II'm using Postfix's postscreen filtering, including zen.spamhaus.org
(with a large score) as one of my DNSBL sites, but it's not helping in
some cases because the spam sources are not showing up on
On 23/6/2019 16:20, Ralph Seichter wrote:
* Esteban L.:
Trying to figure this out with as little disruption as possible.
I sugest you do the following, in order:
* Generate new key.
* Add new key's data, using a new DKIM selector, to your DNS.
* Wait for your domain zone's DNS TTL to
Thanks Ralph.
That was the step-by-step guide I was looking for. The simplest things
are always the hardest to find information for.
Esteban
--
https://little-beak.com
"Doing what we can."
-Original Message-
From: Ralph Seichter
To: postfix-users@postfix.org
Subject: Re: dkim updating
I'm using conditional greylisting with policy-weightd and postgrey.
And another conditional greylisting if the spamassassin score is too high
using milter-greylist.
This doesn't introduce delays for most of the incoming mails but penalizes
zombies / mailservers with strange behaviours :)
-
" Whatever the default, the logs you posted showed TLS 1.3"
I have noticed that some gmail comes through as TLS 1.2 and some as TLS 1.3; I
am guessing that not all of Google's SMTP gateways are TLS 1.3 yet...
On 6/22/19, 2:13 PM, "owner-postfix-us...@postfix.org on behalf of Viktor
Matus UHLAR - fantomas:
> >Am 22.06.19 um 02:49 schrieb Rich Wales:
> >> Any other suggestions?
>
> On 22.06.19 14:43, A. Schulze wrote:
> >I'm still using greylisting with moderate effects. It catches some percent
> >other AntiSpam technics doesn't
>
> even compared to postscreen?
I would
Am 23.06.19 um 16:57 schrieb Matus UHLAR - fantomas:
> On 22.06.19 14:43, A. Schulze wrote:
>> I'm still using greylisting with moderate effects. It catches some percent
>> other AntiSpam technics doesn't
>
> even compared to postscreen?
yes
while running postscreen and postgrey I still see
Chris Pollock:
> On Sun, 2019-06-23 at 01:21 -0400, Viktor Dukhovni wrote:
> > On Sat, Jun 22, 2019 at 08:56:35PM -0500, Chris Pollock wrote:
> >
> > > I've spent 3hrs going over and over my settings and can't find
> > > where
> > > I've got a problem. My /etc/postfix/sasl_passwd file contains:
>
On Sun, 2019-06-23 at 01:21 -0400, Viktor Dukhovni wrote:
> On Sat, Jun 22, 2019 at 08:56:35PM -0500, Chris Pollock wrote:
>
> > I've spent 3hrs going over and over my settings and can't find
> > where
> > I've got a problem. My /etc/postfix/sasl_passwd file contains:
> >
> > smtp.gmail.com:587
On 22.06.19 15:03, Security Admin (NetSec) wrote:
I figured TLS 1.3 might be the culprit from the logs. The OpenSSL version shows
"OpenSSL 1.1.1 11 Sep 2018" and it was updated recently via Ubuntu.
How might I go about not negotiating TLS 1.3, as it is obvious I need to update
some
Am 22.06.19 um 02:49 schrieb Rich Wales:
Any other suggestions?
On 22.06.19 14:43, A. Schulze wrote:
I'm still using greylisting with moderate effects. It catches some percent
other AntiSpam technics doesn't
even compared to postscreen?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ;
* Esteban L.:
> Trying to figure this out with as little disruption as possible.
I sugest you do the following, in order:
* Generate new key.
* Add new key's data, using a new DKIM selector, to your DNS.
* Wait for your domain zone's DNS TTL to expire (typically 1-2 days).
* Switch to
Friendly Greetings,
I am going to update my email server's Dkim keys for the first time.
I can go to the original install instructions, and figure out how to
update them. What I can't find in that original tutorial is the
following:
1. Do I delete/remove old key and references thereto? Namely,
22 matches
Mail list logo
