On 2021-07-02 21:37, Phil Stracchino wrote:
main.cf:
smtpd_sender_restrictions = permit_mynetworks
...
check_sender_access lmdb:/etc/postfix/sasl_authenticated
whould be check_sasl_accesss imho
check_sender_access
On 2021-07-02 at 10:46:07 UTC-0400 (Fri, 2 Jul 2021 16:46:07 +0200)
Marek Kozlowski
is rumored to have said:
:-)
I'd like to disable any mail from 'my.domain' from external networks
and non authenticated users. For envelope addresses my solution works
and is as follows:
At first bind
On 7/2/21 11:05 AM, Marek Kozlowski wrote:
> :-)
>
> On 7/2/21 5:02 PM, post...@ptld.com wrote:
>>
>> Do you mean this literally? Stopping me from sending an email using my
>> mail server that claims to be from 'your.domain'?
>> You can't, you can only publish SPF records and hope the receiving
On 2021-07-02 at 10:04:29 UTC-0400 (Fri, 2 Jul 2021 16:04:29 +0200)
Marek Kozlowski
is rumored to have said:
But on the other hand it's hard to believe than some servers with a
good reputation (according to https://talosintelligence.com) of
reputable American universities still don't support
Adrian van Bloois:
> Hi,
> Recently I was confronted with an error message like:
> Can't write to /var/spool/mail/BLADDDIBLA
> It took me another hour or so to find out why not.
> It would be helpful if the error message would read something like:
> Can't wite to /var/spool/mail/BLADIBLA,
Hi,
Recently I was confronted with an error message like:
Can't write to /var/spool/mail/BLADDDIBLA
It took me another hour or so to find out why not.
It would be helpful if the error message would read something like:
Can't wite to /var/spool/mail/BLADIBLA, mailboxsize exceeded
This would make
On 2021-07-02 17:22, post...@ptld.com wrote:
Am i wrong and the from= is actually the envelope
from or is it checking against the from address?
this is check_policy_service not reject_sender_login_mismatch
Are you sure? The documentation only mentions the MAIL FROM address.
Oops, my last reply was on SPF receiving and now i see you were talking
about sending out login mismatched.
My understanding is that it verifies the from and not just the envelope
from, but if im wrong id like to know.
On 07-02-2021 11:13 am, Damian wrote:
reject_sender_login_mismatch can be setup to only allow emails being
sent out where the from, not just the envelope-from, has to match the
users login credentials
Are you sure? The documentation only mentions the MAIL FROM address.
I think im sure. Here
On 2021-07-02 17:14, Marek Kozlowski wrote:
For some reasons I'd like not to apply restrictive SPF checking. For
envelopes my simple solution works perfectly without SPF. How about
internal "from:"
milters is needed for this one
reject if from is local not signed, but this is breaked by
:-)
On 7/2/21 5:10 PM, post...@ptld.com wrote:
OK, small clarification:
I'd like to disable any mail from 'my.domain' from external networks
and non authenticated users...
...delivered to my users.
Making sure i understand, you are saying you want to stop me from using
my mail server from
On 2021-07-02 17:05, Marek Kozlowski wrote:
I'd like to disable any mail from 'my.domain' from external networks
and non authenticated users...
...delivered to my users.
basicly all local senders in recipient maps is forged senders on port 25
?
easy to fix :=)
with postfixadmin:
reject_sender_login_mismatch can be setup to only allow emails being
sent out where the from, not just the envelope-from, has to match the
users login credentials
Are you sure? The documentation only mentions the MAIL FROM address.
OK, small clarification:
I'd like to disable any mail from 'my.domain' from external networks
and non authenticated users...
...delivered to my users.
Making sure i understand, you are saying you want to stop me from using
my mail server from sending an email to one_of_your_users@your.domain
:-)
On 7/2/21 5:02 PM, post...@ptld.com wrote:
Do you mean this literally? Stopping me from sending an email using my
mail server that claims to be from 'your.domain'?
You can't, you can only publish SPF records and hope the receiving mail
server of the spoofed email rejects it based on
I'd like to disable any mail from 'my.domain' from external networks
Do you mean this literally? Stopping me from sending an email using my
mail server that claims to be from 'your.domain'?
You can't, you can only publish SPF records and hope the receiving mail
server of the spoofed email
:-)
I'd like to disable any mail from 'my.domain' from external networks and
non authenticated users. For envelope addresses my solution works and is
as follows:
At first bind valid addresses with their owners:
Precisely:
smtpd_sender_restrictions =
check_sender_acces ...
:-)
I'd like to disable any mail from 'my.domain' from external networks and
non authenticated users. For envelope addresses my solution works and is
as follows:
At first bind valid addresses with their owners:
smtpd_sender_restrictions =
...
reject_sender_login_mismatch,
On Fri, Jul 02, 2021 at 10:15:53AM -0400, post...@ptld.com wrote:
> > No. The smtpd_xxx parameters are for RECEIVING email.
> > The LMTP protocol is for DELIVERING email.
> >
> > No. That text covers RECEIVING email. LMTP is for DELVERING email.
>
> Maybe im over stating the obvious, but i can
% postconf -A (SASL support in the SMTP+LMTP client)
I might be wrong, but I think that part of the document is actually
referring to the LMTP protocol in general and not necesarily to
Dovecot's LMTPD server.
https://en.wikipedia.org/wiki/Local_Mail_Transfer_Protocol
Cheers,
K.
No. The smtpd_xxx parameters are for RECEIVING email.
The LMTP protocol is for DELIVERING email.
No. That text covers RECEIVING email. LMTP is for DELVERING email.
Maybe im over stating the obvious, but i can see how there could be some
ambiguity mentioned here.
In this context saying
:-)
On 7/2/21 3:56 PM, Bastian Blank wrote:
On Fri, Jul 02, 2021 at 03:14:58PM +0200, Marek Kozlowski wrote:
It looks like '!TLSv1' is seen as something like
"!TLSv1.x" ("no TLS 1.x at all") rather than "!TLSv1.0". Yes it is a stupid
supposition but I cannot think of any
On Fri, Jul 02, 2021 at 03:14:58PM +0200, Marek Kozlowski wrote:
It looks like '!TLSv1' is seen as something like
"!TLSv1.x" ("no TLS 1.x at all") rather than "!TLSv1.0". Yes it is a stupid
supposition but I cannot think of any other explanation. Is it possible?
On 02.07.21
On Fri, Jul 02, 2021 at 03:14:58PM +0200, Marek Kozlowski wrote:
> It looks like '!TLSv1' is seen as something like
> "!TLSv1.x" ("no TLS 1.x at all") rather than "!TLSv1.0". Yes it is a stupid
> supposition but I cannot think of any other explanation. Is it possible?
No,
White, Daniel E. (GSFC-770.0)[NICS]:
> On http://www.postfix.org/SASL_README.html
> it says:
>
> To find out what SASL implementations are compiled into Postfix, use the
> following commands:
>
> % postconf -a (SASL support in the SMTP server)
> % postconf -A (SASL support in the SMTP+LMTP
:-)
Maybe seems strange but...
With those settings my postfix (3.5.9) no broken connections are reported:
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1.1
smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1.1
But when I change to those:
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1,
>>Matus UHLAR - fantomas:
>>>I was curious if I could do a script that would do the same, with the same
>>>possible issues.
>>>
>>>I can do perl, but it looks neither python nor perl have interface to postfix
>>>what could e.g. expand maps without calling external commands.
On 01.07.21 22:49,
Matus UHLAR - fantomas:
> >>Matus UHLAR - fantomas:
> >>>I was curious if I could do a script that would do the same, with the same
> >>>possible issues.
> >>>
> >>>I can do perl, but it looks neither python nor perl have interface to
> >>>postfix
> >>>what could e.g. expand maps without calling
On http://www.postfix.org/SASL_README.html
it says:
To find out what SASL implementations are compiled into Postfix, use the
following commands:
% postconf -a (SASL support in the SMTP server)
% postconf -A (SASL support in the SMTP+LMTP client)
On our RHEL 8 server, postfix 3.5.8-1, dovecot
On 2021-07-02 07:54, Maurizio Caloro wrote:
Searching any Service that offer free any possible MX Backup?
Found kisolabs "dot" com but it seems this service are down
perfekt for testing backup mx :=)
Thanks for possible update or help
you could do self service with another postfix server
Matus UHLAR - fantomas:
I was curious if I could do a script that would do the same, with the same
possible issues.
I can do perl, but it looks neither python nor perl have interface to postfix
what could e.g. expand maps without calling external commands.
On 01.07.21 22:49, Kevin N. wrote:
On 2/07/2021 3:54 pm, Maurizio Caloro wrote:
Hello
Searching any Service that offer free any possible MX Backup?
Why do you need a backup MX? Usually MSAs will queue for a while (4 days
seems a common default due to language in the smtp RFCs) or the senders
will get a bounce notice. If you
32 matches
Mail list logo