On 2021-07-16 02:07, Bill Cole wrote:
No, postfix.org has no TXT record, so mail from a postfix.org address
can neither pass nor fail a SPF test.
spf none is a valid test in mail::spf
its not same as spf neutral
as a spamassassin pmc member you should know
On Thu, Jul 15, 2021 at 08:07:52PM -0400, Bill Cole
wrote:
> On 2021-07-15 at 19:44:41 UTC-0400 (Fri, 16 Jul 2021 09:44:41 +1000)
> raf
> is rumored to have said:
>
> > SPF by itself would have checked the envelope address
> > (owner-postfix-us...@postfix.org), but DMARC's
> >
On 2021-07-15 at 19:44:41 UTC-0400 (Fri, 16 Jul 2021 09:44:41 +1000)
raf
is rumored to have said:
SPF by itself would have checked the envelope address
(owner-postfix-us...@postfix.org), but DMARC's
reinterpretation of SPF is not the same as actual SPF.
It checks the From: address (@raf.org)
On Thu, Jul 15, 2021 at 08:12:39AM -0400, post...@ptld.com wrote:
> Was SPF looking up records for raf.org or for cloud9.net? I see both of
> those domains have published SPF records so why was SPF "None"?
> Why did DMARC reject this even though it didn't fail either check?
Here's my attempt at
I have to admit that when I first saw this, it was also a bit confusing
as I was equating this with typical packet and session timeouts at the
network level.
What helped me better understand this was the phrase “one byte at a
time” and then reading up on things like Slow Loris that Viktor
> On 15 Jul 2021, at 10:41 am, post...@ptld.com wrote:
>
> "The time limit for sending a Postfix SMTP server response and for receiving
> a remote SMTP client request."
The amount of time that smtpd(8) is willing to wait for a network write
to write some data when writing a command-response,
post...@ptld.com:
> >> this limits how long the Postfix SMTP server will wait for an
> >> underlying network write operation to complete.
>
> > You, Sir, need to get some basic education on how packet-switched
> > computer networks deliver data between applications. This mailing
> > list, and
this limits how long the Postfix SMTP server will wait for an
underlying network write operation to complete.
You, Sir, need to get some basic education on how packet-switched
computer networks deliver data between applications. This mailing
list, and Postfix documentation, are not the place
post...@ptld.com:
> > Wietse Venema:
> >> post...@ptld.com:
> >> >
> >> > smtpd_timeout:
> >> > "The time limit for sending a Postfix SMTP server response and for
> >> > receiving a remote SMTP client request."
> >
> > When the Postfix SMTP server wants to send an SMTP server response,
On 07-15-2021 12:20 pm, post...@ptld.com wrote:
Wietse Venema:
post...@ptld.com:
>
> smtpd_timeout:
> "The time limit for sending a Postfix SMTP server response and for
> receiving a remote SMTP client request."
When the Postfix SMTP server wants to send an SMTP server response,
Wietse Venema:
post...@ptld.com:
>
> smtpd_timeout:
> "The time limit for sending a Postfix SMTP server response and for
> receiving a remote SMTP client request."
When the Postfix SMTP server wants to send an SMTP server response,
this limits how long the Postfix SMTP server will
Wietse Venema:
> post...@ptld.com:
> >
> > smtpd_timeout:
> > "The time limit for sending a Postfix SMTP server response and for
> > receiving a remote SMTP client request."
Typofix:
When the Postfix SMTP server wants to send an SMTP server response,
this limits how long the Postfix
post...@ptld.com:
>
> smtpd_timeout:
> "The time limit for sending a Postfix SMTP server response and for
> receiving a remote SMTP client request."
When the Postfix SMTP server wants to send an SMTP server response,
this limits how long the Postfix SMTP server will wait for an
smtpd_timeout:
"The time limit for sending a Postfix SMTP server response and for
receiving a remote SMTP client request."
Does the time a milter or policy script run count against this because
it says "SMTP server response"? Or is the time postfix waits on a
milter/policy reply
Doug Hardie:
> > On 14 July 2021, at 06:12, Wietse Venema wrote:
> >
> > Doug Hardie:
> >>
> >>> On 12 July 2021, at 18:27, Wietse Venema wrote:
> >>>
> >>> Doug Hardie:
> I have a postfix server that uses postscreen. However, occasionally
> a needed mail is blocked by one of the
daemon_timeout:
"How much time a Postfix daemon process may take to handle a request
before it is terminated"
What is "a request"? Is that the amount of time a client is connected?
Is that the amount of time between command request? Other? Does "a
request" cover multiple client
On 2021-07-15 14:12, post...@ptld.com wrote:
Was SPF looking up records for raf.org or for cloud9.net? I see both
of those domains have published SPF records so why was SPF "None"?
Why did DMARC reject this even though it didn't fail either check?
use smtpd_milter_maps to enforce no reject
post...@ptld.com:
After hearing all sides, i decided to try using policy settings recommended by
Viktor. Since then I've had two emails from this list rejected by DMARC which
now confuses me. The email didn't fail SPF or DKIM.
postfix/smtpd[226953]: connect from
On 07-15-2021 3:30 am, Nick Tait wrote:
This is not entirely necessary. If you send to a list, using a From
address in a domain that has a DMARC policy (i.e. with p=quarantine or
p=reject), then provided that the message is properly DKIM-signed by
the From domain and hasn't been modified in a
Doug Hardie:
I have a postfix server that uses postscreen. However, occasionally
a needed mail is blocked by one of the spam services. Is there a
way to bypass postscreen for just one or more specific addresses
for a short time?
On 12 July 2021, at 18:27, Wietse Venema wrote:
On 14/07/2021 23:56, Doug Hardie wrote:
I have both of those set to enforce. Here is the complete postscreen section
of main.cf:
# postscreen spam filtering
postscreen_greet_action = enforce
postscreen_dnsbl_action = enforce
postscreen_dnsbl_sites = bl.spamcop.net zen.spamhaus.org
On 15/07/21 1:07 am, Bill Cole wrote:
If you want to post to discussion mailing lists, you should either use
a From address in a domain without any DMARC record or publish one
with a p=none policy and sign your messages with DKIM, even though
they are likely to be broken by the mailing list.
22 matches
Mail list logo
