Thank you very much for all the helps.
So I changed it to:
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
check_policy_service unix:private/policyd-spf,
reject_rbl_client zen.spamhaus.org,
reject_rbl_client
> On 17 Nov 2022, at 8:21 pm, linux...@gmx.net wrote:
>
> So my question is which directive to put rbl settings in?
> "smtpd_recipient_restrictions" or "smtpd_client_restrictions"?
RBL lookups are "expensive" for both the RBL service and for your
MTA (high query latency ties up more processes).
Alex skrev den 2022-11-18 05:07:
Ideas greatly appreciated.
uptain a new dqs key
and as other says or dokument postscreen and smtpd uses diffrent maps
for dqs setup
On Thu, Nov 17, 2022 at 11:07:40PM -0500, Alex wrote:
> postscreen_dnsbl_reply_map =
> texthash:/etc/postfix/postscreen_dnsbl_reply_map
> mykey.zen.dq.spamhaus.net DNS blocklist (spamhaus)
This is a postscreen(8) setting.
> Nov 17 22:55:50 xavier postfix-117/smtpd[467504]:
>
Hi,
I have a fedora36 system with postfix-3.6.4 and trying to
get postscreen_dnsbl_reply_map to work properly. I have it working with the
same configuration on a fedora37 system and postfix-3.7.3, although I can't
imagine postfix versions would be the problem here.
postscreen_dnsbl_reply_map =
On November 18, 2022 3:04:44 AM UTC, linux...@gmx.net wrote:
>Dear List,
>
>I have enabled policyd-spf in postfix:
>
>smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated,
>reject_unauth_destination, check_policy_service unix:private/policyd-spf
>
>
>but can you help
Dear List,
I have enabled policyd-spf in postfix:
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated,
reject_unauth_destination, check_policy_service unix:private/policyd-spf
but can you help that, when a SPF check fails, where should I setup the reject
action?
So my question is which directive to put rbl settings in?
"smtpd_recipient_restrictions" or "smtpd_client_restrictions"?
Dealers choice. Both work, just depends when you want them rejected. If you
wait for recipient you can see in the logs who the mail was going to. If you
kick them during
On 11/15/22 17:56, r.barc...@habmalnefrage.de wrote:
> Wietse, Thanks so much for your quick and helpful response! It's an honor to
> talk to you!
>
> So my idea might only work, if I use the LAN IP address (e.g. 10.1.2.3) of
> the internal mail server as relay_host.
> If Postfix can't connect
On 11/15/22 08:17, Wietse Venema wrote:
> Dhammika Gunawardena:
>> Hi
>>
>> We maintain a private relay server to send ebills for a customer.
>> During peak sending hours, we miss about 5-10% of incoming messages but
>> outgoing messages are available.
>> We capture subject line in incoming
dear list,
Currently I have these rbl settings in main.cf:
smtpd_client_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_rbl_client zen.spamhaus.org,
reject_rbl_client bl.spamcop.net,
permit
Is
On Thu, Nov 17, 2022 at 02:48:40PM -0500, Viktor Dukhovni wrote:
> > Is there a way to make this restriction *only* apply to the username
> > present in that file?
>
> Yes: https://www.postfix.org/postconf.5.html#check_sasl_access
>
> Presumably SASL is only offered on ports 465 and 587, and not
On Thu, Nov 17, 2022 at 12:56:47PM -0600, Bryan K. Walton wrote:
> I would like to enforce a match between the "From" address and a sasl
> authenticated username, but I would like to only enforce this for a
> single sasl username.
Note that all access(5) restrictions in smtpd(8) apply to the
Hi,
I would like to enforce a match between the "From" address and a sasl
authenticated username, but I would like to only enforce this for a
single sasl username.
In my postfix main.cf, I have the following:
smtpd_sender_restrictions =
On Thu, Nov 17, 2022 at 05:10:03PM +0100, Gabriele Bulfon wrote:
> Thanks, I tried with this:
>
> address_verify_default_transport = lmtp:unix:/sonicle/var/imap/socket/lmtp
That's the wrong setting. You haven't read ADDRESS_VERIFICATION_README
carefully, and should probably also brush up on
Thanks, I tried with this:
address_verify_default_transport = lmtp:unix:/sonicle/var/imap/socket/lmtp
but not only non existent addresses are accepted with "Ok", but I don't even
found the log in this case...
With cyrus the default transport for us is a cyrus transport like this:
cyrus
On 17 Nov 2022, at 9:52 am, Gabriele Bulfon wrote:
> I tried enabling "reject_unverified_recipient" with cyrus imap, and it
> actually tries to verify. This is the log while trying to verify an
> non existent recipient:
>
> Nov 17 14:47:33 www postfix/pipe[3542]: [ID 197553 mail.info]
Hi,
I tried enabling "reject_unverified_recipient" with cyrus imap, and it actually
tries to verify.
This is the log while trying to verify an non existent recipient:
Nov 17 14:47:33 www postfix/pipe[3542]: [ID 197553 mail.info] 46124915450:
to=, relay=cyrus, delay=0.02,
18 matches
Mail list logo
