s.
o SMTPcommandspecificrestrictionsdescribed
under
smtpd_client_restrictions, smtpd_helo_restrictions
and
smtpd_sender_restrictions.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not For Hire (currently)
et me ask this specific question once.)
Instead
of writing a new milter, can I use "proxsmtp" project for that purpose
?
I'm not familiar with it, but it appears to be a SMTP proxy, not a
milter. It may or may not work with Postfix's proxy interface. Whether
you can m
e facility. The timed death of the Postfix master process is
in the standard distribution (-e option.)
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not For Hire (currently)
ieve that we've ever had someone come here with an
actual problem rooted in Postfix not enabling IPv6 by default. Do you
have such a problem or is your concern purely on principle?
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.co
sed as part of later TLS versions.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
05606 deny tcp from 216.229.124.0/24 to any dst-port
110,143,465,587,993,995
05607 deny tcp from 217.0.0.0/8 to any dst-port 110,143,465,587,993,995
05608 deny tcp from 218.0.0.0/7 to any dst-port 110,143,465,587,993,995
05609 deny tcp from 220.0.0.0/6 to any dst-port 110,143,465,587,993,995
-
e "unknown" refers to the lack of a verified hostname, NOT to a
lack of authentication.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not For Hire (currently)
On 1 Jul 2020, at 19:37, Peter wrote:
On 1/07/20 11:20 am, Bill Cole wrote:
Can't you just fix the DNS? Use a HELO name that resolves to both IPs
and give both IPs PTR records that point back to the name you use.
This won't work for FCRDNS properly.
That is implementation-depend
IP
address, although some tools that try to use PTR records will not know
how to handle that and a larger fraction of the humans who see it will
be confused.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not For Hire
f helo_host_maps
;) to resolve this.
At this point, I wouldn't mind if someone pinpoints me to the right
direction.
Can't you just fix the DNS? Use a HELO name that resolves to both IPs
and give both IPs PTR records that point back to the name you use.
--
Bill Cole
b...@scconsult.co
be able to tell you the specific error
message, revealing to you where the issue came from.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not For Hire (currently)
reasons to prefer the socket. I'm
not a big fan of spampd because it uses the proxy model instead of
milter, but at least it isn't abandonware.
My favorite SA integration tool is MIMEDefang, but it is far from
lightweight.
--
Bill Cole
b...@scconsult.com or
TLSv1.0, which implies the use of
badly outdated and flawed TLS implementations. I don't think it is a
good idea to see how many of those (and the TLSv1.3 clients who still
use RSA) will break if I narrow what Postfix will accept.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA
stfix/lmtp'
that it wants to be speaking to a LMTP server.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
ne message.
There is no virtual replacement for a physical process server. Maybe
someday that will mean robots of some sort (e.g. drones) but
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not For Hire (currently)
f -d' shows you Postfix's *default values* for every setting.
If you want to see what Postfix is actually using that diverges from the
defaults, use '-n' instead.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not For Hire (currently)
On 8 May 2020, at 17:26, Ralph Seichter wrote:
> * Bill Cole:
>
>> The boutique hosting/connectivity/services provider I work with [...]
>> can provide native IPv6 to customers. None ever has ever asked for it.
>
> That's quite a sweeping statement, and I don'
On 8 May 2020, at 15:06, Ralph Seichter wrote:
* Bill Cole:
Some have IPv6 connectivity and address space but no motivation to
make their mail systems use IPv6.
A case of what we call Public Servant Mikado (whoever moves first has
lost). ;-)
Yes.
Seriously, I think that if one can
6 connectivity and address space but no motivation to make
their mail systems use IPv6. There are reasons to avoid sending over
IPv6 and very few if any significant reasons to want to send or receive
over IPv6. If one has a working IPv4-only mail system, adding IPv6 is
pure work for no discerni
it looks to or does it just not look at
alias_maps if not declared?
As the postconf(5) man page says, this is system-dependent.
To see what the default is on your system, run 'postconf -d alias_maps'
To see what the current value is on your system, run 'postconf
alias_maps'
h is modulated by DMARC record parameters.
Any single "failure" of DKIM or SPF to validate the domains they purport
to validate is adequate to force a failure of DMARC, which only fails if
ALL mechanisms fail or are absent for the author address domain.
--
Bill Cole
b.
On 17 Apr 2020, at 2:52, Ansgar Wiechers wrote:
> On 2020-04-17 Bill Cole wrote:
>> On 17 Apr 2020, at 0:57, Ranjan Maitra wrote:
>>> On Mon, 23 Mar 2020 17:19:42 -0400 (EDT) Wietse Venema wrote:
>>>> #!/bin/sh
>>>>
>>>> while :
>>&g
tax error:
line 10: [: : integer expression expected
Line10: is the following line:
*UP*) if [ "$prev" -ne up ]
Any help?
Make that line:
*UP*) if [ "$prev" = up ]
Also replace '-ne' in line 16 with '='
--
Bill Cole
b...@scconsult.com or bill
On 9 Apr 2020, at 0:43, Bill Cole wrote:
On 8 Apr 2020, at 19:01, @lbutlr wrote:
Given an email address of user+ama...@example.com how can I reject
all emails to that address that do not come from amazon.com?
I think I did something like this once but if I did, I didn’t keep
notes
cept mail for it if the client
name and sender name match legitimate Amazon patterns.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not For Hire (currently)
ite support channels.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not For Hire (currently)
7;t include the odd assertion that "Your message could not
be delivered for more than 0 hour(s)" then the answer is no.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
Time units: s (seconds), m (minutes), h (hours), d (days), w
(weeks).
The default time unit is h (hours).
See also: delay_notice_recipient, notify_classes,
confirm_delay_cleared.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.sccons
a
flooding attack untraceable.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not For Hire (currently)
horized_submit_users' directive.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
ation
directives that you *think* are relevant is much less useful than your
actual "postconf -n output."
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
On 27 Jan 2020, at 14:27, @lbutlr wrote:
On 27 Jan 2020, at 06:42, Bill Cole
wrote:
It means that they attempted authentication 1 time but failed.
Sometimes I see auth=0/2 or auth=0/3.
Which means they tried 2 or 3 times.
Hmm. I see blocks like these throughout my logs:
Jan 27 11:40:25
usually no need to support authentication on
port 25 if you have submission instances on ports 587 and/or 465, and if
"smtpd_sasl_auth_enable = no" there's no excuse for any SMTP client to
even try AUTH.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and
On 15 Jan 2020, at 14:55, Emanuel wrote:
my question arose because of a user on my server who sent to many
recipients without MX
Perhaps you just need to add reject_unknown_recipient_domain to
smtpd_recipient_restrictions?
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA
omous systems. This can simplify the
configuration of each system and make securing them less challenging.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not For Hire (currently)
mimedefang daemon is compiled C, linked with libmilter. In
this case, v8.15.2.
Beginning to get a little confused ...
I can understand why.
Is it certain that the macro you want is non-null when you're asking for
it?
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and
.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
versions (i.e. those for which
Apple no longer releases updates) to disable their Postfix entirely and
replace it with your custom one by symlinking /etc/postfix/,
/var/spool/postfix/ and /usr/sbin/sendmail to your custom build's
equivalents.
--
Bill Cole
b...@scconsult.com or billc...@ap
via check_policy_service;
I don't believe so. I see nothing in the policy protocol documents that
provides access to message headers or body.
This could be done with a Milter such as milter-regex or MIMEDefang.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and
an implement as a Perl snippet. In addition to
manipulating messages and their routing, it also has hooks for
SpamAssassin and a wide range of AV tools, which are its most common
uses.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not For Hire (currently)
i miss?
These instructions for seeking help here:
http://www.postfix.org/DEBUG_README.html#mail
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
On 2 Dec 2019, at 21:31, @lbutlr wrote:
On 02 Dec 2019, at 09:47, Bill Cole
wrote:
Have you considered doing as recommended at
http://www.postfix.org/DEBUG_README.html#mail to make it easier for
us to understand your issue?
Logs, postconf output, postmap -q output, what am I missing?
I
thing altogether.
http://www.postfix.org/ADDRESS_CLASS_README.html#classes
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
you considered doing as recommended at
http://www.postfix.org/DEBUG_README.html#mail to make it easier for us
to understand your issue?
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
it Unix epoch...) in 2038
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not For Hire (currently)
Postfix would be a likely component...) because it could have very
different answers depending on the specific needs of a site and issues
like scale, threat model, risk tolerances, and available resources.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many
mmuniGate Pro. I hear Microsoft has some sort of supposed
multi-node mail system as well... One might expect a commercial solution
to be a simpler tool to support but one might be surprised.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
local caching recursive resolver on a mail server have
become quite weak.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
a requirement that a HELO/EHLO argument
must contain letters and do not recall ever seeing a legitimate mail
source using an IP literal or bare IP in HELO/EHLO in cases where such a
restriction was impossible. Obviously your mail stream may differ,
particularly if you accommodate submission on po
alify that claim?
/^[^a-z]*$/ REJECT USE YOUR WORDS LIKE A GROWN-UP!
#
# Places I absolutely do not want any mail from.
[REDACTED: VALID-ISH NAMES IN NOMINALLY LEGIT DOMAINS THAT ONLY SEND
SPAM]
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
(printers, antique Cisco gear,
random IoT devices) which may not be able to do port 587 or 465 and
can't contain the concept of their very own real hostname. Generally
these are rare enough these days that it is feasible to handle them as
exceptions.
--
Bill Cole
b...@scconsult.com or
On 15 Nov 2019, at 11:16, Jeffrey 'jf' Lim wrote:
On Fri, 15 Nov 2019, 22:26 Bill Cole, <
postfixlists-070...@billmail.scconsult.com> wrote:
[...]
It is also worth noting that at least one MTA has made the same
assumption about appropriate client behavior, offering a swit
L LOGIN authentication failed: VXNlcm5hbWU6" which
indicates a failure at the first stage of the LOGIN mechanism.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
nt on and off but NOT actually disabling authentication
when not advertising it.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
On 12 Nov 2019, at 14:26, Viktor Dukhovni wrote:
On Nov 11, 2019, at 11:09 AM, Bill Cole
wrote:
mail.namase.de is the HELO (EHLO) name. You must not reject mail
when helo
name differs from DNS name (RFC violation).
True.
For the record, it is NOT an RFC violation for the EHLO name to
particular spammers or spamming tools.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
eries to each of them and seeing if
any stand out as persistently slow.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
=yes
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
o not just fix the CNAME record, follow the RFCs and use an A
record.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
sformatted HTML message is not it.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
stages of
milter<->MTA interaction.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
frequency of
non-ASCII characters. From a code standpoint, just doing Base64 is
simpler and more robust.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
uleset included many that
identify malformed HTML, gratuitous Base64 or QP encoding, and other
technical quirks that correlate to mail being spam.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
ith a spammer authenticating on port 465, auth is disabled on port 25.
(As it should be.)
Am Dienstag, 15. Oktober 2019, 11:30:42 CEST schrieb Bill Cole:
On 15 Oct 2019, at 11:15, Julien Michaux wrote:
Do you have a way to test authentification with smtps ?
openssl s_client -connect :465
That
telnet :25'
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
of course doesn't care about us.
The MailOp list is probably a better choice:
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Actual Google mail admins respond to such queries there. Really.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmai
le to send
email to it?
Nope.
How about if there is a specific list of users who are not allowed to
send mail to that email address?
Use a restriction class: see the RESTRICTION_CLASS_README. That would
also work for the simpler case if you don't want to fiddle in master.cf.
--
Bill C
On 29 Sep 2019, at 20:30, Hugo Florentino wrote:
El vie, 27-09-2019 a las 09:33 -0400, Bill Cole escribió:
[...]
Because, as documented, header_checks (and the other built-in
content
filtering in Postfix) does not support restrictions or restriction
classes as results of a pattern match
On 22 Sep 2019, at 18:50, Daniel Miller wrote:
On 9/22/2019 12:59 PM, Bill Cole wrote:
[...]
If you do use a manual local blacklist for this (as I do on my
personal system) it is most useful to apply it at the network level:
either in your router/firewall or in a host-local packet filter
t cyrus.Is there a version 2.11
or higher of postfix supportting cyrus ?
Yes. Just built:
$ postconf mail_version
mail_version = 3.4.6
$ postconf -A
cyrus
$ postconf -a
cyrus
dovecot
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
On 27 Sep 2019, at 11:33, Hugo Florentino wrote:
El vie, 27-09-2019 a las 09:33 -0400, Bill Cole escribió:
On 27 Sep 2019, at 7:06, Hugo Florentino wrote:
[...]
The most important element in doing this is to separate mail
submission
from inbound SMTP mail. In 2019 there is no reasonable
to do.
If you want to allow exceptions to this policy (which some systems learn
that they need after deploying an absolute block) you will need to use a
more sophisticated external content filtering tool.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
something done by an IMAP server
component like Dovecot's "pigeonhole" sieve implementation or a delivery
agent like procmail, NOT by Postfix.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
; users who
might log in from anywhere in the world, there are still some very large
networks that host lots of credential-stuffers and no legitimate mail
submission or IMAP users than can be blocked safely to good effect: AWS,
Azure, GCP, Digital Ocean, etc.
--
Bill Cole
b...@scconsult.c
t" in the same man page. If they all contain both
attributes, pick one.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
, it does not do that.
#check_email_and_mx.pl m...@junc.eu
Check Valid MX (Net::ValidMX v2.2.0)
m...@junc.eu
Valid MX? True - Passed
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
tions that have
mail going out from a shared NAT address but coming in via a dedicated
IP.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
et::validMX does anything more *at the domain
level* than Postfix's built-in reject_unknown_sender_domain restriction.
Its check_email_validity() may be a bit more strict than Postfix's
built-in address sanity checks.
--
Bill Cole
b...@scconsult.com or billc...@a
different from what you expect.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
s formally allowable to
EHLO as 'localhost.localdomain') but no legitimate mail server speaking
to the world at large should ever be doing that.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
zen.spamhaus.org zone includes
many names that have as many records as they do A records and if
your resolvers tries one of those, you get a message as above.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
seeing in error messages. That is a generic,
intentionally vague, and perfectly valid status code.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
uilds
designed for the broadest possible audience and maintained by an expert
team. This is more commonly seen in the BSD world, but it is not
infeasible with Linux.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
ut any "l*.it" bot.
Look up any of the miscreant IP's at the CBL site to get a long
explanation, e.g. https://www.abuseat.org/lookup.cgi?ip=1.212.181.131
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
lients and append_at_myorigin sections. It also is
used in some map lookup protocols to detect when to look up bare
username parts of qualified addresses.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
[31.172.134.4])
How did they get 'from theguardian.com' into the Received header
generated by our mx?
The token immediately following the "from" in a Received header
generated by Postfix is the name offered in the EHLO or HELO command
from the SMTP client.
--
Bill Cole
b
ix - - n - 1 anvil
scacheunix - - n - 1 scache
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
On 15 Jul 2019, at 15:44, Phil Stracchino wrote:
On 7/15/19 3:29 PM, Bill Cole wrote:
On 15 Jul 2019, at 14:02, Phil Stracchino wrote:
And here's the log of the last failure:
[...]
Jul 15 13:49:11 minbar policyd-spf[25139]: Starting
Jul 15 13:49:11 minbar policyd-spf[25139]: C
27;debugLevel': 3,
'HELO_reject': 'SPF_Not_Pass', 'Mail_From_reject': 'SPF_Not_Pass',
AHA! Config!
'PermError_reject': 'True',
I would guess that means that you have *explicitly chosen* to reject
mail when hitting a "PermError."
Don't do that.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
that uses
spamd with per-user configurations, I am hesitant to make a definitive
assertion.
I am almost certain that you can get a more definitive answer on the
right mailing list.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addr
ackage messages as attachments inside entirely new
messages, which isn't really forwarding but remailing.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
On 16 Jun 2019, at 16:27, @lbutlr wrote:
On 16 Jun2019, at 12:05, Bill Cole
wrote:
[...]
As the OP says, they support an outbound "smarthost" connector,
Not a term I’ve heard before.
The term "smarthost" dates from the days when it was fairly common for
some host
you might get an answer for free even if you were not a paying customer.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
sender address is one you
intend to service, how reliably is the mail authenticated by those 2
elements together?
Is the mail DKIM signed?
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
ep away from the
mail system handling mailboxes.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
test mail
submission session with the "Connection Doctor" feature. That log will
show whether you are getting the right responses to EHLO from Postfix
before and after TLS establishment that would tell Mail.app to try to
authenticate. The log should look something like the attached examp
address as the From header.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
ng the issue more complex, some providers have implemented port 25
blocking unevenly, so that some of their customers or networks are
unblocked despite the official practice.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
need
smtpd_client_restrictions=permit_sasl_authenticated,reject' because you
have 'permit_sasl_authenticated,*,reject' in restriction lists that are
evaluated later.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Available For Hire
mplex logic, that's available as well.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Available For Hire
401 - 500 of 1066 matches
Mail list logo
