[pfx] Re: TLS config for gmail relay

/tls_policy.db: No such file or directory You need to run: postmap /etc/postfix/tls_policy -- Christian Kivalo ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: smtp auth on port 25

u intend to use for mail submission. -- Christian Kivalo ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: Postfix Help with a rejection message

t; > >What file do I edit in postfix to allow this message to flow and get delivered >or whitelisted? > Do you by any chance have reject_unknown_helo_hostname in your smtpd_*_restrictions in main.cf? This results in a reject, when the announced helo name has no A

[pfx] Re: Anyone using SMTP relay through dnsexit.com?

EADME.html#client_sasl_enable -- Christian Kivalo ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: Painful Postfix

How can I go about using multiple IP addresses with the >'debug_peer_list' parameter? > >Like this? > >debug_peer_list = 1.2.3.4 5.6.7.8 > >or perhaps like this? > >debug_peer_list = 1.2.3.4, 5.6.7.8 > > >Thanks > >Kolusion >_

RE: Wrong Domain in Null Client Setup

; in >main.cf. > >> Running postconf -d myhostname returns the host.localdomain where the >> host is the correct hostname, but localdomain is just the string >> "localdomain" > >You need to configure a fully-qualified hostname, or set myhostname explicitly. > -- Christian Kivalo

Re: smtpd NOQUEUE without reject

. :-) If it matters, this is on Postfix 3.7.2. Thanks for any advice! -- Christian Kivalo

Re: Blacklisted - SASL Login Attempt

entication failed: UGFzc3dvcmQ6 Jan 14 07:17:57 nmail postfix/smtps/smtpd[7809]: lost connection after AUTH from unknown[5.188.206.199] This is smtps (port 465). Your config and blocklist is for postscreen which should only be enabled for port 25. -- Christian Kivalo

Re: Some DNSSEC/DANE questions

I can send mail to make sure DANE is being looked up and used on my end. Not something that looks up MY domain and connects to it. Maybe this is more like what you're looking for https://havedane.net/ -- Christian Kivalo

Re: Submission behind haproxy, TLS issues

now and am happy with it. -- Christian Kivalo

Re: warning: dnsblog_query lookup error

I'm only using a local unbound on this server for name resolution. This is what I get: valo:~ $ dig 109.75.92.40.list.dnswl.org +short 127.0.3.0 valo:~ $ >Thanks >Mauri >-Ursprüngliche Nachricht----- >Von: owner-postfix-us...@postfix.org >Im Auftrag von Christian Kivalo >Gesendet:

Re: warning: dnsblog_query lookup error

; >nameserver 8.8.8.8 > >nameserver 46.38.225.230 You should not use public dns servers to query dnsbls as they are likely blocked due to excessive query volume at the dnsbl. Install and use a local resolver like unbound, knot, bind and use nameserver 127.0.0.1 in /etc/resolv.conf > > >regards > >Mauri > > > > -- Christian Kivalo

Re: Problem with starttls / orange.fr

TLSv1.2 You have a missing "," after !SLv3 which also misses an "S" And you exclude TLSv1 with which I can establish an encrypted connection to orange.fr > >smtp_tls_ciphers = high > >smtp_tls_CAfile = >/etc/letsencrypt/live/mymailserver.domain.dom/chain.pem You probably don't need client certificates. > > > > > >Any clue about this error ? Which cert do I use and that orange does >not >want ? Why is the email sent after a few attempts ? Eventually the email is sent in plaintext without encryption. > > >Regards, > > > >Gaetan -- Christian Kivalo

Re: Catch a forged Return Path

that spam wave with high DNSBL ranks for me. This http://rob0.nodns4.us/postscreen.html is a good ressource and i have it setup more or less the way described there + some minor adjustments needed for my setup. Greets, Ludi -- Christian Kivalo

Re: SASL auth cache?

kend, >>> is there some kind of cache involved here? >> >> There is no such thing in Postfix. Also not in the Postfix Dovcecot >> client. > >Curious, and it couldn't be connection cache/reuse or something? Could it have been an authenticated, still open connection that got closed as postfix was restarted? >--- >Tom -- Christian Kivalo

Re: Postfix failed to start at boot

Transport > >Agent. >Jul 04 15:55:04 SSPH systemd[1]: postfix.service: Scheduled restart >job, >restart counter is at 4. >Jul 04 15:55:04 SSPH systemd[1]: Stopped Postfix Mail Transport Agent. >Jul 04 15:55:04 SSPH systemd[1]: Starting Postfix Mail Transport >Agent... >Jul 04 15:55:09 SSPH systemd[1]: Started Postfix Mail Transport Agent. >=== > >I do not know how to fix this failure. Any help, please? I have asked >this question in the Manjaro forum but with no resolution. -- Christian Kivalo

Re: Nothing in /var/log/maillog under stress

tes of log data is not making it to /var/log/maillog. To be honest, I do not know how to "... find out how your syslog daemon gets the messages from the systemd journal.". Greg Sims On Sun, Jul 12, 2020 at 3:51 PM Christian Kivalo wrote: On 2020-07-13 00:10, Greg Sims wrote: Thank

Re: Nothing in /var/log/maillog under stress

to /var/log/maillog. To be honest, I do not know how to "... find out how your syslog daemon gets the messages from the systemd journal.". Greg Sims On Sun, Jul 12, 2020 at 3:51 PM Christian Kivalo wrote: On 2020-07-13 00:10, Greg Sims wrote: Thank you Christian. I am running on CentOS 8.2

Re: Nothing in /var/log/maillog under stress

ich covers rsyslog on centos 7. There is an import module for systemd journal. On my server rsyslog is configured to create a log socket at /var/spool/postfix/dev/log and ignore systemd journal and that works well for my use case. Greg Sims On Sun, Jul 12, 2020 at 2:40 PM Christian Kivalo wrote: On 202

Re: Nothing in /var/log/maillog under stress

st and then fix your logging. -- Christian Kivalo

Re: Nothing in /var/log/maillog under stress

//aol.com [6] http://icloud.com [7] http://yahoo.com [8] http://outlook.com [9] http://rocketmail.com -- Christian Kivalo

Re: TLS verification problem - ca untrusted, but it shouldn't be

icates.crt This setting does not affect posttls-finger What does postfix log when you send a mail there? -- Christian Kivalo

Re: 5 messages per second

connect to >127.0.0.1[127.0.0.1]:24: Connection timed out) > >do you have a solution ? Whatever should listen on 127.0.0.1:24 is not listening / running. What should accept the lmtp connections? Check if that service is running. >Regards, >Paul -- Christian Kivalo

Re: Remove part of rbl name from response to blocked client

[51.88.120.222] blocked using sp8lefi4grtb7jftpslxxztu3y.zen.dx.spamhous.net [1] Links: -- [1] http://sp8lefi4grtb7jftpslxxztu3y.zen.dx.spamhous.net -- Christian Kivalo

Re: Problems with header checks

im signatures when modifying headers. Subject is a signed header in most cases. >Shade and sweet water! > > Stephan -- Christian Kivalo

Re: OpenDKIM , Postfix , SpamAssassin, Amavisd-New, SPF and FreeBSD

ens when you comment the ExternalIgnoreList and InternalHost settings in opendkim.conf, restart the service and send a test mail originating from one of the domains you're trying to sign? What do the logs show? My opendkim.conf has refile: prefix also for the KeyTable option. Regards Christian -

Re: OpenDKIM , Postfix , SpamAssassin, Amavisd-New, SPF and FreeBSD

>>>> SigningTablerefile:/usr/local/etc/opendkim/SigningTable >>>> SignatureAlgorithm rsa-sha256 >>>> Socket inet:8891@127.0.0.1 <mailto:8891@127.0.0.1> >>>> UMask 022 >>>> UserID opendkim:opendkim >>>> TemporaryDirectory /var/tmp >>>> >>>> As I stated it is running... But not signing from a test site... >>>> >>>> Any thoughts would be appreciated >>> >>> Are files /usr/local/etc/opendkim/TrustedHosts, KeyTable and >>> SigningTable set up correctly? Do you need to use KeyTable and >>> SigningTable - this is a more complex setup; standard setup uses >>> parameters Domain, Selector and KeyFile - see >>> http://www.opendkim.org/opendkim-README ><http://www.opendkim.org/opendkim-README>. >> -- Christian Kivalo

Re: MAILTO without SIZE=

the Envelope address for some >reason the SIZE=423 with it > >MAIL FROM: SIZE=434, > >How can I disable the sending of the SIZE parameter? > >Greetings >Tobias -- Christian Kivalo

Re: Are sha1 & TLSv1 fully deprecated wrt mail, and time to block them?

e at least 1024 bits keys for dkim signatures, more bits are good and accepted. -- Christian Kivalo

Re: Commenting multi line option

on of the main.cf file format see http://www.postfix.org/postconf.5.HTML -- Christian Kivalo

Re: Postfix does not authenticate to relayhost

curity_options = noanonymous smtpd_tls_security_level = encrypt In your local config have you set smtp_sasl_auth_enable = yes ? Thanks, Florian -- Christian Kivalo

Re: WG: Reject but styl connection established

ss, > > > >smtpd_recipient_restrictions = permit_mynetworks, > >check_client_access hash:/etc/postfix/access, > >check_recipient_access hash:/etc/postfix/access, > >.. You did postmap /etc/postfix/access file after adding the IP? -- Christian Kivalo

Re: Try dane and still got "Untrusted TLS connection..."

onfig setup and Dane checking systems can utilize Dane to verify your certs. You will only have "verified" in your logs when you /send/ mail to a Dane enabled domain. Try this service to check your outbound Dane config: https://havedane.net/ >Thanks. > >Gao -- Christian Kivalo

Re: address extension fails for mailman

On 2017-09-29 10:07, thorthor wrote: This post should contain the log and main.cf. Don't attach, post inline -- Sent from: http://postfix.1071664.n5.nabble.com/Postfix-Users-f2.html -- Christian Kivalo

Re: Communication between Postfix and Dovecot LDA

ltelecom.cz Dial Telecom, a.s. Jednoduše se připojte ------- -- Christian Kivalo

Re: postfix/postfix-script[6735] error: unknown command: 'quiet-quick-start'

best bet is to remove the existing init script for postfix and create a systemd unit for your needs. -- Christian Kivalo

Re: Letsencrypt tip

for submission on port 587 with starttls: openssl s_client -connect yourdomain.tld:587 -starttls smtp -servername yourdomain.tld 2>/dev/null | openssl x509 -noout -dates https://community.letsencrypt.org/t/it-there-a-command-to-show-how-many-days-certificate-you-have/11351/2 -- Christian Kivalo

Re: 451 4.3.5 Server configuration error

_ Daniel A. Rodriguez Departamento de Tecnología para la Gestión Escuela Provincial de Educación Técnica N° 1 Posadas - Misiones - Argentina (0376) 443-8578 www.epet1.edu.ar -- Christian Kivalo

Re: 451 4.3.5 Server configuration error

'm trying to achieve is to get dkim validation working, following this guide https://wiki.debian.org/opendkim It helps to show your configuration. See http://www.postfix.org/DEBUG_README.html#mail Send the output of postconf -n postconf -Mf regards in advance -- Christian Kivalo

Re: sender_access question

dom unknown_address_reject_code = 550 unknown_client_reject_code = 550 unknown_hostname_reject_code = 550 unknown_local_recipient_reject_code = 550 virtual_alias_maps = hash:/etc/postfix/virtual virtual_transport = dovecot thanks for any support. Mark -- Sent from: http://postfix.1071664.n5.nabble.com/Postfix-Users-f2.html -- Christian Kivalo

Re: postfix log in mysql

s absorbing your logs with mysql additionally you could keep logging to file and have your logs as normal. >rgds -- Christian Kivalo

Re: pickup/maildrop being used to spam through my machine.

26:17 adore2 postfix/pickup[14251]: A53092B00E3: uid=48 >from= >Jun 12 05:26:17 adore2 postfix/pickup[14251]: BEAB72B00E7: uid=48 >from= >Jun 12 05:26:17 adore2 postfix/pickup[14251]: CA9F42B00EC: uid=48 >from= >... on and on and on thousands etc. -- Christian Kivalo

Re: gmail servers on blacklists?

it automatically is on a todo list ;) Thanks. Dave. On 3/17/17, Christian Kivalo <ml+postfix-us...@valo.at> wrote: On 2017-03-17 22:12, David Mehler wrote: Hello, I'm starting to see blocks on my messages to my mail server. For some reason postscreen is not letting any gmail servers sen

Re: gmail servers on blacklists?

/stevejenkins/postwhite to whitelist gmail. The map is created by postwhite from gmails spf records. -- Christian Kivalo

Re: Question on embedded variables in postconf command

Am 7. März 2017 20:00:55 MEZ schrieb Robert Moskowitz : >After a bit of reflection, I may have asked the wrong question. Perhaps > >a better question is does the substitution take place on processing the > >option? What about testing the assumption? Build the configuration

Re: dovecot cram-md5 setting break sending emails

am / Best Regards _Piotr Bracha_ tel. 534 555 877 ser...@poliman.pl -- Pozdrawiam / Best Regards _Piotr Bracha_ tel. 534 555 877 ser...@poliman.pl Links: -- [1] http://master.cf [2] http://www.postfix.org/DEBUG_README.html [3] http://main.cf -- Christian Kivalo

Re: send an email with specified sender/recipient address to different servers

her system "host2" ? How to properly do it ? i think sender_dependent_transport_maps should do it http://www.postfix.org/postconf.5.html#sender_dependent_default_transport_maps Thanks in advance for Your support. Cheers Zalezny Links: -- [1] http://domain.com -- Christian Kivalo

Re: Postfix, Dmarc, and Dkim for multiple domains

th 6 domains for which I dkim sign and i receive for 11 domains. The AuthservID is the receiving systems hostname (postfix $myhostname and the real fqdn are the same, did not test which name is used when they differ) -- Christian Kivalo > >Thanks. >Dave.

Re: SASL LOGIN authentication failed: no mechanism available

install the package libsasl2-modules -- Christian Kivalo

Re: can't get postfix to send on port 587

ctions # -o smtpd_helo_restrictions=$mua_helo_restrictions # -o smtpd_sender_restrictions=$mua_sender_restrictions # -o smtpd_recipient_restrictions= # -o smtpd_relay_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING -- Christian Kivalo

Re: SSL_accept error from other MTA

le = /privkey.pem >smtpd_tls_loglevel = 0 >smtpd_tls_received_header = no >smtpd_use_tls = yes >tls_random_source = dev:/dev/urandom You could set smtpd_tls_loglevel = 1 and get some more information on the next connection attempt. Without knowing more details i'd say you have no cipher in common, that could be when you're dealing with an ancient version of exchange or some crappy middlebox. -- Christian Kivalo

Re: Dovecot + Postfix: virtual users Mailbox folder

m on Ubuntu 16.04 LTS). Hard to guess an answer... Show logs for one message and the output of postconf -n. -- Christian Kivalo > > > >-- >View this message in context: >http://postfix.1071664.n5.nabble.com/Dovecot-Postfix-virtual-users-Mailbox-folder-tp88255.html >Sent f

Re: Forwarding all mail to office365.com exchange server.

.n5.nabble.com/Forwarding-all-mail-to-office365-com-exchange-server-tp87986p88226.html Sent from the Postfix Users mailing list archive at Nabble.com. -- Christian Kivalo

Re: Suppress connection logging for IP

at is not needed. How would I go >about suppressing the connect from... / disconnect from... log entry >for this particular IP? Configure your syslog daemon to discard these messages from the stream. > >Thanks in advance, > >Ray -- Christian Kivalo

Re: Open relay

gt; permit > >permit after all ? Yes. - Permit the stuff that shouldn't be rejected (mynetworks, sasl authenticated) - Perform various checks and reject the things you don't like - Permit everything that made it through that obstacle course -- Christian Kivalo

Re: Hardening relay and sender-specified routing

fe of me I cannot figure >it >out. Please post postconf -n and of you have logs for one of those messages entering your system > >Thanks, >Ross. -- Christian Kivalo

Re: WoSign/StartCom CA in the news

Am 28. September 2016 10:25:42 MESZ, schrieb li...@lazygranch.com: >I don't want take this thread off course, but suggestions for low cost >certs would be appreciated. I don't like how Let's Encrypt works, else >that would be the obvious solution.  I get mine through https://www.ssls.com

Re: greylist doesn't seem to be working? Setup correctly.

-- Christian Kivalo

Re: Is there a Check my IPv6 Email server out there anywhere?

eachable on that address? Can you ping6 e.g. www.google.com from your server? Take a look at http://www.postfix.org/postconf.5.html#inet_protocols Please share your postconf -n Thanks Robert Links: -- [1] http://en.internet.nl -- Christian Kivalo

RE: Need clarification of lookup table result values

uld text follow the reject? Also, I can't find anywhere that says if the case matters. Is "PERMIT" equivalent to "permit"? Thanks, Michael -- Christian Kivalo

Re: Blocking email from specific IPs

On 2016-05-14 21:27, Viktor Dukhovni wrote: On May 14, 2016, at 3:21 PM, Christian Kivalo <ml+postfix-us...@valo.at> wrote: smtpd_recipient_restrictions = ... check_client_access hash:/etc/postfix/client_checks, ... $ cat /etc/postfix/client_

Re: Blocking email from specific IPs

did you check it's working/not working? Cheers, Noah -- Christian Kivalo

Re: Goal: Setup transport that runs a header check to strip out specific header for emails from specific source

On 2016-05-07 19:16, /dev/rob0 wrote: On Sat, May 07, 2016 at 11:05:07AM +0200, Christian Kivalo wrote: On 2016-05-07 10:27, Viktor Dukhovni wrote: >On Sat, May 07, 2016 at 09:59:00AM +0200, Christian Kivalo wrote: > >>>Looking at those emails, I see that >>>calendar

Re: Goal: Setup transport that runs a header check to strip out specific header for emails from specific source

On 2016-05-07 10:27, Viktor Dukhovni wrote: On Sat, May 07, 2016 at 09:59:00AM +0200, Christian Kivalo wrote: >Looking at those emails, I see that calendar-notificat...@google.com is >the source address. I added the entry to my check_sender_access table >with an action of 'FIL

Re: Goal: Setup transport that runs a header check to strip out specific header for emails from specific source

to test it tough... http://www.postfix.org/RESTRICTION_CLASS_README.html Thanks in advance for your help! -- Christian Kivalo

Re: Postfix error 450 4.7.1 Sender address rejected: Access denied

Am 5. Mai 2016 18:30:40 MESZ, schrieb "James B. Byrne" <byrn...@harte-lyne.ca>: > >On Thu, May 5, 2016 12:11, Christian Kivalo wrote: >> >> >> Am 5. Mai 2016 17:34:36 MESZ, schrieb "James B. Byrne" >> <byrn...@harte-lyne.ca>: >>

Re: Postfix error 450 4.7.1 Sender address rejected: Access denied

Am 5. Mai 2016 17:34:36 MESZ, schrieb "James B. Byrne" : >Can anyone clue me in on what configuration issue might be causing >this and whose configuration it is, mine or theirs? > >postfix-p25/smtpd[18149]: NOQUEUE: reject: RCPT from

Re: Policyd-spf and RBL white listing

, reject_rbl_client zen.spamhaus.org, smtpd_recipient_restrictions = ... rbl_exclude1, ... See also http://www.postfix.org/RESTRICTION_CLASS_README.html -- Christian Kivalo

Re: NEWSFLASH: DANE TLSA records published for web.de!

>> There are 165 "postfix-users" subscriber domains that have MX >> records and MX hosts in DNSSEC signed zones. You've done the hard >> part of deploying DNSSEC, deploying DANE TLSA for email is >> comparatively simple. > >One would think so, but: I asked my main domain provider

Re: Thousands of login attempts

Am 21. März 2016 00:59:36 MEZ, schrieb "@lbutlr" <krem...@kreme.com>: >On Sun Mar 20 2016 16:01:44 Christian Kivalo <ml+postfix-us...@valo.at> >said: >> >>>> One minor comment: I would not even offer AUTH on port 25. >>> >>> I

Re: Thousands of login attempts

>> One minor comment: I would not even offer AUTH on port 25. > >I don’t. I offer opportunistic TLS on port 25 for SMTPd. All mail >submission have to be on port 587. You do. valo@uschi:~ $ telnet mail.covisp.net 25 Trying 65.121.55.42... Connected to mail.covisp.net. Escape character is '^]'.

Re: Postfix message_size_limit

Am 19. März 2016 20:22:13 MEZ, schrieb Daniel Wasilewski : >Hi, > >At the beginning it's my first email on mailing list, so if I does >wrong >please forgive me. > >Is somebody can explain why postfix still using default values ? > >root@vps1:~# postconf -e

Re: Postifix 2.11.3 sends some mails (not spam) to postmater@

Am 17. März 2016 14:34:32 MEZ, schrieb Josef Karliak : > Hi, > I found that only emails with "dmarc=fail" in the headers are sent to >postmaster - as it is defined in our dmarc record, but that should be >statistics, not emails... > Thanks and best resgards > J.K. Do

Re: How can I block this user...

virtual_uid_maps = static:5000 thanks Robert Chalmers -- Christian Kivalo

Re: SOLVED: Re: mail sent via sendmail is queued and delayed for approx. 300 seconds

overrides the obsolete parameters smtpd_use_tls and smtpd_enforce_tls. This parameter is ignored with "smtpd_tls_wrappermode = yes". - Thank you for your patience and help! Regards Dietrich -- Christian Kivalo

Re: Postfix Mailman integration

or FARM ANIMALS and and extermination camps, but incompatible with living as a free human being. -RI Safir 2013 -- Christian Kivalo

Re: A bug, maybe?

ct_rbl_client zen.spamhaus.org, reject_rbl_client b.barracudacentral.org -- Curtis Maurand cur...@maurand.com 207-252-7748 -- Christian Kivalo

Re: Suppress logs for monitor connections

Am 19. Februar 2016 20:32:20 MEZ, schrieb Ray Dzek : >We are load balancing our Postfix servers and as part of that there is >a connection test to ensure the services are running. So the logs fill >with connection checks. Is there a way to suppress those connections

Re: Can't get mynetworks to match a specific host

master.cf. Take a look at http://www.postfix.org/DEBUG_README.html#mail this should clarify what is helpful to others when asking on the mailinglist. -- Christian Kivalo

Re: Clarification - How can/could I redirect based upon sender.

Am 13. Februar 2016 06:30:30 MEZ, schrieb "John A @ KLaM" : > >> Am 13. Februar 2016 00:05:53 MEZ, schrieb John : >>>Is it possible to redirect mail based upon sender. >> >> What about sender_bcc_maps >> http://www.postfix.org/postconf.5.html#sender_bcc_maps ? >> >>>

Re: Outbound TLS

Am 13. Februar 2016 11:10:25 MEZ, schrieb Joy : >May i know how can i force postfix to use TLS if remote MTA advertises >STARTTLS on port 25 to connect to remote server ? > >I am already using TLS and connecting from outlook is working >perfectly, >but when sending mail

Re: How can/could I redirect based upon sender.

Am 13. Februar 2016 00:05:53 MEZ, schrieb John : >Is it possible to redirect mail based upon sender. What about sender_bcc_maps http://www.postfix.org/postconf.5.html#sender_bcc_maps ? > >I need to redirect email from j...@example.com which would normally be >sent >to

Re: Client Certificate Authentication for Auth Only

On 2016-02-01 19:39, Haravikk wrote: Hi there, Hi, I’m trying to configure client certificate authentication such that it is only required for users (with valid username/password) when sending e-mail *from* my mail server. Where do you set it? However, setting smtpd_tls_req_ccert = yes

Re: postfix installation and make error (ATTENTION: Unknown system type)

On 2016-01-22 10:44, timos wrote: I'm new to Postfix. I tried to compile postfix-2.11.3 but ran into an error and failed with following message: Why don't you compile postfix 3.x? make -f Makefile.in MAKELEVEL= Makefiles (echo "# Do not edit -- this file documents how Postfix was built for

Re: Postfix Postscreen Pregreet Test

Am 23. Jänner 2016 04:30:02 MEZ, schrieb Nguyen Nang Thang : >- Original Message - >> From: "Wietse Venema" >> To: "Postfix users" >> Sent: Saturday, January 23, 2016 9:57:40 AM >> Subject: Re: Postfix

Re: body_checks with postscreen. Test works at blocking, but 'real mail' slips through?

Save the message to a file. And test like this: % postmap -q - pcre:/etc/postfix/body_checks.pcre So does this. cat << EOF > /tmp/testfile TEST BAD CONTENT EOF postmap -q - pcre:/etc/postfix/body_checks.pcre You could use the message file from your imap server or look at the raw message

Re: Postfix 3.0 also introduces inline:

On 2015-11-17 12:08, Postfix User wrote: Okay, I suppose I don't pay as close attention to release announcements as I should. I noticed this is another post recently: Postfix 3.0 also introduces inline: tables whose keys and values are stored inside main.cf I did not see any documentation

RE: rejecting email from specific domains

Am 17. November 2015 06:31:23 MEZ, schrieb Chris Boylan : >So if I build a one line /etc/postfix/access with >.xyz REJECT > >and use smtpd_sender_restrictions=check_sender_access > You have to add the path to the access map, e.g. you postmap the

Re: Weak Ciphers

Hi John, On 2015-11-08 13:52, John Allen wrote: I ran the ssl-tools tests on my mail server. Everything seems to be OK, BUT it reports that i am using a weak cipher "ECDHE_RSA_WITH_RC4_128_SHA"! So I sat down and googled - postfix/dovecot/apache - ciphers suites/recommendations less than one

Re: OpenDKIM

Hi On 2015-11-07 14:30, John Allen wrote: Interesting! I tried a couple of DKIM test sites, one says I am signing my emails, the other says I am not!! Mailradar say I am not signing! DKIMValidator say I am! They are both right. Mailradar checks for DomainKeys (rfc4870) signatures,

Re: OpenDKIM

On 2015-11-07 16:41, Mike wrote: On 11/7/2015 9:09 AM, Steve Jenkins wrote: On Saturday, November 7, 2015, John Allen > wrote: Interesting! I tried a couple of DKIM test sites, one says I am signing my emails, the other says I am not!!

Re: This maybe off topic, but could somebody tell me what i am doing wrong?

On 2015-10-21 01:51, John Allen wrote: I have not looked at the code, so I am guessing, but it seems that mail/mailx hadle a continuous block of text differently to a multi-line block. I am not competent to decide if the as it should be or not. I have a script that checks for various

Re: This maybe off topic, but could somebody tell me what i am doing wrong?

On 2015-10-20 12:38, John Allen wrote: That is in fact what is installed. Mail and mailx are symlinks to heirloom-mailx. True, symlinked to the same binary. Just tried your initial command. The resulting email has the text "message text" in the body when run as echo "message text \r" |

Re: This maybe off topic, but could somebody tell me what i am doing wrong?

Am 20. Oktober 2015 02:58:43 MESZ, schrieb John Allen : >That should say echo -e "message text \r" | >Sorry about that I'd recommend you install the package heirloom-mailx, it's much more flexible in what you can do with it. Regards Christian

Re: Helo command rejected: need fully-qualified hostname; 504 5.5.2

Hi, On 2015-10-13 05:22, Richard B. Pyne wrote: I am running postfix 2.10.1, dovecot 2.2.10, with postfixadmin and maia mailguard. I am trying to figure out how to disable the HELO/EHLO reject_non_fqdn_hostname on the submission port since many (most) desktop and laptop clients don't send it.

Re: Error: queue file write error

Am 10. Oktober 2015 17:53:12 MESZ, schrieb Dan Lists : >I am receiving the transcript file with the error "Error: queue file >write >error." It appears that postfix is timing out the connection after 10 >minutes. The thing that disturbs me is that nothing is logged. Is

Re: postgresql table does not exist error

Hi, >the postfix file (/etc/postfix/pgsql-aliases.cf) has this > >hosts = /run/postgresql/ You should specify the socket to use. >From http://www.postfix.org/pgsql_table.5.html hosts The hosts that Postfix will try to connect to and query from. Specify unix: for UNIX-domain sockets,

Re: Dynamic 'myhostname'

Am 10. September 2015 23:13:59 MESZ, schrieb Mick : >On 10/09/2015 21:13, Wietse Venema wrote: >> Mick: >>> Hi, >>> >>> I'm trialling DMARC to two of my domains. On checking the results >when >>> posting from the secondary domain I receive 'SPF Domain Alignment >Result >>>

Re: making relay access denied permanent

Hi, On 2015-09-05 14:07, A. Meyer wrote: Hello! # postconf mail_version mail_version = 2.11.3 I have this in my log this morning: Sep 5 08:05:46 bitmachine1 postfix/smtpd[7475]: NOQUEUE: reject: RCPT from unknown[14.215.136.46]: 454 4.7.1 : Relay access denied;

Re: DKIM DNS record

On 2015-09-02 10:29, Martin Skjöldebrand wrote: Quoting Steve Jenkins : On Wed, Aug 19, 2015 at 10:07 AM, Martin Skjöldebrand wrote: Following the tutorial here:

  1   2   >