=2Ehphj6VTtfMpJBc8EZ5owao9LT
disconnect from localhost.localdomain[127.0.0.1]:54612 helo=1 commands=1
Adding it consequently to all services even thouse that have not been shown
here in the example.
Feedback very welcome. Thanks in advance
Christian Rößner
--
Rößner-Network-Solutions
Zertifizierter ITSiBe / CISO
Karl
to help make it better ;-)
Hope you enjoy
https://gitlab.roessner-net.de/croessner/geoip-policyd
Christian Rößner
--
Rößner-Network-Solutions
Zertifizierter ITSiBe / CISO
Karl-Bröger-Str. 10, 36304 Alsfeld
Fax: +49 6631 78823409, Mobil: +49 171 9905345
USt-IdNr.: DE225643613, https://roessner.website
lower or larger than 1h.
And of course: Everyone can decide by its own, if he has a use case for this
service or not.
Christian Rößner
--
Rößner-Network-Solutions
Zertifizierter ITSiBe / CISO
Karl-Bröger-Str. 10, 36304 Alsfeld
Fax: +49 6631 78823409, Mobil: +49 171 9905345
USt-I
> Am 08.03.2019 um 13:26 schrieb Wietse Venema :
>
> Which distro ships with Linux 5.x kernels? I want to install that
> distribution in a VM for tests. I am not interested in a FrankenLinux
> where I have to assemble different parts from different providers.
> Last time I asked I did not get a
Hi,
> Am 31.03.2017 um 10:48 schrieb Christian Rößner
> :
>
> Hi,
>
>> Am 30.03.2017 um 17:25 schrieb Viktor Dukhovni :
>>
>>
>>> On Mar 30, 2017, at 11:15 AM, Christian Rößner
>>>
> Am 20.07.2016 um 18:31 schrieb Patrick Ben Koetter :
>
> * Wietse Venema :
>> Dominik Chilla:
>>> Hello together,
>>>
>>> my postfix setup (submission-relay only!) requires an authenticated
>>> (SMTP-AUTH plain/login) sender. Further it checks if the
> Am 20.07.2016 um 17:59 schrieb Robert Schetterer <r...@sys4.de>:
>
> Am 20.07.2016 um 09:17 schrieb Christian Rößner:
>> Hi,
>>
>> I was interested which spamassassin (including dspam) and rspamd rules are
>> used in my mail system and I needed some s
Hi,
I was interested which spamassassin (including dspam) and rspamd rules are used
in my mail system and I needed some statistical output. For this, I have
written two little helper scripts that can be put into logrotate. They will
produce reports for each filter.
Hi Robert :-)
> Am 13.07.2016 um 17:51 schrieb Robert Schetterer <r...@sys4.de>:
>
> Am 13.07.2016 um 15:45 schrieb Christian Rößner:
>> Hi,
>>
>> I developed a S/MIME signing milter that can be used with Postfix. It
>> features a simple map fil
> Am 13.07.2016 um 16:16 schrieb Benny Pedersen <m...@junc.eu>:
>
> On 2016-07-13 16:08, Christian Rößner wrote:
>
>>> I tested it on Mac OS X and Gentoo Linux. Readmes and Man-pages are
>>> included. Feel free to give it a try:
>>> https://
> I developed a S/MIME signing milter that can be used with Postfix. It
> features a simple map file, where you can define email addresses and
> corresponding certs/keys. If a mail arrives, the milter checks the MAIL FROM
> address and looks up the map file. If it finds a record, it signs the
Hi,
I developed a S/MIME signing milter that can be used with Postfix. It features
a simple map file, where you can define email addresses and corresponding
certs/keys. If a mail arrives, the milter checks the MAIL FROM address and
looks up the map file. If it finds a record, it signs the mail
Hi,
just a short question:
If enabling smtputf8_enable feature in Postfix, is this compatible with
milters? The most common library is libmilter and I have no idea, what exactly
this Postfix feature means? By asking, I think about two callbacks in libmilter:
xxfi_header(SMFICTX *ctx, char
-
> /^My-SPAM-Flag:.+Yes$/i FILTER discard:
> -
>
> You might need to place the header_checks inside master.cf. It depends on
> your setup.
>
> Maybe this works for you
>
> Christian
—
Christian Rößner B.Sc.
Erle
---
You might need to place the header_checks inside master.cf. It depends on your
setup.
Maybe this works for you
Christian
—
Christian Rößner B.Sc.
Erlenwiese 14, 36304 Alsfeld
T: +49 6631 78823400, F: +49 6631 78823409, M: +49 171 9905345
USt-IdNr.: DE225643613, http://www.roessner-network-sol
> Am 07.05.2016 um 22:37 schrieb Viktor Dukhovni <postfix-us...@dukhovni.org>:
>
>
>> On May 7, 2016, at 8:08 AM, Christian Rößner
>> <c...@roessner-network-solutions.com> wrote:
>>
>> At the moment it works with all components, but only with:
>
Hi Michael,
> Christian Rößner wrote:
>> I use OpenLDAP with Postfix. Today I tried to make OpenLDAP more secure by
>> requiring TLSv1.2. At this point Postfix stopped working.
>
> I set TLSProtocolMin 3.3 (requires TLS 1.2) in my slapd.conf and ldap table of
> postfix
Hi,
I use OpenLDAP with Postfix. Today I tried to make OpenLDAP more secure by
requiring TLSv1.2. At this point Postfix stopped working.
I miss something like tls_protocols in ldap_table(5)
It would be nice to add this feature.
Thanks in advance
Christian
—
Christian Rößner B.Sc.
Erlenwiese
as you can read in this new bug report that I submitted:
GNU debugger employed via Postfix crashed PaX hardened kernel
https://bugs.gentoo.org/show_bug.cgi?id=541104
also:
GNU debugger checking for PaX and refusing to work with it
https://forums.gentoo.org/viewtopic-t-1011162.html
Am 11.02.2015 um 17:35 schrieb Mohammad Isargar m.isarga...@gmail.com:
Hi there,
We have a situation where Postfix installed with a single domain, serving a
subnet of local LAN users and SASL authentication enforced in order to send
emails.
Even though that we know that the actual
Am 08.02.2015 um 23:29 schrieb Wietse Venema wie...@porcupine.org:
[An on-line version of this announcement will be available at
http://www.postfix.org/announcements/postfix-3.0.0.html]
Postfix stable release 3.0.0 is available. This release ends support
for Postfix 2.8.
Thanks very
Am 05.02.2015 um 13:20 schrieb Benny Pedersen m...@junc.eu:
Christian Rößner skrev den 2015-02-05 12:07:
I am using Gentoo hardening:
rns root@mx ~ # gcc-config -l
[1] x86_64-pc-linux-gnu-4.8.3 *
this is not hardened profile
Sorry, if I correct you (hopefully I am right
Am 05.02.2015 um 06:51 schrieb Viktor Dukhovni postfix-us...@dukhovni.org:
On Thu, Feb 05, 2015 at 01:04:58AM +, Viktor Dukhovni wrote:
On Wed, Feb 04, 2015 at 01:12:16PM -0500, Wietse Venema wrote:
Very lighty-tested patch follows. No INSTALL documentation until
this has been
Am 03.02.2015 um 11:53 schrieb Marcus Bointon marcus.boin...@gmail.com:
On 3 Feb 2015, at 11:25, Christian Rößner
c...@roessner-network-solutions.com wrote:
php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f
foo...@example.org
Don't put a space between the `-f
Am 03.02.2015 um 13:17 schrieb Danny mynixm...@gmail.com:
Hi Guys,
I have postfix setup on a Debian system that manages all my mail. However,
whenever php is sending mail it sends it under user www-data. I tried
changing
the headers in php but it remains the same.
Is there someway I
RFC 2821 (SMTP protocol)
--== RFC 2920 (SMTP Pipelining) ==—
Ok, I missed that, but…
Ok, just looked at the RFC. I thought, it required a initial command, but it
doesn’t ;-) Simply start pipelining, …
Thanks
Christian
--
Bachelor of Science Informatik
Erlenwiese 14, 36304 Alsfeld
T:
Am 01.02.2015 um 13:58 schrieb Wietse Venema wie...@porcupine.org:
Christian R??ner:
I searched allover the docs, but could not find information, if
the smtp-client of Postfix can do the PIPELIING extension.
Have you tried man 8 smtp“?
Yes
Wietse
SMTP(8)
Hi,
I searched allover the docs, but could not find information, if the smtp-client
of Postfix can do the PIPELIING extension.
I have two Postfix instances on the same host. One is MX-out and the other one
is a MSA for clients. The MSA uses dane-only, while the server has the
fingerprint of
Am 27.01.2015 um 17:53 schrieb rupesh chandurkar
rupesh_chandur...@rediffmail.com:
How I can verify my postfix is integrate with Policyd.
postconf -n
There must be some check_policy_service somewhere.
smtpd_recipient_restrictions =
…
check_policy_service …
Also check with
lsof
Am 18.01.2015 um 23:27 schrieb m...@ruggedinbox.com:
Return-Path: vm...@ruggedinbox.com
Delivered-To: m...@ruggedinbox.com
Received: from localhost (localhost.localdomain [127.0.0.1])
by ruggedinbox.com (Postfix) with ESMTP id 7693331405C7
for m...@ruggedinbox.com; Sun, 18 Jan
Am 18.01.2015 um 15:20 schrieb SW post...@bsdpanic.com:
policyd-spf unix - n n - 0 spawn
user=nobody argv=/usr/local/bin/policyd-spf
I use this:
policyd-spf unix -n n - 0 spawn
user=nobody argv=/usr/bin/policyd-spf
Change permissions to 700 and ran the script. It gave no errors, which is
good. However, using ss to check which ports are in use doesn't show port
12000(Which I would expect)
lsof -Pni :12000
Christian
--
Bachelor of Science Informatik
Erlenwiese 14, 36304 Alsfeld
T: +49 6631 78823400, F:
Hi,
using dmarc milter sometimes causes hold action
like i.e ( failure pruduced by myself only for demonstrate )
2015-01-13T10:46:09.372033+01:00 mail opendmarc[15158]:
3kM6Nw3sCTzDdG2l: amazon.com fail
2015-01-13T10:46:09.411674+01:00 mail postfix/cleanup[3532]:
3kM6Nw3sCTzDdG2l:
Hi,
I am looking how to use ppymilter in Postfix. Using pymilter is explained in
the Postfix docs ( http://www.postfix.org/MILTER_README.html#config ) , but I
can't find how to do the same for ppymilter. Anyone can send me in the right
direction ?
Is pymilter the C-binding version for
Am 21.12.2014 um 10:13 schrieb Jonathan K. Tullett
jonathan+postfix@dda.systems:
Greetings,
I've been using Postfix for many years - since about 2002 - and I've finally
come across a problem I've not been able to resolve by searching online, or
from tapping into my personal network.
Am 18.12.2014 um 09:26 schrieb HugoH hugo.henea...@gmail.com:
Dec 18 09:08:18 sd-60799 postfix/smtp[17808]: connect to
gmail-smtp-in.l.google.com[2a00:1450:400c:c00::1a]:25: Connection timed out
Dec 18 09:08:19 sd-60799 postfix/smtp[17808]: 4176314805C0:
If I follow this list correctly,
Hi,
Am 15.12.2014 um 06:15 schrieb Benny Pedersen m...@junc.eu:
On 15. dec. 2014 00.21.30 Christian Rößner
c...@roessner-network-solutions.com wrote:
Thanks. That was what I thought. People using the header-from field. But I
couldn’t believe that. But now that you gave me this feedback
Hi,
Am 15.12.2014 um 06:27 schrieb Benny Pedersen m...@junc.eu:
On 15. dec. 2014 01.19.02 Christian Rößner
c...@roessner-network-solutions.com wrote:
https://datatracker.ietf.org/doc/draft-kucherawy-dmarc-base/?include_text=1
2. Receivers compare the RFC5322 From: address in the mail
Hi,
I have a trivial question, which could become a wish list feature.
There are three MTAs. First is a web server postfix instance that relates all
mail to the second MTAS, a relay server, which can send mail directly to the
world. This relay server and a third MTA are two postfix multi
Hi,
sorry, if this question might be a little off-topic, but I really do not
understand some DMARC reports that I receive in conjunction to this mailing
list and maybe someone can help me in digging down the problem:
?xml version=1.0 encoding=UTF-8 ?
feedback
report_metadata
Am 14.12.2014 um 23:53 schrieb Wietse Venema wie...@porcupine.org:
Christian R??ner:
sorry, if this question might be a little off-topic, but I really
do not understand some DMARC reports that I receive in conjunction
to this mailing list and maybe someone can help me in digging down
the
Am 14.12.2014 um 23:56 schrieb li...@rhsoft.net:
i guess that fools apply the SPF test to the From-Header instead to the
envelope, frankly Barracuda Networks does the same for Spoofing-Protection
because customers complained
without knowing details i would suggest the problem is on the
Am 15.12.2014 um 00:36 schrieb Wietse Venema wie...@porcupine.org:
Christian R??ner:
Am 14.12.2014 um 23:53 schrieb Wietse Venema wie...@porcupine.org:
Christian R??ner:
sorry, if this question might be a little off-topic, but I really
do not understand some DMARC reports that I
Am 10.12.2014 um 20:17 schrieb Peter Volkov p...@gentoo.org:
We use smtplib in python to send mail through postfix.
I attach a very simple example which I use in Zabbix, writtien in Python.
Best wishes
Christian
#!/usr/bin/env python2.7
import os
import sys
import smtplib
import time
Hi,
simple question:
at which point adds Postfix the Return-Path header? Which component is doing
that?
Is it also possible to see this header in a milter? In my tests on a submission
connector, I do not get this header.
Background to my question: If I really want to do SPF/DKIM/DMARC checks
Hi Robert :-)
Am 02.12.2014 um 11:28 schrieb Robert Schetterer r...@sys4.de:
Am 02.12.2014 um 10:41 schrieb Christian Rößner:
Hi,
simple question:
at which point adds Postfix the Return-Path header? Which component is doing
that?
Is it also possible to see this header in a milter
Am 02.12.2014 um 11:48 schrieb li...@rhsoft.net:
Am 02.12.2014 um 11:39 schrieb Christian Rößner:
what for mails from ourself to the world?
Maybe reject_sender_login_mismatch
that should be mandatory as well as the general rule do not allow senders
you would accept incoming mail
Am 02.12.2014 um 11:58 schrieb Christian Rößner
c...@roessner-network-solutions.com:
Am 02.12.2014 um 11:48 schrieb li...@rhsoft.net:
Am 02.12.2014 um 11:39 schrieb Christian Rößner:
what for mails from ourself to the world?
Maybe reject_sender_login_mismatch
that should
This server already has two ip addresses and routing can not be done on
answer decisions. That exactly is the problem here.
And the main MTA on port 25 enforces a policy.
As you told in a previus message you run multiple instances on one host.
I assume you have a clean setup about which
Am 28.11.2014 um 20:26 schrieb Wietse Venema wie...@porcupine.org:
Christen R??ner:
I look for:
Table:
LhsRhs
mx.some.mtasmtp:[mx.whatever.tld]:1234
I have implemented smtp_dns_reply_filter (currently, testing), which
matches a resource record
Am 28.11.2014 um 20:50 schrieb li...@rhsoft.net li...@rhsoft.net:
Am 28.11.2014 um 20:45 schrieb Christian Rößner:
Am 28.11.2014 um 20:26 schrieb Wietse Venema wie...@porcupine.org:
Christen R??ner:
I look for:
Table:
LhsRhs
mx.some.mtasmtp
Am 21.11.2014 um 22:06 schrieb Wietse Venema wie...@porcupine.org:
check_recipient_access static:{reject you did this or that ...}
I'll post a patch in a little while. This takes four lines of code.
I would love to see this. I use current snapshots here, so I can use it, if it
has been
Am 21.11.2014 um 23:23 schrieb Wietse Venema wie...@porcupine.org:
Wietse Venema:
A. Schulze:
wish
smtpd_recipient_restrictions =
check_foo_to_allow_something,
reject you did this or that wrong, call +49 ... for assistance
/wish
Is that possible?
Am 22.11.2014 um 10:11 schrieb Christian Rößner
c...@roessner-network-solutions.com:
I’ll give it a try.
…
- STARTTLS
- 220 2.0.0 Ready to start TLS
=== TLS started with cipher TLSv1:DHE-RSA-AES256-SHA:256
=== TLS no local certificate set
=== TLS peer DN=/OU=Go to
https://www.thawte.com
Am 22.11.2014 um 11:38 schrieb li...@rhsoft.net:
surely - a footer is a footer and because it comes *everywhere* at the end it
contains the neutral part of the message like contact and so on
if you don#t want smtpd_reject_footer don't configure it
Yes, you are right. Sorry
Am 22.09.2014 um 22:11 schrieb Wietse Venema wie...@porcupine.org:
Subin K S:
hi,
I've compiled and installed postfix 2.11 on Debian7, from source. Now when
I try to send an email using to an extrernal address from teh command line
it errs out as follows:
Sep 22 15:44:57 server1
Am 23.09.2014 um 01:33 schrieb Wietse Venema wie...@porcupine.org:
Viktor Dukhovni:
On Mon, Sep 22, 2014 at 11:41:00AM -0400, Wietse Venema wrote:
This time PLEASE refrain from sidetracking the discussion. I want
to know what will break when the default changes, if that is not
too much to
Hi,
I read the RELEASE_NOTES and tried to modiy one milter. But I get warnings in
the logs:
Sep 23 21:08:46 mx postfix/smtpd[31857]: warning: invalid transport name: {inet
in Milter service: {inet:[::1]:30071
Sep 23 21:08:46 mx postfix/smtpd[31857]: warning: Milter service needs
Am 23.09.2014 um 21:27 schrieb Wietse Venema wie...@porcupine.org:
Christian R??ner:
In the RELEASE_NOTES:
- Milter clients and policy clients with non-default settings:
smtpd_milters = {inet:host:port, timeout=xxx, default_action=yyy}, ?
How is that meant?
It is meant as follows:
Am 16.09.2014 um 21:42 schrieb Viktor Dukhovni postfix-us...@dukhovni.org:
On Tue, Sep 16, 2014 at 09:28:11PM +0200, li...@rhsoft.net wrote:
# block windows executables PCRE
/^\s*Content-(?:Disposition|Type): # Header label
(?:.*?;)? \s* # Any prior
Am 17.09.2014 um 10:02 schrieb Christian Rößner
c...@roessner-network-solutions.com:
/xREJECT blocked filename ${1}
Missing indention here. Got it. Thanks
Christian
--
Bachelor of Science Informatik
Erlenwiese 14, 36304 Alsfeld
T: +49 6631 78823400, F: +49 6631 78823409
= yes
smtpd_tls_security_level = encrypt
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_session_cache
sogo_roessner_net_de = 193.239.107.43
syslog_name = postfix-submission
tls_preempt_cipherlist = yes
tls_ssl_options = no_ticket, no_compression
Thanks in advance
-Christian
) session
tickets are managed correctly.
Thanks a lot for this. I will correct it.
-Christian Rößner
--
Bachelor of Science Informatik
Erlenwiese 14, 36304 Alsfeld
T: +49 6631 78823400, F: +49 6631 78823409, M: +49 171 9905345
USt-IdNr.: DE225643613, http://www.roessner-network-solutions.com
information, how the certificate must have been
created to work with Apple Mail, I give up right now.
Thanks anyways for your help.
-Christian Rößner
--
Bachelor of Science Informatik
Erlenwiese 14, 36304 Alsfeld
T: +49 6631 78823400, F: +49 6631 78823409, M: +49 171 9905345
USt-IdNr
Am 23.08.2014 um 00:28 schrieb Bill Cole
postfixlists-070...@billmail.scconsult.com:
On 22 Aug 2014, at 14:16, Christian Rößner wrote:
Aug 22 19:14:10 mx0 postfix-submission/smtpd[29528]: Anonymous TLS
connection established from
static-201-106.deltasurf.de[193.239.106.201]:47064: TLSv1
:-)
As a workaround, I have enabled X-Spam-Flag and X-Spam-Score. The first gets
lost again, but I don’t care (at the moment).
PM @Andreas: Feel free to call me. Milter has to do with OpenDKIM ;-)
Kind regards
-Christian Rößner
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669
=mail201310 d=sys4.de SSL
Jul 7 19:44:34 mx0 mymilter[31942]: id=11 3h6Z0c5VYWzGp10 result=CONTINUE
If you have any idea, what I am doing wrong, I really would be happy :)
Kind regards
-Christian Rößner
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz
header.
It took me around 8 hours of debugging until I asked on the list :-)
This is just a question. If that can not be included, never mind. I ask with
lots of respect.
Kind regards
-Christian Rößner
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz
,
reject_unauthenticated_sender_login_mismatch,
reject
authenticated_smtpd_recipient_restrictions =
reject_unauth_destination
I would think that a user already got permission in the
smtpd_relay_restrictions.
So for me this is still some what confusing :)
Kind regards
-Christian Rößner
--
[*] sys4 AG
http://sys4.de, +49
was missing. I always thought it
would inherit from one to another.
Kind regards
-Christian Rößner
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe
for the smtpd_recipient_restrictions?
Thanks in advance
-Christian Rößner
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
the feeling it takes a
little bit longer than asking LDAP over proxymap. Furthermore I want the
possibility of email forwarding, so I re-added both options. But in general
that works.
-Christian Rößner
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz
and pointing to policy-services.
Kind regards
-Christian Rößner
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
perhaps Dovecot and other implementations
do that.
I also will test, if sieve reject is working the same way. If so, I can
enable this flag and give users a chance to reject unwanted mails in session.
-Christian Rößner
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669
Am 06.11.2012 um 08:31 schrieb Christian Rößner c...@sys4.de:
I also will test, if sieve reject is working the same way. If so, I can
enable this flag and give users a chance to reject unwanted mails in session.
reject creates a new mail and sends it out.
-Christian Rößner
--
[*] sys4 AG
, so this is just trivial thinking
about something that might be extremely complex to accomplish. And I am always
willing to learn and to understand :)
Thanks for reading. And thanks in advance for an answer.
Kind regards
-Christian Rößner
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
but we received new messages due the whole migration
after that postqueue -f delivered all of them to the inboxes
See above.
Kind regards
-Christian Rößner
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht
, this means using an SMTPD access map or policy daemon
to block mail for over-quota recipients.
Ok, I can understand that. Thank you very much for this feedback.
Kind regards
-Christian Rößner
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der
of that, please contact me off list.
Thanks
-Christian Rößner
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
that question is
not too silly.
Thanks in advance
Kind regards
-Christian Rößner
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc
of doing mistakes, if changes in
config are required.
A workaround which can accomplish the same thing is to create a
Makefile and use make(1).
Yes, that seems a good idea for now. So this would lead in something like a
template system, where make builds the final master.cf.
Thanks
-Christian
before the filter, because cleanup
is not called there. Is that right? So you would do it in the re-entry block. I
do not really know, if that makes sense what I say, because I do not use these
kind of ilters and smtpd_proxy_filter. So my answer is just, what I guess.
-Christian Rößner
.
I found an old mail from Ralf, where he gave this tip:
/./ WARN Test
and see, if this one does anything (not 100% sure about the test pattern).
-Christian Rößner
---
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81, 35390 Gießen
F: +49 641 5879091, M: +49 176 93118939
Hi,
I have a problem that the smtpd_proxy_filter option has higher priority than a
FILTER setting in an access table:
Sep 30 12:33:04 mx0 postfix/smtpd[5250]: warning: access table
cidr:/etc/postfix/maps/client_access.cidr: with smtpd_proxy_filter specified,
action FILTER is unavailable
What
simply question: I have configured my postfix that it keeps mails on
HOLD, if they come from the webserver and are not addressed to me (i.e.
if the webserver tries do relay mail over my MTA).
This works pretty well, but how could the postmaster (me) get notified, if
new mail is on hold?
Authenticate what? Postfix cannot forge the connecting SMTP client's
private key to convince the LDAP server that it is the client via
EXTERNAL auth.
If you are talking about authenticating the Postfix LDAP client, so that
one does not to specify a bind_pw, then I'll try to get this done in
Two questions:
1) I assume it would not be a good thing just to copy main.cf master.cf
along with the associated .db files to the new server as I can see lots has
changed. I'm assuming that a line-by-line walk-through and comparison of the
old new files is prudent copying over only the
ad4f0.5040...@roessner-net.com is a message-ID, not an email address.
Here it is used as an email-address
That was the original recipient address that was shown in my daily logs. So I
tested the situation with the same destination from web.de.
Then they send spam to that message-ID
First of all, I learned the philosophy of not setting default parameters. So if
some values are missing, then they are defaults :)
I'm seeing multiple problems
mydomain = roessner-net.de
relay_domains = $mydestination lists.roessner-net.de
mydestination should not be in relay_domains!
For your setup I'd say:
* make roessner-net.com a relay_domain
* use transport_maps to transport it to localhost via LMTP
* use relay_recipient_maps
Changes took effect. Thanks very, very much :)
Christian
---
Roessner-Network-Solutions
Bachelor of Science Informatik
Nahrungsberg 81,
Hi gain,
little question:
What about SASL-AUTH (i.e. EXTERNAL) and or Kerberos support in ldap_table? I
was looking for not binding with binddn/bindpw to my LDAP-server and using
something like authz-regexp to map the user. But could not find the support in
postfix :)
Best regards
Christian
Postfix uses Dovecot or Cyrus libraries for SASL implementations.
It does not care how they are configured to look on their backend for
requests.
But the backend is a part of the setup. Shouldn't it cover it?
My wishlist features for example would be:
/etc/postfix/some_ldap.cf:
...
What about SASL-AUTH (i.e. EXTERNAL) and or Kerberos support in
ldap_table? I was looking for not binding with binddn/bindpw to my
LDAP-server and using something like authz-regexp to map the user. But
could not find the support in postfix :)
You may use the sasl auxprop ldapdb and GSSAPI
I have the patch, it has not yet been fully reviewed/integrated. If
anyone wants to test it as is, it is attached.
Thanks. I took the patch and applied it. Is compiled without warnings. Just
little bugs in the man page, which I am going to fix tomorrow.
server_host =
It works!
The ldap_table SASL patch works for me on postfix-2.8-20100913
Sep 15 18:57:58 db slapd[1355]: do_bind: dn () SASL mech EXTERNAL
Sep 15 18:57:58 db slapd[1355]: ==slap_sasl2dn: converting SASL name
cn=mx0.roessner-net.de to a DN
Sep 15 18:57:58 db slapd[1355]: slap_parseURI: parsing
I have to check, if I did a mistake with the patch itself, causing the man
page errors, or if the patch needs little tweaks :) But at least the
functionality is working. I am so happy! :)
The patch has very little bugs. The following snippet from the patch _could_
look like this:
---
Hi,
this is my first post here on that list, so I hope my question(s) are welcome :)
I use the current 20100913 snapshot postfix release on a developer server
(testing MTA). Nearly all is working flawlessly, except one problem that I
found in my daily logs (this is a test, I did)
The address
97 matches
Mail list logo