[Feature-request] Adding a connection identifier to the logs

=2Ehphj6VTtfMpJBc8EZ5owao9LT disconnect from localhost.localdomain[127.0.0.1]:54612 helo=1 commands=1 Adding it consequently to all services even thouse that have not been shown here in the example. Feedback very welcome. Thanks in advance Christian Rößner -- Rößner-Network-Solutions Zertifizierter ITSiBe / CISO Karl

[OT] ANN: Postfix policy service geoid-policyd

to help make it better ;-) Hope you enjoy https://gitlab.roessner-net.de/croessner/geoip-policyd Christian Rößner -- Rößner-Network-Solutions Zertifizierter ITSiBe / CISO Karl-Bröger-Str. 10, 36304 Alsfeld Fax: +49 6631 78823409, Mobil: +49 171 9905345 USt-IdNr.: DE225643613, https://roessner.website

Re: [OT] ANN: Postfix policy service geoid-policyd

lower or larger than 1h. And of course: Everyone can decide by its own, if he has a use case for this service or not. Christian Rößner -- Rößner-Network-Solutions Zertifizierter ITSiBe / CISO Karl-Bröger-Str. 10, 36304 Alsfeld Fax: +49 6631 78823409, Mobil: +49 171 9905345 USt-I

Re: 'Linux 5' support in Postfix Stable Release 3.4.1 ?

> Am 08.03.2019 um 13:26 schrieb Wietse Venema : > > Which distro ships with Linux 5.x kernels? I want to install that > distribution in a VM for tests. I am not interested in a FrankenLinux > where I have to assemble different parts from different providers. > Last time I asked I did not get a

Re: No milters have been used at around midnight

Hi, > Am 31.03.2017 um 10:48 schrieb Christian Rößner > : > > Hi, > >> Am 30.03.2017 um 17:25 schrieb Viktor Dukhovni : >> >> >>> On Mar 30, 2017, at 11:15 AM, Christian Rößner >>>

Re: Feature-request: rfc5322_from_login_maps

> Am 20.07.2016 um 18:31 schrieb Patrick Ben Koetter : > > * Wietse Venema : >> Dominik Chilla: >>> Hello together, >>> >>> my postfix setup (submission-relay only!) requires an authenticated >>> (SMTP-AUTH plain/login) sender. Further it checks if the

Re: OT: ANN: rulestats - spamassassin and rspamd daily rule statistics

> Am 20.07.2016 um 17:59 schrieb Robert Schetterer <r...@sys4.de>: > > Am 20.07.2016 um 09:17 schrieb Christian Rößner: >> Hi, >> >> I was interested which spamassassin (including dspam) and rspamd rules are >> used in my mail system and I needed some s

OT: ANN: rulestats - spamassassin and rspamd daily rule statistics

Hi, I was interested which spamassassin (including dspam) and rspamd rules are used in my mail system and I needed some statistical output. For this, I have written two little helper scripts that can be put into logrotate. They will produce reports for each filter.

Re: OT: ANN: S/MIME signing milter (for Postfix)

Hi Robert :-) > Am 13.07.2016 um 17:51 schrieb Robert Schetterer <r...@sys4.de>: > > Am 13.07.2016 um 15:45 schrieb Christian Rößner: >> Hi, >> >> I developed a S/MIME signing milter that can be used with Postfix. It >> features a simple map fil

Re: OT: ANN: S/MIME signing milter (for Postfix)

> Am 13.07.2016 um 16:16 schrieb Benny Pedersen <m...@junc.eu>: > > On 2016-07-13 16:08, Christian Rößner wrote: > >>> I tested it on Mac OS X and Gentoo Linux. Readmes and Man-pages are >>> included. Feel free to give it a try: >>> https://

Re: OT: ANN: S/MIME signing milter (for Postfix)

> I developed a S/MIME signing milter that can be used with Postfix. It > features a simple map file, where you can define email addresses and > corresponding certs/keys. If a mail arrives, the milter checks the MAIL FROM > address and looks up the map file. If it finds a record, it signs the

OT: ANN: S/MIME signing milter (for Postfix)

Hi, I developed a S/MIME signing milter that can be used with Postfix. It features a simple map file, where you can define email addresses and corresponding certs/keys. If a mail arrives, the milter checks the MAIL FROM address and looks up the map file. If it finds a record, it signs the mail

Is Postfix SMTPUTF8 compatible with milters?

Hi, just a short question: If enabling smtputf8_enable feature in Postfix, is this compatible with milters? The most common library is libmilter and I have no idea, what exactly this Postfix feature means? By asking, I think about two callbacks in libmilter: xxfi_header(SMFICTX *ctx, char

Re: Stopping Spam from Forwarding

- > /^My-SPAM-Flag:.+Yes$/i FILTER discard: > - > > You might need to place the header_checks inside master.cf. It depends on > your setup. > > Maybe this works for you > > Christian — Christian Rößner B.Sc. Erle

Re: Stopping Spam from Forwarding

--- You might need to place the header_checks inside master.cf. It depends on your setup. Maybe this works for you Christian — Christian Rößner B.Sc. Erlenwiese 14, 36304 Alsfeld T: +49 6631 78823400, F: +49 6631 78823409, M: +49 171 9905345 USt-IdNr.: DE225643613, http://www.roessner-network-sol

Re: Feature request

> Am 07.05.2016 um 22:37 schrieb Viktor Dukhovni <postfix-us...@dukhovni.org>: > > >> On May 7, 2016, at 8:08 AM, Christian Rößner >> <c...@roessner-network-solutions.com> wrote: >> >> At the moment it works with all components, but only with: >

Re: Feature request

Hi Michael, > Christian Rößner wrote: >> I use OpenLDAP with Postfix. Today I tried to make OpenLDAP more secure by >> requiring TLSv1.2. At this point Postfix stopped working. > > I set TLSProtocolMin 3.3 (requires TLS 1.2) in my slapd.conf and ldap table of > postfix

Feature request

Hi, I use OpenLDAP with Postfix. Today I tried to make OpenLDAP more secure by requiring TLSv1.2. At this point Postfix stopped working. I miss something like tls_protocols in ldap_table(5) It would be nice to add this feature. Thanks in advance Christian — Christian Rößner B.Sc. Erlenwiese

Re: For Grsec/PaX hardened kernel, GNU gdb debugger issues to be aware of

as you can read in this new bug report that I submitted: GNU debugger employed via Postfix crashed PaX hardened kernel https://bugs.gentoo.org/show_bug.cgi?id=541104 also: GNU debugger checking for PaX and refusing to work with it https://forums.gentoo.org/viewtopic-t-1011162.html

Re: Overwrite From Header with Envelope Address

Am 11.02.2015 um 17:35 schrieb Mohammad Isargar m.isarga...@gmail.com: Hi there, We have a situation where Postfix installed with a single domain, serving a subnet of local LAN users and SASL authentication enforced in order to send emails. Even though that we know that the actual

Re: Postfix stable release 3.0.0

Am 08.02.2015 um 23:29 schrieb Wietse Venema wie...@porcupine.org: [An on-line version of this announcement will be available at http://www.postfix.org/announcements/postfix-3.0.0.html] Postfix stable release 3.0.0 is available. This release ends support for Postfix 2.8. Thanks very

Re: PATCH: PIE for Postfix 3.1

Am 05.02.2015 um 13:20 schrieb Benny Pedersen m...@junc.eu: Christian Rößner skrev den 2015-02-05 12:07: I am using Gentoo hardening: rns root@mx ~ # gcc-config -l [1] x86_64-pc-linux-gnu-4.8.3 * this is not hardened profile Sorry, if I correct you (hopefully I am right

Re: PATCH: PIE for Postfix 3.1

Am 05.02.2015 um 06:51 schrieb Viktor Dukhovni postfix-us...@dukhovni.org: On Thu, Feb 05, 2015 at 01:04:58AM +, Viktor Dukhovni wrote: On Wed, Feb 04, 2015 at 01:12:16PM -0500, Wietse Venema wrote: Very lighty-tested patch follows. No INSTALL documentation until this has been

Re: Change sender in php

Am 03.02.2015 um 11:53 schrieb Marcus Bointon marcus.boin...@gmail.com: On 3 Feb 2015, at 11:25, Christian Rößner c...@roessner-network-solutions.com wrote: php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f foo...@example.org Don't put a space between the `-f

Re: Change sender in php

Am 03.02.2015 um 13:17 schrieb Danny mynixm...@gmail.com: Hi Guys, I have postfix setup on a Debian system that manages all my mail. However, whenever php is sending mail it sends it under user www-data. I tried changing the headers in php but it remains the same. Is there someway I

Re: Command pipelining between fully trusted Postfix servers

RFC 2821 (SMTP protocol) --== RFC 2920 (SMTP Pipelining) ==— Ok, I missed that, but… Ok, just looked at the RFC. I thought, it required a initial command, but it doesn’t ;-) Simply start pipelining, … Thanks Christian -- Bachelor of Science Informatik Erlenwiese 14, 36304 Alsfeld T:

Re: Command pipelining between fully trusted Postfix servers

Am 01.02.2015 um 13:58 schrieb Wietse Venema wie...@porcupine.org: Christian R??ner: I searched allover the docs, but could not find information, if the smtp-client of Postfix can do the PIPELIING extension. Have you tried man 8 smtp“? Yes Wietse SMTP(8)

Command pipelining between fully trusted Postfix servers

Hi, I searched allover the docs, but could not find information, if the smtp-client of Postfix can do the PIPELIING extension. I have two Postfix instances on the same host. One is MX-out and the other one is a MSA for clients. The MSA uses dane-only, while the server has the fingerprint of

Re: Policyd not working

Am 27.01.2015 um 17:53 schrieb rupesh chandurkar rupesh_chandur...@rediffmail.com: How I can verify my postfix is integrate with Policyd. postconf -n There must be some check_policy_service somewhere. smtpd_recipient_restrictions = … check_policy_service … Also check with lsof

Re: custom script adds header

Am 18.01.2015 um 23:27 schrieb m...@ruggedinbox.com: Return-Path: vm...@ruggedinbox.com Delivered-To: m...@ruggedinbox.com Received: from localhost (localhost.localdomain [127.0.0.1]) by ruggedinbox.com (Postfix) with ESMTP id 7693331405C7 for m...@ruggedinbox.com; Sun, 18 Jan

Re: SPF configurations

Am 18.01.2015 um 15:20 schrieb SW post...@bsdpanic.com: policyd-spf unix - n n - 0 spawn user=nobody argv=/usr/local/bin/policyd-spf I use this: policyd-spf unix -n n - 0 spawn user=nobody argv=/usr/bin/policyd-spf

Re: using ppymilter in Postfix

Change permissions to 700 and ran the script. It gave no errors, which is good. However, using ss to check which ports are in use doesn't show port 12000(Which I would expect) lsof -Pni :12000 Christian -- Bachelor of Science Informatik Erlenwiese 14, 36304 Alsfeld T: +49 6631 78823400, F:

Re: hold trigger dmarc milter notify_classes

Hi, using dmarc milter sometimes causes hold action like i.e ( failure pruduced by myself only for demonstrate ) 2015-01-13T10:46:09.372033+01:00 mail opendmarc[15158]: 3kM6Nw3sCTzDdG2l: amazon.com fail 2015-01-13T10:46:09.411674+01:00 mail postfix/cleanup[3532]: 3kM6Nw3sCTzDdG2l:

Re: using ppymilter in Postfix

Hi, I am looking how to use ppymilter in Postfix. Using pymilter is explained in the Postfix docs ( http://www.postfix.org/MILTER_README.html#config ) , but I can't find how to do the same for ppymilter. Anyone can send me in the right direction ? Is pymilter the C-binding version for

Re: Sudden degradation in Postfix performance.

Am 21.12.2014 um 10:13 schrieb Jonathan K. Tullett jonathan+postfix@dda.systems: Greetings, I've been using Postfix for many years - since about 2002 - and I've finally come across a problem I've not been able to resolve by searching online, or from tapping into my personal network.

Re: Timeout 30s but message sent

Am 18.12.2014 um 09:26 schrieb HugoH hugo.henea...@gmail.com: Dec 18 09:08:18 sd-60799 postfix/smtp[17808]: connect to gmail-smtp-in.l.google.com[2a00:1450:400c:c00::1a]:25: Connection timed out Dec 18 09:08:19 sd-60799 postfix/smtp[17808]: 4176314805C0: If I follow this list correctly,

Re: Why does SPF fail sometimes?

Hi, Am 15.12.2014 um 06:15 schrieb Benny Pedersen m...@junc.eu: On 15. dec. 2014 00.21.30 Christian Rößner c...@roessner-network-solutions.com wrote: Thanks. That was what I thought. People using the header-from field. But I couldn’t believe that. But now that you gave me this feedback

Re: Why does SPF fail sometimes?

Hi, Am 15.12.2014 um 06:27 schrieb Benny Pedersen m...@junc.eu: On 15. dec. 2014 01.19.02 Christian Rößner c...@roessner-network-solutions.com wrote: https://datatracker.ietf.org/doc/draft-kucherawy-dmarc-base/?include_text=1 2. Receivers compare the RFC5322 From: address in the mail

Re: Transport based on next hop

Hi, I have a trivial question, which could become a wish list feature. There are three MTAs. First is a web server postfix instance that relates all mail to the second MTAS, a relay server, which can send mail directly to the world. This relay server and a third MTA are two postfix multi

Why does SPF fail sometimes?

Hi, sorry, if this question might be a little off-topic, but I really do not understand some DMARC reports that I receive in conjunction to this mailing list and maybe someone can help me in digging down the problem: ?xml version=1.0 encoding=UTF-8 ? feedback report_metadata

Re: Why does SPF fail sometimes?

Am 14.12.2014 um 23:53 schrieb Wietse Venema wie...@porcupine.org: Christian R??ner: sorry, if this question might be a little off-topic, but I really do not understand some DMARC reports that I receive in conjunction to this mailing list and maybe someone can help me in digging down the

Re: Why does SPF fail sometimes?

Am 14.12.2014 um 23:56 schrieb li...@rhsoft.net: i guess that fools apply the SPF test to the From-Header instead to the envelope, frankly Barracuda Networks does the same for Spoofing-Protection because customers complained without knowing details i would suggest the problem is on the

Re: Why does SPF fail sometimes?

Am 15.12.2014 um 00:36 schrieb Wietse Venema wie...@porcupine.org: Christian R??ner: Am 14.12.2014 um 23:53 schrieb Wietse Venema wie...@porcupine.org: Christian R??ner: sorry, if this question might be a little off-topic, but I really do not understand some DMARC reports that I

Re: rfc5322 compliance of Date: field

Am 10.12.2014 um 20:17 schrieb Peter Volkov p...@gentoo.org: We use smtplib in python to send mail through postfix. I attach a very simple example which I use in Zabbix, writtien in Python. Best wishes Christian #!/usr/bin/env python2.7 import os import sys import smtplib import time

Return-Path

Hi, simple question: at which point adds Postfix the Return-Path header? Which component is doing that? Is it also possible to see this header in a milter? In my tests on a submission connector, I do not get this header. Background to my question: If I really want to do SPF/DKIM/DMARC checks

Re: Return-Path

Hi Robert :-) Am 02.12.2014 um 11:28 schrieb Robert Schetterer r...@sys4.de: Am 02.12.2014 um 10:41 schrieb Christian Rößner: Hi, simple question: at which point adds Postfix the Return-Path header? Which component is doing that? Is it also possible to see this header in a milter

Re: Return-Path

Am 02.12.2014 um 11:48 schrieb li...@rhsoft.net: Am 02.12.2014 um 11:39 schrieb Christian Rößner: what for mails from ourself to the world? Maybe reject_sender_login_mismatch that should be mandatory as well as the general rule do not allow senders you would accept incoming mail

Re: Return-Path

Am 02.12.2014 um 11:58 schrieb Christian Rößner c...@roessner-network-solutions.com: Am 02.12.2014 um 11:48 schrieb li...@rhsoft.net: Am 02.12.2014 um 11:39 schrieb Christian Rößner: what for mails from ourself to the world? Maybe reject_sender_login_mismatch that should

SOLVED Re: Transport based on next hop

This server already has two ip addresses and routing can not be done on answer decisions. That exactly is the problem here. And the main MTA on port 25 enforces a policy. As you told in a previus message you run multiple instances on one host. I assume you have a clean setup about which

Re: Transport based on next hop

Am 28.11.2014 um 20:26 schrieb Wietse Venema wie...@porcupine.org: Christen R??ner: I look for: Table: LhsRhs mx.some.mtasmtp:[mx.whatever.tld]:1234 I have implemented smtp_dns_reply_filter (currently, testing), which matches a resource record

Re: Transport based on next hop

Am 28.11.2014 um 20:50 schrieb li...@rhsoft.net li...@rhsoft.net: Am 28.11.2014 um 20:45 schrieb Christian Rößner: Am 28.11.2014 um 20:26 schrieb Wietse Venema wie...@porcupine.org: Christen R??ner: I look for: Table: LhsRhs mx.some.mtasmtp

Re: nice reject

Am 21.11.2014 um 22:06 schrieb Wietse Venema wie...@porcupine.org: check_recipient_access static:{reject you did this or that ...} I'll post a patch in a little while. This takes four lines of code. I would love to see this. I use current snapshots here, so I can use it, if it has been

Re: PATCH: static:{reject text ...} (was: nice reject)

Am 21.11.2014 um 23:23 schrieb Wietse Venema wie...@porcupine.org: Wietse Venema: A. Schulze: wish smtpd_recipient_restrictions = check_foo_to_allow_something, reject you did this or that wrong, call +49 ... for assistance /wish Is that possible?

Re: PATCH: static:{reject text ...} (was: nice reject)

Am 22.11.2014 um 10:11 schrieb Christian Rößner c...@roessner-network-solutions.com: I’ll give it a try. … - STARTTLS - 220 2.0.0 Ready to start TLS === TLS started with cipher TLSv1:DHE-RSA-AES256-SHA:256 === TLS no local certificate set === TLS peer DN=/OU=Go to https://www.thawte.com

Re: PATCH: static:{reject text ...}

Am 22.11.2014 um 11:38 schrieb li...@rhsoft.net: surely - a footer is a footer and because it comes *everywhere* at the end it contains the neutral part of the message like contact and so on if you don#t want smtpd_reject_footer don't configure it Yes, you are right. Sorry

Re: postfix not able to send email

Am 22.09.2014 um 22:11 schrieb Wietse Venema wie...@porcupine.org: Subin K S: hi, I've compiled and installed postfix 2.11 on Debian7, from source. Now when I try to send an email using to an extrernal address from teh command line it errs out as follows: Sep 22 15:44:57 server1

Re: Input requested: append_dot_mydomain default change

Am 23.09.2014 um 01:33 schrieb Wietse Venema wie...@porcupine.org: Viktor Dukhovni: On Mon, Sep 22, 2014 at 11:41:00AM -0400, Wietse Venema wrote: This time PLEASE refrain from sidetracking the discussion. I want to know what will break when the default changes, if that is not too much to

Question for syntax in snapshot 20120921

Hi, I read the RELEASE_NOTES and tried to modiy one milter. But I get warnings in the logs: Sep 23 21:08:46 mx postfix/smtpd[31857]: warning: invalid transport name: {inet in Milter service: {inet:[::1]:30071 Sep 23 21:08:46 mx postfix/smtpd[31857]: warning: Milter service needs

Re: Question for syntax in snapshot 20120921

Am 23.09.2014 um 21:27 schrieb Wietse Venema wie...@porcupine.org: Christian R??ner: In the RELEASE_NOTES: - Milter clients and policy clients with non-default settings: smtpd_milters = {inet:host:port, timeout=xxx, default_action=yyy}, ? How is that meant? It is meant as follows:

Re: FYI: blocking attachment extensions

Am 16.09.2014 um 21:42 schrieb Viktor Dukhovni postfix-us...@dukhovni.org: On Tue, Sep 16, 2014 at 09:28:11PM +0200, li...@rhsoft.net wrote: # block windows executables PCRE /^\s*Content-(?:Disposition|Type): # Header label (?:.*?;)? \s* # Any prior

Re: FYI: blocking attachment extensions

Am 17.09.2014 um 10:02 schrieb Christian Rößner c...@roessner-network-solutions.com: /xREJECT blocked filename ${1} Missing indention here. Got it. Thanks Christian -- Bachelor of Science Informatik Erlenwiese 14, 36304 Alsfeld T: +49 6631 78823400, F: +49 6631 78823409

TLS client certificate

= yes smtpd_tls_security_level = encrypt smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_session_cache sogo_roessner_net_de = 193.239.107.43 syslog_name = postfix-submission tls_preempt_cipherlist = yes tls_ssl_options = no_ticket, no_compression Thanks in advance -Christian

Re: TLS client certificate

) session tickets are managed correctly. Thanks a lot for this. I will correct it. -Christian Rößner -- Bachelor of Science Informatik Erlenwiese 14, 36304 Alsfeld T: +49 6631 78823400, F: +49 6631 78823409, M: +49 171 9905345 USt-IdNr.: DE225643613, http://www.roessner-network-solutions.com

Re: TLS client certificate

information, how the certificate must have been created to work with Apple Mail, I give up right now. Thanks anyways for your help. -Christian Rößner -- Bachelor of Science Informatik Erlenwiese 14, 36304 Alsfeld T: +49 6631 78823400, F: +49 6631 78823409, M: +49 171 9905345 USt-IdNr

Re: TLS client certificate

Am 23.08.2014 um 00:28 schrieb Bill Cole postfixlists-070...@billmail.scconsult.com: On 22 Aug 2014, at 14:16, Christian Rößner wrote: Aug 22 19:14:10 mx0 postfix-submission/smtpd[29528]: Anonymous TLS connection established from static-201-106.deltasurf.de[193.239.106.201]:47064: TLSv1

Re: Milter problem

:-) As a workaround, I have enabled X-Spam-Flag and X-Spam-Score. The first gets lost again, but I don’t care (at the moment). PM @Andreas: Feel free to call me. Milter has to do with OpenDKIM ;-) Kind regards -Christian Rößner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669

Milter problem

=mail201310 d=sys4.de SSL Jul 7 19:44:34 mx0 mymilter[31942]: id=11 3h6Z0c5VYWzGp10 result=CONTINUE If you have any idea, what I am doing wrong, I really would be happy :) Kind regards -Christian Rößner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz

Re: Milter problem

header. It took me around 8 hours of debugging until I asked on the list :-) This is just a question. If that can not be included, never mind. I ask with lots of respect. Kind regards -Christian Rößner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz

Re: 2.10.0 smtpd_relay_restrictions

, reject_unauthenticated_sender_login_mismatch, reject authenticated_smtpd_recipient_restrictions = reject_unauth_destination I would think that a user already got permission in the smtpd_relay_restrictions. So for me this is still some what confusing :) Kind regards -Christian Rößner -- [*] sys4 AG http://sys4.de, +49

Re: 2.10.0 smtpd_relay_restrictions

was missing. I always thought it would inherit from one to another. Kind regards -Christian Rößner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe

2.10.0 smtpd_relay_restrictions

for the smtpd_recipient_restrictions? Thanks in advance -Christian Rößner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer

Re: Technical question to Postfix

the feeling it takes a little bit longer than asking LDAP over proxymap. Furthermore I want the possibility of email forwarding, so I re-added both options. But in general that works. -Christian Rößner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz

Re: Technical question to Postfix

and pointing to policy-services. Kind regards -Christian Rößner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer

Re: Technical question to Postfix

perhaps Dovecot and other implementations do that. I also will test, if sieve reject is working the same way. If so, I can enable this flag and give users a chance to reject unwanted mails in session. -Christian Rößner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669

Re: Technical question to Postfix

Am 06.11.2012 um 08:31 schrieb Christian Rößner c...@sys4.de: I also will test, if sieve reject is working the same way. If so, I can enable this flag and give users a chance to reject unwanted mails in session. reject creates a new mail and sends it out. -Christian Rößner -- [*] sys4 AG

Technical question to Postfix

, so this is just trivial thinking about something that might be extremely complex to accomplish. And I am always willing to learn and to understand :) Thanks for reading. And thanks in advance for an answer. Kind regards -Christian Rößner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64

Re: Technical question to Postfix

but we received new messages due the whole migration after that postqueue -f delivered all of them to the inboxes See above. Kind regards -Christian Rößner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht

Re: Technical question to Postfix

, this means using an SMTPD access map or policy daemon to block mail for over-quota recipients. Ok, I can understand that. Thank you very much for this feedback. Kind regards -Christian Rößner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der

Re: Technical question to Postfix

of that, please contact me off list. Thanks -Christian Rößner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer

Does an option include exist?

that question is not too silly. Thanks in advance Kind regards -Christian Rößner -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc

Re: Does an option include exist?

of doing mistakes, if changes in config are required. A workaround which can accomplish the same thing is to create a Makefile and use make(1). Yes, that seems a good idea for now. So this would lead in something like a template system, where make builds the final master.cf. Thanks -Christian

Re: header_checks hell

before the filter, because cleanup is not called there. Is that right? So you would do it in the re-entry block. I do not really know, if that makes sense what I say, because I do not use these kind of ilters and smtpd_proxy_filter. So my answer is just, what I guess. -Christian Rößner

Re: header_checks hell

. I found an old mail from Ralf, where he gave this tip: /./ WARN Test and see, if this one does anything (not 100% sure about the test pattern). -Christian Rößner --- Roessner-Network-Solutions Bachelor of Science Informatik Nahrungsberg 81, 35390 Gießen F: +49 641 5879091, M: +49 176 93118939

proxy_smtpd_filter vs FILTER action

Hi, I have a problem that the smtpd_proxy_filter option has higher priority than a FILTER setting in an access table: Sep 30 12:33:04 mx0 postfix/smtpd[5250]: warning: access table cidr:/etc/postfix/maps/client_access.cidr: with smtpd_proxy_filter specified, action FILTER is unavailable What

Re: Inform postmaster, if message gets on HOLD

simply question: I have configured my postfix that it keeps mails on HOLD, if they come from the webserver and are not addressed to me (i.e. if the webserver tries do relay mail over my MTA). This works pretty well, but how could the postmaster (me) get notified, if new mail is on hold?

Re: SASL-AUTH and/or Kerberos in ldap_table

Authenticate what? Postfix cannot forge the connecting SMTP client's private key to convince the LDAP server that it is the client via EXTERNAL auth. If you are talking about authenticating the Postfix LDAP client, so that one does not to specify a bind_pw, then I'll try to get this done in

Re: Migrating Ver 2.1.5 to Ver 2.5.5

Two questions: 1) I assume it would not be a good thing just to copy main.cf master.cf along with the associated .db files to the new server as I can see lots has changed. I'm assuming that a line-by-line walk-through and comparison of the old new files is prudent copying over only the

Re: Problems to understand reject_unlisted_recipients

ad4f0.5040...@roessner-net.com is a message-ID, not an email address. Here it is used as an email-address That was the original recipient address that was shown in my daily logs. So I tested the situation with the same destination from web.de. Then they send spam to that message-ID

Re: Problems to understand reject_unlisted_recipients

First of all, I learned the philosophy of not setting default parameters. So if some values are missing, then they are defaults :) I'm seeing multiple problems mydomain = roessner-net.de relay_domains = $mydestination lists.roessner-net.de mydestination should not be in relay_domains!

Re: Problems to understand reject_unlisted_recipients

For your setup I'd say: * make roessner-net.com a relay_domain * use transport_maps to transport it to localhost via LMTP * use relay_recipient_maps Changes took effect. Thanks very, very much :) Christian --- Roessner-Network-Solutions Bachelor of Science Informatik Nahrungsberg 81,

SASL-AUTH and/or Kerberos in ldap_table

Hi gain, little question: What about SASL-AUTH (i.e. EXTERNAL) and or Kerberos support in ldap_table? I was looking for not binding with binddn/bindpw to my LDAP-server and using something like authz-regexp to map the user. But could not find the support in postfix :) Best regards Christian

Re: SASL-AUTH and/or Kerberos in ldap_table

Postfix uses Dovecot or Cyrus libraries for SASL implementations. It does not care how they are configured to look on their backend for requests. But the backend is a part of the setup. Shouldn't it cover it? My wishlist features for example would be: /etc/postfix/some_ldap.cf: ...

Re: SASL-AUTH and/or Kerberos in ldap_table

What about SASL-AUTH (i.e. EXTERNAL) and or Kerberos support in ldap_table? I was looking for not binding with binddn/bindpw to my LDAP-server and using something like authz-regexp to map the user. But could not find the support in postfix :) You may use the sasl auxprop ldapdb and GSSAPI

Re: SASL-AUTH and/or Kerberos in ldap_table

I have the patch, it has not yet been fully reviewed/integrated. If anyone wants to test it as is, it is attached. Thanks. I took the patch and applied it. Is compiled without warnings. Just little bugs in the man page, which I am going to fix tomorrow. server_host =

Re: SASL-AUTH and/or Kerberos in ldap_table

It works! The ldap_table SASL patch works for me on postfix-2.8-20100913 Sep 15 18:57:58 db slapd[1355]: do_bind: dn () SASL mech EXTERNAL Sep 15 18:57:58 db slapd[1355]: ==slap_sasl2dn: converting SASL name cn=mx0.roessner-net.de to a DN Sep 15 18:57:58 db slapd[1355]: slap_parseURI: parsing

Re: SASL-AUTH and/or Kerberos in ldap_table

I have to check, if I did a mistake with the patch itself, causing the man page errors, or if the patch needs little tweaks :) But at least the functionality is working. I am so happy! :) The patch has very little bugs. The following snippet from the patch _could_ look like this: ---

Problems to understand reject_unlisted_recipients

Hi, this is my first post here on that list, so I hope my question(s) are welcome :) I use the current 20100913 snapshot postfix release on a developer server (testing MTA). Nearly all is working flawlessly, except one problem that I found in my daily logs (this is a test, I did) The address