i set
> >> message_size_limit = 2324
> >> mailbox_size_limit = 0
> >>
> >> postconf -n |grep "_size_limit"
> >> mailbox_size_limit = 0
> >> message_size_limit = 2324
>
> On 16.04.20 16:07, Dominic Raferd wrote:
> >
On Thu, 16 Apr 2020 at 15:40, natan maciej milaszewski wrote:
>
> Hi
> Sorry about probably dumbest questions. What does it really mean?
>
> 552 5.3.4 Message size exceeds fixed limit
>
> Apr 16 16:03:48 thebe4 postfix/smtpd[11692]: NOQUEUE: reject: MAIL from
> mail-il1-f169.google.com[209.85.166.
On Tue, 14 Apr 2020 at 18:45, Rick King wrote:
>
> Postfix version 3.1.1
>
> Hello List!
>
> We have a customer that occasionally receives messages like this...
>
> Return-Path:
> From: "Free iPad "
> To:
> Subject:Free iPad
>
> From the looks of it, messages like these are from legit domains w
On Mon, 6 Apr 2020 at 21:54, Wietse Venema wrote:
>
> Dominic Raferd:
> > I will keep in mind what you say about systemd and logging. The only
> > 'systemd:.*suppress' messages I see are very occasionally in the
> > system log and don't relate to any mail
On Mon, 6 Apr 2020 at 09:44, Viktor Dukhovni wrote:
>
> On Mon, Apr 06, 2020 at 08:21:32AM +0100, Dominic Raferd wrote:
>
> > Using setting 'smtp_tls_security_level = may' (postfix 3.3.0) is there
> > a reliable way to see from log which outgoing emails were sent in
On Thu, 2 Apr 2020 at 17:33, Bill Cole
wrote:
>
> On 2 Apr 2020, at 2:55, Tessa Plum wrote:
>
> > Hello
> >
> > We can send email from any domain within gmail, setup it via gmail's
> > smtp relay in web interface.
> >
> > My question is, won't this break something like SPF/DKIM for those
> > exter
Using setting 'smtp_tls_security_level = may' (postfix 3.3.0) is there
a reliable way to see from log which outgoing emails were sent in the
clear i.e. *not* using TLS?
On Tue, 31 Mar 2020 at 08:59, Owais Khan wrote:
> and is there any way i could exactly count sent mail from a particaular
> "from
> id" other than pflogsumm utility.
>
To see postfix's log messages of some sort of refusal by gmail when
relaying to it, use something like this:
grep "smtp\[.*said:
On Fri, 20 Mar 2020 at 16:29, Jaroslaw Rafa wrote:
> Dnia 20.03.2020 o godz. 17:25:35 Benny Pedersen pisze:
> >
> > if you belive dkim is the problem at google one can disable dkim
> > signer and restest that mails is not going to spam folder at google
>
> In my case, DKIM is not the problem.
> T
On Wed, 11 Mar 2020 at 16:38, Wietse Venema wrote:
> Dominic Raferd:
> > Has anyone successfully set a delay_warning_time of less than 1 hour (or,
> > better, less than 30 minutes) without creating a bespoke bounce template?
>
> Unlikely, because that would tell the send
On Wed, 11 Mar 2020 at 14:08, Wietse Venema wrote:
> Dominic Raferd:
> > > man 5 bounce
> > >
> > >delay_warning_time_suffix
> > > Expands into the value of the delay_warning_time
> > > parameter,
> > >
On Wed, 11 Mar 2020 at 11:15, Wietse Venema wrote:
> Dominic Raferd:
> > On Wed, 11 Mar 2020 at 11:06, Wietse Venema
> wrote:
> >
> > > Dominic Raferd:
> > > > Using postfix 3.3.0 I recently set, in main.cf, 'delay_warning_time
> =
> > >
On Wed, 11 Mar 2020 at 11:06, Wietse Venema wrote:
> Dominic Raferd:
> > Using postfix 3.3.0 I recently set, in main.cf, 'delay_warning_time =
> 15m'.
> > Now when an outgoing message is delayed I see these in the log:
> >
> > ... postfix/bounce[12303]: w
Using postfix 3.3.0 I recently set, in main.cf, 'delay_warning_time = 15m'.
Now when an outgoing message is delayed I see these in the log:
... postfix/bounce[12303]: warning: [built-in]: zero result in delay
template conversion of parameter "delay_warning_time_hours"
... postfix/bounce[12303]: wa
On Tue, 10 Mar 2020 at 17:37, Jaroslaw Rafa wrote:
> Dnia 10.03.2020 o godz. 19:33:14 Catalin Bucur pisze:
> > Google dns says:
> > # host -t mx imake.ro 8.8.8.8
> > Using domain server:
> > Name: 8.8.8.8
> > Address: 8.8.8.8#53
> > Aliases:
> > Host imake.ro not found: 2(SERVFAIL)
>
> Something'
., 10 de mar. de 2020 a la(s) 10:58, Dominic Raferd
> (domi...@timedicer.co.uk) escribió:
>>
>> On Tue, 10 Mar 2020 at 13:52, SysAdmin EM wrote:
>> >
>> > Hello.!
>> >
>> > In the mail.cf i add this options:
>> > # OpenDKIM
&
On Tue, 10 Mar 2020 at 13:52, SysAdmin EM wrote:
>
> Hello.!
>
> In the mail.cf i add this options:
> # OpenDKIM
> smtpd_milters = inet:127.0.0.1:8891
> non_smtpd_milters = $smtpd_milters
> milter_default_action = accept
> milter_protocol = 6
>
> when i send and email fro
On Mon, 27 Jan 2020 at 12:36, Helmut Ritter wrote:
> Jan 27 13:02:37 h2786452 postfix-out/smtpd[8469]: disconnect from
> unknown[193.56.28.30] ehlo=1 auth=0/1 quit=1 commands=2/3
>
> Before I block with fail2ban, does auth=0/1 ALWAYS mean that s/o tried
> to use smtp without authentication?
>
I
On Sat, 25 Jan 2020 at 15:47, Wietse Venema wrote:
> Wietse Venema:
> > Dominic Raferd:
> > > When postscreen rejects an incoming email because it exceeds the
> dnsbl/rbl
> > > score, how does it decide which rbl to report back to client as the
> cause
>
On Sat, 25 Jan 2020 at 09:08, Matus UHLAR - fantomas
wrote:
> On 25.01.20 08:44, Dominic Raferd wrote:
> >When postscreen rejects an incoming email because it exceeds the dnsbl/rbl
> >score, how does it decide which rbl to report back to client as the cause
> >of the reje
When postscreen rejects an incoming email because it exceeds the dnsbl/rbl
score, how does it decide which rbl to report back to client as the cause
of the rejection - since it only reports one? Is it just the first one to
respond? Or random?
See below for an (lightly obfuscated) example:
08:15:26
On Tue, 21 Jan 2020 at 12:54, rdquiterio wrote:
> Hi;
>
> I made a filter to let postfix relay messages from specific senders. I
> tested the filter via telnet (mail from: rcpt to: data …) on the postfix
> server and it was doing ok.
>
> But, after deployment, the filter is failing and I suppose
On Thu, 16 Jan 2020 at 15:37, Wietse Venema wrote:
> Dominic Raferd:
> > On Thu, 16 Jan 2020 at 14:34, Wietse Venema
> wrote:
> >
> > > Dominic Raferd:
> > > > Thanks Christian that was very helpful. I have it working now for
> > > > pos
On Thu, 16 Jan 2020 at 14:34, Wietse Venema wrote:
> Dominic Raferd:
> > Thanks Christian that was very helpful. I have it working now for
> > postscreen and I think (but am waiting for an incoming instance) for
> > smtpd. Weird
> > that they hav
On Thu, 16 Jan 2020 at 09:13, Christian Kivalo
wrote:
>
>
> On 2020-01-16 09:47, Dominic Raferd wrote:
> > I recently started using an RBL service where we have a 'private key'
> > and this operates very simply by prefixing the key to the RBL address.
> > But
I recently started using an RBL service where we have a 'private key' and
this operates very simply by prefixing the key to the RBL address. But I
just realised that this appears to mean that for any rejections the whole
address - including the key - is passed back to the offending client. Which
if
On Wed, 15 Jan 2020 at 17:03, Wietse Venema wrote:
> Simon B:
> > Hi
> >
> > Currently the smtpd for receiving mails from amavis is set up like:
> >
> > 119 #The amavis reciever
> > 120 127.0.0.1:10025 inet n - - - - smtpd
> >
> > Consequently it listens only IPv4
> >
> > ~# netstat -tulpn | grep
On Wed, 15 Jan 2020 at 16:50, Simon B wrote:
> On Wed, 15 Jan 2020 at 17:43, Jaroslaw Rafa wrote:
> >
> > Dnia 15.01.2020 o godz. 17:26:48 Simon B pisze:
> > >
> > > Amavis listens on 10024, and postfix listens on 10025
> > >
> > > That means mail comes in on 587, it goes to amavis on 10024 and
f there was anything
> else to be done
> __
>
> - Original Message -
> | From: "Dominic Raferd"
> | To: "Postfix users"
> | Sent: Wednesday, 15 January, 2020 15:15:30
> | Subject: Re: phising attacks
>
> | On Wed, 15 Jan
On Wed, 15 Jan 2020 at 15:09, Adam Barnett wrote:
> Hi Postfix Peeps
> We seem to be getting more phishing attacks that are being clever. The
> address looks like it someone internal but the from address is not that
> person.
> Any suggestions postfix or otherwise to help with these
>
When you s
On Wed, 15 Jan 2020 at 13:36, Simon B wrote:
> On Wed, 15 Jan 2020 at 13:40, Matus UHLAR - fantomas
> wrote:
> >
> > >> On Mon, Jan 13, 2020 at 06:25:27PM +0100, Simon B wrote:
> > >> > > > >> >Since upgrading to 2.11 yesterday (yes, I am on a path to
> move up
> > >> > > > >> >through debian ve
On Tue, 14 Jan 2020 at 12:53, Scott Kitterman wrote:
> On Tuesday, January 14, 2020 7:39:05 AM EST Emanuel wrote:
> > Hello everyone.!
> >
> > I see this error in the postfix logs:
> >
> > said: 550 Blocked by SPF () (in reply to MAIL FROM command))
> >
> > Jan 14 09:31:46 antartida postfix/smtpd
On Tue, 17 Dec 2019 at 17:35, Dave Goodrich wrote:
>
> - On Dec 17, 2019, at 8:14 AM, Roberto Carna
> wrote:
>
> Dear, I have a Postfix server and I have SPF and DKIM TXT records in my DNS.
> Everything works OK.
> But now I want to implement DMARC, but somebody tells me not to do it becaus
On Mon, 9 Dec 2019 at 14:13, Simone Marchioni
wrote:
> I have a problem with Postfix. Recently we are receiving mail messages
> with malformed "From:" headers as these:
>
> From: "Name Surname "
> From: "u...@good-domain.com"
>
> Ended up with a solution based on PCRE header checks, with these
On Sun, 24 Nov 2019 at 23:34, Richard Damon
wrote:
> On 11/24/19 6:21 PM, Wesley Peng wrote:
> > Why it doesn’t break From: header SPF? Just curious
> >
> > On Mon, Nov 25, 2019, at 4:12 AM, Chris Wedgwood wrote:
> >> > Or in short: DMARC intentionally breaks every mailinglist and every
> >> > ma
On Sun, 24 Nov 2019 at 07:24, Jeffrey 'jf' Lim wrote:
> On Sat, 23 Nov 2019 at 10:00, 황병희 wrote:
>
>> merr...@fn.de writes:
>>
>> > [...] do you think if it is possible to reject all mails from China?
>> Thanks
>>
>> How about moving to Gmail(Google Apps)? Gmail's spam defense is not bad, i
>> t
On Sat, 23 Nov 2019 at 09:14, Roland Köbler
wrote:
> Hi,
>
> > when validating DMARC, it use the envelop address, or use from address
> from the header?
> it unfortunately uses the from-header.
> (If it would use the envelope address, it would not cause that much
> problems.)
>
> Or in short: DMA
On Fri, 22 Nov 2019 at 12:45, Jaroslaw Rafa wrote:
> Dnia 22.11.2019 o godz. 11:40:29 Dominic Raferd pisze:
> >
> > The limitations you describe affect SPF but not DMARC because DMARC can
> > rely *either* on SPF *or* on DKIM.
>
> But it probably depends on how the *
On Fri, 22 Nov 2019 at 11:26, Jaroslaw Rafa wrote:
> Dnia 22.11.2019 o godz. 10:45:42 Wesley Peng pisze:
> >
> > So mailing list makes DKIM or SPF failed?
> >
> > Thank you for your helps.
>
> My opinion is that the actual problem is that people who invented SPF
> and/or
> DMARC had wrong assumpt
On Fri, 22 Nov 2019 at 09:56, Wesley Peng wrote:
> I meant I didn’t get it in my mail.ru inbox. The other providers may or
> may not reject it. Thanks.
>
> On Fri, Nov 22, 2019, at 5:52 PM, Wesley Peng wrote:
>
> Hi
>
> the mail I sent from mail.ru to this list got dropped, I didn’t get the
> mes
On Fri, 22 Nov 2019 at 08:42, Nick wrote:
> On 2019-11-22 04:21 GMT, Wesley Peng wrote:
> > The email I am using is with domain of mail.ru, which has the
> > strictest DMARC policy setting.
> >
> > So mailing list like postfix-users doesn't deliver my message to
> > myself on this domain. And goo
On Thu, 21 Nov 2019 at 14:53, Chris Green wrote:
> On Thu, Nov 21, 2019 at 01:00:24PM +0000, Dominic Raferd wrote:
> >I use a VM in a different country with the same priority MX so that we
> >should have effectively zero overall downtime. (The exceptions are
> when
&g
On Thu, 21 Nov 2019 at 12:05, Chris Green wrote:
> I run postfix on an 'always on' machine at home and have the MX record
> for my domain pointing at this machine.
>
> Obviously there are occasional downtimes, for example this morning we
> had a 3 hour power failure and I also need to upgrade the
On Tue, 19 Nov 2019 at 08:56, Merrick wrote:
> My purpose is to setup two MX servers in different locations for high
> availability.
> But I am not sure how the two MX servers handle message storage.
>
If you are a small organisation you could consider relaying into Gmail. Or,
easiest of all, us
On Mon, 18 Nov 2019 at 12:23, Dominic Raferd
wrote:
>
>
> On Mon, 18 Nov 2019 at 12:00, @lbutlr wrote:
>
>> Is it safe (or mostly safe) to simply block attempts to deliver mail with
>> a helo that is only an IP address? (I am talking about only on
>> postfix/stmp
On Mon, 18 Nov 2019 at 12:00, @lbutlr wrote:
> Is it safe (or mostly safe) to simply block attempts to deliver mail with
> a helo that is only an IP address? (I am talking about only on
> postfix/stmpd and obviously not on postfix/submit or related).
>
> I have about 50,000 NOQUEUE reject from "h
On Fri, 15 Nov 2019, 17:59 Robert Senger, <
robert.sen...@lists.microscopium.de> wrote:
> Hi all,
>
> I am having some trouble with filtering incoming mail. First, I do not
> understand certain "access denied" actions. Second, I cannot get
> filtering by sender domain to work correctly.
>
> Releva
On Fri, 15 Nov 2019 at 10:23, Allen Coates
wrote:
>
>
> On 15/11/2019 05:10, Fourhundred Thecat wrote:
> > On 15/11/2019 06.06, Jeffrey 'jf' Lim wrote:
> >>
> >> ok then this makes sense. I've seen bots retry multiple passwords at
> >> one go in the past; Fourhundred are all of these "auth=0/1"?
On Fri, 15 Nov 2019 at 05:26, Fourhundred Thecat <400the...@gmx.ch> wrote:
> On 15/11/2019 05.51, Viktor Dukhovni wrote:
> > On Fri, Nov 15, 2019 at 04:47:55AM +0100, Fourhundred Thecat wrote:
> >
> >> I am wondering what is the purpose of connections like these:
> >>
> >> postfix/smtpd[5147]:
n 07/11/2019 01:03, Richard James Salts wrote:
On Thursday, 7 November 2019 4:23:20 AM AEDT Dominic Raferd wrote:
...
The main problem with DMARC is that some mailing lists (not this one,
I believe) mess it up, so I would suggest not to use it with
p=quarantine or p=reject on any domain where
On Wed, 6 Nov 2019 at 17:04, Roberto Carna wrote:
> El mié., 6 nov. 2019 a las 13:48, Dominic Raferd ()
> escribió:
>>
>> On Wed, 6 Nov 2019 at 16:12, Roberto Carna wrote:
>> > My cooperative mail server is an Exchange which does not implement DKIM at
>> >
On Wed, 6 Nov 2019 at 16:12, Roberto Carna wrote:
> My cooperative mail server is an Exchange which does not implement DKIM at
> all.
> But also I have a Postfix mail relay for the "example.com" domain.
> Is it possible to implement DKIM only in my Postfix server for all the
> outgoing @example.
On Thu, 24 Oct 2019 at 15:28, Jason Hirsh wrote:
>
> I am trying to revive my OpenDKIM installation. I had it working but managed
> to break it when I updated my ports. It is running but not signing outgoing
> messages
>
> My main.cf configuration relative to OpenDkim is
>
> smtpd_milters = in
On Wed, 23 Oct 2019 at 16:54, Maggie Q Roth wrote:
> Hi I am newbie on technology sorry.
> Do you know how I setup gmail to forward to a group of other emails? From
> their webmail I can setup the only one. Will postfix do this stuff?
> Maggie
>
This is not really a postfix question, you've post
On Tue, 22 Oct 2019 at 17:24, Dominic Raferd
wrote:
> On Tue, 22 Oct 2019 at 17:05, Wietse Venema wrote:
> >
> > Noel Jones:
> > > On 10/22/2019 10:27 AM, Dominic Raferd wrote:
> > > > On Tue, 22 Oct 2019 at 16:18, Noel Jones
> wrote:
> > > >
On Tue, 22 Oct 2019 at 17:05, Wietse Venema wrote:
>
> Noel Jones:
> > On 10/22/2019 10:27 AM, Dominic Raferd wrote:
> > > On Tue, 22 Oct 2019 at 16:18, Noel Jones wrote:
> > >> ...
> > >>> I am using postfix 3.3. Apart from cron, the only othe
On Tue, 22 Oct 2019 at 16:18, Noel Jones wrote:
>...
> > I am using postfix 3.3. Apart from cron, the only other local source
> > of such old-style headers that I can find is postfix itself:
> > e.g. From: mailer-dae...@streamingbats.co.uk (Mail Delivery System)
> > - maybe more recent postfix rel
I would like to rewrite an old-style header in a locally-generated
mail (say by cron under Ubuntu 19.04 and earlier) e.g.
From: r...@streamingbats.co.uk (Cron Daemon)
to the new-style header e.g.
From: Cron Daemon
It must be done before milters so that it can be signed by opendkim
milter after t
On Tue, 22 Oct 2019 at 12:04, Wietse Venema wrote:
> Dominic Raferd:
> > By (limited) experiment it seems to me that the action 'PERMIT' is
> > acceptable in access tables in smtpd restriction lists (e.g.
> > smtpd_client_restrictions).
> >
> > As f
By (limited) experiment it seems to me that the action 'PERMIT' is
acceptable in access tables in smtpd restriction lists (e.g.
smtpd_client_restrictions).
As far as I can tell it is undocumented in this context, but I think it is
synonymous with 'OK' i.e. any subsequent tests in the same restrict
On Thu, 26 Sep 2019 at 11:24, Enrico Morelli wrote:
> I've search in my Debian 10 packages but there isn't postscreen.
> Is it in bundle with new postfix version? In Debian 10 I've postfix
> 3.4.5
Yes it is a standard part of postfix - try 'man postscreen'
On Thu, 26 Sep 2019 at 10:52, Henrik K wrote:
>
> On Thu, Sep 26, 2019 at 11:44:11AM +0200, Matus UHLAR - fantomas wrote:
> > On 26.09.19 10:34, Enrico Morelli wrote:
> > >in this days my mail server receiving a lot of mail coming from a
> > >domain ending with .monster...
>
> Obviously these will
On Wed, 25 Sep 2019 at 01:04, James Brown wrote:
> Just wondering if it is worth using Razor.
> https://sourceforge.net/projects/razor/
> Do people find it useful? Anyone using it?
> Seems at bit dated.
>
I use it as part of Spamassassin (running via Amavis) - it is included in
the Ubuntu 'recip
On Tue, 24 Sep 2019 at 12:09, Wietse Venema wrote:
> Dominic Raferd:
> > On Tue, 24 Sep 2019 at 11:31, Matus UHLAR - fantomas
> > wrote:
> >
> > > On 24.09.19 12:11, Paul van der Vlis wrote:
> > > >I am using now much of your setting and it seems to
On Tue, 24 Sep 2019 at 11:31, Matus UHLAR - fantomas
wrote:
> On 24.09.19 12:11, Paul van der Vlis wrote:
> >I am using now much of your setting and it seems to help. Thanks a lot!
>
> I would just like to note that all those reject_rbl_client directives are
> prone to errors when any of those bl
On Sun, 22 Sep 2019 at 14:36, Paul van der Vlis wrote:
>
> Hello,
>
> I would like some suggestions on how to get less spam, I will paste my
> configuration at the end of the mail.
>
> Maybe somebody with a nice setup could post his/her setup?
>
> As you can see, I am experimenting with reject_unk
On Sat, 21 Sep 2019 at 01:21, Wietse Venema wrote:
>
> Benny Pedersen:
> > Daniel Miller skrev den 2019-09-20 23:12:
> >
> > > I'm seeing some higher levels of attempted logins from various
> > > sources. Are there any automated filters that are suggested? Or do I
> > > simply add a check_client_a
On Sat, 21 Sep 2019 at 18:42, Viktor Dukhovni
wrote:
>
> > On Sep 21, 2019, at 9:03 AM, benoit wrote:
> >
> > I have a problem with my postfix sever, I can't connect with TLS, I have
> > this error:
> >
> > Sep 21 10:40:32 jolly postfix/smtpd[23341]: warning: TLS library problem:
> > error:1409
On Thu, 12 Sep 2019 at 10:40, Ignacio García wrote:
>
> El 11/09/2019 a las 14:55, Matus UHLAR - fantomas escribió:
> > On 11.09.19 13:28, Ignacio García wrote:
> >> We have our servers IPs at OVH IP address-space and from time to
> >> time, when we send emails to a small, particular set of
> >> v
On Thu, 12 Sep 2019 at 10:24, Chris Wedgwood wrote:
>
> > I have a postfix-3.2.6 system that acts as a mail server and
> > pop/imap using dovecot for a small domain. The problem is that
> > people are increasingly using it as a relay to a personal account,
> > such as Gmail and Yahoo.
>
> perhaps
On Thu, 12 Sep 2019 at 05:14, John Regan wrote:
> Hi,
>
> I have a postfix-3.2.6 system that acts as a mail server and pop/imap
> using dovecot for a small domain. The problem is that people are
> increasingly using it as a relay to a personal account, such as Gmail and
> Yahoo.
>
> This is resul
On Fri, 6 Sep 2019 at 16:31, Phil Stracchino wrote:
> On 8/10/19 2:17 AM, Dominic Raferd wrote:
> > I have a fail2ban ban - quite active - based on this:
> >
> > failregex = ^%(__prefix_line)sdisconnect from \S+\[\]
> > (ehlo|helo)=\d+ .*auth=0/\d
> >
&g
On Tue, 3 Sep 2019 at 07:52, Benoit Panizzon wrote:
> Dear List
>
> We use Postfix / Dovecot on our email plattform.
>
> Lately I have started seeing more and more emails being accepted by
> postfix, but then rejected by the local delivery agent dovecot with:
>
> 500 5.5.2 Invalid command
>
On Sun, 11 Aug 2019 at 08:51, Rich Wales wrote:
> The best English phrase to use here would be "unnecessary leading zeroes".
>
or just: 'leading zeroes'
BTW I read at
https://www.ibm.com/support/knowledgecenter/en/STCMML8/com.ibm.storage.ts3500.doc/opg_3584_IPv4_IPv6_addresses.html
that leading
I have a fail2ban ban - quite active - based on this:
failregex = ^%(__prefix_line)sdisconnect from \S+\[\] (ehlo|helo)=\d+
.*auth=0/\d
See also http://www.postfix.org/announcements/postfix-3.0.0.html.
(I whitelist a few ips that are our own, or known to run auth tests).
On Wed, 7 Aug 2019 at 01:48, John Dale
wrote:
> I do not have nearly your footprint or users, but I do setup
> DKIM/SPF/DMARC by default. Also, google has an escalation process for
> emails. You submit the request along with the complete email (with
> headers). Work through the process at this
On Tue, 9 Jul 2019 at 17:26, wrote:
>
> Dear Experts,
>
> I am facing a problem that someone is spoofing my domain address and sending
> emails to my own domain users.
> I have set valid SPF, DKIM, DMARC for my Mail server. How can I sort this
> problem with postfix to stop this spoofing ?
> If
On Fri, 28 Jun 2019 at 14:48, Viktor Dukhovni
wrote:
> On Fri, Jun 28, 2019 at 10:26:20AM +0200, Matus UHLAR - fantomas wrote:
>
> > >My question now is: What is the correct/expected behaviour in such a
> > >situation?
> >
> > You apparently should use SRS when forwarding mail. That will change
>
On Fri, 21 Jun 2019 at 14:30, Fazzina, Angelo
wrote:
> > Is possible add a header based on a regex in a subject?
>
> Yes, see
> https://nam01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.postfix.org%2Fheader_checks.5.html&data=02%7C01%7Cangelo.fazzina%40uconn.edu%7C5fe624f0bb2748eb6c120
On Wed, 29 May 2019 at 03:36, VB wrote:
> Hello All , Looking for a suggest
>
> As most of you might have come across the need to route email based on
> sender address / domain , we got into it as well and looking for help :
>
> after some reading we tried to configure :
>
> sender_dependent_def
On Wed, 29 May 2019 at 05:11, wrote:
> i'm trying to setup DKIM & DMARC, set it few days ago, it seemed to be
> working ok(?), well, I did'nt notice errors
>
> noticed today multiple "Permission denied" errors since last night, across
> multiple domains
>
> grep " Permission denied" /var/log/mail
On Wed, 22 May 2019 at 09:11, MRob wrote:
> If I send a message as attachment, header_checks are applied to the
> headers of the attachment also. Why does it happen? Can I turn it off?
>
Try:
nested_header_checks =
On Sun, 28 Apr 2019 at 16:31, Matus UHLAR - fantomas
wrote:
> >>>On 27 Apr 2019, at 15:28, TG Servers wrote:
> But you mean to keep reject_non_fqdn_helo_hostname and
> reject_invalid_helo_hostname, right?
>
> >>On 27 Apr 2019, at 14:28, Bill Cole
> >> wrote:
> >>>Yes but as part of smtpd_
On Sun, 28 Apr 2019 at 07:25, @lbutlr wrote:
> On Apr 27, 2019, at 20:15, Noel Jones wrote:
> >
> > I still use the fqrdns.pcre too, and I can't remember the last false
> negative when it rejected good mail.
>
> Thanks. That’s what I suspected, but confirmation is good to have.
I use it, and f
On Tue, 23 Apr 2019 at 18:35, Bill Cole <
postfixlists-070...@billmail.scconsult.com> wrote:
> On 23 Apr 2019, at 11:46, John Peach wrote:
>
> > On 4/23/19 11:39 AM, Paul wrote:
> >> Yes I agree with Kevin here, the best solution to this problem is an
> >> spf record set to reject mail from any ip
On Mon, 22 Apr 2019 at 16:30, Bill Cole <
postfixlists-070...@billmail.scconsult.com> wrote:
> On 22 Apr 2019, at 10:21, Gary Smithe wrote:
>
> > It's obvious the user is failing authentication, and from what I've
> > read the word: UGFzc3dvcmQ6 is literally "Password:" My question
> > is, does t
On Sun, 21 Apr 2019 at 13:16, Benny Pedersen wrote:
> Dominic Raferd skrev den 2019-04-20 12:02:
> > On Fri, 19 Apr 2019 at 14:11, Benny Pedersen wrote:
> >
> >> i have now disabled milters from trusted maillists ips
> >
> > How did you do this? It might
On Sat, 20 Apr 2019 at 11:18, TG Servers wrote:
>
> Dominic, you should get the mails now, don't you?
>
> On 20 April 2019 12:04:30 Dominic Raferd wrote:
>
>> On Fri, 19 Apr 2019 at 14:11, Benny Pedersen wrote:
>>
>>> i have now disabled milters from tr
On Fri, 19 Apr 2019 at 14:11, Benny Pedersen wrote:
> i have now disabled milters from trusted maillists ips
>
How did you do this? It might help me. I have missed some of this thread
because OP's mails are blocked (correctly of course) by my opendmarc.
On Tue, 16 Apr 2019 at 10:25, Nick Howitt wrote:
>
>
> On 13/04/2019 09:26, Andrey Repin wrote:
> > Greetings, Nick Howitt!
> >
> >> I am receiving some not very nice spam and I was wondering if I could
> >> use as a single filter:
> >> To: contains mydomain
> >> From: is the same as To: (inside
On 12/04/2019 19:36, @lbutlr wrote:
On 12 Apr 2019, at 10:42, micah anderson wrote:
"@lbutlr" writes:
On 12 Apr 2019, at 08:46, micah anderson wrote:
he site https://hardenize.com provides relatively decent Email reports,
along with other reports. It checks a number of things including c
; 2) Addres in Header From (What Dominic said)
> 3) Privileged domain in text of *Header From* (What Dominic said)
>
I don't think there is a definitive list because as soon as there is, those
lovely people out there will think of a new way round it.
Here's another type of From he
On Tue, 9 Apr 2019 at 09:41, Jim P. wrote:
> On Tue, 2019-04-09 at 08:22 +, Laura Smith wrote:
> > OpenDKIM is not signing my mails.
> .
> > KeyTable/etc/opendkim/KeyTable
>
> I think this should be:
>
> KeyTablerefile:/etc/opendkim/KeyTable
>
>
> > Interna
On Mon, 8 Apr 2019 at 16:22, Ralph Seichter wrote:
> * Janis:
>
> > Should I install amavis? It seems so trivial to block spam which
> > pretend to be sent as a spoofed message from oneself but yet I can't
> > block it.
>
> Postfix's check_sender_access suffices to block forged envelope (!)
> sen
On Mon, 8 Apr 2019 at 01:37, Bill Cole <
postfixlists-070...@billmail.scconsult.com> wrote:
> On 7 Apr 2019, at 14:45, Chris Green wrote:
>
> > On Sun, Apr 07, 2019 at 08:23:59PM +0200, Ralph Seichter wrote:
> >> * Chris Green:
> >>
> >>> At the moment (and it's been that way for some years) I hav
On Sat, 6 Apr 2019 at 17:57, Laura Smith
wrote:
> Am currently refreshing my perimeter mail infrastructure.
> The current state of affairs of DKIM signing looks pretty miserable!
> DKIMProxy seems to be abandonware since 2010
> OpenDKIM seems to be going the way of abandonware too (last release i
On Tue, 2 Apr 2019 at 09:45, Esteban L wrote:
> You will need to install fail2ban to ip block failed attempts.
>
> As you have correctly assumed, a malicious person is trying to hack into
> you mail server.
>
> Fail2ban is a required application now and days.
>
> On April 2, 2019 8:57:06 AM GMT+0
On Tue, 2 Apr 2019 at 07:40, De Petter Mattheas <
mattheas.depet...@jandenul.com> wrote:
> Hello
>
>
>
> Can somebody help me?
>
>
>
> So I have setup the nfs share on a windows server 2016 with nfs server
> role.
>
>
>
> Security is set on the device ip of the postfix server read-write with
> all
On Sun, 31 Mar 2019 at 07:40, Jon LaBadie wrote:
> When I try to block spam from repeaters, via access.db,
> firewall, ... the first thing that happens is the blocked
> mail gets delivered via my MX backup host. Mail received
> by this route does not seem to be checked against the
> access datab
On Wed, 27 Mar 2019 at 07:44, De Petter Mattheas <
mattheas.depet...@jandenul.com> wrote:
> Hello Wietse
>
> Can you tell me witch param I need to change in main.cf to mount the nfs
> to the mailq?
>
> Or do I need to make a symbolic link to the current mailq destination?
>
# postconf -d queue_d
101 - 200 of 452 matches
Mail list logo