I can tell you there is significant spam from that Microsoft IP space. That
spamcop doesn't have false positives, but rather due to the sharing of IP
space, senders that aren't spammers get tarred with the same brush as the
spammers. I did a grep on the maillog files and that is a firehose of
My sender_access file contains
charity.donation.jp REJECT
postmap -q charity.donation.jp hash:sender_access
REJECT
So it returns REJECT as expected. However testing some random users at
the domain:
postmap -q m...@charity.donation.jp hash:sender_access
returns nothing. Is the domain being
Well do I put the domain in sender_access or sender_checks?
It looks like sender_access with an OK since it acts on the FROK field.
https://www.postfix.org/postconf.5.html
I have a sender_checks file but I don't see that on the postfix.org website. Is
that a deprecated parameter?
Feb 27, 2024
I still have that problem with the sender that used a spammy microsoft
server that gets rejected by IP for using spamcop. I put the domain in
the client_checks file but the sender gets bounced.
postconf mail_version
mail_version = 3.8.1
compatibility_level = 2
The client_checks line was
That should work. Thanks
https://www.postfix.org/access.5.html
Feb 24, 2024 8:05:00 AM Matus UHLAR - fantomas via Postfix-users
:
>>> On 24.02.24 00:49, lists--- via Postfix-users wrote:
>>>> I have set up rbl_override for the sender's domain.
> [...]
>>&
https://www.dnswl.org/?page_id=15
I get your point but this is for a different blocking list. That is spamcop and
spamassassin have different blocking lists.
What I really need is a way to make the rbl_override work for the domain name
that has been related.
I am going to review my logs
6:03:54 AM Matus UHLAR - fantomas via Postfix-users
:
> On 24.02.24 00:49, lists--- via Postfix-users wrote:
>> I have set up rbl_override for the sender's domain. However it
>> occasionally gets blocked by spamcop. The user owns a domain but relays
>> the mail from outlook.
&g
I have set up rbl_override for the sender's domain. However it
occasionally gets blocked by spamcop. The user owns a domain but relays
the mail from outlook.
Here is the bounce message the user received:
**
Remote server returned '550 5.7.514 Decision Engine classified the mail
item
I have postfix/dovecot/mysql with virtual domains on centos;
I would like to migrate working server setup to new host on rocky 8
installed new rocky with postfix as is available for rocky
what's the best way to do such ?
do I install ghettoforge repo on rocky, get version pf 3.8.5 then copy
On 14-12-2023 14:20, Wietse Venema via Postfix-users wrote:
As a few on this list may recall, it is 25 years ago today that the
"IBM secure mailer" had its public beta release. This was accompanied
by a nice article in the New York Times business section.
...
That was a long time ago.
I have a user with an 'old' printer/scanner who wants to scan/email scans
from the home located device
printer offers:
machine email address:
SMTP server:
SMTP server port:
send authentication: PoPb4SMTP/SMTP AUTH: Plain/Login/CRAM-MD5/Auto
login name:
passwd:
tried 587 with each of the 4 AUTH
On Sun, September 10, 2023 2:03 am, Viktor Dukhovni via Postfix-users wrote:
> Hard to say, you're not well prepared to isolate the issue, and
> the symptoms are diverse.
Viktor, Matus, many thanks!!
Viktor, I think and I'm afraid you've hit the nail on the head... that's
certainly large if not
On Sat, September 9, 2023 9:00 pm, Matus UHLAR - fantomas via
Postfix-users wrote:
>> On Sat, September 9, 2023 2:42 am, Matus UHLAR - fantomas via
>> Postfix-users wrote:
Matus, Michel, thanks
> did you reorder those lines? look at timestamps.
didn't intend to, but maybe stuffed up when I've
On Sat, September 9, 2023 3:52 am, Viktor Dukhovni via Postfix-users wrote:
> On Fri, Sep 08, 2023 at 11:13:02PM +1000, lists--- via Postfix-users
> wrote:
>
> Your amavis content filter has a non-trivial backlog of mail, probably
> because each message takes a long time to
On Sat, September 9, 2023 2:42 am, Matus UHLAR - fantomas via
Postfix-users wrote:
> On 08.09.23 23:13, lists--- via Postfix-users wrote:
Matus, Viktor, thanks
> logs from unsuccessful attempts are important, not from the one that
> succeeded.
is there some proper way to
a user reported mail client message:
"It hard to sent mail we try 2-3 times then sent."
screengrab from mail client had: sending failed, couldn't send, connection
to outgoing server timed out
I couldn't noticed anything, tail maillog, saw emails going, probably
looking at wrong things ?
there is bug report for PMilter:
https://rt.cpan.org/Ticket/Display.html?id=145263
On 2022.12.11. 15:10, Wietse Venema wrote:
lists+post...@sad.lv:
Hello !
I met an issue with milter when multiple messages pushed within single
smtp session (using pipelining indeed):
warning: milter unix:/run
Hello !
I met an issue with milter when multiple messages pushed within single
smtp session (using pipelining indeed):
warning: milter unix:/run/t.socket: unexpected filter response
SMFIR_ADDHEADER after event SMFIC_MAIL
It looks similar for
Quoting Viktor Dukhovni :
On Wed, Sep 28, 2022 at 07:22:37PM +0200, Lists Nethead wrote:
> Your server defaults to an ECDSA P-384 certificate, the client may not
> support ECDSA at all, or may not support P-384 (P-256 is a more broadly
> supported choice):
>
> $ posttls-
Quoting Viktor Dukhovni :
On Wed, Sep 28, 2022 at 06:47:39PM +0200, Lists Nethead wrote:
>> smtpd_tls_protocols = >=TLSv1.2
>
> That's not the default setting.
>
>> smtpd_tls_exclude_ciphers = aNULL
>
> This is only appeases clueless auditors, in reality it
Quoting Benny Pedersen :
Lists Nethead skrev den 2022-09-28 18:47:
smtpd_tls_protocols = >=TLSv1.2
Hm, what is the default then?
put an # infront of this line in main.cf, then do a postfix reload
simple ? :=)
If this would enable everything from tls1, no.
Quoting Viktor Dukhovni :
On Wed, Sep 28, 2022 at 06:38:15PM +0200, Lists Nethead wrote:
Hello again postfix-users,
After Viktor gave really helpful advise re SSLv3, now on to the next
problem, dealing with crypto is opening a can of worms, at least where
I am.
We cannot receive messages
Hello again postfix-users,
After Viktor gave really helpful advise re SSLv3, now on to the next
problem, dealing with crypto is opening a can of worms, at least where
I am.
We cannot receive messages from a Big Corp, our Postfix MX's responds
with "no shared cipher". The configuration
Quoting Viktor Dukhovni :
On Sun, Sep 25, 2022 at 10:24:23AM +0200, Lists Nethead wrote:
> You probably do not need a dedicated port, just configure both an
> RSA and a DSA certificate. Why you'd want to do this is a mystery,
> an SMTP client that only supports DSS is rather a mus
Quoting Viktor Dukhovni :
On Sat, Sep 24, 2022 at 01:22:30PM +0200, Lists Nethead wrote:
I am tasked with what the subject says, to enable
DHE-DSS-AES128-SHA SSLv3 Kx=DH Au=DSS Enc=AES(128) Mac=SHA1
from a specific IP.
Note that while the cipher was first defined for use in SSLv3
Hello Postfix users,
I am tasked with what the subject says, to enable
DHE-DSS-AES128-SHA SSLv3 Kx=DH Au=DSS Enc=AES(128) Mac=SHA1
from a specific IP.
I suppose that must be a lookup table but unsure about the syntax. Or,
is smtpd_discard_ehlo_keyword_address_maps the way to go?
Thankful
thank you, everyone, much appreciate advice and testing!
I'll try to summarize how it went:
user is India complained he couldn't access geko.sbt.net.au mail server
as there was an issue with some 'links' at data centre reported few hours
earlier, I assumed it was related and didn't try to test
On Sat, September 17, 2022 7:54 pm, Matus UHLAR - fantomas wrote:
> your domain is registered to ns1.netregistry.net. nameservers:
>
> Name Server: NS1.NETREGISTRY.NET
> Name Server: NS2.NETREGISTRY.NET
> Name Server: NS3.NETREGISTRY.NET
>
>
> however, NS records say otherwise:
>
> sbt.net.au.
I have mail server on geko.sbt.net.au serving sbt.net.au as well as
several other TLD domains,
a while back using help from this list, some write ups and mxtoolbox as
means of verifying/testing I've set SPF/DKIM/DMARC (or so I thought...)
as it seemed to pass all test I was able to run, I assumed
I have a simple 'mail list' where an alias 'ct...@sbt.net.au' sends email
to several recipients, that's been in use since long time.
today noticed one of these addresses started bouncing with '5.7.1 SPF
unauthorized mail' since just today:
what am I doing wrong ?
worked:
Aug 23 09:27:25 geko
The TOTP built into Linux has a 30 second time limit but most implementations
approve the stale code making it effectively 60 seconds.
Hackers have either implemented or there was a proof of concept (I forget
which) where a man in the middle attack intercepted the token. That is more
likely
and utopian mind set and may not = reality or not readily work in more scenarios than what issues it’s trying to address. Feasibility question(s) really.ThanksAndrewOn 27/04/2022, at 2:00 PM, lists <li...@lazygranch.com> wrote: https://www.reddit.com/r/postfix/Well there is a subreddit for postfix
https://www.reddit.com/r/postfix/Well there is a subreddit for postfix. News to me but I just joined it. I do my best to stay out of these "conversations" on the listserv and reserve my posts for when I am really stumped. But since I am posting put me in the firewall geofence crowd. I have done
FWIW my VPS only allows one reverse pointer. I host multiple domains so only
one reverse pointer will match. My mail does not get bounced for that.
And before someone posts you can have more than one reverse pointer per IP the
VPS (Digital Ocean) says it can't be done.
Original
Perhaps someone who knows how to update wiki can add this information.
https://en.wikipedia.org/wiki/Postfix_(software)
Original Message
From: wie...@porcupine.org
Sent: March 27, 2022 3:01 PM
To: postfix-users@postfix.org
Reply-to: postfix-users@postfix.org
Subject: Re:
nything posted publicly to the Internet risks
> the fate of being forever public, and that it most true for postings
> to lists like this one.
>
> This is a public mailing list. It does not have a single
> authoritative archive.
It could help a bit if OP would know where exactly hi
I was pondering adding a header item on certain incoming mail. Specifically
mail from some lists that do not arrive with an explicit "Reply-To: Some-list".
One might ask why? Well certain older email clients (MUA's?) choose to, upon a
"reply" to select the address of th
Le 29.09.2021 à 06:33, Viktor Dukhovni a écrit :
On Wed, Sep 29, 2021 at 02:19:53PM +1000, raf wrote:
If you really have a problem that you think would be
solved by relocating the hold queue, you could mount
another file system over the hold queue directory.
That might work. But it might a
Hello,
When creating /var/spool/postfix/hold as symlink to another folder I get
the following error from Postfix :
* "move to hold queue failed: No such file or directory"
...even when doing "chmod 777" on the target directory.
Do you know if postfix is unable to work with "hold" as
Sorry for the top posting.
http://www.stretchoid.com/
has a way to opt out. Unfortunately they want you to give them your IP space
rather than the other way around. They use a floating IP scheme and can't
easily be blocked.
Original Message
From: 400the...@gmx.ch
Sent:
The was brought up as a point of curiosity on Steve Gibson's "Security Now"
podcast a few months ago. My recollection is Chrome has the same plan. But the
interesting thing is Mozilla surveyed to see who used FTP. It was some fraction
of a percent as you can imagine. But later it dawned on me
Hi Bill,
Le 14.04.2021 à 14:51, Bill Cole a écrit :
On 14 Apr 2021, at 5:47, (lists) Denis BUCHER wrote:
It's very strange, but without changing anything in the configuration
of Postfix, we have corrupted SMTP transactions from Thunderbird
bêta (Windows) and Outlook (MacOS) but not from
P. S. daemon started -- version 2.9.6
Le 14.04.2021 à 11:55, (lists) Denis BUCHER a écrit :
P. S. The logs in my previous email are from Thunderbird Windows
bêta, here are the logs from MacOS Outlook :
Apr 14 11:07:44 mailsvr postfix/smtps/smtpd[19395]: connect from
185.81.185.81
11:14:06 mailsvr postfix/smtps/smtpd[19395]: disconnect from
185.81.185.81.rev.sfr.net[81.185.81.185]
Denis
Le 14.04.2021 à 11:47, (lists) Denis BUCHER a écrit :
Hello everyone,
It's very strange, but without changing anything in the configuration
of Postfix, we have corrupted SMTP tra
Hello everyone,
It's very strange, but without changing anything in the configuration of
Postfix, we have corrupted SMTP transactions from Thunderbird bêta
(Windows) and Outlook (MacOS) but not from command line (Linux) and not
from Thunderbird release (Windows).
The transaction looks like
I use "update" instead of "upgrade". You can Google for the difference.
Since I am on a cloud server, I usually do an image first since email can be
tricky to debug.
Original Message
From: craigwilso...@hotmail.com
Sent: January 2, 2021 2:39 PM
To:
I have a check to reject 'fancy TLDs' as below
smtpd_sender_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
check_sender_access pcre:/etc/postfix/sender_pcre,
check_sender_access pcre:/etc/postfix/reject_domains
cat /etc/postfix/reject_domains
/\.bid$/ REJECT We reject all .bid
About 70% of my spam these days contains links to Google Forms. I've been
googling for tips on how to reject such email but Google find hits for the
converse. (People are complaining about Gmail blocking Google Forms which is
ironic.)
My current configuration doesn't include SpamAssassin
I would think running an open relay test would be step one.
https://mxtoolbox.com/diagnostic.aspx
There are probably half a dozen online services that do this. Which brings me
to my question: Is there an open relay test website that is considered the
best? I have noticed some run multiple
I run a personal mail server. Back when I used freeBSD, everyone once in a while amavisd would cause the mail queue to stall. I can't be bothered playing sysadmin to keep things running. My advice is to employ whatever Google wants, namely spf and DKIM. Look as legit as possible. Even then you
https://github.com/tierpod/dmarc-report-converter/blob/master/README.mdThis sounds like what you want. I have no first hand experience with the code but I am going to put this on my "lock down" task list. I like the idea of the code mailing a HTML report. This way I don't have to expose the
On Tue, March 10, 2020 12:33 pm, Viktor Dukhovni wrote:
>
> One interesting tidbit however is the 111s "before active" time in the
> delays= times.
>
> http://www.postfix.org/postconf.5.html#delay_logging_resolution_limit
>
>
> This does seem to suggest that it took ~111 seconds for the message
On Tue, March 10, 2020 10:27 am, Wietse Venema wrote:
> This is Postfix logging while SENDING email through an after-queue
> content filter (which has serious congestion, but that is not the problem
> in $SUBJECT).
>
> To come back to $SUBJECT, if you have user clients timing out, then
> you
I have a user with Tbird, reports
"when replying to an email with an embeded PNG image TBird reporting:
"Sending Mssage/Status Delivering mail.../Progress 99%"
then it times out"
looking in the log (I think at the correct transaction?) I see like:
not sure where/how/what to look to t/s this ??
Thanks. I appreciate that postfix would kick out a different error.
Original Message
From: wie...@porcupine.org
Sent: February 17, 2020 6:55 AM
To: postfix-users@postfix.org
Reply-to: postfix-users@postfix.org
Subject: Re: gmail reverse host issue
> Feb 17 06:18:10 mydomain
https://access.redhat.com/solutions/120383Did you do the poodle block back in the day?
future
You can use MIME::Lite (or something similiar) to build a message
including body and headers with wrong date format then forward the
message to Postfix for testing.
regards.
on 2020/1/7 16:47, lists wrote:
> Is there some easy way to send email with the wrong date to test this? We
Is there some easy way to send email with the wrong date to test this? We'll
other than setting the wrong date on the computer.
Original Message
From: r...@wagenaar.nu
Sent: January 7, 2020 12:37 AM
To: postfix-users@postfix.org
Reply-to: r...@wagenaar.nu
Subject: Re: Mail rejected
Thanks. Not the smartest spammer. The "from" lasts a while but the "reply" is
static for months. I just got tired of blocking the "from" periodically.
Original Message
From: postfix-us...@dukhovni.org
Sent: December 11, 2019 6:57 PM
To: postfix-users@postfix.org
Reply-to:
Seriously is there ever a case not to use port 587?
You ruled out cloud solutions? (Original text deleted for brevity.)
a privacy oriented mailserver
On 25 Nov 2019, at 22:53, lists wrote:
> Security is privacy.
More precisely: Security includes privacy. Privacy is an essential *PART
OF* security.
The remit requested by the OP is really too broad to answer on a public
mailing list intended for discuss
Security is privacy.
Original Message
From: postmas...@wsly.de
Sent: November 25, 2019 6:25 PM
To: li...@lazygranch.com; postfix-users@postfix.org
Subject: Re: how to setup a privacy oriented mailserver
Hi
on 2019/11/26 10:22, lists wrote:
> At a minimum, I would set it up to
At a minimum, I would set it up to use port 587. Then block via firewall all
the email ports other than port 25 all countries from which you will not be
using the server.
Keep the attack surface small. For example don't provide for web based email.
Original Message
From:
https://www.sshguard.net/
This is a simpler alternative to fail2ban. It has hooks for postfix and
dovecot. The only disadvantage is SSHGuard isn't in my repo. You have to build
it.
That said, I just use it for ssh. I use Anvil settings in postfix to slow down
the occasional skid. Less is
/2019 07.27, lists wrote:
> Let me try again. So the email comes in. Some programs gets your public key
> and then encrypts the email on the server.
I imagine, in theory it should work like this:
New email comes in, and as it moves through the Postfix mail delivery
pipeline, at some
: 400the...@gmx.ch
Sent: October 26, 2019 10:46 PM
To: postfix-users@postfix.org
Subject: Re: postfix filter to encrypt incoming emails with public gpg key
On 27/10/2019 06.26, lists wrote:
> My bank insists I use their website for anything secure. I don't get anything
> in my email that
My bank insists I use their website for anything secure. I don't get anything
in my email that would be a security problem.
That said, have you inquired if your bank will use pgp? I know that sounds like
crazy talk, but some banks have PGP. (OT but note Amazon can do PGP too.)
Wouldn't a
As an aside, I have stopped some real live human beings from getting these dumb
TLDs. Apparently "design" is one that is becoming popular for obvious but wrong
headed reasons.
https://en.m.wikipedia.org/wiki/.design
Original Message
From: xxdpp...@yahoo.com
Sent: October 23, 2019
Le 17.10.2019 à 00:16, Noel Jones a écrit :
On 10/16/2019 4:48 PM, (lists) Denis BUCHER wrote:
Hello everyone,
I read a lot of emails on this ML and on the web without finding the
solution, or I do something wrong.
I just want that all emails to a specific recipient are put on hold.
I
Hello everyone,
I read a lot of emails on this ML and on the web without finding the
solution, or I do something wrong.
I just want that all emails to a specific recipient are put on hold.
I thought this would work, but it doesn't :
* main.cf :
o smtpd_relay_restrictions =
Port 465 was deprecated for email. Port 587 is the way to go.
The only email port I don't firewall on my server is 25. On the rest of the
email ports, I block all countries that I don't visit. In addition I use my 40k
worth of CIDRs that from hosting companies, VSPs, etc. that have hacked my
or receive from Gmail
The website for “netsecdesign.com” is different than the one for my postfix gateway. Different machine, different IP address, different cert.
From: <owner-postfix-us...@postfix.org> on behalf of lists <li...@lazygranch.com>
Date: Friday, June 21, 2019
If you are netsecdesign.com, ssllabs says your cert has issues. Not that this may be your problem, but I would fix that first.
I'm attempting to implement dkim/dmarc, noticed that many spam messages
have like "fail (message has been altered)":
Authentication-Results: geko.sbt.net.au (amavisd-new);
dkim=pass (1024-bit key) header.d=dossierinfotech.in.net;
domainkeys=fail (1024-bit key)
reason="fail
On Thu, May 30, 2019 12:52 am, Benny Pedersen wrote:
> li...@sbt.net.au skrev den 2019-05-29 06:09:
> change /var/run to /var/tmp
>
> if you reboot with your config you will loose data
>
> /var/tmp must not be cleaned after boots, /tmp will be cleaned on boot
>
>
> permission denied comes from
On Wed, May 29, 2019 4:51 pm, Dominic Raferd wrote:
> On Wed, 29 May 2019 at 05:11, wrote:
>
> I think you need to use a suitable UMask setting in /etc/opendmarc.conf
> e.g. 0002 - see UMask in man opendmarc.conf. And I don't think /var/run is
> a logical place to put the history file. /var/log
i'm trying to setup DKIM & DMARC, set it few days ago, it seemed to be
working ok(?), well, I did'nt notice errors
noticed today multiple "Permission denied" errors since last night, across
multiple domains
grep " Permission denied" /var/log/maillog | wc
1943 19430 200491
May 29 13:41:43
On Fri, May 24, 2019 9:31 pm, Matus UHLAR - fantomas wrote:
>> which one should be bypassed, and, how to do so ?
>
> very hard to say withoutmore info. What do milters on ports 8891 and 8893
> do?
OpenDKIM and OpenDMARC
I was just installing DKIM followed by DMARC using Steve Jenkins howto
following earlier advice here, I've finally tried to set DKIM
I think I'm getting there, but I've noticed it's doubling up[1], with amavis
which one should be bypassed, and, how to do so ?
thanks, V
from main.cf
..
content_filter = smtp-amavis:[127.0.0.1]:10024
It had been my experience that the firewall uses more resources that SSHGuard.
Certainly it uses more memory.
The thing to bear in mind is what resources will be used if the offending IP
address is not blocked. Some of these bots that attack web servers will fire
off a hundred useless hacks.
:52, Lefteris Tsintjelis wrote:
>> Would be great to consider its future adoption and if possible to take it
>> even further to interact with postscreen.
>
> Why would this be a good thing for postfix to do?
>
> There are already plenty of tools that generate block lis
urther to interact with postscreen.
Why would this be a good thing for postfix to do?
There are already plenty of tools that generate block lists for the various
types of firewalls out there, and they do not require patching postfix.
SSHGuard and Fail2Ban are two that seem to work very well.
--
Love s
address
On 4/23/19 2:40 PM, lists wrote:
> I would investigate using rspamd rather than spamassassin. At the moment
> I run neither since I have settled upon a nice mix of RBLs and check the
> reverse pointer. That Perl code to get rid of dynamic domains really
> helps n
I would investigate using rspamd rather than spamassassin. At the moment I run neither since I have settled upon a nice mix of RBLs and check the reverse pointer. That Perl code to get rid of dynamic domains really helps nuke spammers.Spamassassin tends to use a lot of memory. When I was using
On Sat, April 6, 2019 8:47 pm, John Fawcett wrote:
> On 06/04/2019 01:43, li...@sbt.net.au wrote:
>> what did I do wrong ?
>
> no mysql file in dynamicmaps.cf.d ?
>
> I guess it should have been in the postfix3-mysql pacakge you installed
>
>
> yum --enablerepo=gf-plus whatprovides
>
I'm trying to migrate server to new vm, installed postfix* from GF (1)
but, after copying over main.cf/master.cf get this:
Apr 6 00:34:46 emu postfix/proxymap[15601]: error: unsupported dictionary
type: mysql
Apr 6 00:34:46 emu postfix/proxymap[15601]: error: unsupported dictionary
>
> On Mar 25, 2019, at 11:28 AM, Viktor Dukhovni
> wrote:
>
> As for why "mynetworks" is not enough, perhaps time to look
> at your master.cf file...
Fixed. I needed a “From” header for gmail to accept it. That was inside the
Ruby gem configuration.
Cheers
_
Rich in
> On Mar 25, 2019, at 11:28 AM, Viktor Dukhovni
> wrote:
>
> As for why "mynetworks" is not enough, perhaps time to look
> at your master.cf file...
Here it is:
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command:
> On Mar 25, 2019, at 1:37 AM, Viktor Dukhovni
> wrote:
>
>>
>> # /var/log/mail.log:
>> Mar 24 18:37:35 alpha.mydomain.com postfix/postscreen[11964]: CONNECT from
>> [192.168.1.4]:52147 to [192.168.1.6]:25
>> Mar 24 18:37:35 alpha.mydomain.com postfix/postscreen[11964]: PASS OLD
>>
> On Mar 25, 2019, at 1:37 AM, Viktor Dukhovni
> wrote:
>
> This must be some Apple-specific Postfix setting, are you running Apple's
> Postfix binaries?
mail_version = 2.9.2
_
Rich in Toronto @ VP
> On Mar 24, 2019, at 6:31 PM, Viktor Dukhovni
> wrote:
>
> On Sun, Mar 24, 2019 at 05:36:56PM -0400, VP Lists wrote:
>
>> smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated
>> permit
>
> What do you expect this to do?
At th
> On Mar 24, 2019, at 5:20 PM, B. Reino wrote:
>
> Sorry for top posting. Mobile client here..
No problem. I don’t mind top-posting anywhere.
> Your mynetworks has 192.168.0.0/24 but you say you use 192.168.x.x, i.e.
> 192.168.0.0/16.
>
> In the headers of your mail I see 192.168.1.4,
Hi folks.
I’m on a LAN, with a mail server on OS X Server Mountain Lion. It’s running
Postfix as a mail server.
My LAN has a 192.168.x.x range. I’m getting that error when an app I’m
developing, is trying to send an email out through this email server to the
internet. A gmail address
I have a user with TBird saying they get ocassional error when trying to
send with SASL AUTH, looking at log, I see this;
Mar 17 22:10:44 postfix/smtpd[11975]: connect from
111-222-333-444.static.tpgi.com.au[111.222.333.444]
Mar 17 22:10:45 postfix/smtpd[11975]: Anonymous TLS connection
> I found my notes. This is for RHEL:
thanks for all the replies, all very helpful, half way there
V
I;m looking at adding DKIM to my Postfix
is there some up to date DKIM setup write up for multi domain Postfix
setup ? most of the ones I've found are for single domain, and, use
different setups, hence I'm trying to figure out what's the best way to
set this up.
V
On Sat, March 9, 2019 4:53 am, Bill Cole wrote:
> On 8 Mar 2019, at 7:33, li...@sbt.net.au wrote:
>> is that an OK idea ?
>
> That's how I always do it, and it works well. Make sure you reduce the
> TTL value of the A record to a short value for at least twice the normal
> TTL before doing the
I have Postfix/Dovecot/Mysql on Centos 7 with mail_version = 3.2.4
setup new server same hostname as old server with mail_version = 3.3.3
using same hostname as old server
the thought was to change A records to point mailserver hostname to new
server IP at switch over time
is that an OK idea ?
Thank you. This should only happen for email from "mynetworks", right?
On 2018-11-20 3:34 pm, Wietse Venema wrote:
li...@mbchandler.net:
I'm trying to understand why this is happening and how to prevent it.
I
have a relay where if an email is sent to it with just a name in the
Header From,
1 - 100 of 401 matches
Mail list logo
