e "-N never" instead
resubmit unix - n n - 10 pipe
flags=Rq user=nobody null_sender=
argv=/usr/local/libexec/resubmit_mail.sh -N success -- ${recipient}
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning
thank you
Wietse.
On 2024-05-23 at 02:31:05 UTC-0400 (Thu, 23 May 2024 08:31:05 +0200)
Matus UHLAR - fantomas via Postfix-users
is rumored to have said:
not, unless they are listed in zen.spamhaus.org, which should not
happen.
On 23.05.24 09:45, Bill Cole via Postfix-users wrote:
Ze
thank you Wietse.
not, unless they are listed in zen.spamhaus.org, which should not happen.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek rekl
may cause troubles.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Nothing is fool-proof to a tal
produced the output.
postfix/local is just reporting error message from dovecot-lda.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
42.7 percent
reverses the ipv6 ip, thus
not recognizing it like postscreen?
Matus UHLAR - fantomas via Postfix-users skrev den 2024-05-15 11:29:
This is how DNSBLs work, so you can simple block 2607:f8b0:4864:: by
defining *.4.6.8.4.0.b.8.f.7.0.6.2.bl.spamcop.net
On 15.05.24 12:17, Benny Pedersen via Postfix
reverses the ipv6 ip, thus not
recognizing it like postscreen?
This is how DNSBLs work, so you can simple block 2607:f8b0:4864:: by defining
*.4.6.8.4.0.b.8.f.7.0.6.2.bl.spamcop.net
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail
.c:1621:SSL alert number
46:
simple search for "ssl alert 46" provides answer, that it is certificate
unknown by client. Perhaps you have self-signed certificate or you fail to
provide intermediate certificate from your CA.
--
Matus UHLAR - fantomas, uh...@fantomas
and the documentation does not elaborate
whether this is a good or bad idea.
perhaps the default value for alias_maps could be something like:
alias_maps = $alias_database, nis:mail.aliases
But the rest still applies.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish
no idea how feasible this is - would be
some tooling to pull out different versions of the message as they flow
through the queues.
Interesting how long latent bugs can lie around, isn’t it?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e
apped".
Do not rely on these MUAs behaviour by dropping the final "=".
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Due to u
domain.
looking backup my mailbox I found that mail from a domain with no DKIM that
passes SPF is marked as dmarc=fail so it looks like SPF is not checked at
all on the list server.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail
mmend to look at the "format=flowed" option which is nicer
approach.
RFC 3676 addresses this.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu pos
, there's stil possibility of rewriting From:
header and DKIM-signing it.
Alternativelly, tell customer that the sender does not wish their mail to
be forwarded.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising
from courier to dovecot + lda
and want to know if I will need the sieve solution again or not...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu p
Στις 11/4/24 10:59, ο/η Matus UHLAR - fantomas via Postfix-users έγραψε:
It still works, but you may need supplementary software as amavis,
sagator, spamass-milter or mimedefang because SpamAssassin only
focuses on classification, not about delivery.
On 11.04.24 11:54, Dimitris via Postfix
ight the impact of different DNSBLs to fit your needs and to
make explicit direct exemptions if you like.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek rek
, Matus UHLAR - fantomas via Postfix-users wrote:
I use them on many servers.
I just use postscreen which supports scoring and only block when
more than one blocklist hits.
On 11.04.24 09:55, DL Neil via Postfix-users wrote:
For the benefit of those of us following-along with the conversation
, I use only their "Dynamic IP" list.
sorbs dyna is supposed to contain the same IP addresses as spamhaus PBL
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTA
servers.
I just use postscreen which supports scoring and only block when more than
one blocklist hits.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek
file
- can feed mail to a program or a file
- can change mail sender when "alias" is the recipient and "owner-alias"
exists
Preferrably use virtual_alias_maps, but if you need any of alias_maps
features, use that one.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ;
server
and deliver it to the outside world, and supply bounce/error
notifications.
So, where did you see the error? Can you post the whole syslog message?
On 3/28/2024 7:15 AM, Matus UHLAR - fantomas via Postfix-users wrote:
Please use plaintext for list mail.
On 28.03.24 06:39, Samuel Goodies via Postfi
ine would authenticate, but I think I
misunderstood.
Can someone point me to where I messed up?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
kup_key as
another allowed sender.
http://www.postfix.org/postconf.5.html#smtpd_null_access_lookup_key
with 10.245.16.24 being list-server1
After all googleing and manual reading I have done, I can't find a
solution and hope someone
can point me into the right direction.
--
Matus UHLAR - fantomas, uh...
On Thu, Mar 21, 2024 at 03:20:23PM +0100, Matus UHLAR - fantomas via
Postfix-users wrote:
Wietse Venema via Postfix-users:
smtpd_discard_ehlo_keyword_address_maps =
cidr:{ {!10/8 silent-discard,dsn} }
On 23.02.24 11:12, Wietse Venema via Postfix-users wrote:
But that does
Matus UHLAR - fantomas via Postfix-users:
> as I maintain some mail gateways with postfix, I would like to discard the
> DSN ehlo keyword, from all hosts but internal network.
>
> I see that with smtpd_discard_ehlo_keyword_address_maps
> "Tables will be searched in the s
directly to some maildir folder ?
The easiest way I know is to use user and let the user store mail to its own
maildir.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem
blocklists
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I don't have lysdexia. The Dog woul
/0.1,
dsn=2.0.0, status=sent
Mar 8 12:02:21 fantomas postfix/smtp[26684]: 4TrjtN6SF2z4wB0:
to=, relay=...
In case of domains in relay_domains, the command could be even
postfix/relay, so one needs to exclude that one as well.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk
So I guess there is no way for a milter/policy server to know about
rejected recipients (other than parsing log file)?
e.g. the DCC milter would report total count of recipients (including
rejected/non-existing) to DCC servers.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.s
d? Please disabuse me of any incorrect notions.
yes, that could help, but it's pretty much work.
I find it better to explicitly test server for relaying.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovani
, not outgoing. Just like smtpd_*_limit
- these are to limit receiving mail from your clients, not sending it out.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek
you need it. Before
smtpd_data_restrictions you don't see recipient_count either.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I drive way too
On 3 Mar 2024, at 19:24, Matus UHLAR - fantomas via Postfix-users
wrote:
The question was if there is other solution for this.
On 04.03.24 11:52, Gerben Wierda via Postfix-users wrote:
Indeed. If I use an alias in /etc/aliases, mail from X to that alias gets
delivered to my original
Matus UHLAR - fantomas via Postfix-users skrev den 2024-03-03 15:59:
milters vrfydmn and milterfrom, which allow you to reject mail where
envelope and header from: are different
On 03.03.24 17:20, Benny Pedersen via Postfix-users wrote:
ok if smtpd_milter_maps knows all maillist ips to not use
r solution for this.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
We are but packets in the Internet of life (userfr
disallowed
(envelope) from addresses
- milters vrfydmn and milterfrom, which allow you to reject mail where
envelope and header from: are different
neither of these controls the non e-mail part of header From: tho.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning
have them at the same place.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
They that can give up essential liberty to obtain a little
that isn't
coming from Microsoft. Maybe I could whitelist the Microsoft IP space in
rbl_override.
microsoft has been reported to have many problems with their sending IPs
being listed in blocklists.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish
:03:54 AM Matus UHLAR - fantomas via Postfix-users
:
What's in /etc/postfix/rbl_override ? It obviously does not match 40.107.93.98
On 24.02.24 06:12, lists--- via Postfix-users wrote:
The rbl_override file only contains domain names with "space OK". If I
whitelisted that IP addres
tch 40.107.93.98
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
One OS to rule them all, One OS to find them,
One OS to bring them
n} }
Does smtpd_discard_ehlo_keyword_address_maps override value in
smtpd_discard_ehlo_keywords if a match is found?
thanks
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Matus UHLAR - fantomas via Postfix-users wrote in
:
...
|I can now also say that these milters:
|
|pyspf-milter
|opendkim
|opendmarc
|
|(at least their versions in Debian 12)
|
|do NOT remove existing Authentication-Results: and thus this ste is
|necessary to avoid possible confusion of mail
confusion of mail filters.
the "openarc" milter seems to detect and remove offending header.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek rekl
arning:
: SASL LOGIN authentication failed: Invalid
authentication mechanism
your sasl server does not support LOGIN authentication mechanism.
with dovecot, you need to set up in dovecot config e.g.:
auth_mechanisms = plain login
and with cyrus sasl, your smtpd config needs e.g.:
mech_list: PLAIN
t 587 as
implicit SSL, instead of explitic (STARTTLS).
implicit SSL should be used on port 465 (aka smtps/submissions service)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem
Reviving my a bit old question.
Matus UHLAR - fantomas via Postfix-users:
RFC 8601 section 5. requires deleting Authentication-Results headers from
incoming messages. This should be done at trusted border, so when receiving
message via SMTP from clients or the world, except MX gateways
On 15.02.24 15:27, Simon Hoffmann via Postfix-users wrote:
> - it took 4h for the sender to get a notification that the domain was not
found
Matus UHLAR - fantomas via Postfix-users wrote:
this should be configuable by tuning delay_warning_time
On 15.02.24 16:10, Simon Hoffmann via Post
configure domain verification on that internal servers and I
recommend doing so.
You can hypotetically override the code from your smarthost on your internal
mail server by using smtp_delivery_status_filter but you must be damn
careful about that.
--
Matus UHLAR - fantomas, uh...@fantom
' target before you DROP/DENY/REJECT (I
prefer REJECT with an ICMP host/port unreachable for _all_ ports on my
side of the link).
Unfortunately it only provides IP you have banned, not from/to mail
addresses.
However I also implemented it because of too many attacks on servers...
--
Matus UHLAR
lue.
http://www.postfix.org/postconf.5.html#local_header_rewrite_clients
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Christian Science Programmi
attention to the
email itself has the correct structure
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"They say when you play t
On Feb 8, 2024, at 01:56, Matus UHLAR - fantomas via Postfix-users
wrote:
I have removed postgrey from servers I manage a few years ago.
- without good exemption lists, you'll run into hours long waiting for
email from various mail services that attempt multiple times from
multiple IP
but is a bit
more safe to use.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
M$ Win's are shit, do not use
sent to a mailbot, but if
you forward to an address that has a problem which results error mail, you
don't want to forward that error mail to the same address again.
Especially if that error looks like "gmail has decided your mail is spam"
--
Matus UHLAR - fantomas, uh...@fantomas
On 2/7/24 10:48, Matus UHLAR - fantomas via Postfix-users wrote:
postscreen is great against bots, but fail2ban with firwall are still better
against abusers.
On 07.02.24 10:52, Phil Stracchino via Postfix-users wrote:
And once you get the "Aha!" insight into how its configuration wo
then
pause the 20 again and again.
I think I have become somewhat of a challenge.
I'll try using postscreen and see how it shakes out.
postscreen is great against bots, but fail2ban with firwall are still better
against abusers.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
was set to deny it, would that signal the server and
limit the attempts?
The sending IP most likely would not care. It's better to keep that IP in
firewall, maybe dropping packets, maybe tarpitting them (most probably
requires addons to your firewall).
--
Matus UHLAR - fantomas, uh...@fantomas.sk
looking again at your paste:
>> >https://pastebin.mozilla.org/i5tMtPAk
you should drop from mua_recipient_restrictions everything perhaps except:
mua_recipient_restrictions =
reject_non_fqdn_recipient,
reject_unlisted_recipient,
reject_unauth_destination,
...perhaps add (for sure)
permi
em too.
I have moved those to postscreen and only use like nonexistent domains,
users, banned domains described above
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT aku
too.
I have moved those to postscreen and only use like nonexistent domains,
users, banned domains described above
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolve
t is your
load balancer, you should fix its reverse DNS (i.e. a PTR record at
79.157.202.186.in-addr.arpa.)
this is needed if e-mail comes from that IP.
On 2024-01-31 at 03:32:20 UTC-0500 (Wed, 31 Jan 2024 09:32:20 +0100)
Matus UHLAR - fantomas via Postfix-users
is rumored to have said:
In fact
TP
RFCs issued so far.
However, if your HELO string is invalid or not existing, it's somehow common
for some servers to refuse mail from you.
Since you did not provide us with your real address nor the error message
spamhaus provides when you check for your IPs, it's really hard to help you.
quot;
> echo "# CCARGS=$CCARGS"
> echo "# AUXLIBS=$AUXLIBS"
>
> -env | grep '^AUXLIBS_' | sed 's/^/# /'
> +env | grep '^AUXLIBS_' | sed 's/^/# /' | LC_ALL=C sort
>
> echo "# shared=$shared"
> echo "# dynamicmaps=$dynamicmaps"
> e
weaker than on
client connections (smtp_tls_mandatory_* options)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
(R)etry, (A)bort, (C)ancer
ant though.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
42.7 percent of all statistics a
Matus UHLAR - fantomas:
Do you remove those headers on your servers?
On 17.01.24 08:57, David Bürgin via Postfix-users wrote:
In my chain of milters, the very first one simply deletes incoming
Authentication-Results whose authserv-id equals $myhostname … The rest
of the milters can
headers on your servers?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
You have the right to remain silent. Anything you say
is
processed always) nor in virtual_mailbox_maps (which is processed for
virtual mailbox domains).
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu
43\000\237
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Remember half the people you know are below a
11\000\212\000\026\0003\000g\300\236\300\242\000\236\0009\000k\300\237\300\243\000\237
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Chr
do you want allow them send e-mail as any user?
Because that's what such wildcard would to.
I just don't want stupid bots to try to play...
Perhaps try explaining your problem more deeply?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to rec
returning positive values for all lookups (already happened):
zen.spamhaus.org=127.0.0.[0..255]
dnsbl.sorbs.net=127.0.0.[0..255]
bl.spamcop.net=127.0.0.2
list.dnswl.org=127.0.[0..255].[0..255]*-1
list.dnswl.org=127.0.[0..255].3*-1
I guess other bl's also provide list of correct values
--
Matus UHLAR
lookups which in the end make things worse.
they will most likely be cached so this should not happen.
It's still pointless however.
Postscreen is sufficient
and better in filtering with rbl services. Am I right?
yes.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk
have
blocked the .onmicrosoft.com domain at MTA level.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Chernobyl was an Windows 95 beta
help much.
Do you have any or know about tool that processes log files to produce
statistics usable for limiting?
Thanks.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem
tion will block
receiving srs-forwarded addresses because your MTA will say they do not
exist.
Note that one of the point why SRS addresses exist is to validate the sender
and to be able to know what forwarded address fails.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Wa
rmat SRS0+... and SRS1+..., so I redirected
"SRS0" and "SRS1" address (plus is understood as address extension).
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto a
ders added by local milters (spf,dkim,arc,dmarc...) are not trusted.
Unless the protocol supports providing this information, ability to see
Received: header at proper place would increase SA effectiveness, which is I
believe what OP asks for. And I would be happy as well.
--
Matus UHLAR - fantomas,
.
So, it would be great if postfix could optionally add (or, better, not remove)
locally added Received: header, although milters would need to implement
this feature first.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
WinError #9: Out of error messages
enter the zeitgeist and
perpetuate (see mandatory rotating passwords every 90 days) :-)
On 29/11/2023 19:45, Matus UHLAR - fantomas via Postfix-users wrote:
I completely agree, perhaps if you sent us a link we could comment.
There is of course security practice of turning off everything you
don't use, b
uot;s=email" from DNS record as
Victor stated here:
https://marc.info/?l=postfix-users=170110674327922=2
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT
ting it in master.cf means disabling it, not just turning it off.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I intend to live fore
with headers "From: oysu...@jipstalles.de" and
"To: jcrh...@izac.fr"?
That's job for spam filter.
How can I block them, please ?
Ps : I have multiple domains on my postfix server, managed on my mysql database.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fan
combined filter like amavis that
supports dkim signing and adding headers, perhaps combined with altermime.
I have no experience with this.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto
applies.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I feel like I'm diagonally parked in a parallel universe
Dino Edwards via Postfix-users skrev den 2023-11-14 13:43:
I would appreciate some assistance.
On 14.11.23 18:13, Benny Pedersen via Postfix-users wrote:
https://amavisd-milter.sourceforge.net/
just use that, it replace all milters you have
Matus UHLAR - fantomas via Postfix-users skrev
/amavisd-milter just an older
version.
but it does not support dmarc.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
- Have you got anything
say anything. There are simply no entries for opendmarc going
anything, i.e. opendmarc does not get called thus no logs.
I run opendmarc and it shows report after each e-mail. I just had to set
"syslog true" in opendmarc.conf. Try that.
--
Matus UHLAR - fantomas, uh...@fantomas
.0.1:54321
non_smtpd_milters = $smtpd_milters
what do logs say?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The 3 biggets disasters:
wonder, if your internal systems produce any kind of e-mail, do you
really want to simply discard it?
I recommend finding out why such mail is generated and stop it from
happening instead.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail
ransport = lmtp:unix:private/dovecot-lmtp
smtpd_sasl_type = dovecot
mailbox_transport = lmtp:unix:private/dovecot-lmtp
many thanks for all the thoughts & suggestions. L.
Perhaps you could configure local copy+forward via sieve scripts.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www
server.
On 05.11.23 15:12, Benny Pedersen via Postfix-users wrote:
its more simple to let postfix use /etc/resolver.conf as is, and then
let spam filter use loopback ips only
spamassassin local.cf:
this does not apply for checks done in postfix.
--
Matus UHLAR - fantomas, uh...@fantomas.sk
On 02.11.23 10:49, Ivan Ionut via Postfix-users wrote:
> Hi, it's possible that postscreen does not block the email when
> postscreen_dnsbl_threshold is reached but to pass that email to
> spamassassin(with a score and a tag).
* Matus UHLAR - fantomas via Postfix-users :
Postsc
sources.
This is often used with massmailing services that have separate DKIM key
(selector) than your organizations' mail server.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem
Dnia 2.11.2023 o godz. 09:42:01 Matus UHLAR - fantomas via Postfix-users pisze:
(once more: DKIM applies on header From:, SPF on envelope from:).
On 02.11.23 11:18, Jaroslaw Rafa via Postfix-users wrote:
And DMARC requires that both be identical (actually, from the same domain -
user part
On 02.11.23 10:49, Ivan Ionut via Postfix-users wrote:
Hi, it's possible that postscreen does not block the email when
postscreen_dnsbl_threshold is reached but to pass that email to
spamassassin(with a score and a tag).
Postscreen does not tag. It passes or blocks the mail.
--
Matus UHLAR
:, so the new DKIM signature is correct.
DMARC on domain simply configures, that all mail from that domain passes
DKIM ot SPF check from that domain, and what to do with mail that does not
pass either.
(once more: DKIM applies on header From:, SPF on envelope from:).
--
Matus UHL
On 31.10.23 12:26, Michael W. Lucas via Postfix-users wrote:
Is there a way to dump the postscreen database, showing which
addresses are cached and why?
I guess postmap -s could do that.
http://www.postfix.org/postmap.1.html
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
1 - 100 of 1272 matches
Mail list logo