On Sep 18, 2014, at 7:45 AM, terrygalant.li...@fastest.cc wrote:
I've been reading the discussion here and the various approaches to blocking
extensions
I'd gotten this from a friend awhile ago, and have been using it
With
postfix_header_checks =
On Sep 17, 2014, at 3:28 PM, Bill Cole
postfixlists-070...@billmail.scconsult.com wrote:
On 16 Sep 2014, at 18:18, Philip Prindeville wrote:
MIMEDefang allows you to do all this, plus you can call Perl modules like
File::Type on attachments to figure out if the file has been mistyped (i.e
On Sep 14, 2014, at 2:17 AM, li...@rhsoft.net wrote:
Am 14.09.2014 um 01:54 schrieb Philip Prindeville:
On Sep 13, 2014, at 7:35 AM, li...@rhsoft.net wrote:
Am 13.09.2014 um 15:10 schrieb LuKreme:
On 12 Sep 2014, at 13:55 , li...@rhsoft.net wrote:
Am 12.09.2014 um 21:49 schrieb Philip
MIMEDefang allows you to do all this, plus you can call Perl modules like
File::Type on attachments to figure out if the file has been mistyped (i.e. the
content-type disagrees with what the actual file header and/or file extension
says it is).
-Philip
On Sep 16, 2014, at 12:04 PM,
On Sep 12, 2014, at 1:55 PM, li...@rhsoft.net wrote:
Am 12.09.2014 um 21:49 schrieb Philip Prindeville:
However, any time I connect via telnet to this server and specify
*any* IP address in the form [X.X.X.X], the smtpd_helo_restrictions
won't trigger.
This is both legal and reasonable
On Sep 13, 2014, at 7:35 AM, li...@rhsoft.net wrote:
Am 13.09.2014 um 15:10 schrieb LuKreme:
On 12 Sep 2014, at 13:55 , li...@rhsoft.net wrote:
Am 12.09.2014 um 21:49 schrieb Philip Prindeville:
However, any time I connect via telnet to this server and specify
*any* IP address in the form
On Sep 13, 2014, at 7:59 PM, Wietse Venema wie...@porcupine.org wrote:
Philip Prindeville:
Who says anything about mail servers? What if it's an MUA doing
this?
If the MUA connects to the MX service (port25) then it is an issue.
If the MUA connects to port 587, then the server should
On Sep 5, 2014, at 2:36 PM, Edwin Marqe edwinma...@gmail.com wrote:
Hi,
I've been doing some tests recently regarding to the EHLO command, and
I was wondering whether the below detailed behavior is the expected
one or not.
I have this in my Postfix config:
smtpd_helo_restrictions =
On Feb 25, 2014, at 3:44 AM, Eivind Olsen eiv...@aminor.no wrote:
Hello (or should that be EHLO? :))
It has been a while since I've had a need to change my Postfix
configuration, so I'm a bit rusty. I have searched, checked the
configuration, etc. No luck yet.
Is it possible to get
On 1/3/12 12:36 AM, Lorens Kockum wrote:
On Sun, Jan 01, 2012 at 06:00:46PM -0700, Philip Prindeville wrote:
I have a 'border' postfix MTA that doesn't host any mailboxes, indeed it
doesn't even know what the valid usernames are for the domain.
It merely serves to check messages for viruses
On 1/2/12 7:08 AM, Jeroen Geilman wrote:
On 01/02/2012 02:00 AM, Philip Prindeville wrote:
I have a 'border' postfix MTA that doesn't host any mailboxes, indeed it
doesn't even know what the valid usernames are for the domain.
It merely serves to check messages for viruses, and block DoS
I have a 'border' postfix MTA that doesn't host any mailboxes, indeed it
doesn't even know what the valid usernames are for the domain.
It merely serves to check messages for viruses, and block DoS attacks.
As such, I need it to perform aliasing *only* on messages generated locally by
system
On 12/9/11 8:07 AM, Grant wrote:
I should add that I took Noel's advice and Thunderbird is connecting
remotely to 587 and Squirrelmail is connecting locally to 587 without
encryption or authentication. The above config pertains to that
arrangement.
- Grant
Now whenever you upgrade
On 12/9/11 2:26 AM, Reindl Harald wrote:
well, as long thunderbird offers STARTTLS or SSL and for SSL 465 as
default and as long 465 does not eat anybodys children
It kicked my dog once...
On 12/9/11 11:39 AM, Grant wrote:
I should add that I took Noel's advice and Thunderbird is connecting
remotely to 587 and Squirrelmail is connecting locally to 587 without
encryption or authentication. The above config pertains to that
arrangement.
- Grant
Now whenever you upgrade
On 12/9/11 1:36 PM, /dev/rob0 wrote:
On Friday 09 December 2011 14:23:01 Philip Prindeville wrote:
On 12/9/11 11:39 AM, Grant wrote:
Philip:
Now whenever you upgrade Squirrelmail to something current,
you can pass your free time trying to figure out how to get
it to do STARTTLS
On 12/8/11 8:46 AM, Grant wrote:
I don't see why local Squirrelmail won't send mail over 587,
but remote Thunderbird will. Squirrelmail also won't send mail over
port 25, but it will send mail over 465.
Do you have a new-enough SquirrelMail? From the looks of it, the only
version = 1.5.1
On 12/8/11 1:06 PM, Grant wrote:
I don't think you're really getting the significance of port 587 vs. port 25.
I think you're right.
587 can be used encrypted or unencrypted, authenticated (preferably) or
not... you could for instance just limit 587 connections from a particular
subnet,
On 12/8/11 1:49 PM, Grant wrote:
25 is used by your MTA to receive *incoming* messages from other
administrative domains (organizations).
Port 25 is never used to submit outbound messages? If not, I'm
confused as to why Squirrelmail describes its SMTP Port setting this
way:
This is the
On 12/8/11 4:29 PM, Grant wrote:
Is it alright to send on port 25 from Squirrelmail when it's on the
same machine as postfix? That way I can make 587 require TLS and
authentication but not require that local Squirrelmail encrypt or
authenticate.
No, I'd do exactly what I said we do here:
On 12/8/11 5:33 PM, Reindl Harald wrote:
Got it. I misunderstood you before. May I ask why using 465 for
Thunderbird and Squirrelmail would be better than 587 for Thunderbird
and 25 for Squirrelmail talking to localhost?
there is no better
configure a server as YOU need
Well, there
Just a point of clarification... port 465 isn't deprecated because it was
never formerly assigned by IANA.
It was highjacked by some mailer (I forget which) and when 587 was assigned, it
was agreed to stop using the former port.
As for one of your questions, it's assumed that 465 comes up with
On 12/3/11 7:15 AM, Wietse Venema wrote:
Philip Prindeville:
Dec 2 20:32:54 localhost postfix/smtpd[9440]: warning: connect
to Milter service unix:/var/spool/MIMEDefang/mimedefang.sock:
Permission denied
Does the error go away if you turn off SeLinux?
Wietse
Could have sworn
I tried to set up Postfix (2.6.6) on a Centos6 system (yes, I've filed a bug
for them to bump to something 2.8.x-ish)... as:
Dec 1 20:26:05 localhost postfix/smtpd[7743]: warning: connect to Milter
service unix:/var/spool/MIMEDefang/mimedefang.sock: Permission denied
# ls -ld
On 12/2/11 2:19 PM, Wietse Venema wrote:
Philip Prindeville:
Would it make sense to add a parameter of additional gid's that
you want smtpd to retain?
Perhaps you can use a class inet socket on 127.0.0.1. That
will have less impact on the Postfix security architecture.
With 64k ports, you
Sorry about the noob questions, but it's been 12 years or more since I stared
at Postfix...
First, is there a way to get an out-of-the-box (in my case, Postfix 2.6.6
compiled for Centos6/EPEL6) to get $mydomain and $myhostname from the
canonicalized hostname?
I.e. to do a:
gethostname(buf);
On 12/1/11 1:45 PM, Philip Prindeville wrote:
Also, smtpd seems to silently ignore:
submission ... smtpd ... -o inet_interfaces=127.0.0.1 in master.cf
I was hoping to be able to use this to get it to listen for submissions only
on 127.0.0.1:587... but as I said, it ignores the -o
27 matches
Mail list logo