Re: Basic kind of question

2019-07-17 Thread Rick Zeman
should make the host do > a dns query to find the mx record of example.com . > > Robert > On Wednesday, July 17, 2019, 2:24:46 PM EDT, Rick Zeman > wrote: > > > I inherited a pair of postfix servers configured by someone else and I > think I've been a manager too lo

Basic kind of question

2019-07-17 Thread Rick Zeman
I inherited a pair of postfix servers configured by someone else and I think I've been a manager too long as I can't figure this one out because I'm too rusty with postfix. Scenario: 2 identical postfix servers that only accept mail from mynetworks (other local servers in its /16) with various

Re: Fallback to IPV4 in case of IPV6 is not available

2017-04-01 Thread Rick Zeman
On Sat, Mar 25, 2017 at 2:48 PM, Paul C wrote: > I wish the world would use ipv6 enough for this to be worth doing, but > it's not going to have much benefit to you as there's almost no one > using it for smtp, from the last time I checked which was a few months > ago,

Re: New SASL generic failure

2016-07-11 Thread Rick Zeman
On Sat, Jul 9, 2016 at 9:57 AM, Viktor Dukhovni <postfix-us...@dukhovni.org> wrote: > >> On Jul 8, 2016, at 10:09 PM, Rick Zeman <rze...@gmail.com> wrote: >> >> How might 'filtering out that mechanism" be done, Viktor? Doesn't >> sound (or look like, ba

Re: New SASL generic failure

2016-07-08 Thread Rick Zeman
On Fri, Jul 8, 2016 at 9:17 PM, Viktor Dukhovni wrote: > >> On Jul 8, 2016, at 9:15 PM, Wietse Venema wrote: >> >> Your SASL library cannot authenticate with PLAIN or LOGIN. > > Another possibility is that it supports and prefers XOAUTH2, but

New SASL generic failure

2016-07-08 Thread Rick Zeman
Working system that suddenly started crapping out on SASL-authenticated connections to its relay. Nothing's changed for this 2.11.0 Apple-supplied postfix, and the username/password authenticates fine to smtp.comcast.com (relay). I'm not see what's wrong (must be what "generic" means lol).

Re: One more post-rebuild weirdness

2016-03-23 Thread Rick Zeman
On Tue, Mar 22, 2016 at 11:25 PM, Noel Jones <njo...@megan.vbhcs.org> wrote: > On 3/22/2016 10:03 PM, Rick Zeman wrote: >> Oops, knew I forgot something, Noel. This is a (soft) bounce f >> recipient that does exist on the destination system, but not on the >> postf

Re: One more post-rebuild weirdness

2016-03-22 Thread Rick Zeman
25 miniserv postfix/qmgr[68145]: 48C83278ED96: removed On Tue, Mar 22, 2016 at 10:17 PM, Noel Jones <njo...@megan.vbhcs.org> wrote: > On 3/22/2016 8:54 PM, Rick Zeman wrote: >> OS X Postfix system rebuilt as a relay with no local mailboxes, but >> we're not passing inbound mail to

One more post-rebuild weirdness

2016-03-22 Thread Rick Zeman
OS X Postfix system rebuilt as a relay with no local mailboxes, but we're not passing inbound mail to the final destination except for the few people who have local accounts on the postfix server. Soft bounce is onluckily (great safety net, Wietse). I have something that's negating

TLS question on OS X

2016-03-20 Thread Rick Zeman
Howdy, Upgrading Apple server to Apple's postfix 2.11.0 and seeing this in the logs: Mar 20 12:12:53 miniserv postfix/smtpd[43174]: warning: TLS library problem: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown

Re: Why is postfix talking to aspmx.google spamexperts?

2014-09-15 Thread Rick Zeman
On Mon, Sep 15, 2014 at 5:42 PM, Marius Gologan marius.golo...@gmail.com wrote: Extract the queue-ids from the logs and hold those messages for later delivery: postsuper -h queue-id (or postsuper -h ALL to hold everything in the queue) to un-hold: postqueue -H queue-id (or postsuper -H ALL to

Re: Request help with SASL issue and postfix

2014-08-16 Thread Rick Zeman
On Sat, Aug 16, 2014 at 5:18 PM, Viktor Dukhovni postfix-us...@dukhovni.org wrote: [...] inet_protocols = all Set this to ipv4, you don't have ipv6 connectivity. I wouldn't be so hasty, Viktor. It looks like he is routing IPv6, as does Comcast (I know that from personal experience): Aug 16

/etc/postfix dependency?

2014-06-03 Thread Rick Zeman
Wietse: Begin quote from Postfix sendmail manpage -C config_file -C config_dir The path name of the Postfix main.cf file, or of its parent directory. This information is ignored with Postfix versions before 2.3. With

Re: /etc/postfix dependency?

2014-06-03 Thread Rick Zeman
On Tue, Jun 3, 2014 at 11:18 AM, Viktor Dukhovni postfix-us...@dukhovni.org wrote: On Tue, Jun 03, 2014 at 10:31:34AM -0500, Rick Zeman wrote: I'm using the Apple-compiled Postfix 2.9.4 that comes with Mac Mavericks server. One thing that made setup much harder than it needed to be for me

Re: /etc/postfix dependency?

2014-06-03 Thread Rick Zeman
On Tue, Jun 3, 2014 at 12:04 PM, Wietse Venema wie...@porcupine.org wrote: Rick Zeman: I'm using the Apple-compiled Postfix 2.9.4 that comes with Mac Mavericks server. One thing that made setup much harder than it needed to be for me is that Apple puts their postfix config files

Re: TLS issues (postfix says: UNTRUSTED but it is not)

2014-05-13 Thread Rick Zeman
On Tue, May 13, 2014 at 9:31 AM, Viktor Dukhovni postfix-us...@dukhovni.org wrote: The logging is misleading, it should say Anonymous rather than untrusted. This is fixed in 2.11.1 and 2.12 snapshots. I'm glad of that. That confused the heck out of me, too.

Re: postfix setup: machine with live ip forwarding traffic to home machine

2014-05-05 Thread Rick Zeman
On Mon, May 5, 2014 at 3:36 AM, hiren panchasara hiren.panchas...@gmail.com wrote: This is how it should work, afaik: Sending: Initiates from my home box and go out via VM. Receiving: VM receives it and forwards to home box. (I've also tried sending through my home machine on port 587 but

Heartbleed via smtpd?

2014-04-12 Thread Rick Zeman
I'm guessing since I've received a bunch of these over the past few days that these are Heartbleed scrape attempts, especially since these IPs belongs to our friends in the former Soviet Union. Agreed? (It's an Apple server so it uses its own goto fail TLS library, and only has an older version

Re: value of zero not documented for message_size_limit

2014-04-11 Thread Rick Zeman
On Fri, Apr 11, 2014 at 7:14 AM, Wietse Venema wie...@porcupine.org wrote: Markus Sch?nhaber: Hi, while the documentation for mailbox_size_limit http://www.postfix.org/postconf.5.html#mailbox_size_limit explicitly states [...] or zero (no limit)., the doc for message_size_limit

IPv6 to IPv4 fallback

2014-04-06 Thread Rick Zeman
Howdy, I now have IPv6 routing working along with inet_protocols = all in my main.cf (Postfix 2.9.4). I've noticed that using my outbound relay (which is load balanced across many machines) will connect with either protocol with no discernible pattern even to the same destination. Going by the

Re: Using transport only if local user exists

2014-03-16 Thread Rick Zeman
On Sat, Mar 15, 2014 at 11:34 PM, Noel Jones njo...@megan.vbhcs.org wrote: On 3/15/2014 5:08 PM, Rick Zeman wrote: I've started working on my bastard Mac postfix relay. For delivery to the local domain, it will only relay to the internal mail server defined in transport if the user exists

Re: Using transport only if local user exists

2014-03-16 Thread Rick Zeman
On Sun, Mar 16, 2014 at 9:43 AM, Noel Jones njo...@megan.vbhcs.org wrote: On 3/16/2014 8:31 AM, Rick Zeman wrote: On Sat, Mar 15, 2014 at 11:34 PM, Noel Jones njo...@megan.vbhcs.org wrote: On 3/15/2014 5:08 PM, Rick Zeman wrote: I've started working on my bastard Mac postfix relay

Using transport only if local user exists

2014-03-15 Thread Rick Zeman
I've started working on my bastard Mac postfix relay. For delivery to the local domain, it will only relay to the internal mail server defined in transport if the user exists locally on the postfix box...and I can't figure out why (luckily, the 450 safety net is there!). I could see how it would

Re: Mac Postfix gateway local delivering.

2014-03-02 Thread Rick Zeman
I On Sat, Mar 1, 2014 at 8:46 PM, Wietse Venema wie...@porcupine.org wrote: What is in this file? I've got delivery to the relay host working, and delivery to the local mail destination; however it only works from the server's command line Connections for mail coming outside of

Re: Mac Postfix gateway local delivering.

2014-03-02 Thread Rick Zeman
is in this file? Rick Zeman: pointyears.net smtp:[192.168.1.5]:587 Based on the configuration details that you have given in earlier .email, Postfix cannot invoke the local delivery agent. Therefore, what you have shown is not the configuration that Postfix uses. Yes, thanks. Apple has postfix

Mac Postfix gateway local delivering.

2014-03-01 Thread Rick Zeman
Howdy, I'm trying to set up a Mac version of postfix (2.9.4) as a mail gateway. It's been many years since I've set up a postfix instance, and being extremely rusty I've gotten myself stuck. I've got things working so that mail destined for outside the domain gets delivered to the relay host on

Re: Mac Postfix gateway local delivering.

2014-03-01 Thread Rick Zeman
On Sat, Mar 1, 2014 at 7:50 PM, li...@rhsoft.net li...@rhsoft.net wrote: Am 02.03.2014 01:08, schrieb Rick Zeman: Howdy, I'm trying to set up a Mac version of postfix (2.9.4) as a mail gateway. It's been many years since I've set up a postfix instance, and being extremely rusty I've

Re: Mac Postfix gateway local delivering.

2014-03-01 Thread Rick Zeman
I'm sure everyone else knows this, but OS X keeps has two complete sets of postfix config files. Guess who, based on linux experience, was using /etc/postfix? On Sat, Mar 1, 2014 at 8:10 PM, Rick Zeman rze...@gmail.com wrote: On Sat, Mar 1, 2014 at 7:50 PM, li...@rhsoft.net li...@rhsoft.net

Re: Mac Postfix gateway local delivering.

2014-03-01 Thread Rick Zeman
On Sat, Mar 1, 2014 at 8:46 PM, Wietse Venema wie...@porcupine.org wrote: Rick Zeman: mydestination = local_transport = error:local mail delivery is disabled Nevertheless, you have some mail going to the local delivery agent. transport_maps = hash:/etc/postfix/transport What

Post upgrade problem(?)

2012-07-08 Thread Rick Zeman
Just upgraded to 3.93 from 3.62 from source (amazingly smooth make upgrade after skipping 3 years of interim versions. Easier than using an rpm!). I fixed the TLS database location warnings that cropped up in the logs, but I'm also seeing: Jul 8 21:51:51 tux postfix/verify[28749]: close

quick and dirty SASL

2009-11-11 Thread Rick Zeman
Howdy, I have sasl installed and postfix uses it for its outbound relay just fine. I need now for a smart phone or two to use postfix to send mail. Am I correct that there's no mechanism like smtp_sasl_password_maps = hash:/etc/postfix/sasl_password for smtpd? Just need a quick and dirty one

Re: quick and dirty SASL

2009-11-11 Thread Rick Zeman
On Wed, Nov 11, 2009 at 11:06 AM, Eero Volotinen eero.voloti...@iki.fi wrote: Rick Zeman wrote: Howdy, I have sasl installed and postfix uses it for its outbound relay just fine.  I need now for a smart phone or two to use postfix to send mail.  Am I correct that there's no mechanism like

Re: Interesting tumgreyspf/postfix/gmail problem

2008-10-15 Thread Rick Zeman
On Tue, Oct 14, 2008 at 11:41 PM, Henrik K [EMAIL PROTECTED] wrote: On Tue, Oct 14, 2008 at 05:32:56PM -0400, Rick Zeman wrote: Just discovered that gmail is now retrying greylisted email from not only multiple servers, but from multiple servers located within different subnets...which totally

Interesting tumgreyspf/postfix/gmail problem

2008-10-14 Thread Rick Zeman
Just discovered that gmail is now retrying greylisted email from not only multiple servers, but from multiple servers located within different subnets...which totally breaks breaks tumgreyspf greylisting implementation. I kind of like it cuz it uses the filesystem to store its data. However,