Re: issue warning for deferred emails

On 2/20/2023 4:20 PM, Doug Denault wrote: On Mon, 20 Feb 2023, Wietse Venema wrote: Doug Denault: The most current message (edited for privacy): Feb 20 09:25:14 freeport postfix/qmgr[88969]: 7883F510EBC: from=, size=1943447, nrcpt=41 (queue active) Feb 20 09:25:15 freeport

Re: issue warning for deferred emails

On 2/20/2023 9:25 AM, Doug Denault wrote: On Mon, 20 Feb 2023, Wietse Venema wrote: Doug Denault: On Sun, 19 Feb 2023, Viktor Dukhovni wrote: On Sun, Feb 19, 2023 at 10:35:43PM -0500, Doug Denault wrote: With my setup no warning is deferred errors such as 'time out' or 'Connection

Re: Blocking TLDs

On 2/8/2023 3:14 AM, Viktor Dukhovni wrote: On Wed, Feb 08, 2023 at 10:00:14AM +0200, mailm...@ionos.gr wrote: /\.top$/ REJECT /\.xyz$/ REJECT /\.cam$/ REJECT /\.fun$/ REJECT /\.buzz$/ REJECT /\.club$/ REJECT /\.link$/ REJECT /\.hinet\.net$/ REJECT Why everyone feels they need regular

Re: Are non_smtpd_milters applied to mail delivered via smtpd?

On 1/26/2023 1:44 AM, Matus UHLAR - fantomas wrote: On 25.01.23 10:24, Matus UHLAR - fantomas wrote: I forgot to mention I use amavisd-new because of these reasons. To be more precise, when receiving mail from internet on port 25, I prefer amavisd-milter talking to amavisd so we can reject

Re: Replacing initial "Received:" line on submission?

On 1/13/2023 12:02 AM, Benny Pedersen wrote: Jaroslaw Rafa skrev den 2023-01-12 21:52: Dnia 12.01.2023 o godz. 13:49:33 post...@ptld.com pisze: My solution... main.cf:     smtp_header_checks = pcre:/etc/postfix/header_checks_smtp /etc/postfix/header_checks_smtp:     /^Received:/  

Re: parent_domain_matches_subdomains && smtpd_access_maps

On 1/2/2023 1:38 PM, Laurent Frigault wrote: Is there any way to have some smtpd_access_maps with parent_domain_matches_subdomains and some other without it ? I have : smtpd_recipient_restrictions = permit_mynetworks reject_non_fqdn_sender reject_unknown_sender_domain

Re: run script on new connection?

On 12/26/2022 4:18 PM, mats wrote: First statement: I'm new to Postfix Second statement: I'm old enough that a 30mb harddrive was big then I started working with computers .. The Challenge I want to be able to run my own "idp" type script when someone tries to connect to my mailserver.

Re: How to run a script on postfix authentication failure

On 12/5/2022 10:03 AM, post...@ptld.com wrote: Is there a way, in postfix, to run a script when the authentication fails, please ? I would like to use nftables sets, with the timeout option, to ban IP addresses. I know fail2ban exists, but I am considering other options. nftables sets,

uceprotect.wtf (was: Send email to one @domain.com via authenticated relay?)

On 12/2/2022 3:27 PM, Joachim Lindenberg wrote: UCEProtect are gangsters, even the founder admits: https://uceprotect.wtf/ > You don´t want to do anything about it, except you are located in Europe> and can complain to their customers and authorities violating GDPR. Excuse me, Joachim, but did

Re: Send email to one @domain.com via authenticated relay?

On 12/3/2022 9:37 AM, John Stoffel wrote: "Jim" == Jim Popovitch writes: On Fri, 2022-12-02 at 11:36 -0500, John Stoffel wrote: I check, but I find my IP for mail.stoffel.org in the UCEPROTECT-3 spam list. Nothing I can do about it. I doubt that many sites block by using UCEPROTECH-3

Re: Is there an easy way to "warm up" a new sending IP w/ Postfix

On 11/30/2022 12:42 AM, Sean Hennessey wrote: I'm going to toy w/ that one tomorrow, I don't recall seeing in your original post though the plumbing to config postfix to use the postgress db. I was going to send a mail on that tomorrow, but while you are here  As with everything in Postfix,

Re: postfix/cleanup logs

On 11/15/2022 2:25 AM, Fourhundred Thecat wrote: I have this option in master.cf for smtpd:   -o cleanup_service_name=anonymize-sender-ip and here it is defined:   anonymize-sender-ip  unix  n -    n    -    0 cleanup   -o

Re: How to verify that the Return-Path matches the From header

On 11/14/2022 9:16 AM, wodel youchi wrote: Some of my users got emails pretending to be from the admin, but looking into the source of these emails, the From header was modified to mislead the users, but the return-path still holds the real sender email address. What is the best way to deal

Re: how to differ the remote SMTP clients

On 10/28/2022 7:44 AM, Jaroslaw Rafa wrote: Dnia 28.10.2022 o godz. 20:40:44 Piperみかこ pisze: What's the difference between these two options? smtp_use_tls smtpd_use_tls The first one is for outgoing mail, the second one for incoming. And BOTH are deprecated. smtp(8) is for the SMTP

Re: Cannot resolve support@ alias

On 10/25/2022 3:58 PM, Dominik George wrote: I am facing a strange issue here, where I cannot resolve a virtual alias with the local part support@. I have a domain example.com in $virtual_mailbox_domains. The virtual transport sends mail on to Dovecot. For virtual aliases, I use a basic hash

Re: comments in config files

On 9/27/2022 2:00 AM, juan smitt wrote: Can you please confirm that it won't cause any problem if we put comments at the end of config lines? Example: file: /etc/postfix/virtual postmaster postmas...@example.com # this is a comment https://www.postfix.org/virtual.5.html See TABLE FORMAT

Re: How to setup the secondary MX server

On 9/15/2022 8:45 AM, I wrote: The concept of "secondary MX" dates way back to pre-spam days. I think it can safely be considered an outmoded idea at this point. But if you insist on doing it, make sure that you use:   * Recipient validation   * Identical anti-spam controls on both hosts

Re: How to setup the secondary MX server

On Wed, Sep 14 2022 at 07:10:57 PM +0800, Henrik Pang wrote: Hello, Is there a guide for adding a secondary MX with postfix? the secondary MX would forward messages to the main MX. When the main MX was in failure, the secondary MX should hold messages for some time. On 9/14/2022 6:14 AM,

Re: Milter vs. policy protocol

On 2022-08-12 06:23, Dominik George wrote: now that I have moved alias expansion to a socketmap service, I was wondering what would be best for policy checks (for now, as simple as "is address A allowed to send to address B?). This os obviously possible using the milter, but then there is

Re: Where to place spamhaus tests

On 2022-08-08 03:09, Linkcheck wrote: Thank you, but there never was an error in my resolver, which I have not altered in any way. Then the error is PEBKAC, in that you are not reading what people have told you. Especially note the link to the Spamhaus FAQ about query blocking and the

Re: Where to place spamhaus tests

On 2022-08-07 08:50, Linkcheck wrote: On 07/08/2022 1:12 pm, Rob McGee wrote: dig 2.0.0.127.zen.spamhaus.org. any ANY has to be after DIG, not at the end, but... Thank you for the correction. But as you have probably discovered by now, my syntax was correct. In fact refer to the SIMPLE

Re: Where to place spamhaus tests

On 2022-08-07 06:08, PGNet Dev wrote: For reference, a couple of samples of the blocked emails are: NOQUEUE: reject: RCPT from o4.email.wetransfer.com[192.254.123.89]: 554 5.7.1 Service I would add to the useful information below that neither sample is in fact listed in Zen at this time.

Re: order of recipients in To, Cc, etc.

On 2022-07-04 00:21, pat...@patpro.net wrote: Few days ago I've stumbled on this gem: https://twitter.com/gabsmashh/status/1542154330836553728 This is not a technical problem that can be fixed. The problem is the manager and his/her personal insecurity. Email protocols make no distinction in

Re: How can I set a "Reply-To" header ?

On 2022-06-30 23:41, Bob Proulx wrote: Wietse Venema wrote: White, Daniel E. (GSFC-770.0)[AEGIS]: > I found out how to do it from command line: > > echo -e "Testing Mail\nThank you" | mailx -v -s "Testing Mail" -S "reply-to=yom...@example.com" m...@example.com This

Re: Rejecting mail from localhost.localdomain

On 2022-06-26 21:23, Alex wrote: Hi, I was surprised to see I received an email with localhost.localdomain as the envelope sender. It was a legitimate email, but not from my This would have been stopped by http://www.postfix.org/postconf.5.html#reject_unknown_sender_domain (unless you have

Re: Spamtrap email — milter that can still receive, but reject?

On 2022-05-24 09:14, Dan Mahoney wrote: Is there a milter of some sort that I can configure to reject (for some to: addresses) at the end of DATA, but still forward the mail on? Im dealing with some deleted users who both got a lot of spam, but also were in the critical path for things and I’m

Re: Migrate mbox from 2.6.6 to 3.5.6

On 2022-05-19 22:13, Phil Stracchino wrote: On 5/19/22 19:25, Jim Garrison wrote: I am migrating an ancient mail server running 2.6.6 to a new host running postfix 3.5.6. This is a simple setup with just a handful of users and no complications like virtual mailboxes. Simple question: Is it as

Re: zen.spamhaus.org suggestion in postifx main.cf

On 2022-05-04 20:37, li...@lazygranch.com wrote: Quad 9 uses a number of DNS servers with different names but I guess that isn't good enough. I had set up unbound on the VPS used for my VPN when I set up dnscrypt. I don't recall why I pulled it. I am going to give systemd resolved a try. I

Re: PIX workarounds incorrectly triggering?

On 2022-05-02 04:42, Ole Laursen wrote: I got a report that our Postfix server wasn't using TLS on outbound connections, and looking in the log, it seems like I get a lot of PIX workarounds with both gmail.com [1] and Microsoft's service: postfix/smtp[1243304]: 7BDFA6B7: enabling PIX

Re: Rewriting envelope-from of root mail (realname, not email address)

On 2022-04-22 22:53, Viktor Dukhovni wrote: On Fri, Apr 22, 2022 at 06:54:56PM -0700, Dan Mahoney wrote: We *also* recently set sp=reject in dmarc. Which presents us with a problem. I have no advice re DMARC, never have or will use it. Which indeed IS a word of advice. :) --

Re: Best way forwarding to Gmail

On 2022-04-06 12:09, John Levine wrote: It appears that Byung-Hee HWANG said: There is good guidance for forwarding? If it is on Gmail, is best option. In my experience, forwarding to Gmail is an exercise in futility. I My view is that if you want to use gmail, hire them to host mail for

Re: Mail is being delivered to /var/mail/*user* instead of Maildir

On 2022-04-07 01:25, Tan Mientras wrote: On Wed, Apr 6, 2022 at 3:34 PM Wietse Venema wrote: You have configured *the other Postfix* system to deliver mail with virtual_transport = virtual (which is the default) That uses virtual_mailbox_maps to locate mailboxes/maildirs. But here, you

Re: Mail and mail traces lost (?)

On 2022-03-30 07:32, Nikolaos Milas wrote: It seems as if these mails are not delivered successfully, but I cannot see them in any queue either. Delivered mail is deleted from the Postfix queue. It would have been moved out of Postfix by some means, such as a delivery agent or an external

Re: Why the name Postfix?

On 2022-03-27 14:18, Viktor Dukhovni wrote: This sounds plausible. As for why "Postfix" and not, say, "Platypus", I don't know. Oh that's easy. Same reason as why it's not called "Duckfix." Wietse couldn't afford to pay the bill. -- http://rob0.nodns4.us/

Re: Firewall Ports

On 2022-03-08 06:53, White, Daniel E. (GSFC-770.0)[NICS] wrote: For a mail relay server running only Postfix, I am making an educated guess that the only potentially needed open ports would be 25, 465, 587, and 2525 25: all mail exchange is exclusively done with connections to port 25 465:

Re: virtual_mailbox_maps & virtual_alias_maps

On 2022-02-20 01:49, Phil Biggs wrote: I have virtual_mailbox_maps in use with reject_unlisted _recipent and use virtual_alias_maps to translate a validated address into a single matching address for the corresponding dovecot user. For example: /usr/local/etc/postfix/vmailbox

Re: Removing a user...

On 2022-02-07 21:09, SH Development wrote: The user in question was moved to another server on our network. So, This was not stated in the OP. in effect, yes, I was sending to the removed user on another server. I have sent to the “moved” user from an outside address and it works as

Re: Removing a user...

On 2022-02-07 13:25, SH Development wrote: We have a postfix/dovecot/mysql configuration. We recently removed one of the users from the database, however when we send email, it still looks like the address we are sending to is a local address You're sending mail to the address you removed?

Re: smtpd in master.cf

On 2022-01-22 21:53, Ruben Safir wrote: Sorry not main, in master On Sat, Jan 22, 2022 at 10:51:31PM -0500, Ruben Safir wrote: Is this an error? smtp inet n - n - - smtpd "smtp" is the port name. It's 25. "getent services smtp" submission inet n

Re: GhettoForge Postfix3

On 2022-01-19 01:00, jdebert wrote: On Tue, 18 Jan 2022 17:13:32 -0500 post...@ptld.com wrote: Wait, so its a fork of Postfix? It is not. It was intended to be a way for Red Hat / derivate users to be able to have up-to-date Postfix features. Users' needs are being actively addressed

Re: Can i run postfix on my home IP

On 2022-01-12 21:45, Fred Morris wrote: If you've got a static IP and there's no games being played, it should work as long as the connection is "always on" and accepts connections (SYN) on port 25 from the outside world. -- FWM On Thu, 13 Jan 2022, Yamadaえりな wrote: I have got a DSL from the

Re: method to discard email with body containing gmail address

On 2021-11-06 06:15, li...@lazygranch.com wrote: Most of my spam contains a gmail address to reply to the spammer. I would like to discard email whose body contains a gmail address. Since discarding mail could get ugly, I would hope someone on the list can eyeball my plan. Indeed it is ugly.

Re: logwatch sending to r...@subdomain.domain.com

On 2021-07-07 08:50, Mike Hughes wrote: I just noticed that we have a bunch of undeliverable messages piling up in the queue. I have root defined in aliases for another address, which works when sending to r...@domain.com. However, since the FQDN in main.cf is defined as

Re: AW: Milter-Reject

On 2021-06-18 09:16, Maurizio Caloro wrote: Adding the hostname and/or IP here or exist and other thing that this mail will be deliver for first try? postscreen_access_list = permit_mynetworks, You seem to be confused. Your postscreen settings have no bearing on what smtpd does with a

Re: Postfix stable release 3.6.0

On 2021-04-30 02:18, @lbutlr wrote: On 29 Apr 2021, at 17:05, Wietse Venema wrote: This release requires "postfix stop" before updating, or before backing out to an earlier release, because some internal protocols have changed. Otherwise, long-running daemons (pickup, qmgr, verify,

Re: Clients Sending Phantom Email

On 2021-04-28 11:28, Asai wrote: We are getting reports, more and more, of email clients (Type App, Mac Mail, iOS Mail) that seem to send email, and show that the email has been sent on the client, but the mail server has no record of email ever reaching the SMTP service, nor does it even seem

Re: Postfix : corrupted SMTP transactions?

On 2021-04-15 21:02, Bill Cole wrote: On 15 Apr 2021, at 18:23, Rob McGee wrote: Being pedantic, however, I'd suggest using the IANA and RFC 8314 port name, "submissions", It would be good to first confirm and/or fix what is in the /etc/services file on the system in question bef

Re: REDIRECT overrides always_bcc

On 2021-04-16 12:03, Dominic Raferd wrote: I have started using a REDIRECT action in a header_checks table which works but seems to prevent always_bcc from operating - the email is not bcc'd. It's ugly, but a possible workaround: REDIRECT to an address which runs a script (transport_maps entry

Re: Postfix : corrupted SMTP transactions?

On 2021-04-15 03:10, Matus UHLAR - fantomas wrote: On 14 Apr 2021, at 15:55, (lists) Denis BUCHER wrote: smtps inet n - - - - smtpd -o syslog_name=postfix/smtps -o smtpd_sasl_auth_enable=yes -o

Re: How to delivery all incoming mails to 2 backend mail servers

On 2021-04-08 13:44, Clifford Gonsalves wrote: The servers are 1 Exchange and 1 Zimbra. Can this work? 1: First server delivery via transport map. 2: Second delivery via address rewrite (recipient _bcc maps ) then transport map to the rewritten address. 3: At Zimbra rewrite address again and

Re: warning: dnsblog_query lookup error

On 2021-04-08 09:12, Benny Pedersen wrote: On 2021-04-08 15:56, Matus UHLAR - fantomas wrote: On 2021-04-08 14:16, Matus UHLAR - fantomas wrote: in addition to this, you can whitelist outlook's IP ranges at postscreen level, as they "likely" aren't what postscreen is supposed to stop - bots.

Re: 450 4.3.2 - Postscreen

On 2021-04-07 11:57, Maurizio Caloro wrote: Today I have activate postscreen on mailserver, now one email will now reject but I understood that this Will be delivered after some time….. "this are like in waiting" Depends. There are some transactional mail senders which do not retry. Apr 7

Re: Display relevant message-id for all postfix log lines

On 2021-04-07 09:25, sandeep pawar wrote: I am using multiple postfix mta instance for internal relaying purpose. I am sending postfix logs to ELK and was wondering if it would be possible to display message-id in each log line. This could help in various kind of searches. Note that the

Re: problem connecting from Outlook Android

On 2021-04-03 11:55, @lbutlr wrote: On 01 Apr 2021, at 12:31, DEPRÉ Gaëtan - NGServers.com wrote: mua_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject mua_relay_restrictions = reject_non_fqdn_recipient, reject_unknown_recipient_domain, permit_mynetworks,

Re: inet_protocols

On 2021-04-01 11:02, Michael Grimm wrote: Background of my question: One of the bigger email providers in Germany (t-online.de = TOL) started to block my IPv4 address. I do assume that this has to do with being blocklisted (see http://www.uceprotect.net/en/rblcheck.php?ipr=135.125.211.209),