* Peter via Postfix-users [2023-05-03 07:45]:
> On 28/04/23 03:59, Sebastian Wiesinger via Postfix-users wrote:
> > Hi everyone,
> >
> > I'm not sure if I'm missing something but I can't find out why my
> > body_checks doesn't catch all the backscatter I'm gett
* Sebastian Wiesinger [2023-04-27 17:59]:
> root@alita:/etc/postfix# postmap -q - regexp:/etc/postfix/body_checks.pcre
> Message-ID:
> reject SPAM backscatter with forged domain name in Message-ID header
And of course I ran into my own filter when I got the mail
Hi everyone,
I'm not sure if I'm missing something but I can't find out why my
body_checks doesn't catch all the backscatter I'm getting right now.
I've it configured like this:
root@alita:/etc/postfix# postconf -n body_checks
body_checks = pcre:$config_directory/body_checks.pcre
* Matus UHLAR - fantomas [2020-12-04 15:08]:
> > El vie, 4 dic 2020 a las 2:15, Viktor Dukhovni
> > () escribió:
> > > Is there a compelling reason to run a stripped-down (and typically not
> > > adequately standards-conformant) DNS resolvers on a mail server?
>
> On 04.12.20 08:41, Sergio
* Sebastian Wiesinger <postfix-us...@ml.karotte.org> [2017-03-08 15:53]:
> * Robert Schetterer <r...@sys4.de> [2017-03-05 21:00]:
> > Microsofts info mail ( arrived fast today )
> > said that my hetzner Ip will whitelisted , but only for small
> > amount of
* Robert Schetterer [2017-03-05 21:00]:
> Microsofts info mail ( arrived fast today )
> said that my hetzner Ip will whitelisted , but only for small
> amount of mail until it has a "good" score and it is not a general
> antispam whitelisting.
>
> They recommend to get part of
>
* Sebastian Wiesinger <sebast...@karotte.org> [2015-09-25 12:55]:
> * Wietse Venema <wie...@porcupine.org> [2015-09-18 15:51]:
> > Majordomo uses the following: Reply-To: (most preferred), From:,
> > and Apparently-From: (least preferred). It does not use Sender:
* Wietse Venema <wie...@porcupine.org> [2015-09-10 15:00]:
> Sebastian Wiesinger:
> > Hello,
> >
> > a while ago I changed my mail configuration for mailinglists. I have
> > individual mail addresses for every mailing list and the configuration
> > now lo
Hello,
a while ago I changed my mail configuration for mailinglists. I have
individual mail addresses for every mailing list and the configuration
now looks like this:
From: Sebastian Wiesinger <sebast...@karotte.org>
Sender: postfix-us...@ml.karotte.org
This has the advantage that of
* joh...@fastmail.com [2015-09-09 03:03]:
> Ken
>
> On Tue, Sep 8, 2015, at 05:49 PM, Ken Peng wrote:
> > How about Spamassassin? we have been using it for a long time.
>
> And how are you integrating it into Postfix. That was my question
> not whether to use Spamassassin.
* Noel Jones njo...@megan.vbhcs.org [2014-10-24 00:36]:
I tried to implement this by using a check_recipient_access pcre_table
like this:
/etc/postfix# cat recipient_access.pcre
/^postfix-reject-address@.+$/ REJECT
This must match the recipient address as sent by the client and
Hello,
I have a few users that insist on using catch-all domains. Not
surprising they get spam to some address. Now they're asking if they
can reject mail for *some* of the addresses of the catch-all domain.
They can create aliases themselves via postfixadmin and they want to
do this the same
* Sebastian Wiesinger postfix-us...@ml.karotte.org [2014-10-23 21:54]:
Hello,
I have a few users that insist on using catch-all domains. Not
surprising they get spam to some address. Now they're asking if they
can reject mail for *some* of the addresses of the catch-all domain.
They can
Hello,
the documentation states:
The milter_header_checks mechanism could also be used for
whitelisting. For example it could be used to skip heavy content
inspection for DKIM-signed mail from known friendly domains.
I want to do that for mail that passes DMARC checks (with 2.11.2 DMARC
became
Hello,
as I see/understand it, a check_client_access lookup that returns
PERMIT will skip over the rest of smtpd_client_restrictions but WILL
still run the checks in the other smtpd_*_restrictions classes, right?
I can't find that information in the SMTPD_ACCESS_README or other
documents. (I
* Wietse Venema wie...@porcupine.org [2014-10-01 19:03]:
Sebastian Wiesinger:
Hello,
as I see/understand it, a check_client_access lookup that returns
PERMIT will skip over the rest of smtpd_client_restrictions but WILL
still run the checks in the other smtpd_*_restrictions classes
* Wietse Venema wie...@porcupine.org [2014-07-15 19:33]:
Proudly presenting Postfix SMTPUTF8 support! Below is text from
the RELEASE_NOTES file for postfix-2.12-20140715, to be uploaded
later today.
Aaand Google has announced that it will support this for GMail:
* Viktor Dukhovni postfix-us...@dukhovni.org [2014-05-08 02:09]:
On Thu, May 08, 2014 at 01:14:09AM +0200, Sebastian Wiesinger wrote:
I published TLS DANE Records for my mailserver and now I am wondering
if there is a way to verify that these records are okay/matching the
cert
Hello,
I have some users that forward their mail to GMAIL. This is
implemented with virtual alias maps. So postfix forwards:
u...@example.com - example.u...@gmail.com
The problem is when SPAM mails get through all the postfix defences
and get forwarded to GMAIL. GMAIL does some body checks and
* Wietse Venema wie...@porcupine.org [2014-05-08 23:36]:
Sebastian Wiesinger:
Hello,
I have some users that forward their mail to GMAIL. This is
implemented with virtual alias maps. So postfix forwards:
u...@example.com - example.u...@gmail.com
The problem is when SPAM mails
Hello,
I published TLS DANE Records for my mailserver and now I am wondering
if there is a way to verify that these records are okay/matching the
cert. Is there a tool/site where I can test this? I suppose it would
be possible with the right openssl s_client commands but I can't
figure them out.
Hello,
currently I'm running the distributed postfix version under Debian
Stable (currently 2.9.6-2). I would like to switch to the current 2.11
version to try out DANE and other new features.
Has anyone got the current version packaged for Debian Stable (I was
unable to find one online) or does
* Robert Schetterer r...@sys4.de [2014-01-16 12:42]:
Am 16.01.2014 12:13, schrieb Sebastian Wiesinger:
Hello,
currently I'm running the distributed postfix version under Debian
Stable (currently 2.9.6-2). I would like to switch to the current 2.11
version to try out DANE and other new
* BONNET, Frank frank.bon...@esiee.fr [2013-10-24 17:54]:
Hello
Continuing on my secured email server graal I would like to test SMTP +
TLS exchange of emails
the volume will be very low for testing purpose only and I will be the only
user when I will suceeded to setup my server :-)
My
* Viktor Dukhovni postfix-us...@dukhovni.org [2013-08-24 05:27]:
I just did, here is the PCAP:
http://www.karotte.org/smtp-gmx.pcap
The client sends an internal error alert. It is not clear what
problem it is encountering. The server elects:
Cipher Suite:
* Viktor Dukhovni postfix-us...@dukhovni.org [2013-08-20 16:51]:
I found the problem... In addition to my normal certificate, I had an
EC certificate.
smtpd_tls_eccert_file=/etc/postfix/certs/cacert-karotte-ec.crt
Though I think OpenSSL will generally detect attempts to configure
a
Hello,
GMX and web.de started an initiative for secure E-Mail made in
Germany... they turned TLS on.
But in addition to that bold move the did something else that causes
the following errors when they try to send mail to my postfix:
postfix/smtpd[28706]: connect from mout.web.de[212.227.15.14]
* Heiko Wundram modeln...@modelnine.org [2013-08-20 12:09]:
Still delivers fine for me (and my mail-server) running Postfix 2.10.1:
Received: from mout.web.de (mout.web.de [212.227.15.3])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA (128/128 bits))
(No client certificate
* DTNX Postmaster postmas...@dtnx.net [2013-08-20 12:57]:
Self-signed, 2048 bits certificate from our own root. Picks the same cipher
and TLS version as in Heiko's example, it seems. Perhaps it's your
certificate, perhaps your Postfix settings? No odd overrides for the defaults
anywhere,
* Wietse Venema wie...@porcupine.org [2013-05-31 22:57]:
After the confusion that Postfix 2.10 is not Postfix 2.1, maybe it
is time to change the release numbering scheme.
Okay, perhaps this is a European view, but I never confused Postfix
2.1 with 2.10. Perhaps because here it would be 2,1 and
* tobi tobs...@brain-force.ch [2012-08-07 18:46]:
Hi list,
Sorry list, hi Tobi:
I wanted to tell you that your DNSSEC for brain-force.ch is broken so
resolvers which validate DNSSEC will not be able to resolve your
domain (and so I can't send you mails directly). You might want to fix
this.
* Stan Hoeppner s...@hardwarefreak.com [2012-07-30 14:35]:
On 7/29/2012 6:57 PM, Engin qwert wrote:
Actually it is not router. It is only BPL modem. After Static IP hiring the
ISP send me an email how to configure the server with this IP addresses
information. The 10.138.9.201 internal
* Wietse Venema wie...@porcupine.org [2012-04-04 01:22]:
To soft-reject unknown recipients in selected domains, in mail from
clients outside the local network, request defer_if_reject at the end
of smtpd_recipient_restrictions:
/etc/postfix/main.cf:
smtpd_recipient_restrictions =
Hello,
I have a setup with handles a few virtual domains. For one domain only
I want mails not to be rejected with an 5xx error code but be deferred
with a 4xx error code. Is that possible?
Regards
Sebastian
--
GPG Key: 0x93A0B9CE (F4F6 B1A3 866B 26E9 450A 9D82 58A2 D94A 93A0 B9CE)
'Are you
Hi,
is there a way (in the logs) to see which port a client connects to? I
can't find that information at the moment.
I'm interested to know if a client is using the smtp, ssmtp or
submission port to connect.
Thanks
Sebastian
--
New GPG Key: 0x93A0B9CE (F4F6 B1A3 866B 26E9 450A 9D82 58A2
* Wietse Venema wie...@porcupine.org [2011-12-14 17:34]:
Sebastian Wiesinger:
Hi,
is there a way (in the logs) to see which port a client connects to? I
can't find that information at the moment.
Give each SMTP server its own syslog_name option in master.cf:
submission inet n
* /dev/rob0 r...@gmx.co.uk [2011-12-14 17:58]:
I use postfix-587 (and postfix-465) because it's shorter and
contains the postfix string which helps to isolate Postfix logging
from other mail facility logs. grep postfix maillog, et c. More
correct, and still meeting that need, would be
* Wietse Venema wie...@porcupine.org [2011-12-09 13:47]:
A quick search shows that trivial-rewrite server has no fatal
errors - it reports all errors that it can detect to the client (in
this case smtpd(8)).
However there is one low-level library module (match_ops) that
exits the program
* Wietse Venema wie...@porcupine.org [2011-12-07 17:20]:
Yes it was. I point the attention to the RIGHT problem, which is
fixing the suboptimal configuration that does domain queries from
SQL.
Hi,
with all due respect but for me the important thing at the moment
would be to understand why it
* Wietse Venema wie...@porcupine.org [2011-12-08 13:09]:
Sebastian Wiesinger:
I really would like to know if it is not possible to have a temporary
error when trivial-rewrite fails to access the MySQL database. I don't
see any apparent reason for it. If there is one I would like to know
* lst_ho...@kwsoft.de lst_ho...@kwsoft.de [2011-12-08 14:46]:
And I had hoped that perhaps this would be an improvement to postfix.
Sadly it seems it was some kind of blasphemy to question the way
postfix does handle this stuff.
No, it means until now no one needs this so important to step
* Wietse Venema wie...@porcupine.org [2011-12-09 01:01]:
And that is where I disagree. IMHO a mailsystem should respond with a
temporary error if it is experiencing a temporary error (like a lookup
table not being availabe) not simply hang there and do.. nothing.
We know that. What are
* Sahil Tandon sahil+post...@tandon.net [2011-12-06 01:54]:
that's not really an option for me, I need these lists in MySQL. It
seems I have to live with it and make MySQL as stable as possible.
Is your list of virtual mailbox domains that large or dynamic that it
must be only in SQL?
* Sahil Tandon sahil+post...@tandon.net [2011-12-05 03:24]:
I'm using Postfix with MySQL via proxy:mysql maps. The documentation
states that mails should get deferred if no mysql server is reachable.
However when I shut down MySQL, SMTP transaction freeze after I enter
the MAIL FROM:...
Hi,
I'm using Postfix with MySQL via proxy:mysql maps. The documentation
states that mails should get deferred if no mysql server is reachable.
However when I shut down MySQL, SMTP transaction freeze after I enter
the MAIL FROM:... statement.
Any ideas how I can change that? There seems to be
45 matches
Mail list logo