Re: mynetworks_style -> subnet within containers

On 14/12/2022 3:18 PM, Wietse Venema wrote: > mynetworks_style applies to local interface addresses, not proxied > ones. Sam: > Thank you for the response. > > One of the reasons for me asking this question is that I'm not fully > sure about the consequences of that. I

Re: milter library for PHP (libMilterPHP)

mailm...@ionos.gr: > > The milter-8.c file you mention has a lot of information that I was missing, > thank you for that! > > One important part is missing, milter response codes are categorised as: > - "modification" There are not "final". They add a header, recipient, change sender, etc. >

Re: Is there an easy way to "warm up" a new sending IP w/ Postfix

Viktor Dukhovni: > On Wed, Dec 14, 2022 at 06:07:41AM +, Sean Hennessey wrote: > > Viktor and anyone else, > > > > I'd like your opinion on something I've come up with that seems to > > work in my test box. What I've done is set things up so that instead > > of % thresholds I'm using a count

Re: Filter mail with dangerous attachments

Tan Mientras: > Hello > > Excuse my generic question, but I dont know where to start > *Is it possible to filter/detect/forbid mails containing invoice.exe as > attachment at postfix level?* An example from https://www.postfix.org/header_checks.5.html /etc/postfix/main.cf:

Re: tls connection reuse

Gino Ferguson: > Hi List, > > > I'm reading the doc and wondering why 'smtp_tls_connection_reuse' > is not enabled by default? Because it was unknown if doing so would cause problems (in Postfix, or in other software). Only real-world deployment can tell such things. > Are there any possible

Re: mynetworks_style -> subnet within containers

mynetworks_style applies to local interface addresses, not proxied ones. Wietse

Re: milter library for PHP (libMilterPHP)

mailm...@ionos.gr: > > I used the "milter-protocol.txt" file that I found everywhere. It > is for protocol version 2 only. So I based my implementation on > that. > > Later on, I used archive.org to download a copy of libmilter-docs.tar.gz. > I expected the documentation to explain the differences

Re: milter library for PHP (libMilterPHP)

Wietse Venema: > mailm...@ionos.gr: > > > > I try to match my coding style to PSR12, so I used PSR12 as a base > > with 5-6 modifications. > > > > There are some things that I haven't tested as much as I want to, > > for example I haven't found a way

Re: milter library for PHP (libMilterPHP)

mailm...@ionos.gr: > > I try to match my coding style to PSR12, so I used PSR12 as a base > with 5-6 modifications. > > There are some things that I haven't tested as much as I want to, > for example I haven't found a way to simulate pipelining from > postfix. > > It is sad that there is no real

Re: milter library for PHP (libMilterPHP)

Mehmet Avcioglu: > Looks great. I'll definitely give it a try. > > Just a small initial feedback; I am a big fan of PSR4 and PSR12, they > make PHP look cool :) Also, it does not have this week's Sendmail::PMilter bug. It does not reply to SMFIC_ABORT (the user would have to write a handler that

Re: What are the consequences of disabling chroot in all master services?

Sam: [ text/html is unsupported, treating like TEXT/PLAIN ] > ?html style="direction: ltr;"? > ?head? > > ?meta http-equiv="content-type" content="text/html; charset=UTF-8"? > ?style id="bidiui-paragraph-margins" type="text/css"?body p { > margin-bottom: 0cm; margin-top: 0pt; }

Re: milter - wrong ordering of responses on pipelining

lists+post...@sad.lv: > Hello ! > > I met an issue with milter when multiple messages pushed within single > smtp session (using pipelining indeed): > warning: milter unix:/run/t.socket: unexpected filter response > SMFIR_ADDHEADER after event SMFIC_MAIL > > It looks similar for >

Re: sender_bcc_maps documentation

Markus Sch?nhaber: > Hi all, > > https://www.postfix.org/postconf.5.html#sender_bcc_maps says > > > Optional BCC (blind carbon-copy) address lookup tables, indexed by sender > > address. > > but it doesn't specify whether "address" means envelope address, header > address or both. OTOH

Re: milter - wrong ordering of responses on pipelining

You claim almost 100% reproduction, but your Perl script has multiple errors, and you did not provide all the inputs to reproduce the problem. First, the Perl script. 1 - When I run the script in your email message, it does not compile. $ perl your-script syntax error at your-script line

Re: milter - wrong ordering of responses on pipelining

lists+post...@sad.lv: > Dec 3 15:22:35 srv postfix/cleanup[168510]: event: SMFIC_BODYEOB; > macros: i=23FA51A1BA9 > Dec 3 15:22:35 srv postfix/cleanup[168510]: reply: SMFIR_CONTINUE data > 0 bytes > Dec 3 15:22:35 v/cleanup[168510]: free milter unix:/run/smilter/t.socket > > Dec 3 15:22:36

Re: dig reports NXDOMAIN but Postfix thinks otherwiese

Ralf Hildebrandt: > Dec 6 12:46:49 mail-cvk-int unbound: [1147087:5] info: 127.0.0.1 > kompetenznetz-darmerkrankungen.com.DOMAINS. A IN > > And alas, kompetenznetz-darmerkrankungen.com.DOMAINS. resolves to: > > # host kompetenznetz-darmerkrankungen.com.DOMAINS. >

Re: dig reports NXDOMAIN but Postfix thinks otherwiese

Ralf Hildebrandt: > * Wietse Venema : > > > > >From my queue: > > > == > > > > > > 4NRDBY1xyHz1Z1SX286400 Tue Dec 6 09:30:29 sen...@charite.de > > > (connect to kompetenznetz-darmerkrank

Re: dig reports NXDOMAIN but Postfix thinks otherwiese

Ralf Hildebrandt: > >From my queue: > == > > 4NRDBY1xyHz1Z1SX286400 Tue Dec 6 09:30:29 sen...@charite.de > (connect to kompetenznetz-darmerkrankungen.com[18.64.79.37]:25: Connection > timed out) > >

Re: How to run a script on postfix authentication failure

Andre Rodier: > Hello, all. > > Is there a way, in postfix, to run a script when the authentication > fails, please ? This is not built-in. Instead, you run a program that watches the maillog file, and that triggers on authenication errors, or other unwanted behavior. > I would like to use

Re: remailer for alias lists?

Dan Mahoney: > Hey all, > > We have a mailing list (of like ten, not-often-changing people) > that we'd like to not have to spin up a full mailing list program > like mailman or whatnot. > > We don't need subsciption management or archiving, but we could > really use the user rewriting akin to

Re: Send email to one @domain.com via authenticated relay?

Viktor Dukhovni: > On Fri, Dec 02, 2022 at 11:36:30AM -0500, John Stoffel wrote: > > > I tried setting up /etc/postfix/transport_maps like this: > > > >charter.net [mobile.charter.net]:587 The right-hand side should be transport:nexthop or

Re: Backup MX Take 2

Viktor Dukhovni: > On Fri, Dec 02, 2022 at 12:54:21PM -0500, Wietse Venema wrote: > > > > You can verify that with postmap -q commands. > > > > And this is because Postfix does an implicit reject_unlisted_recipient > > after smtpd_recipient_restrictions. T

Re: Backup MX Take 2

Wietse Venema: > Jonathan Capra: > > > > Thanks so much, Wietse... > > > # postmap -q fongaboo.com /etc/postfix/relay_domains > > OK > > Based on your earlier posting: > > relay_domains = hash:/etc/postfix/relay_domains > &

Re: Backup MX Take 2

Jonathan Capra: > > Thanks so much, Wietse... > # postmap -q fongaboo.com /etc/postfix/relay_domains > OK Based on your earlier posting: relay_domains = hash:/etc/postfix/relay_domains Therefore recipients are primarily validated with relay_recipient_maps. Based on your earlier posting:

Re: Backup MX Take 2

Jonathan Capra: > > Thanks. Here you go: > > > # postconf -nf > > alias_database = hash:/etc/aliases > alias_maps = hash:/etc/aliases > append_dot_mydomain = no > biff = no > compatibility_level = 2 > inet_interfaces = all > inet_protocols = all > mailbox_size_limit = 0 >

Re: Backup MX Take 2

Jonathan Capra: > > OK this is weird. > > I have in main.cf: > > relayhost = helix.wtfayla.net > relay_recipient_maps = hash:/etc/postfix/relay_recipients > relay_domains = hash:/etc/postfix/relay_domains Did you already post "postconf -nf" and "postconf -Mf" output as requested? > But if I

Re: helo command rejected

raf: > On Fri, Dec 02, 2022 at 08:51:14AM -0500, Wietse Venema > wrote: > > > David Dolan: > > > I guess it's using the musl resolver in Alpine so we need to migrate OS to > > > get past this issue? > > > > Yes. Don't use toy software in p

Re: helo command rejected

David Dolan: > On Fri, 2 Dec 2022 at 10:33, David Dolan wrote: > > > > > > > Subject:Re: helo command rejected > >> From: Viktor Dukhovni > >> Date: 2022-12-01 16:56:13 > >> Message-ID: Y4jcrRxsEJPsWZVZ () straasha ! imrryr ! org > >> [Download RAW message or body] > >> > >> On

PATCH: Linux kernel 6 is out

Wietse Venema: > J. Thomsen: > > Postfix 3.7.3 > > > > makedefs and src/util/sys_defs.h is missing support for LINUX6 > > It's a relatively simple change. I can post a patch later today. This applies to Postfix 3.4-7. Wietse 20221201 Portabi

Re: relay server port listening on all or local?

linux...@gmx.net: > dear list, > > I am using postfix as mail relay which is deployed on gateway for internal > users. > This relay send mail out only, doesn't accept messages. > My question is, do I need to make the relay server port 25 listened on > 0.0.0.0? or just 127.0.0.1 should work? If

Re: Is there an easy way to "warm up" a new sending IP w/ Postfix

Viktor Dukhovni: > On Thu, Dec 01, 2022 at 04:37:41AM +, Sean Hennessey wrote: > > > I want to thank you a million for this. I finally read up on the docs > > and got this working. I'm still going to do some more in depth > > testing, but my quick little testing seems to be doing exactly what

Re: Is there an easy way to "warm up" a new sending IP w/ Postfix

Sean Hennessey: [ Charset ISO-8859-1 converted... ] > I've been poking at this a bit tonight. I am by no means a postfix expert. In > the hopes that someone can see an obvious configuration issue, I'm going to > post what I'm seeing: > > In my main.cf; > smtpd_recipient_restrictions =

Re: Is there an easy way to "warm up" a new sending IP w/ Postfix

Benny Pedersen: > Sean Hennessey skrev den 2022-11-28 21:57: > > > I'd really like a way to send X% of gmail.com traffic to one relay and > > the rest to another relay. Ditto for a couple of other major ESP's > > like Yahoo, MS, etc? > > why not https://www.dnswl.org ?, its imho not hard to be

Re: Is there an easy way to "warm up" a new sending IP w/ Postfix

Viktor Dukhovni: > On Tue, Nov 29, 2022 at 09:59:47AM -0500, Wietse Venema wrote: > > > In /etc/postfix/master.cf: > > == > > > > smtp1 unix - - n - - smtp > > -o { smtp_bind_address = 1.2.3.

Re: Is there an easy way to "warm up" a new sending IP w/ Postfix

>Sean Hennessey: > All, > > I'm bringing a new sending IP online and need to know if there is > an easy way to warm it up w/ Postfix. > > For those that don't know, warming up is a process where you start > to send small amounts of mail of the new IP till it's built up a > good enough reputation.

Re: Is there an easy way to "warm up" a new sending IP w/ Postfix

Viktor Dukhovni: > It is not obvious to me, just at the moment, how to do this with the > built-in Postfix randmap, pipemap, uniomap, ... I have an example that I cam update and post later today. Wietse

Re: Always relay outgoing messages to their MX server

Gustavo Balduino: > From what you two concluded, there's no way to reach this behavior > without splitting the instances, am i correct? A single instance may be possible but it would be more complicated and more difficult to maintain than to the two-instance approach. It would in fact be the

Re: Always relay outgoing messages to their MX server

Viktor Dukhovni: > On Sat, Nov 26, 2022 at 04:56:49PM -0500, Wietse Venema wrote: > > Viktor Dukhovni: > > > On Sat, Nov 26, 2022 at 08:26:08AM -0500, Wietse Venema wrote: > > > > > > > > For different message routing for submission vs. inbound p

Re: Always relay outgoing messages to their MX server

Viktor Dukhovni: > On Sat, Nov 26, 2022 at 08:26:08AM -0500, Wietse Venema wrote: > > > > For different message routing for submission vs. inbound port 25 see: > > > > > > https://www.postfix.org/MULTI_INSTANCE_README.html > > > > >

Re: Always relay outgoing messages to their MX server

Viktor Dukhovni: > On Fri, Nov 25, 2022 at 06:15:40PM -0300, Gustavo Balduino wrote: > > > What i expected to happen is that, when b...@domain-a.com sends a message > > to al...@domain-b.com, as the message is entering through a submission > > smtpd, it should not rewrite it and always relay

Re: (Patch "half-dane" logging corner case) Untrusted TLS connections where email domain does not support DNSSEC but MX server has DNSSEC/DANE records

Viktor Dukhovni: > However, in this case the issue is a minor oversight in the Postfix TLS > client code. The intended logging behaviour does not happen. Patch > below: Is there an equivalent for the still supported Postfix version 3.5? That would also fix Postfix version 3.4 which has the same

Re: header check discard issue

DEMBLANS Mathieu: > Hi, > We have an issue on our postfix installation (3.4.23-0+deb10u1) : > a mail that should pass header_check is discarded. > > The message in log is : < discard: header X-Mailer: ((OTRS)) > Community Edition Mail Service (6.0.37) [...] >. > > The x-mailer filter is this one :

Re: RBL timing

Matus UHLAR - fantomas: > reject_unlisted_recipient, of course: > > http://www.postfix.org/postconf.5.html#reject_unlisted_recipient > > reject_unlisted_recipient >Reject the request when the RCPT TO address is not listed in the list of >valid recipients for its domain class. See the

Re: How to forward to aliases with correct envelope-sender

Dan Mahoney: > Hey there all > > (Attempted to send this a few days ago, believe I hit an odd mailing > list issue). It was distributed, but I did not have time to respond. > At the day job, we periodically do an export of our ticketing > system into an internal alias where the alias does an

Re: Do I need to install an MUA as well as Postfix to send test messages from command line?

Chris Green: > I have postfix installed on all of my systems and mostly they have at > least mailx as well which is handy for sending tests. However one > system doesn't even have mailx, do Ihave to install it to be able to > send tests or is there some way to send test messages from the command

Re: TLS: Do hostname verification, but still deliver email on mismatch?

Paul Menzel: > Dear Postfix users, > > > We are using > > smtp_tls_security_level = dane > smtp_tls_policy_maps = hash:/project/mx/etc/tls_policy > > where the file `tls_policy` contains the domains of several research > institutions to use the security level `verify` or even

Re: drop unwanted recipients

Gino Ferguson: > Hi all, > > > We're using smtpd_recipient_restrictions to drop filter out unwanted > recipients. > > The problem with this is, if the email has more recipients, noone > gets the email, not only the unwanted is dropped. > > How should this be done properly? If you cannot

Re: local(8) and blocking delivery to system users?

Jaroslaw Rafa: > Helo, > > First I want to present a little background story, before I ask the question > :) > > I have a web script on my server that sends mail to some recipient address > external to my server. The mail is sent with the webserver user (www-data) > as a sender. Recently that

Re: before-queue Milter support

Paul van der Vlis: > Hello Wietse and others: > > Op 16-11-2022 om 15:36 schreef Wietse Venema: > > Paul van der Vlis: > >> Is there a way to get it refused before-queue? > > > > Yes. IF A MILTER REJECTS A MESSAGE then Postfix will not accept it. >

Re: before-queue Milter support

Paul van der Vlis: > Is there a way to get it refused before-queue? Yes. IF A MILTER REJECTS A MESSAGE then Postfix will not accept it. Wietse

Re: What happens if Postfix can't reach relay_host? - Postfix on laptops for system messages, with relay_host behind VPN

r.barc...@habmalnefrage.de: > This leads to my question: What happens to laptop-locally generated > / received emails, if their local Postfix can't reach the relay_host > in the intranet? The Postfx SMTP client will retry delivery after a soft error (host or port not reachable) until the message

Re: incoming log entries missing during peak arrival time

Dhammika Gunawardena: > Hi > > We maintain a private relay server to send ebills for a customer. > During peak sending hours, we miss about 5-10% of incoming messages but > outgoing messages are available. > We capture subject line in incoming message to track ebills. When > incoming messages

Re: Postfix is Rewriting the email from address with the serveraddress when server from is foreign

Paul Kudla: > > Ok I tried to skip over this comment so . > > I am NOT making a mistake ... Postfix is defaulting to remapping the Perhaps you can follow simple instructions, as given my previous response. Wietse

Re: Postfix is Rewriting the email from address with the serveraddress when server from is foreign

Paul Kudla: > > ok this is fair as i always ask for the same info when other people are > unclear. > > i have found various mapping functions via google none of which worked > or had no effect Then, you are making a mistake. Which mistake? TO REPORT A PROBLEM see

Re: understanding empty message-id header

Juan Smitt Jr: > > Thank you for the explanation. > > Is it really risky to implement "always_add_missing_headers" if other headers > (i.e. From) are present? Yes. This would break DKIM signatures. Wietse > https://www.postfix.org/postconf.5.html#always_add_missing_headers > > >

Re: [OT] Why no envelope sender in RECEIVED?

MRob: > Hello, > > Why isnt it standard to put the envelope sender into the RECEIVED > header? Is some good reason to hide it? Email protocols and formats are defined in RFCs. See RFC 5321 for SMTP. Wietse

Re: Reject sender silently?

Markus E.: > On Tue, 8 Nov 2022, Wietse Venema wrote: > > > Markus E.: > >> Hi! > >> Is it possible to silently reject messages from a specific sender or > >> domain in Postfix? > >> > >> Somthing like: > >> > >&g

Re: Reject sender silently?

Markus E.: > Hi! > Is it possible to silently reject messages from a specific sender or > domain in Postfix? > > Somthing like: > > us...@domain.tld OK > us...@domain.tld REJECT > us...@domain.tld REJECT:nolog It's called DISCARD Wietse

Re: bloquing phising MAIL FROM sender name

V?ctor Rubiella Monfort: > Hi! > > I'm having problems to block phishing email with this kind of header: > > From: "h...@mydomain.com ". This could be done with header_cheks, but I think that you have some quote in the wrong place so I won't give a specific solution. > I want to configure

Re: rewriting all occurences of a sender domain

ter the message first goes > >> through a null content filter (directly back into Postfix on a different > >> port, with nothing in the middle), with milters only on the far side and > >> the canonical rewrites on the near side. > > On 03.11.22 19:42, Wiets

Re: Forward & Reverse DNS Lookups not working correctly

Paul Kudla: > www-1 11-05 06:24:55 {postfix.in/smtpd[56748] (1239357351) > warning: hostname syslog-local.scom.ca does not resolve to address > 10.220.0.6 > www-1 11-05 06:24:55 {postfix.in/smtpd[56748] (1239357352) connect > from unknown[10.220.0.6] The Postfix SMTP server does

Re: when to reload postfix and when not?

Viktor Dukhovni: > This depends on how urgent the change is. If the OP wants to see the > change take effect immediately, a "reload" is recommended when lists of > domains or similar are configured directly in main.cf or in flat text > files. "postfix reload" is safe, as long as it is a

Re: rewriting all occurences of a sender domain

Viktor Dukhovni: > I don't recall whether milter message content processing happens before > or after canonical rewriting, Wietse might post a reminder. If milters > go first, you'll need to do DKIM signing after the message first goes > through a null content filter (directly back into Postfix

Re: policy-spf and whitelisting

Alex: > Hi, > > I'm using sqlgrey for my greylisting service and having trouble with a > particular entry. I need to make sure email from this sender doesn't get > blocked, so would like to confirm that I can add something to my recipient > restrictions to bypass the SPF check for this domain. >

Re: EHLO rejections

DL Neil: > The daily pflogsumm report shows that (in recent days) 60~93% of > attempts to connect are rejected, and bounce-off Postfix's settings, eg > > 450 4.7.1 <00nyBxbT>: Helo command rejected: Host not found; > proto=SMTP helo=<00nyBxbT> (total: 1) > 1 115.213.249.159

Re: LDAP mail for external users

Tan Mientras: > eureka! > thank you Wietse, it was an issue with the alias table. Now seems its > working. i'm going to test further... This will work fine with email between colleagues, but as Viktor noted may run into SPF/DMARC etc. issues when forwarding mail from a sender address outside your

Re: LDAP mail for external users

Wietse Venema: > Tan Mientras: > > Sadly seems I'm unable to make it work. > > > > Users have mail address in ldap "mail" property > > External users have mail address in ldap's "externalmail" property > > > > However it always sh

Re: LDAP mail for external users

lias_maps correctly. To repeat myself, this should return the external address or 'not found'. Wietse > > > On Fri, Oct 21, 2022 at 1:04 PM Wietse Venema wrote: > > > Tan Mientras: > > > On Thu, Oct 20, 2022 at 5:00 PM Wietse Venema > > wrote: >

Re: [EXTERNAL] Re: MX records and relayhost: Am I going this correctly ?

Wietse > Again, many thanks for the quick response > > From: on behalf of Wietse Venema > > Reply-To: Postfix users > Date: Wednesday, October 26, 2022 at 14:09 > To: Postfix users > Subject: [EXTERNAL] Re: MX records and relayhost: Am I going this correctly ? > >

Re: MX records and relayhost: Am I going this correctly ?

White, Daniel E. (GSFC-770.0)[AEGIS]: > MX Records: > > mydomain.tld. 33 IN MX 10 relay-1.mydomain.tld. > mydomain.tld. 33 IN MX 20 relay-2.mydomain.tld. > > with relay-1 and relay-2 having appropriate A and PTR records. > > Then in

Re: Outlook TLS errors after Microsoft Windows Update

Gerald Galster: > > just wanted to let you know that Outlook users might run into problems > > submitting mails after Microsoft's latest Windows update. > > > > Oct 15 14:49:42 mx1 postfix/submission/smtpd[25067]: connect from > > Oct 15 14:49:42 mx1 postfix/submission/smtpd[25067]: SSL_accept

Re: started getting 550 #5.7.1 SPF unauthorized mail

Dominic Raferd: > On 25/08/2022 04:41, li...@sbt.net.au wrote: > > I have a simple 'mail list' where an alias 'ct...@sbt.net.au' sends email > > to several recipients, that's been in use since long time. > > > > today noticed one of these addresses started bouncing with '5.7.1 SPF > > unauthorized

Re: logging issues with external connections

James Pifer: > I've setup a postfix server as a closed relay to only deliver/forward > email for my domain. I believe I have everything working as desired, > except for what is getting logged. > > If I connect to postfix with a portable mail client on my local network > and send a message

Re: untrusted routing

Damian: > Wietse: > > Postfix looks for @, % or ! in the address localpart, for example, > > user%not-your-domain@your-domain. > > > > There is no special resolver. > I believe, this is what I wrote. > > If Postfix finds any, like it would in user%not-your-domain@your-domain, > > and

Re: untrusted routing

Damian: > > Damian: > >> I am trying to understand "allow_untrusted_routing = yes" and the > >> circumstances where it is (un)safe. The documentation mentions an open > >> relay loophole in the context of backup MXes. Is untrusted routing safe, > >> if Postfix has no explicit *_mx_* configuration?

Re: untrusted routing

Damian: > I am trying to understand "allow_untrusted_routing = yes" and the > circumstances where it is (un)safe. The documentation mentions an open > relay loophole in the context of backup MXes. Is untrusted routing safe, > if Postfix has no explicit *_mx_* configuration? This is about email

Re: HOLD access action and smtpd_proxy_filter

Paul Kudla: > > ok i had similiar issues and ended up patching the sasl auth system > inside postfix to include login username & IP ADDRESS > > this gave a single log file entry (syslog, file whatever postfix was > configured to do) showing that the account had been accessed for sending > an

Re: HOLD access action and smtpd_proxy_filter

Marek Podmaka: > On Sun, 23 Oct 2022 at 17:21, Markus Sch?nhaber > wrote: > > > > > warning: access table static:HOLD: with smtpd_proxy_filter specified, > > > action HOLD is unavailable > > I am using postfix-cluebringer to limit the number of sent messages > per SASL username (to slow down

Re: HOLD access action and smtpd_proxy_filter

Markus Sch?nhaber: > Hi, > > while experimenting with ways to temporarily suspend message delivery I > set a > smtpd_client_restrictions = check_client_access static:HOLD > But incoming mail wasn't put on hold but postfix logged a warning instead: > > > warning: access table static:HOLD: with

Re: HOLD access action and smtpd_proxy_filter

Viktor Dukhovni: > On Sun, Oct 23, 2022 at 05:21:05PM +0200, Markus Sch?nhaber wrote: > > > while experimenting with ways to temporarily suspend message delivery > > I set a smtpd_client_restrictions = check_client_access static:HOLD > > But incoming mail wasn't put on hold but postfix logged a

Re: questions to postfix's behavior

Henry R: > I have postfix with opendkim and policyd-spf enabled. Configure opendkim and policyd-spf for what you want to reject, and they will tell Postfix when it should reject a message. Wietse

Re: LDAP mail for external users

Tan Mientras: > On Thu, Oct 20, 2022 at 5:00 PM Wietse Venema wrote: > > > > > You can do this with a main.cf:virtual_alias_maps lookup table that > > takes as search key an email address in your domain like > > user123@yourdomain. If their email should be delive

Re: How to use specific relay config based on virtual domain?

Wietse Venema: > Bryan Arenal: > > I'm working on moving from PMTA over to Postfix and had a question on > > relaying for virtual domains. We send mail on customers' behalf and > > one of the things I'm trying to figure out is how to implement PMTA's > > "virtua

Re: How to use specific relay config based on virtual domain?

Bryan Arenal: > I'm working on moving from PMTA over to Postfix and had a question on > relaying for virtual domains. We send mail on customers' behalf and > one of the things I'm trying to figure out is how to implement PMTA's > "virtual-mta" in Postfix. This defines the destination host and >

Re: LDAP mail for external users

Tan Mientras: > Please, excuse me. > > I read the answer, but I dont know how to further detail my question. > That's the point. > For that reason I wrote latest email. > > Our LDAP has mail field set to user email address eg: "user123@*ourdomain.com > > *". > > Some LDAP

Re: Short term DNS issue causing Postfix to queue messages

When all deliveries to a site fail (a colhort of delivery agent processes reports the destination is unavailable) the Postfix scheduler puts the destination on a temporary 'dead destination' list, to avoid spending resources on that destination. Of course this design is not optimized for bursts

Re: Outlook TLS errors after Microsoft Windows Update

Viktor Dukhovni: > On Mon, Oct 17, 2022 at 04:09:25PM +0200, GCore GmbH - Gerald Galster wrote: > > > > If possible, please ask the other user whether the alternative > > > certificate again sports a mismatched hostname. It is somewhat > > > plausible that the Microsoft bug doesn't fire when

Re: Outlook TLS errors after Microsoft Windows Update

Marek Podmaka: > On Mon, 17 Oct 2022 at 14:57, Wietse Venema wrote: > > > > For Postfix submission and smtps we prefer > > > > tls_ssl_options = NO_RENEGOTIATION, NO_TICKET > > > > Instead of forcing hostname/cert micmatches. > > Yes, I am alrea

Re: Outlook TLS errors after Microsoft Windows Update

Marek Podmaka: > On Sun, 16 Oct 2022 at 02:12, Viktor Dukhovni > wrote: > > > > The two certificate chains are structurally identical, differing only in > > minor details, such as: dates, keys, hostnames and signatures. > > There is another user (hopefully the URL below won't be blocked by the >

Re: [postfix] 3.5.13: Unable to append "X-Original-To" message header

ha...@posteo.de: > Hi, > > we heavily use the alias feature and want to know who was the original > recipient for filtering. Our old postfix instance (version 2.11.3) set > this from the beginning - as far as I remember we never changed the > configuration to archive this. > > Our new

Re: Config changes?

Jack Raats: > Hi, > > I'm using postfix 3.7.2_1,1 on a FreeBSD 13.2-p2 server. Everything is OK. > > After updating to version 3.7.3,1 mail is n't delivered to another > server due to zen.spamhaus blocking by postscreen. > > Unstalling 3.7.3,1 and replacing is by 3.7.2_1,1 everything is OK

Re: submission configuration and RFC 6409

Nick Tait: > On 13/10/2022 8:04 am, Geert Hendrickx wrote: > > "permit_mynetworks" has the (documented) drawback that remote mail forwarded > > by a neighbouring system can still be rewritten (and thus break signatures). > > > > My personal preference is permit_inet_interfaces,

Re: response time to the client

Viktor Dukhovni: > On Wed, Oct 12, 2022 at 06:39:58PM +0200, Matus UHLAR - fantomas wrote: > > > >Will it be 2s or something between 2s and 15s? > > >If it's 'between', can we somehow tell it from the mail service side? > > > > > >00:00 postfix/smtpd ... client= > > >00:02 postfix/qmgr ...

Re: submission configuration and RFC 6409

gt; >> doesn't generate a Message-ID, but this was the first time that this had > >> been a problem... > > On 12.10.22 09:41, Wietse Venema wrote: > >Then that recipient will lose some portion of their email, because > >the email RFCs do NOT require a Message-ID. &

Re: response time to the client

juan smitt: > Hi, > > > The clients are very sensitive to the mail service's response time (we > can't do anything with that). The response time from what? Here is an example conversation: Client connects to server (If DNS is broken, there may be some delay) TCP handshake (If

Re: response time to the client

juan smitt: > Hi, > > > The clients are very sensitive to the mail service's response time (we > can't do anything with that). I suggest that you look at the delays= logging. This breaks down the time that a message spends inside Postfix.

Re: submission configuration and RFC 6409

Nick Tait: > Hi list. > > A couple of months ago an email I sent from my phone was bounced by the > recipient's SMTP server because the email had no Message-ID header. It > turns out the email app that I've been using on my phone for years > doesn't generate a Message-ID, but this was the

Re: How long do legit servers try to deliver email?

Ian Evans: > Sorry if this is OT. My hosting service is migrating our VPS to new > hardware. I plan to shut down postfix (it's just me and the missus) and > create a snapshot prior to the shutdown. > > How long do servers try to resend email if your server is temporarily down? > The host has

Re: Postfix with "always_bcc" email is 2x or 3x on the always_bcc mail

Josef Karliak: > > >Good morning, > >what could cause the mail copied by postfix's always_bcc - copied > email is 2x or sometimes (?) 3x copied in the always_bcc email. > >I use DKIM and DMARC milter and Spamassasisn as a > "check_policy_service". Could the passing to the

Re: egrep deprecation warning (Re: Urgent Postfix stable release 3.7.3 and non-urgent legacy releases 3.6.7, 3.5.17, 3.4.27)

PGNet Dev: > perhaps of use > > https://www.phoronix.com/news/GNU-Grep-3.8-Stop-egrep-fgrep > https://lists.gnu.org/archive/html/info-gnu/2022-09/msg1.html Postfix is cross-platform, and not all the world uses GNU grep. Wietse

<    4   5   6   7   8   9   10   11   12   13   >