Re: Is postfix the right tool for detecing and stripping out email addresses that forward to the same address?

I'm not sure, but canonical address mapping sounds like what you want: http://www.postfix.org/ADDRESS_REWRITING_README.html#canonical This isn't the same as just delivering an email to an alias address. It actually rewrites envelope and message header addresses. If this does what you

Re: Is postfix the right tool for detecing and stripping out email addresses that forward to the same address?

Now my additions. If you are using RoundCube then almost certainly RoundCube is using IMAP/IMAPS to communicate with a back end imapd server. A backend imapd that is most likely Dovecot? This drifts off-topic for Postfix so further discussion should be in a different mail group, probably a

Re: Can't deliver forwarded email coming from amazonses.com

And I would use "check_client_access" instead? Yes. Note that trailing comments are not part of the Postfix map syntax. Any comment must occupy its entire line. Good to know. I would have screwed this up at some point if I haven't already. You can use a CIDR map if you prefer,

Re: Is postfix the right tool for detecing and stripping out email addresses that forward to the same address?

Hi, Postfix isn't the right thing for that. It's a mail server, not a mail client. You'll need to investigate the documentation for the mail client that you use when reading and sending mail. For example, with mutt, you can give it a list of all of your email addresses with an "alternates"

Is postfix the right tool for detecing and stripping out email addresses that forward to the same address?

My scenario: I have several email accounts: EmailA, EmailB, EmailC, EmailD, etc.. Then I have a fifth gmail account, EmailE, that I use to funnel/forward all my other email addresses to. The gmail account then forwards all email to my main email, EmailA. Yeah, it's a mess. Yes, I will

Re: Can't deliver forwarded email coming from amazonses.com

I would have opted for "client" rather than "sender" checks, provided a sufficiently stable/comprehensive range of source IP addresses for the forwarding host were available. OK, took a quick look at the documentation on this but still left with questions. So would "client" be the same as

Re: Can't deliver forwarded email coming from amazonses.com

Anything else I can try? Yes, far better to disable SPF checks on hostB when receiving mail from hostA. Thank you. Problem solved. For the benefit of others: 1) Add /etc/postfix/sender_checks file: amazonses.com OK 2) Add check to smtpd_recipient_restrictions config in main.cf:

Re: Can't deliver forwarded email coming from amazonses.com

smtp_generic_maps = hash:/etc/postfix/smtp_generic_map Forgive the typo in this email. I have it correctly entered in the actual config file as: "smtp_generic_maps = hash:/etc/postfix/smtp_generic_maps"

Can't deliver forwarded email coming from amazonses.com

I have a mail server the receives email from a website. The website uses Amazon SES to send its email out. This email gets sent to somebody@HOST_A address. Then, the email client on the server has a filter installed to forward to a local address and then to an email address on another adrees,

What is the proper value in solrconfig.xml for dovecot?

I'm looking at config documentation for solr on dovecot: https://doc.dovecot.org/configuration_manual/fts/solr/ In the suggested solrconfig.xml file (https://raw.githubusercontent.com/dovecot/core/master/doc/solr-config-7.7.0.xml), it has the following line: 7.7.0 I'm running solr version

Re: No bayes filtering with a virtual alias. How can I fix?

So are you saying that amavis would replace the uses of the sendmail command here to deliver the email? I'm not familiar with amavis. I'll search on it. yes. Perhaps you could replace the sendmail with postfix' lmtp command. But I'm not sure whether if could work and wht exact syntax to

Re: No bayes filtering with a virtual alias. How can I fix?

No. As Matthias pointed out, these are the settings before the content filter (hint: it is before spamassassin). Unfortunately, your configuration uses the /usr/sbin/sendmail command to inject filtered mail back into Postfix. That uses the same Postfix pickup service for new mail and for

Re: No bayes filtering with a virtual alias. How can I fix?

smtp inet n - y - -smtpd -o content_filter=spamassassin -o receive_override_options=no_address_mappings So it looks like I have the no_address_mappings after the content filter already. Is that right? no, you have no_address_mappings BEFORE the content

Re: No bayes filtering with a virtual alias. How can I fix?

By doing the virtual_alias_maps *before* instead of after the content filter, so that the content filter sees the final envelope recipient. This is done by by NOT having ("receive_override_options" with "no_address_mappings") before the content filter and by having ("receive_override_options"

No bayes filtering with a virtual alias. How can I fix?

/spamc -u ${user} -e /usr/sbin/sendmail -oi -f ${sender} ${recipient} When an email is sent to "st...@dondley.com", spamassassin does not do any bayes filtering on the email. Presumably it's because the user "steve" does not exist on the system and is only a virtual user. S

Emails not received when attempting per-user spamassassin command when sending to multiple recipients on a server

Sending to pe...@example.org works with these SA settings in master.cf: smtp inet n - y - -smtpd -o content_filter=spamassassin -o receive_override_options=no_address_mappings spamassassin unix - n n - - pipe

Re: spamassassin user_prefs getting ignore

OK, I found the solution. So the command needed for me was: user=debian-spamd argv=/usr/bin/spamc -u ${user} -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient} ${recipient} returns the full email address whereas I just wanted the bit before the @ sign (the user name).

Re: spamassassin user_prefs getting ignore

spamassassin unix - n n - - pipe user=debian-spamd argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender} ${recipient} I modified the above to: user=debian-spamd argv=/usr/bin/spamc -u ${recipient} -f -e /usr/sbin/sendmail -oi -f ${sender}

spamassassin user_prefs getting ignore

I'd like to configure postfix so the configuration settings in the per-user configuration file at ~/.spamassassin/user_prefs get applied. This user_prefs config file is used with the spamassassin command as evidenced with spamassassin -D < spam.txt. But as far as I can tell, the user_prefs

Re: How do I stop getting multiple copies of emails from "always_bcc" option?

On Fri, Mar 5, 2021 at 4:26 AM Viktor Dukhovni wrote: > > On Fri, Mar 05, 2021 at 03:41:06AM -0500, Steve Dondley wrote: > > > Here are postfix config file: https://pastebin.com/bZxjHF5y > > I don't usually go chasing pastebin URLs... > > > Hopefully something jumps

Re: How do I stop getting multiple copies of emails from "always_bcc" option?

> 1. new email comes in, is delivered to content filter, with bcc to > always_bcc recipient. > 2. content filter re-injects email into the queue for final delivery, > postfix performs final delivery, with bcc to the always_bcc recipient? > > Since these are 2 separate deliveries (with different

Re: How do I stop getting multiple copies of emails from "always_bcc" option?

> You may also have disabled recipient duplication. We will > never knwo unles yo reveal yur configration as described > in http://www.postfix.org/DEBUG_README.html#mail. I've been looking at this a lng time tonight. Despite my best efforts, I did not find a reason for the duplicate email. I

Re: How do I stop getting multiple copies of emails from "always_bcc" option?

> If 'always_bcc' produces three copies (with spamassassin turned on) > for one email message with three recipients, then Postfix is It's actually generating 3 emails even if sending to only one recipient. > mis-configured, for example, to deliver three one-recipient messages > to the content

Re: How do I stop getting multiple copies of emails from "always_bcc" option?

> do a lot of your own homework (because everyone here is busy). If this > doesn't appeal, consider using a recipe for a postfix-based mail server > such as https://mailinabox.email/ or https://www.iredmail.org/. You lose > the flexibility of a bespoke setup but you get back some of your life - >

Re: How do I stop getting multiple copies of emails from "always_bcc" option?

n (which I apparently do), how do I properly stop duplicates from happening? On Thu, Mar 4, 2021 at 2:17 PM Steve Dondley wrote: > > I think I found the root cause of the problem (other than me being a > clueless idiot). I had this in my master.cf: > > smtp inet n - y

Re: How do I stop getting multiple copies of emails from "always_bcc" option?

I think I found the root cause of the problem (other than me being a clueless idiot). I had this in my master.cf: smtp inet n - y - -smtpd -o content_filter=spamassassin submission inet n - y - -smtpe -o content_filter=spamassassin

Re: How do I stop getting multiple copies of emails from "always_bcc" option?

After staring at these logs some more and piecing together the advice here, here's my understanding of what's happening: * Mail comes in via smtpd as user sends mail. It's going to 3 recipients. I'm not sure who those might be. Maybe the catchall account and the two users the email is going to?

Re: How do I stop getting multiple copies of emails from "always_bcc" option?

Here's an anonymized pastebin example of my actual log entries of an outgoing email that generated 3 copies: https://pastebin.com/cw2XB5jp to the "catchall" mailbox. > It is worthwhile to know if the duplicates are caused by adding > multiple 'always_bcc' addresses to the same queue file. > >

Re: How do I stop getting multiple copies of emails from "always_bcc" option?

> - mail comes to postfix (smtp or local injection) > = address mappings (always_bcc) happen > - postfix sends mail to spamassassin > - spamassassin scans mail and sends to postfix > = address mappings (always_bcc) happen > > one of those should be avoided by no_address_mappings but choose

Re: How do I stop getting multiple copies of emails from "always_bcc" option?

> The info can be found in the maillog file, and the Received: headers > of the messages as delivered. Welcome to the vortex. After a close inspection of the headers, I can see that all the email received have headers injected by spamassassin and this revealing line: "Received: by

Re: How do I stop getting multiple copies of emails from "always_bcc" option?

> you only use should no_address_mappings if your mail loops back, not > generally - you usually want alias expantion, canonical mapping, and > automatic BCC (at least if you configure any of those). Sorry, I don't follow you. I'm on debian. As far as I can gather, all mail related activity is

Re: How do I stop getting multiple copies of emails from "always_bcc" option?

On Thu, Mar 4, 2021 at 7:48 AM Dominic Raferd wrote: > > On 04/03/2021 11:42, Steve Dondley wrote: > >> On 03.03.21 18:23, Steve Dondley wrote: > >>> I have enabled the always_bcc setting with: > >>> > >>> always_bcc = exam...@example.org >

Re: How do I stop getting multiple copies of emails from "always_bcc" option?

> > > > >-o content_filter=spamassassin > > the question is, how does spamassassin push mail back to postfix. I have no earthly idea. Not sure how SA works, exactly. And it makes me wonder if I'm breaking spam assassin by adding -o receive_override_options=no_address_mappings to my

Re: How do I stop getting multiple copies of emails from "always_bcc" option?

> On 03.03.21 18:23, Steve Dondley wrote: > >I have enabled the always_bcc setting with: > > > >always_bcc = exam...@example.org > > > >It works, but I'm getting everything three times. How do I prevent > >duplicates? > > this can happen if you use c

Re: How do I stop getting multiple copies of emails from "always_bcc" option?

Venema wrote: > > Steve Dondley: > > OK, I found some guidance here: > > http://www.postfix.org/ADDRESS_REWRITING_README.html > > > > Adding in "-o receive_override_options=no_address_mappings" to the > > smtpd section worked. > > > > I re

Re: How do I stop getting multiple copies of emails from "always_bcc" option?

t explains it? On Wed, Mar 3, 2021 at 6:23 PM Steve Dondley wrote: > > I have enabled the always_bcc setting with: > > always_bcc = exam...@example.org > > It works, but I'm getting everything three times. How do I prevent duplicates? -- Prometheus Labor Communications, Inc. ht

How do I stop getting multiple copies of emails from "always_bcc" option?

I have enabled the always_bcc setting with: always_bcc = exam...@example.org It works, but I'm getting everything three times. How do I prevent duplicates?

User unknown in virtual mailbox table problem

This is probably off-topic, but maybe slightly related. I can open a support ticket with Gandi, but something's definitely amiss with their support system these days, as I have two open tickets with them for other things directly related to their service which have not yet even been assigned

Re: Problem with new installation

, at 14:33, Steve Matzura wrote: [...] On a whim, I change the DNS record for mail from A to CNAME. That's a weird and dangerous whim. Hostnames that are used as the value for MX records MUST have A records and hence MUST NOT have CNAME records. The CNAME *MIGHT* work if done correctly for *SOME

Re: Problem with new installation

019, at 12:33, Steve Matzura wrote: I change the DNS record for mail from A to CNAME Don’t do that. https://tools.ietf.org/html/rfc2181 The domain name used as the value of a NS resource record, or part of the value of a MX resource record must not be an alias. Not only is the specifica

Re: Problem with new installation

MX record was untouched. Now, when someone tries to send mail, they're getting 554's and/or 5.7.1's about relays. I read an article at https://bobcares.com/blog/554-5-7-1-relay-access-denied/ but don't know what to change to affect this. On 10/23/2019 11:23 AM, Noel Jones wrote: On 10/23/2019 8:27

Re: Problem with new installation

proto=ESMTP helo= I don't know even where to start with this one. Time to go back to school I think. On 10/22/2019 7:10 PM, Steve Matzura wrote: Thanks, Noel. Very helpful. MySQL is definitely installed and working, but I don't know about Milter, as it was set up by someone else who didn't

Re: Problem with new installation

. On 10/22/2019 3:46 PM, Noel Jones wrote: On 10/22/2019 1:58 PM, Steve Matzura wrote: I am running a copy of configurations from a running version 2 installation from Ubuntu 14.04, now alive as version 3 on Ubuntu 18.04. I thought I'd be slick and port over all the user mailbox directories

Problem with new installation

I am running a copy of configurations from a running version 2 installation from Ubuntu 14.04, now alive as version 3 on Ubuntu 18.04. I thought I'd be slick and port over all the user mailbox directories in /var/mail/vmail, all the customized .cf's, and the MySQL database. Everything ported

RE: SPF and Greylisting

it will either be rejected by a following rule or greylisted by the final policy check. Steve -Original Message- From: owner-postfix-us...@postfix.org On Behalf Of Wietse Venema Sent: April 5, 2019 11:20 AM To: Postfix users Subject: Re: SPF and Greylisting st...@douville.net: >

SPF and Greylisting

result of Softfail? TIA, Steve

Re: mail for ... loops back to myself

> On Jul 11, 2018, at 6:12 PM, Wietse Venema wrote: > > Steve Atkins: >> I suspect the answer to this is going to be "Well, don't do that then." but >> I may as well ask... >> >> I have a VM that's running two services. One of them is a vanilla post

mail for ... loops back to myself

n unreasonable thing for it to think, but is there any way to tell postfix that it's just a smarthost, not an MX listening on port 25, and it shouldn't worry it's little head about mail loops? Cheers, Steve

Re: Testing new server

On Wed, May 16, 2018 at 9:28 AM Matus UHLAR - fantomas <uh...@fantomas.sk> wrote: > On 15.05.18 16:54, Steve Huston wrote: > >To do so, I'd like to send a copy of all locally-delivered > >mail from the old machine to the new one to have it processed there. > always_bcc and

Testing new server

m not sure if that's the right answer. A transport map seems like the right answer, but that appears to only have a single target. -- Steve Huston - W2SRH - Unix Sysadmin, PICSciE/CSES & Astrophysical Sci Princeton University |ICBM Address: 40.346344 -74.652242 345 Lewis Library

Problem with spam and some connections not using my smtpd_recipient_restrictions

provide will be helpful. Thanks -- Steve Kuekes Private Pilot: N9259R '95 Saratoga based at Sanford-Lee County Regional (TTA) Fisherman: 2007 Sea Fox 225 Bay Fisher email:st...@kuekes.com

New approach with fqrdns.pcre file

I know many of us have used the fqrdns.pcre in Postfix's smtpd_client_restrictions for many years to help block "low hanging" spam. Long ago, after the project was abandoned by Stan H, I adopted it and moved it to GitHub: https://github.com/stevejenkins/hardwarefreak.com-fqrdns.pcre One of

Any better ideas for grabbing Yahoo's known SMTP servers?

I use Postwhite to create a whitelist for Postscreen based on user-configurable "trusted" mailers: https://github.com/stevejenkins/postwhite (disclaimer: I'm the author). Yahoo! has always been problematic (no surprise) because unlike all the other big mailers that Postwhite queries, they don't

Re: Moving from version 2 to 3

Thank you. I know it's been about three weeks since I asked the question, but I've been swamped with other projects so haven't had a chance to try it. I will, and will report back. On Thu, 19 Jan 2017 15:22:57 -0500 (EST), you wrote: >Steve Matzura: >> I'm currently running an imple

Re: Moving from version 2 to 3

Peter: On Fri, 20 Jan 2017 11:01:25 +1300, you wrote: >F17 came with postfix 2.9 (the 9 is important here). I would also do >this to make a new setting in 2.10 compatible to previous versions: > >postconf smtpd_relay_restrictions=permit I must be lucky then, because 'postconf -d|grep

Re: centos 7

On Mon, Jan 23, 2017 at 11:47 AM Vernon Fort wrote: > What’s the best way to get the latest version of postfix on centos 7? > Google "centos postfix build" and click on the first link, which is my walk-thru for upgrading Postfix on CentOS, including CentOS 7. I've

Moving from version 2 to 3

I'm currently running an implementation of version 2 on a Fedora version 17 system, moving to a Ubuntu 16.04 LTS system which gave me version 3. Before I start pulling my hair out, which I already did going from version 1 to 2, is there an easy migration path for a configuration file that's

Re: Let's Encrypt + Postfix TLS + iOS Mail

On Mon, Nov 14, 2016 at 7:22 PM, Sebastian Nielsen wrote: > You need to be more clear here. > > When you say Gmail account on port 587 I don’t entirely understand what > you are doing. Are you using Gmail as upstream smarthost? > 1. Open Gmail 2. Press gear icon and select

Re: Let's Encrypt + Postfix TLS + iOS Mail

On Mon, Nov 14, 2016 at 7:23 PM, wrote: > Have you tried to add the certs to the root store on your phone? I'm not > on an iPhone, but that is what I did for Let's Encrypt. And it doesn't seem > to always work. > I can do that, but I don't want to make all the other users

Re: Let's Encrypt + Postfix TLS + iOS Mail

On Mon, Nov 14, 2016 at 7:17 PM, Viktor Dukhovni <postfix-us...@dukhovni.org > wrote: > > > On Nov 14, 2016, at 9:08 PM, Steve Jenkins <st...@stevejenkins.com> > wrote: > > > > # postconf -n | grep tls > > smtp_tls_CAfile = $smtpd_tls_CAfile > > s

Let's Encrypt + Postfix TLS + iOS Mail

I've had TLS working great on my Postfix servers for years, and I recently tried switching one of my boxes to a Let's Encrypt certificate. A Gmail test account using TLS on port 587 works fine, but the iOS mail client complains about the certificate being untrusted. Further digging shows it

Re: DMARC fail

On Tue, Nov 1, 2016 at 12:38 PM, André Rodier wrote: > Hello all! > > I have set up my postfix server, and my DNS entries to support DKIM, SPF > and DMARC. However, I think I may have an error somewhere, because the > "Authentication-Results:" header for DMARC -s "fail": > >

Re: sorbs.net blacklist too aggressive?

s I'd be comfortable using to reject mail based purely on peer IP rather than as part of a scoring or content-based approach. I could count them on the fingers of one hand, and that's including three spamhaus lists). Cheers, Steve

Re: WoSign/StartCom CA in the news

new key and certificate into place. To be a little on-topic that includes a couple of postfix servers that don't do anything over http at all. Cheers, Steve > About the only outside control of my server I accept is spam RBLs, because > really I have no alternative. > > I understand the

Re: Extracting delivery attempts from log files

> On Aug 21, 2016, at 5:13 AM, Wietse Venema <wie...@porcupine.org> wrote: > > Robert Schetterer: >> Am 21.08.2016 um 05:10 schrieb Steve Atkins: >>> I find I need to extract a list of deliveries, and delivery attempts, from >>> postfix logs. Ideally I'd l

Extracting delivery attempts from log files

or some other script that'll do that? Cheers, Steve

Re: Porn spam killer PCRE

E filtering, but I think it would block too many false positives from legitimate domains such as kissimmee.org, blackgirlsvote.com, savethedate.com, and cuteoverload.com (based on your examples). Maybe some other form(s) of content filtering? Steve Jenkins

Re: Postscreen client based access through reverse DNS lookup

On Thu, Jul 21, 2016 at 5:14 PM, Benny Pedersen <m...@junc.eu> wrote: > On 2016-07-21 20:27, Steve Jenkins wrote: > > whitelists and blacklists for Postscreen based on hostnames: >> https://github.com/stevejenkins/postwhite >> > > can blacklist be saved

Re: Postscreen client based access through reverse DNS lookup

On Thu, Jul 21, 2016 at 10:28 AM, Lefteris Tsintjelis wrote: > > I am already doing this but I would personally much rather have the > choice of a domain white/black listing as it is a much cleaner solution > even for smaller and unlisted domains with the extra delay cost of a >

Re: Postscreen client based access through reverse DNS lookup

On Thu, Jul 21, 2016 at 10:09 AM, Lefteris Tsintjelis wrote: > This is a CIDR based access list and you have to know the IP > Also... you don't need to know the IP. Postwhite looks it (them) up for you based on domain name and stuffs them into a Postscreen-friendly whitelist.

Re: Postscreen client based access through reverse DNS lookup

On Thu, Jul 21, 2016 at 10:09 AM, Lefteris Tsintjelis <le...@spes.gr> wrote: > On 21 Jul 2016, at 18:58, Steve Jenkins <st...@stevejenkins.com> wrote: > > > If you're looking into Postscreen whitelisting, you might consider > including Postwhite in your solution: > &

Re: Postscreen client based access through reverse DNS lookup

On Thu, Jul 21, 2016 at 9:21 AM, Lefteris Tsintjelis wrote: > Would it be too much to ask for a single reverse DNS lookup client based > black/white listing in postscreen? > > ... > .gmail.com reject > .live.com reject > .postfix.org accept > ... > If you're looking into

Re: postscreen whitelist

On Wed, Jun 1, 2016 at 6:29 AM, @lbutlr <krem...@kreme.com> wrote: > On May 31, 2016, at 8:30 PM, Steve Jenkins <st...@stevejenkins.com> wrote: > > A quick way to do this is to download postwhite and add web.com to the > list of queried hosts. All their known (publi

Re: postscreen whitelist

On Tue, May 31, 2016 at 7:24 PM, Michael Orlitzky wrote: > On 05/31/2016 08:16 PM, Terry Barnum wrote: > > > > Since web.com probably has a fleet of mail servers, do I need to find > and enter all their IPs into my postscreen_access.cidr? Is there an easier > way? > > > >

Re: Is there a Check my IPv6 Email server out there anywhere?

Postfix need anything special - I can’t see anything in the docs. > > Thanks > Robert Hi Robert, http://ipv6-test.com for the basics. dig chalmers.com.au doesn’t give any IPv6 addresses from here. The IPv6 address in your TXT SPF record doesn’t have a reverse DNS record and it doesn’t answer pings. Steve

Re: gmail servers requiring postscreen_access whitelisting

On Tue, Apr 12, 2016 at 4:30 AM, @lbutlr wrote: > > > On Apr 10, 2016, at 5:37 PM, Curtis Villamizar > wrote: > > > > In message > > "@lbutlr" writes: > >> > >> On Apr 10, 2016, at 10:24 AM, Curtis

Re: Webmin with Postfix: recommended or not.

On Sat, Mar 26, 2016 at 3:48 PM, Tom Browder wrote: > I am considering using Webmin on my servers and see that it has a Postfix > module. Does anyone have any experience with it or have an opinion to offer > ref its ability to manage Postfix? Hi, Tom. I use Webmin for a

Re: RHEL / CentOS 7 RPMs

On Sat, Mar 12, 2016 at 5:04 AM, Nikolaos Milas wrote: > Hello, > > I would like to ask whether someone has worked on J. Mudd's RPMs ( > http://postfix.wl0.org/) to produce RHEL / CentOS 7 versions. > > The above site includes code for RHEL / CentOS versions 5 and 6 (not for > all

Re: Spawning milter processes

On Sun, Jan 31, 2016 at 9:04 AM, Ron Garret wrote: > OK, but is there any way to get Postfix to restart a milter if it goes > down? By default, if a milter goes down, it takes postfix down with it. The usual way to start a milter service is to have it autostart when the

Re: Adding a noreply address

On Tue, Jan 26, 2016 at 12:07 PM, btb wrote: > On 2016.01.26 10.54, Matt Bayliss wrote: > >> I'm trying to find the correct/best practice method for setting up a >> black hole email address for such items as "noreply" addresses when >> sending alerts from monitoring devices

Re: Authentication query

> On 16 Jan 2016, at 16:47, Nick Howitt wrote: > > Only since 2.10 or 2.11. It was added because of a discussion with me on > these lists. My distro (RHEL6 related) is stuck on 2.6.6. At some point, when > it is more stable I'll update to my distro's RHEL7 derivative. I

Re: HowTo AntiSpam for "Beginners"

On Thu, Jan 14, 2016 at 2:17 PM, Dennis Steinkamp wrote: > my approach therefor would be to use postscreen in conjunction with > policyd-weight and amavisd-new for after queue content filtering. > Does this sound reasonable to you? > Extremely reasonable. Postscreen

Re: Could someone check my master.cf file please for accuracy and validity.

On Thu, Dec 3, 2015 at 7:51 AM, Noel Jones wrote: > Settings in main.cf apply to all services. Settings in master.cf > only apply to the service they are listed in. > > You may have a milter that is needed only in the "submission" > service, such as a DKIM signer.

Re: Could someone check my master.cf file please for accuracy and validity.

On Thu, Dec 3, 2015 at 9:01 AM, Robert Chalmers wrote: > To enlarge on that, I have in main.cf and master.cf the following > > main.cf > /// > # dkim > smtpd_milters = inet:127.0.0.1:8891 > non_smtpd_milters =

Re: Could someone check my master.cf file please for accuracy and validity.

On Thu, Dec 3, 2015 at 9:18 AM, Noel Jones <njo...@megan.vbhcs.org> wrote: > On 12/3/2015 11:07 AM, Steve Jenkins wrote: > > On Thu, Dec 3, 2015 at 9:01 AM, Robert Chalmers > > <rob...@chalmers.com.au <mailto:rob...@chalmers.com.au>> wrote: > > > >

Re: Could someone check my master.cf file please for accuracy and validity.

On Thu, Dec 3, 2015 at 1:54 AM, Robert Chalmers wrote: > Could someone check my master.cf file please for accuracy and validity. > Especially spamassassin and how it’s setup. > > master.cf related section: > > submission inet n - n - - smtpd

Re: Postscreen and *outbound.protection.outlook.com

On Wed, Dec 2, 2015 at 9:54 AM, Bryan K. Walton wrote: > On Wed, Dec 02, 2015 at 12:49:05PM -0500, Bill Cole wrote: > > Alternative (and I think better) random guess: you've enabled one or more > > "after 220 server greeting" test. See the postscreen man page for the > >

Postscreen whitelist script now fixes invalid CIDRs

I appreciate all the feedback I've received from Postfix users on my Postscreen whitelist creation script. I've now moved the project to GitHub, and completely reworked it as a Thanksgiving project: https://github.com/stevejenkins/postwhite Postwhite now creates a single Postscreen whitelist,

Re: Feedback on Postscreen Whitelist Article

On Thu, Nov 26, 2015 at 3:41 AM, Robert Chalmers <rob...@chalmers.com.au> wrote: > Hi Steve, > I’m seeing this in the mail.log > > warning: cidr map /usr/local/etc/postfix/msft_whitelist.cidr, line 36: > non-null host address bits in "207.68.169.173/30", perhaps y

Re: Feedback on Postscreen Whitelist Article

On Thu, Nov 26, 2015 at 4:49 AM, Robert Chalmers wrote: > So do I. > So I’ll hand cut the cidr file for now, and wait till the author updates > his code.. > So, I've updated the code. :) Instead of relying on multiple scripts to make multiple lists, I simplified things

Re: Feedback on Postscreen Whitelist Article

On Thu, Nov 26, 2015 at 9:00 AM, Bill Cole < postfixlists-070...@billmail.scconsult.com> wrote: > > Every DNS SOA should have a RP field that is supposed to be an email > address (s/@/./) for the Responsible Party who can fix problems in the > zone. Surely a big responsible company like Microsoft

Re: Feedback on Postscreen Whitelist Article

On Thu, Nov 26, 2015 at 12:03 PM, ale@proto wrote: > I reviewed my logs today and I saw a lot of connections from a bunch of MS > outbound gateways before entering the "postgrey layer". > > Once postscreen marked one of these gw PASS OLD postgrey put the message > in

Re: Feedback on Postscreen Whitelist Article

On Wed, Nov 25, 2015 at 4:13 AM, ale@proto <alessan...@protodigital.net> wrote: > I thinks it's a good starting point, Steve. > And it's much better than doing it manually as I did :-) > > Anyway... I rapidly tested delivery time from my office365 account: > - WL disabled: 15

Re: Turning off backwards compatibility warnings

On Wed, Nov 25, 2015 at 4:42 PM, Peter wrote: > smtputf8 support is new in Postfix 3.0, so previous versions did not > have it, or the setting, at all. If you want smtputf8 support then you > need to compile it in, but you will not lack anything you had before by >

Turning off backwards compatibility warnings

I've been living with the backwards-compatible warnings on postfix reloads for a while, and figured today was the day to turn them off. Here's what I'm always seeing: # postfix reload postfix: Postfix is running with backwards-compatible default settings postfix: See

Re: Feedback on Postscreen Whitelist Article

On Tue, Nov 24, 2015 at 10:32 AM, proto <alessan...@protodigital.net> wrote: > Thank you Steve. > I did something similar some weeks ago because I had to get in contact > with MS Support urgently. > > I remember I had to get outbound gateways IPs from < > spf.protection

Feedback on Postscreen Whitelist Article

anyone on this list generous enough to offer it, so I can fix any mistakes or make the article better. Thanks, Steve *Steve Jenkins* *st...@stevejenkins.com <st...@stevejenkins.com>* <http://t.sidekickopen29.com/e1t/c/5/f18dQhb0S7lC8dDMPbW2n0x6l2B9nMJN7t5XX4S9MSCW3LPWyM3LjCtjVQZcFT56dvXWf7

Re: Feedback on Postscreen Whitelist Article

On Mon, Nov 23, 2015 at 1:03 PM, Noel Jones wrote: > > Maintaining a local postscreen whitelist of well-known providers is > largely obsolete. > > http://www.postfix.org/postconf.5.html#postscreen_dnsbl_whitelist_threshold >

Re: Feedback on Postscreen Whitelist Article

On Mon, Nov 23, 2015 at 1:48 PM, rob...@chalmers.com.au < rob...@chalmers.com.au> wrote: > Interesting article Steve. What happens when/if they change ip blocks in > between cron runs? > and I can't help thinking this may be a little redundant though, with spf, > dkim

Suggested fqrdns.pcre updates

experienced Postfix mail admins would be appreciated. Thanks, SteveJ *Steve Jenkins* *st...@stevejenkins.com <st...@stevejenkins.com>* <http://t.sidekickopen28.com/e1t/c/5/f18dQhb0S7lC8dDMPbW2n0x6l2B9nMJN7t5XX4S9MSCW3LPWyM3LjCtjVQZcFT56dvXWf7fnxkP02?t=http%3A%2F%2Fwww.stevejenki

  1   2   3   4   5   6   >