rignow postfix use best avilble imho according to recipient mx, but
this gives not correct ehlo :/
how do i solve this ?
I want to use Postfix with TLS support ,but my postfix uses amavisd-new
filter,mails use 1024 and 1025 ports for filtering in main.cf and master.cf
It is affect my TLS comunication (port 465)? Is possible appear DNS loophole
problem?
Thank
main.cf
amavisfeed unix- - n -
Am 17.06.2011 13:22, schrieb gaby:
I want to use Postfix with TLS support ,but my postfix uses amavisd-new
filter,mails use 1024 and 1025 ports for
filtering in main.cf and master.cf
It is affect my TLS comunication (port 465)? Is possible appear DNS loophole
problem?
main.cf
Zitat von Benny Pedersen m...@junc.org:
rignow postfix use best avilble imho according to recipient mx, but
this gives not correct ehlo :/
Why do you want a different EHLO when using IPv6/IPv4? Best practice
would be to use one hostname which resolves for IPv4 and IPv6
addresses and
Benny Pedersen:
rignow postfix use best avilble imho according to recipient mx, but
this gives not correct ehlo :/
You should use the same hostname for IPv6 and IPv4.
Wietse
how do i solve this ?
I have 2 questions:
1 If Amavisd-new affect (damage) TLS functionality?
2 What is Closing a DNS loophole with obsolete per-site TLS policies in
postfix TLS Documentation,Amavisd-new with TLS postfix generate is problem?
Thanks
- Original Message -
From: Reindl Harald
To:
* gaby g...@autoglobus2000.ro:
I have 2 questions:
1 If Amavisd-new affect (damage) TLS functionality?
No
2 What is Closing a DNS loophole with obsolete per-site TLS policies in
postfix TLS Documentation,Amavisd-new with TLS postfix generate is problem?
Which DNS loophole?
--
Ralf
On Fri, Jun 17, 2011 at 04:39:25PM +0200, Ralf Hildebrandt wrote:
2 What is Closing a DNS loophole with obsolete per-site TLS policies in
postfix TLS Documentation,Amavisd-new with TLS postfix generate is problem?
Which DNS loophole?
hi folks
hi Wietse
hi mouss
are you ready ?
This is a general question on improvements to a standard config postscreen
with postfix 2.8.2
this my config :
r13151 ~]# postconf -n | egrep postscreen
postscreen_access_list = permit_mynetworks
postscreen_bare_newline_action = ignore
m...@smtp.fakessh.eu:
Checking application/pgp-signature: FAILURE
-- Start of PGP signed section.
[ Charset ISO-8859-1 unsupported, converting... ]
hi folks
hi Wietse
hi mouss
are you ready ?
This is a general question on improvements to a standard config postscreen
with postfix
On Fri, Jun 17, 2011 at 02:44:52PM -0400, Wietse Venema wrote:
r13151 ~]# postconf -n | egrep postscreen
That is not postconf -n output. There are too many lines of output.
Or the OP tweaked or cloned default values of too many parameters. If
the OP posts a more modest set of non-default
Hey guys,
i get some postifx errors. Someone will send me some news (newsletter
or so) and the mails didnt arrive. I see the following error in my
log:
Jun 17 20:47:37 web01 postfix/smtpd[5197]: NOQUEUE: reject: RCPT from
unknown[63.117.29.241]: 450 4.7.1 Client host rejected: cannot find
Le vendredi 17 juin 2011 20:44, Wietse Venema a écrit :
That is not postconf -n output. There are too many lines of output.
I assure you this is my exit.
[root@r13151 ~]# postconf -n | egrep postscreen
postscreen_access_list = permit_mynetworks
postscreen_bare_newline_action = ignore
Le vendredi 17 juin 2011 20:54, Victor Duchovni a écrit :
On Fri, Jun 17, 2011 at 02:44:52PM -0400, Wietse Venema wrote:
r13151 ~]# postconf -n | egrep postscreen
That is not postconf -n output. There are too many lines of output.
Or the OP tweaked or cloned default values of too many
On Fri, Jun 17, 2011 at 09:32:15PM +0200, m...@smtp.fakessh.eu wrote:
Le vendredi 17 juin 2011 20:44, Wietse Venema a ?crit?:
That is not postconf -n output. There are too many lines of output.
I assure you this is my exit.
On Fri, Jun 17, 2011 at 02:54:51PM -0400, Victor Duchovni wrote:
Le vendredi 17 juin 2011 21:39, Victor Duchovni a écrit :
In that case you've over-engineered your configuration as was my guess.
Now you need to construct something more restrained.
So I understand
how to build something cleaner
--
On Fri, Jun 17, 2011 at 09:44:00PM +0200, m...@smtp.fakessh.eu wrote:
Le vendredi 17 juin 2011 21:39, Victor Duchovni a ?crit?:
In that case you've over-engineered your configuration as was my guess.
Now you need to construct something more restrained.
So I understand
how to build
Le vendredi 17 juin 2011 21:54, Victor Duchovni a écrit :
On Fri, Jun 17, 2011 at 09:44:00PM +0200, m...@smtp.fakessh.eu wrote:
Le vendredi 17 juin 2011 21:39, Victor Duchovni a ?crit?:
In that case you've over-engineered your configuration as was my guess.
Now you need to construct
m...@smtp.fakessh.eu:
Le vendredi 17 juin 2011 21:54, Victor Duchovni a ?crit?:
On Fri, Jun 17, 2011 at 09:44:00PM +0200, m...@smtp.fakessh.eu wrote:
Le vendredi 17 juin 2011 21:39, Victor Duchovni a ?crit?:
In that case you've over-engineered your configuration as was my guess.
Now
Once you have a well-thought-out and tested configuration, you should
set:
unknown_address_reject_code = 550
unknown_client_reject_code = 550
unknown_hostname_reject_code = 550
Can you tell me why? What does 550 mean?
And why is it importent to set it?
greetz
Am 18.06.2011 00:42, schrieb Daniel:
Once you have a well-thought-out and tested configuration, you should
set:
unknown_address_reject_code = 550
unknown_client_reject_code = 550
unknown_hostname_reject_code = 550
Can you tell me why? What does 550 mean?
And why is it
Hi,
I'm hosting my own mail server using postfix. I've got an Internet Domain Name
(cinema-voiron.fr) and a fix IP address. The router which manages my internet
connection redirects incoming smtp request to my server using NAT (port 25
opened on my server and on my public IP)
I successfully
On Sat, Jun 18, 2011 at 01:30:21AM +0200, Xavier Ambrosioni wrote:
22:16:25.978773 IP smtp10.smtpout.orange.fr.41183
passrlminisrv.cinema-voiron.fr.smtp: Flags [S], seq 105066692, win 5840,
options [mss 1380,sackOK,TS val 2993558281 ecr 0,nop,wscale 8], length 0
22:16:28.978262 IP
On Fri, 17 Jun 2011 15:19:47 +0200, lst_ho...@kwsoft.de wrote:
on ipv4 i have my own reverse ptr, on ipv6 i currently have my ipv6
provider ptr, should i be lame and say home.junc.org on both ? :=)
ideal i can send a request to my ipv6 provider and ask if i can change
ptr dns on my ipv6, but
On Fri, 17 Jun 2011 10:16:09 -0400 (EDT), Wietse Venema wrote:
Benny Pedersen:
rignow postfix use best avilble imho according to recipient mx, but
this gives not correct ehlo :/
You should use the same hostname for IPv6 and IPv4.
okay, i should ask for sixxs paypal account :-)
with one
On Fri, 17 Jun 2011 21:00:51 +0200, Daniel wrote:
Jun 17 20:47:37 web01 postfix/smtpd[5197]: NOQUEUE: reject: RCPT
from
unknown[63.117.29.241]: 450 4.7.1 Client host rejected: cannot
find
your hostname, [63.117.29.241];
from=do-not-re...@eamythic.com
to=dan...@xxx.de proto=ESMTP
Dear List,
Our problem has been solved by doing the following :-
a. The package cyrus-sasl-ntlm-2.1.22-4 was installed in our server.
As a result of which NTLM authentication was enabled in our server.
You can test this by executing telnet IP ADD of server 25. You
Hi Vikktor,
Thank you for your reply.
It surprising because currently I have no firewall enabled.
Below an example when the connection is properly established.
07:07:15.040105 IP mail-vx0-f173.google.com.61783
passrlminisrv.cinema-voiron.fr.smtp: Flags [S], seq 4025038703, win 5720,
options
28 matches
Mail list logo