We have a server with multiple IP addresses. We use the various IPs on
incoming to provide different types/levels of spam filtering. Currently
all outgoing mail uses the same single IP.
We would like for mail
that arrives on one particular IP to be relayed out on a different IP from
other mail.
On 2/16/2015 10:29 PM, Viktor Dukhovni wrote:
smtp_tls_cert_file = /root/ssl/certs/$mydomain.mail.pem
smtp_tls_key_file = /root/ssl/private/$mydomain.mail.key
Are there any destinations for which you need client certs to gain
access? If not set these empty.
I thought these were needed for TLS
Am 19.02.2015 um 12:32 schrieb John:
On 2/16/2015 10:29 PM, Viktor Dukhovni wrote:
smtp_tls_cert_file = /root/ssl/certs/$mydomain.mail.pem
smtp_tls_key_file = /root/ssl/private/$mydomain.mail.key
Are there any destinations for which you need client certs to gain
access? If not set these empt
On Thu, 19 Feb 2015 06:32:29 John wrote:
> On 2/16/2015 10:29 PM, Viktor Dukhovni wrote:
> >> smtp_tls_cert_file = /root/ssl/certs/$mydomain.mail.pem
> >> smtp_tls_key_file = /root/ssl/private/$mydomain.mail.key
> >
> > Are there any destinations for which you need client certs to gain
> > access?
st...@thornet.co.uk:
> i.e. mail arriving on IP1, IP2 & IP3? to relay out
> on IP1, but mail mail arriving on IP4 to relay out on IP4. No local mail
> will arrive on IP4.
> We could do this with two instances of postfix,
Yes, that is a good idea. It also allows you to give
IPv4 and IPv6 addresses
On 2/19/2015 6:49 AM, Richard James Salts wrote:
On Thu, 19 Feb 2015 06:32:29 John wrote:
On 2/16/2015 10:29 PM, Viktor Dukhovni wrote:
smtp_tls_cert_file = /root/ssl/certs/$mydomain.mail.pem
smtp_tls_key_file = /root/ssl/private/$mydomain.mail.key
Are there any destinations for which you need
On 2/19/2015 6:35 AM, li...@rhsoft.net wrote:
Am 19.02.2015 um 12:32 schrieb John:
On 2/16/2015 10:29 PM, Viktor Dukhovni wrote:
smtp_tls_cert_file = /root/ssl/certs/$mydomain.mail.pem
smtp_tls_key_file = /root/ssl/private/$mydomain.mail.key
Are there any destinations for which you need clie
Am 19.02.2015 um 13:30 schrieb John:
On 2/19/2015 6:35 AM, li...@rhsoft.net wrote:
Am 19.02.2015 um 12:32 schrieb John:
On 2/16/2015 10:29 PM, Viktor Dukhovni wrote:
smtp_tls_cert_file = /root/ssl/certs/$mydomain.mail.pem
smtp_tls_key_file = /root/ssl/private/$mydomain.mail.key
Are there any
Am 19.02.2015 um 13:22 schrieb John:
On 2/19/2015 6:49 AM, Richard James Salts wrote:
On Thu, 19 Feb 2015 06:32:29 John wrote:
On 2/16/2015 10:29 PM, Viktor Dukhovni wrote:
smtp_tls_cert_file = /root/ssl/certs/$mydomain.mail.pem
smtp_tls_key_file = /root/ssl/private/$mydomain.mail.key
Are th
On 2/19/2015 7:48 AM, li...@rhsoft.net wrote:
Am 19.02.2015 um 13:30 schrieb John:
On 2/19/2015 6:35 AM, li...@rhsoft.net wrote:
Am 19.02.2015 um 12:32 schrieb John:
On 2/16/2015 10:29 PM, Viktor Dukhovni wrote:
smtp_tls_cert_file = /root/ssl/certs/$mydomain.mail.pem
smtp_tls_key_file = /roo
Am 19.02.2015 um 14:11 schrieb John:
On 2/19/2015 7:48 AM, li...@rhsoft.net wrote:
Am 19.02.2015 um 13:30 schrieb John:
On 2/19/2015 6:35 AM, li...@rhsoft.net wrote:
Am 19.02.2015 um 12:32 schrieb John:
On 2/16/2015 10:29 PM, Viktor Dukhovni wrote:
smtp_tls_cert_file = /root/ssl/certs/$mydo
On 2/19/2015 8:18 AM, li...@rhsoft.net wrote:
Am 19.02.2015 um 14:11 schrieb John:
On 2/19/2015 7:48 AM, li...@rhsoft.net wrote:
Am 19.02.2015 um 13:30 schrieb John:
On 2/19/2015 6:35 AM, li...@rhsoft.net wrote:
Am 19.02.2015 um 12:32 schrieb John:
On 2/16/2015 10:29 PM, Viktor Dukhovni wro
We have lots of these in the logs
warning: TLS library problem:
15696:error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate
unknown:s3_pkt.c:1256:SSL alert number 46:
Should I be worried
?
Thanks
Steve
Am 19.02.2015 um 16:53 schrieb st...@thornet.co.uk:
We have lots of these in the logs
warning: TLS library problem: 15696:error:14094416:SSL
routines:SSL3_READ_BYTES:sslv3 alert certificate
unknown:s3_pkt.c:1256:SSL alert number 46:
Should I be worried?
without the realted loglines above an
On Thu, Feb 19, 2015 at 03:53:13PM -, st...@thornet.co.uk wrote:
> We have lots of these in the logs
>
> warning: TLS library problem:15696:error:14094416:
> SSL routines:SSL3_READ_BYTES:
> sslv3 alert certificate unknown:
> s3_pkt.c:1256:
> SSL alert number 46:
>
> Should I be worried
> * This is logged by your smtpd(8) server.
>
>
* A small set of organizations operate remote SMTP clients that
> trigger this warning when sending email to you. Most
inbound
> mail uses TLS without generating said warning.
>
[snip]
Viktor
Thanks very much for your fulsome
On Thu, Feb 19, 2015 at 04:29:51PM -, st...@thornet.co.uk wrote:
> Thanks very much for your fulsome response.
> I'll do some more checking
Note: :-)
fulsome: adjective
1 complimentary or flattering to an excessive degree: 'the press
are embarrassingly fulsome in their appreci
> 2 of large size or quantity; generous or abundant:
Definitely meant as above.
Steve
Hi All
I am looking for a way to block access to an alias ( i.e stuff@domain )
apart from a selected few users
Is this doable?
Thanks
Adam
--
View this message in context:
http://postfix.1071664.n5.nabble.com/Block-access-to-alias-apart-from-list-of-users-tp75039.html
Sent from the Postfix
On 2/19/2015 1:23 PM, ab wrote:
> Hi All
>
> I am looking for a way to block access to an alias ( i.e stuff@domain )
> apart from a selected few users
>
> Is this doable?
>
> Thanks
> Adam
The general idea is outlined here:
http://www.postfix.org/RESTRICTION_CLASS_README.html#internal
--
I have a barracuda spam firewall that my postfix setup simply relays emails to
for scanning, via the transport file. The problem I have is when the barracuda
device rejects the message(s), they sit in the queue with either "no connection
to host" or "connection reset/refused". Is there a way t
Thanks for the link
I have a few questions about it.
Would i have to a list of all alias and then specify who can send to them or
can i do it for just one alias?
Thanks
Adam
--
View this message in context:
http://postfix.1071664.n5.nabble.com/Block-access-to-alias-apart-from-list-of-users-t
Am 19.02.2015 um 20:32 schrieb Vernon Fort:
I have a barracuda spam firewall that my postfix setup simply relays
emails to for scanning, via the transport file
complete wrong setup - the barracuda crap (we used it for nearly a
decade and it became unacceptable for so much reaosns) is deigned
On 2/19/2015 1:37 PM, ab wrote:
> Thanks for the link
>
> I have a few questions about it.
>
> Would i have to a list of all alias and then specify who can send to them or
> can i do it for just one alias?
>
> Thanks
> Adam
If all the aliases have the same list of allowed users, then you can
j
besides that a off-list reply is rude and "I mean really 100 % Mails
containing certain words" is laughable - if it would be *that* easy spam
won't exist
> The disadvantage of REJECT is that you tell the spammer "hey there
> is a spam filter there" and the spammer will make their ways
> around
On Thu, Feb 19, 2015 at 09:36:08PM +0100, li...@rhsoft.net wrote:
> > The disadvantage of REJECT is that you tell the spammer "hey there
> > is a spam filter there" and the spammer will make their ways
> > around it.
>
> is *complete bullshit* and if you would have any clue about spam ...
I thi
We would like to use the Cassandra database to persist the state of
abusive IPs which we would block from connecting in one of the
smtpd_xxx_restrictions clauses. We have systems that exist in multiple
data centers and Cassandra works really well for persisting data between
them, but Postfix d
Am 19.02.2015 um 23:20 schrieb List:
We would like to use the Cassandra database to persist the state of
abusive IPs which we would block from connecting in one of the
smtpd_xxx_restrictions clauses. We have systems that exist in multiple
data centers and Cassandra works really well for persist
Am 19.02.2015 um 23:10 schrieb Viktor Dukhovni:
On Thu, Feb 19, 2015 at 09:36:08PM +0100, li...@rhsoft.net wrote:
The disadvantage of REJECT is that you tell the spammer "hey there
is a spam filter there" and the spammer will make their ways
around it.
is *complete bullshit* and if you woul
>> second: read the reply i gave the OP which *was* helpful
Not sure if *you're doing it wrong* was helpful but we put the barracuda front
facing which solved the problem. I tried several body checks but I don't think
that would have help either way. Since the reject requeues the original
mes
On Wed, Feb 4, 2015 at 9:24 AM, Leonardo Rodrigues wrote:
> On 04/02/15 12:41, Wietse Venema wrote:
>
>>
>> Use postfwd, set a rule that triggers with too many recipients
>> per SASL login. http://www.postfwd.org/
>>
>> Wietse
>>
>
> Policyd can also do that, check both.
>
> http://w
On Thu, Feb 19, 2015 at 11:32:34PM +0100, li...@rhsoft.net wrote:
> >Final warning, you will be dropped from the list (again) if you do
> >not tone down your responses, or choose to contest this notice.
>
> nice style: i attack you but you are not allowed to respond
You'll be gone soon. You can
li...@rhsoft.net:
> nice style: i attack you but you are not allowed to respond
Reindl, enough. You are often the first to respond to a posting,
and unfortunately your tone is detrimental to the climate on this
mailing list. Do not come back. Your style is very easy to recognize.
Wietse
Dave Jones:
> Feb 19 16:55:12 smtp1 postfwd[27034]: [RULES] rule=4, id=RCPTCNT1,
> queue=C2B7433E7CE, client=unknown[172.27.0.203], sender=<
> r...@server1.example.com>, recipient=, helo=<
> server1.example.com>, proto=ESMTP, state=END-OF-MESSAGE, delay=0.00s,
> hits=RCPTCNT1, action=PREPEND X-Rcpt
On Thu, Feb 19, 2015 at 04:20:17PM -0600, List wrote:
> We would like to use the Cassandra database to persist the state of abusive
> IPs which we would block from connecting in one of the
> smtpd_xxx_restrictions clauses. We have systems that exist in multiple data
> centers and Cassandra works
35 matches
Mail list logo