Re: [Feature-request] (smtpd_)milter_exceptions

2016-11-03 Thread Christian Rößner
> Am 02.11.2016 um 21:45 schrieb Christian Rößner > : > >> Am 01.11.2016 um 13:48 schrieb Wietse Venema : >> >> Christian Ro??ner: >>> Am 25.10.2016 um 08:22 schrieb Wietse Venema : Wietse Venema:

Re: How to write pcre rules to exclude attachment?

2016-11-03 Thread Ralph Seichter
On 03.11.2016 04:45, vod vos wrote: > HOW can we just receive just such as .jpg .png .mp4 and reject all > other attachment in a short regexp to do the job? That's not something that can be handled with a "short regexp". I suggest you look into amavisd-new or other content filters which work in

Ubuntu 16.04lts & ssl unknown states

2016-11-03 Thread Florian Piekert
Good morning everybody, I was wondering for quite some weeks now how to fix this issue with my postfix. I had a brief discussion with Ralf Hildebrandt and he suggested asking via the users lists, that's what I am doing now. I have the situation that the PF currently doesn't seem to get proper

Re: Getting false unknown user errors

2016-11-03 Thread @lbutlr
On 01 Nov 2016, at 03:15, wilfried.es...@essignetz.de wrote: > > /etc/postfix/main.cf: >content_filter = scan:localhost:10025 >receive_override_options = no_address_mappings > > (from http://www.postfix.org/FILTER_README.html#advanced_filter) > > And remove no_address_mappings from your

Re: How to write pcre rules to exclude attachment?

2016-11-03 Thread @lbutlr
On 02 Nov 2016, at 21:45, vod vos wrote: > HOW can we just receive just such as .jpg .png .mp4 and reject all other > attachment in a short regexp to do the job? While you *CAN* do this (As Noel shows) you should not. Not only will you end up wit a maintenance nightmare, but

RE: Ubuntu 16.04lts & ssl unknown states

2016-11-03 Thread Fazzina, Angelo
Hi Florian, I am curious if you ran a basic telnet test of your SSL config, trying to connect over port 465 or 587 ? Sorry for not reading your attachments. I am attaching one file of the command and its output, showing example test over both ports. Does your postfix respond like my example or

Re: Ubuntu 16.04lts & ssl unknown states

2016-11-03 Thread Florian Piekert
Am 03.11.2016 um 14:26 schrieb Fazzina, Angelo: Hello Angelo, please find attached my output, looks pretty good to me, similar to yours. > Hi Florian, > I am curious if you ran a basic telnet test of your SSL config, trying to > connect over port 465 or 587 ? > Sorry for not reading your

Re: Ubuntu 16.04lts & ssl unknown states

2016-11-03 Thread Ralf Hildebrandt
* Florian Piekert : > Nov 3 08:50:30 blueberry postfix/tlsproxy[8057]: SSL_accept:unknown state I checked my logs and couldn't find any log entries like the one above. Hm, I am not using smtp(d)_tls_loglevel=2, but 1. > smtp_tls_loglevel = 2 > smtpd_tls_loglevel = 2 --

Re: Ubuntu 16.04lts & ssl unknown states

2016-11-03 Thread Wietse Venema
Florian Piekert: > ==> mail/mail.log <== > Nov 3 08:50:29 blueberry postfix/tlsproxy[8057]: CONNECT from > [2a01:111:f400:fe02::31f]:39552 Does it make a difference after: postconf \ 'postscreen_bare_newline_enable = no' \ 'postscreen_non_smtp_command_enable = no' \

Re: Ubuntu 16.04lts & ssl unknown states

2016-11-03 Thread Florian Piekert
Am 03.11.2016 um 15:58 schrieb Wietse Venema: > postconf \ > 'postscreen_bare_newline_enable = no' \ > 'postscreen_non_smtp_command_enable = no' \ > 'postscreen_pipelining_enable = no' > > postfix reload Nov 3 16:03:51 blueberry postfix/smtp[12959]: SSL_connect:before/connect

Any suggestions to the configurations of the mail server?

2016-11-03 Thread vod vos
Hi lists: My needs: 1. serving as a mail server of a friend's web site. 2. TLS encrypt only, auth plain 3. 587 for client sending mails, 995 pop3s for client receiving mails, 25 for server sending and receiving mails 4. amavis-new 5. spamassassin 6. spf check 7. dmarc 8. opendkim

Re: Ubuntu 16.04lts & ssl unknown states

2016-11-03 Thread Viktor Dukhovni
On Thu, Nov 03, 2016 at 12:48:01PM +0100, Florian Piekert wrote: > Good morning everybody, > > I was wondering for quite some weeks now how to fix this issue with my > postfix. I had a brief discussion with Ralf Hildebrandt and he suggested > asking via the users lists, that's what I am doing

Re: Ubuntu 16.04lts & ssl unknown states

2016-11-03 Thread Viktor Dukhovni
> On Nov 3, 2016, at 12:29 PM, Viktor Dukhovni > wrote: > > # grep "tlsproxy/\[$pid\]" /var/log/mail.log | tail Oops, misplaced '/' there, it should of course be: # grep "/tlsproxy\[$pid\]" /var/log/mail.log | tail -- Viktor.

Re: Ubuntu 16.04lts & ssl unknown states

2016-11-03 Thread Florian Piekert
Am 03.11.2016 um 17:29 schrieb Viktor Dukhovni: Hello Viktor, Wietse and everybody, since there is no tlsproxy running at the moment (removed the modifications from Wietse and restarted pf, let's wait...?) I can't provide that output at the moment. Or do you have a suggestion how to get one up

test address expansion with LDAP mapping

2016-11-03 Thread Stephen Ingram
I found a way to test the expansion of normal .db maps: postmap -q testuser 'postconf -h virtual_alias_maps' however, it doesn't seem to work with LDAP maps. Is there a way to test those as well? Steve

Re: test address expansion with LDAP mapping

2016-11-03 Thread btb
On Nov 03, 2016, at 14.12, Stephen Ingram wrote: > > I found a way to test the expansion of normal .db maps: > > postmap -q testuser 'postconf -h virtual_alias_maps' > > however, it doesn't seem to work with LDAP maps. Is there a way to test those > as well? it's worked

Re: Ubuntu 16.04lts & ssl unknown states

2016-11-03 Thread Viktor Dukhovni
On Thu, Nov 03, 2016 at 06:05:50PM +0100, Florian Piekert wrote: > Since there is no tlsproxy running at the moment (removed the modifications > from Wietse and restarted pf, let's wait...?) I can't provide that output > at the moment. Or do you have a suggestion how to get one up & running? You

Re: test address expansion with LDAP mapping

2016-11-03 Thread Noel Jones
On 11/3/2016 1:12 PM, Stephen Ingram wrote: > I found a way to test the expansion of normal .db maps: > > postmap -q testuser 'postconf -h virtual_alias_maps' > > however, it doesn't seem to work with LDAP maps. Is there a way to > test those as well? > > Steve Yes, it works with LDAP maps.

Re: Ubuntu 16.04lts & ssl unknown states

2016-11-03 Thread Florian Piekert
Am 03.11.2016 um 20:57 schrieb Viktor Dukhovni: Hello Viktor, you are correct, it is compiled & install from the source, like I did the last ten+? years on all of my machines. No issues on ubuntu 14.04, opensuse, or others. Only on 16.04. it causes me a pain. I installed postfix from scratch

Re: Ubuntu 16.04lts & ssl unknown states

2016-11-03 Thread Viktor Dukhovni
On Thu, Nov 03, 2016 at 09:38:39PM +0100, Florian Piekert wrote: > >> -rwxr-xr-x 1 root root 34768 Apr 13 2016 /usr/sbin/posttls-finger* > > > > Perhaps "posttls-finger" is left over from an earlier install? Did > > you build and install Postfix from source? > > posttls-finger most

Re: Getting false unknown user errors

2016-11-03 Thread Bill Cole
On 3 Nov 2016, at 8:34, @lbutlr wrote: On 01 Nov 2016, at 03:15, wilfried.es...@essignetz.de wrote: /etc/postfix/main.cf: content_filter = scan:localhost:10025 receive_override_options = no_address_mappings (from http://www.postfix.org/FILTER_README.html#advanced_filter) And remove

Fwd: New tool detects malicious websites before they cause harm

2016-11-03 Thread James Reynolds
I thought people on this list might find this interesting. James > From: National Science Foundation Update > Reply-To: > Date: Wednesday, November 2, 2016 at 9:45 AM > Subject: New tool detects malicious websites before they cause harm > > You are