timed server greeting

Hi I have a some problem with one user user have a sieve and forwarded all to own external server In log I found: status=deferred (delivery temporarily suspended: conversation with mta.domain.ltd[193.239.xxx.xxx] timed out while receiving the initial server greeting) for test I send him e-mail

Re: Certificate Postfix.org missing?

Sven Schwedas wrote: On 23.04.21 08:36, Nicky Thomassen wrote: But there is no need for that on a read-only site like Postfix'. In my opinion, anyway. It's only a read-only site as long as there's no man in the middle attack injecting malicious code into the connection. There's too few

Re: Speaking of Firefox and HTTP^H^H^H^HFTP...

Viktor Dukhovni: > I just updated Firefox to version 88, and now "ftp://; support is > disabled by default, and the plan is to remove support in Firefox 90. > > I've re-enabled it, will have to enjoy it to the max while it lasts... > > [ Wietse's upstream FTP site for Postfix source tarballs

Re: Change default reject message

Viktor Dukhovni: > > On Apr 23, 2021, at 11:10 AM, Wietse Venema wrote: > > > > Indeed. The reason is that email should not be lost when Postfix > > is down (system is booting up, or Postfix is down for maintenance). > > > > We could certainly add a policy callout for local submission. But > >

Re: Change default reject message

> On Apr 23, 2021, at 11:10 AM, Wietse Venema wrote: > > Indeed. The reason is that email should not be lost when Postfix > is down (system is booting up, or Postfix is down for maintenance). > > We could certainly add a policy callout for local submission. But > that is too much change for

Re: AW: AW: AW: Change default reject message

Wietse: > So this needs a quota check before Postfix expands aliases and other address > mappings. > > How does the Postfix SMTP server find out that a user is over quota? > Does it use check_policy_service, or does it use a transport map that > returns something like "error:user is over quota"?

Re: Certificate Postfix.org missing?

On 4/23/21 9:26 AM, Jaroslaw Rafa wrote: > > All these emails can - and usually do - perfectly pass SPF/DMARC check. So > it is a huge mistake to treat SPF/DMARC as an anti-spam measure and a > positive SPF/DMARC check as an indicator that the message is not spam. It > has nothing to do with the

Re: Certificate Postfix.org missing?

On 4/23/21 9:26 AM, Jaroslaw Rafa wrote: > Dnia 23.04.2021 o godz. 08:27:31 Phil Stracchino pisze: >> On 4/23/21 5:15 AM, Jaroslaw Rafa wrote: >>> However, "thanks" to Google and other >>> big e-mail providers who started to enforce that EVERY email send to them >>> must pass SPF/DMARC check - as

Re: Certificate Postfix.org missing?

Dnia 23.04.2021 o godz. 08:27:31 Phil Stracchino pisze: > On 4/23/21 5:15 AM, Jaroslaw Rafa wrote: > > However, "thanks" to Google and other > > big e-mail providers who started to enforce that EVERY email send to them > > must pass SPF/DMARC check - as a method of "antispam protection" (which it

AW: Change default reject message

Is it possible to check the quota status from the receiver in the pickup module with a sql query or something else to get the same behavior as when the mail passes the smtpd module? is it at all possible to create extended acceptance criteria for a locally delivered mail? Mit freundlichen Grüßen

Re: Change default reject message

> On Apr 23, 2021, at 1:33 PM, wrote: > > Is it possible to check the quota status from the receiver in the pickup > module with a sql query or something else to get the same behavior as when > the mail passes the smtpd module? No, pickup(8) needs to enqueue the message, it can then be bounced

Re: AW: Change default reject message

rud...@padaru.de: > Thank you for that explanaition, i appreciate that. > > So i need a quota check, before dovecot touch the mail, so that the > mail-client cant deliver the mail to postfix if that quota check isnt > succesfully. > > Something like that i have forced, as i explored postfix work

AW: AW: AW: Change default reject message

right, because the alias is only rewritten in the cleanup, but the service check already takes place in smtpd or? i store the alias and the local user in the database , through the user query the postfix can ask the dovecot for both. Mit freundlichen Grüßen Yours sincerely Pascal Rudolf

Re: Speaking of Firefox and HTTP^H^H^H^HFTP...

“…FTP lets me PUT files into a location…” Maybe I’m not tracking this correctly but I’ve never even considered doing FTP upload in a browser - I just don’t see the benefit to going that route. Seems to me there are far easier and more functional tools that do not require any script. An

Re: Speaking of Firefox and HTTP^H^H^H^HFTP...

This thread has wandered off topic. Please take it elsewhere. Wietse Antonio Leding: > ??FTP lets me PUT files into a location?? > > Maybe I?m not tracking this correctly but I?ve never even considered > doing FTP upload in a browser - I just don?t see the benefit to going > that

AW: AW: Change default reject message

The user management is done by Dovecot, so as soon as a user logs in, the user / password query is sent to a database, which also queries the quota. Since Postfix rewrites all alias email addresses to the local users, this works perfectly. Dovecot manages the local users + the quota in the

Re: Certificate Postfix.org missing?

IL Ka: I believe this is about http://www.postfix.org/ There is no https there. That's the one I meant, sorry I didn't include the www subdomain. I expexted www always to be included as a subdomain name as you can't predict which URL users will type in their

Re: AW: Change default reject message

rud...@padaru.de: > Is it possible to check the quota status from the receiver in the pickup > module with a sql query or something else to get the same behavior as when > the mail passes the smtpd module? There currenly is no such feaure, but I think that one could be added in Postfix 3.6. How

Re: Speaking of Firefox and HTTP^H^H^H^HFTP...

Because FTP lets me PUT files into a location without the hassle of setting up some kind of upload script, where you have to filter and tinker with permissions, so that you don't allow a malicious executable to be uploaded that can simply be run by visiting said file in a browser? Granted, a

AW: Change default reject message

Thank you for that explanaition, i appreciate that. So i need a quota check, before dovecot touch the mail, so that the mail-client cant deliver the mail to postfix if that quota check isnt succesfully. Something like that i have forced, as i explored postfix work flow, i have add the

AW: Change default reject message

Argh..it's getting late.. I mean: before postfix touch the message: " So i need a quota check, before dovecot touch the mail " Sry for spam Mit freundlichen Grüßen Yours sincerely Pascal Rudolf  -Ursprüngliche Nachricht- Von: owner-postfix-us...@postfix.org Im Auftrag von

Re: AW: AW: Change default reject message

rud...@padaru.de: > Since Postfix rewrites all alias email addresses to the local users, this > works perfectly. Postfix calls Dovecot quota before Postfix aliases the recipient to a local user. How does Dovecot know what mailbox Postfix is asking about? Wietse

Re: Speaking of Firefox and HTTP^H^H^H^HFTP...

Exactly - I’ve always wondered why the fascination + hangup with FTP when one can just dump the exact same files into a directory (or even the same one) and serve it as http or https - a file is a file is a file - the protocol doesn’t care… - - - On 23 Apr 2021, at 7:58, Wietse Venema wrote:

AW: AW: AW: Change default reject message

Thank you for your time and replies. Actually i use the dovecot quota service: Dovecot conf: service quota-status { executable = quota-status -p postfix inet_listener { port = 12340 } client_limit = 1 } Postfix main.cf

Re: Speaking of Firefox and HTTP^H^H^H^HFTP...

On Thu, 22 Apr 2021 21:56:13 -0400 Viktor Dukhovni wrote: > I just updated Firefox to version 88, and now "ftp://; support is > disabled by default, and the plan is to remove support in Firefox 90. Palemoon forever! :) (Or any other browser you may fancy :) Luciano. -- /"\

AW: Change default reject message

I agree with you, i dont want produce late bounces. And thats my problem. For mails, who handeld by the smtpd ist works fine. But local Mails bypass the smtpd module, so also the smtpd_recipient_restrictions. Whats the way to cofigure postfix 'local' module to check the recipients quota bevore

Re: Certificate Postfix.org missing?

Thu, 22 Apr 2021 19:26:57 +0200 skrev Claus Assmann : > It would be nice if the people who write browsers don't try to force > their kind of "standards" on others... ("but you can get a free cert" > -- what happens when those browsers do not "accept" those free certs > anymore?) With the risk of

Re: Change default reject message

On 22 Apr 2021, at 12:49, Wietse Venema wrote: > rud...@padaru.de: >> Good evening, >> Unfortunately, I have to revisit my topic from back in the day >> >> Sending the proper reject-messages through the postfix works wonderfully, as >> long as it is an external sender. >> >> But now if a

AW: Change default reject message

Here you see my problem, i have enabled 'local'´s verbose mode in the master.cf postfix/local[28092]: queue_name: active postfix/local[28092]: queue_id: 1290D2F001C3 postfix/local[28092]: offset: 829 postfix/local[28092]: sender: postfix/local[28092]: recipient: postfix/local[28092]:

Re: Specific DNS server

Le 22/04/2021 à 21:14, Sonic a écrit : You could run Postfix in a container (LXC) on the host. It would have it's own IP and it's own resolv.conf. Would'nt the chroot feature built in postfix sufficient for this ?

Re: Certificate Postfix.org missing?

On 23.04.21 08:36, Nicky Thomassen wrote: But there is no need for that on a read-only site like Postfix'. In my opinion, anyway. It's only a read-only site as long as there's no man in the middle attack injecting malicious code into the connection. There's too few people who disable things

Re: Milters and policy

On 2021-04-23 11:44, Nick Tait wrote: On 3/04/21 3:14 pm, Simon Wilson wrote: Pypolicyd-spf then tags what has driven the result for later use: E.g. Apr  3 11:19:23 emp87 policyd-spf[1336326]: prepend Authentication-Results: mail.simonandkate.net; spf=pass (mailfrom) Apr  2 12:32:51 emp87

Re: Certificate Postfix.org missing?

On 4/23/21 5:15 AM, Jaroslaw Rafa wrote: > However, "thanks" to Google and other > big e-mail providers who started to enforce that EVERY email send to them > must pass SPF/DMARC check - as a method of "antispam protection" (which it > isn't, because spammer can have a perfectly valid SPF/DMARC

Re: Milters and policy

Pypolicyd-spf then tags what has driven the result for later use: E.g. Apr  3 11:19:23 emp87 policyd-spf[1336326]: prepend Authentication-Results: mail.simonandkate.net; spf=pass (mailfrom) Apr  2 12:32:51 emp87 policyd-spf[1255235]: prepend Authentication-Results: mail.simonandkate.net;

Re: Milters and policy

On 3/04/21 3:14 pm, Simon Wilson wrote: Pypolicyd-spf then tags what has driven the result for later use: E.g. Apr  3 11:19:23 emp87 policyd-spf[1336326]: prepend Authentication-Results: mail.simonandkate.net; spf=pass (mailfrom) Apr  2 12:32:51 emp87 policyd-spf[1255235]: prepend

Re: Speaking of Firefox and HTTP^H^H^H^HFTP...

On Fri, Apr 23, 2021 at 12:36:29AM -0400, Viktor Dukhovni wrote: > On Thu, Apr 22, 2021 at 10:41:14PM -0400, John Levine wrote: > > It appears that Viktor Dukhovni said: > > >[ Wietse's upstream FTP site for Postfix source tarballs will soon no > > > longer be browser-accessible. :-( ] > > > >

Re: Certificate Postfix.org missing?

Dnia 23.04.2021 o godz. 08:36:36 Nicky Thomassen pisze: > > With the risk of going off-topic, I do not see the reason for encrypting > everything on the internet from a more practical point of view, as it just > gives > overhead: It takes time to set up and maintain, takes processing power on

Re: AW: AW: Change default reject message

Dnia 23.04.2021 o godz. 08:32:06 rud...@padaru.de pisze: > > But postfix dont use these recipient_restrictions because the local mails > dont pass the smtpd. Is there something that can check the quota and runs as a milter and not a policy service? Because you could use such a thing in

Re: Change default reject message

Dnia 23.04.2021 o godz. 09:36:50 rud...@padaru.de pisze: > I agree with you, i dont want produce late bounces. And thats my problem. > > For mails, who handeld by the smtpd ist works fine. But local Mails bypass > the smtpd module, so also the smtpd_recipient_restrictions. But the local mails

AW: Change default reject message

I dont know if there a way to build an no-smtp milter. The local mails come from different users with different domains, this ones stay on my local mashine right, but my customers only know the 'real e-mail-adress' also the alias from the recipient and not the internal local username, so i cant