Wietse Venema:
> This week I implemented a memcache client for Postfix in the hope
> that it would be useful to share postscreen(8) or verify(8) caches
> among multiple MTAs.
>
> The implementation is based on libmemcache. This was not too much
> work, given a few examples (libmemcache is under
Viktor Dukhovni:
> On Fri, Dec 09, 2011 at 07:47:08AM -0500, Wietse Venema wrote:
>
> > lst_ho...@kwsoft.de:
> > > I don't know the Postfix internals but if it where easy *and* safe to
> > > implement it would have been done already from someone feeling the
> > > need to do so.
> >
> > A quic
On Fri, Dec 09, 2011 at 07:47:08AM -0500, Wietse Venema wrote:
> lst_ho...@kwsoft.de:
> > I don't know the Postfix internals but if it where easy *and* safe to
> > implement it would have been done already from someone feeling the
> > need to do so.
>
> A quick search shows that trivial-rewri
On 12/9/11 1:36 PM, /dev/rob0 wrote:
> On Friday 09 December 2011 14:23:01 Philip Prindeville wrote:
>> On 12/9/11 11:39 AM, Grant wrote:
> Philip:
Now whenever you upgrade Squirrelmail to something current,
you can pass your free time trying to figure out how to get
it to do STARTTL
On Friday 09 December 2011 14:23:01 Philip Prindeville wrote:
> On 12/9/11 11:39 AM, Grant wrote:
Philip:
> >> Now whenever you upgrade Squirrelmail to something current,
> >> you can pass your free time trying to figure out how to get
> >> it to do STARTTLS. :-)
> >
> > No need. Squirrelmail co
On 12/9/11 11:39 AM, Grant wrote:
>>> I should add that I took Noel's advice and Thunderbird is connecting
>>> remotely to 587 and Squirrelmail is connecting locally to 587 without
>>> encryption or authentication. The above config pertains to that
>>> arrangement.
>>>
>>> - Grant
>>
>>
>> Now whe
* Jeroen Geilman :
> I am in no way implying that you did anything wrong!
I wholeheartedly agree with your last posting :)
> It's just that I cringe every time I see this enabled and when I ask
> after it the answer is usually a variant on "oh it's a security
> option offered by a Cisco firewal
Alfonso Alejandro Reyes Jimenez:
> As far as I know it just "limit" the commands that you can send
> to the mail server, you just have to be sure if you are using ESMTP
> or SMTP. Here's the link explaining how it works.
Well, that is how it is supposed to work.
In reality, the code has a history
As far as I know it just "limit" the commands that you can send to the mail
server, you just have to be sure if you are using ESMTP or SMTP. Here's the
link explaining how it works.
All the customers of our company uses that inspect, the common issue is with
proofpoint. Every other MTA is accep
On 2011-12-09 19:57, Ralf Hildebrandt wrote:
* Jeroen Geilman:
On 2011-12-08 09:53, Ralf Hildebrandt wrote:
Over the last few days I discussed SMTP delivery problems with a czech
site which was using Postfix and a CISCO ASA with "smtp protocol
fixup" enabled.
smtp fixup is evil and should have
* Jeroen Geilman :
> On 2011-12-08 09:53, Ralf Hildebrandt wrote:
> >Over the last few days I discussed SMTP delivery problems with a czech
> >site which was using Postfix and a CISCO ASA with "smtp protocol
> >fixup" enabled.
>
> smtp fixup is evil and should have died out years ago.
No shit, sh
On 2011-12-08 09:53, Ralf Hildebrandt wrote:
Over the last few days I discussed SMTP delivery problems with a czech
site which was using Postfix and a CISCO ASA with "smtp protocol
fixup" enabled.
smtp fixup is evil and should have died out years ago.
People who still use it have no clue how t
>> I should add that I took Noel's advice and Thunderbird is connecting
>> remotely to 587 and Squirrelmail is connecting locally to 587 without
>> encryption or authentication. The above config pertains to that
>> arrangement.
>>
>> - Grant
>
>
> Now whenever you upgrade Squirrelmail to something
On 12/9/11 2:26 AM, Reindl Harald wrote:
> well, as long thunderbird offers STARTTLS or SSL and for SSL 465 as
> default and as long 465 does not eat anybodys children
It kicked my dog once...
On 12/9/11 8:07 AM, Grant wrote:
> I should add that I took Noel's advice and Thunderbird is connecting
> remotely to 587 and Squirrelmail is connecting locally to 587 without
> encryption or authentication. The above config pertains to that
> arrangement.
>
> - Grant
Now whenever you upgrade
>> master.cf:
>>
>> submission inet n - n - - smtpd
>> -o smtpd_sasl_auth_enable=yes
>> -o
>> smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
>>
You should also have:
smtpd_tls_security_lev
On 12/9/2011 10:15 AM, Grant wrote:
> master.cf:
>
> submission inet n - n - - smtpd
> -o smtpd_sasl_auth_enable=yes
> -o
> smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
>
>>>
>>> You should also have:
>>>
>
>> It was also repeatedly suggested that I switch to exactly the
>> arrangement that I've switched to.
>
>
> No, that was only presented as an option (there is always more than one way
> to skin a cat).
>
> Doing it the way you did it makes your primary submission port *less*
> secure, *just* so yo
On 2011-12-09 11:25 AM, Grant wrote:
It was also repeatedly suggested that I switch to exactly the
arrangement that I've switched to.
No, that was only presented as an option (there is always more than one
way to skin a cat).
Doing it the way you did it makes your primary submission port *l
>> Thank you but if I do that I won't be able to connect from
>> Squirrelmail which does not currently support STARTTLS. Squirrelmail
>> is on the same machine as postfix so TLS isn't necessary there anyway.
>
>
> Which is why it was repeatedly suggested to you to continue to use port 465
> (smtps
On 2011-12-09 11:12 AM, Grant wrote:
Thank you but if I do that I won't be able to connect from
Squirrelmail which does not currently support STARTTLS. Squirrelmail
is on the same machine as postfix so TLS isn't necessary there anyway.
Which is why it was repeatedly suggested to you to contin
master.cf:
submission inet n - n - - smtpd
-o smtpd_sasl_auth_enable=yes
-o
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
>>
>> You should also have:
>>
>> smtpd_tls_security_level=encrypt
>>
>> for t
>>> master.cf:
>>>
>>> submission inet n - n - - smtpd
>>> -o smtpd_sasl_auth_enable=yes
>>> -o
>>> smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
>
>
> You should also have:
>
> smtpd_tls_security_level=encrypt
>
> for the submission s
On 12/9/2011 10:04 AM, Charles Marcus wrote:
> On 2011-12-09 10:07 AM, Grant wrote:
>>> master.cf:
>>>
>>> submission inet n - n - - smtpd
>>> -o smtpd_sasl_auth_enable=yes
>>> -o
>>> smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
>>>
On 2011-12-09 10:07 AM, Grant wrote:
master.cf:
submission inet n - n - - smtpd
-o smtpd_sasl_auth_enable=yes
-o
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
You should also have:
smtpd_tls_security_level=encrypt
for the subm
>> You can use SquirrelMail on 587. It doesn't work right now because
>> of your smtpd_security_level=encrypt. You could change your
>> submission restrictions to something like
>> -o smtpd_security_level=may
>> -o mynetworks=127.0.0.1
>> -o smtpd_tls_auth_only=yes
>> -o
>> smtpd_recipient_res
* Wietse Venema [2011-12-09 13:47]:
> A quick search shows that trivial-rewrite server has no "fatal"
> errors - it reports all errors that it can detect to the client (in
> this case smtpd(8)).
>
> However there is one low-level library module (match_ops) that
> exits the program with a "fatal"
On 12/9/2011 5:05 AM, Tom Kinghorn wrote:
> Good afternoon List.
>
> Apologies for posting again.
>
> I have a strange issue with my sender_access_maps where the DISCARD
> & REJECTS work as expected, yet a hold does not
>
> I am seeing this in the logs.
>
> Dec 9 12:57:39 mx1 postfix/smtpd[395
lst_ho...@kwsoft.de:
> I don't know the Postfix internals but if it where easy *and* safe to
> implement it would have been done already from someone feeling the
> need to do so.
A quick search shows that trivial-rewrite server has no "fatal"
errors - it reports all errors that it can detect t
On Friday, December 09, 2011 at 10:46:48 UTC, f.bon...@esiee.fr confabulated:
> Hello
> I actually have one instance running on a host
> running as send only with SASL/TLS to let users
> relay their emails from external world, it runs
> on one IP adress.
> The host has two IP addresses on two et
Good afternoon List.
Apologies for posting again.
I have a strange issue with my sender_access_maps where the DISCARD
& REJECTS work as expected, yet a hold does not
I am seeing this in the logs.
Dec 9 12:57:39 mx1 postfix/smtpd[395]:
NOQUE
Hello
I actually have one instance running on a host
running as send only with SASL/TLS to let users
relay their emails from external world, it runs
on one IP adress.
The host has two IP addresses on two ethernet
interfaces and I would like to run another postfix
instance on the OTHER IP address
Use the search of this list, repeatedly discussed
On 9 December 2011 13:32, Amira Othman wrote:
> Hi all
>
> I am using postfix 2.8 and I want to limit number of messages that will be
> sent to certain domain as yahoo or hotmail. How can I do that?
>
> ** **
>
> Regards
>
--
Кири
Hi all
I am using postfix 2.8 and I want to limit number of messages that will be
sent to certain domain as yahoo or hotmail. How can I do that?
Regards
Am 09.12.2011 03:44, schrieb Philip Prindeville:
> On 12/8/11 5:33 PM, Reindl Harald wrote:
>>
>>> Got it. I misunderstood you before. May I ask why using 465 for
>>> Thunderbird and Squirrelmail would be better than 587 for Thunderbird
>>> and 25 for Squirrelmail talking to localhost?
>>
>> th
Zitat von Sebastian Wiesinger :
* lst_ho...@kwsoft.de [2011-12-08 14:46]:
>And I had hoped that perhaps this would be an improvement to postfix.
>Sadly it seems it was some kind of blasphemy to question the way
>postfix does handle this stuff.
No, it means until now no one needs this so impor
36 matches
Mail list logo
