Re: NOTIFY=SUCCESS on lmtp

On Jul 26, 2017, at 8:36 AM, Matus UHLAR - fantomas wrote: I have read the DSN README, and I'm searching if there's a better alternative than disabling DSNs at all. On 26.07.17 10:59, Viktor Dukhovni wrote: My advice is to disable DSN at the edge of each administrative

Re: DNS records, mail servers, and domains

On Wed, Jul 26, 2017 at 10:08 Viktor Dukhovni wrote: > > On Jul 26, 2017, at 10:28 AM, Tom Browder wrote: > > Now my question: is there any future benefit to having tls certs for a > host name of "smtp.domain.tld" for each "domain.tld" when

Re: DNS records, mail servers, and domains

> On Jul 26, 2017, at 10:28 AM, Tom Browder wrote: > > Now my question: is there any future benefit to having tls certs for a host > name of "smtp.domain.tld" for each "domain.tld" when all domains will have > the same mail server? No, for inbound mail a single MX

Re: What's a better error code than 554 to get a sending server to stop retrying?

> Any 5xx code is supposed to say that That's clear now that's how it's supposed to work. > Whether the recipient of the remote site's resulting bounce message is paying > attention is another matter. That's the actual problem here I think. > You're now down to something like Kevin

Re: Use 1 TLS certificate for multiple domains

> On Jul 26, 2017, at 6:01 AM, Z3us Linux wrote: > > I'm running Postfix with MailScanner as a spamfilter for multiple > domains/customers. > Is it possible to create a TLS configuration to force encryption for a set of > domains with one 1 SSL certificate for the FQDN

Re: Enforce TLS to MX

Hi Viktor, thank you for your detailed explanations. Greetings, Frank

DNS records, mail servers, and domains

I have been soliciting help from this list for some time now in the process of planning my new single-server, multi-domain web and mail server, with domains 'domain1.tld1' through 'domainN.tldN'. I have been experimenting with Lets Encrypt clients with mixed success, and, as of this morning,

Re: What's a better error code than 554 to get a sending server to stop retrying?

robg...@nospammail.net wrote: I have a milter set up to REJECT on some body content. It works like it should and REJECTS with the message Jul 25 14:41:13 mariner postfix/handoff/smtpd[56542]: proxy-reject: END-OF-MESSAGE: 554 5.7.1 id=12969-07 - Rejected by next-hop MTA on relaying,

Re: Protecting mail addresses using check_sasl_access

On 26/7/2017 2:09 μμ, Nikolaos Milas wrote: /etc/postfix/protected_destinations: privlist1@example.comallowed_list1 privlist1@example.comallowed_list1 privlist1@example.comallowed_list1 Hmm, sorry, this part was meant to be: /etc/postfix/protected_destinations:

NOTIFY=SUCCESS on lmtp

Hello, I maintain multiple postfix servers with LMTP content filter set up. last week we started receiving much spam that requests NOTIFY=SUCCESS which results in many queued DSNs. I got the idea of avoid notifications when they reach particular spam score. My problem is, that on (at least)

Xforward with amavisd

Firstly here is the relevant config: main.cf: smtp_send_xforward_command=yes content_filter = amavisfeed:[127.0.0.1]:10024 master.cf: smtp inet n - n - - smtpd -o content_filter=smtp-amavis:[127.0.0.1]:10024 smtp-amavis unix - - - - 2

Protecting mail addresses using check_sasl_access

Hello, Since Postfix is now (since v2.11) providing more extensive sasl access restrictions, we are considering using the following model to protect particular addresses so that only specific users can send mail to them: /etc/postfix/main.cf: ... allowed_list1=

Use 1 TLS certificate for multiple domains

I'm running Postfix with MailScanner as a spamfilter for multiple domains/customers. Is it possible to create a TLS configuration to force encryption for a set of domains with one 1 SSL certificate for the FQDN of the mailserver? The MX-records of the hosted domains are pointing to my mailserver