Re: Rebuilding mail server from scratch

On Sat, December 30, 2017 3:51 am, Wietse Venema wrote: > You should be able to build the new Postfix, use the old config > files, do 'postfix upgrade-configuration", and look for warnings while > Postfix handles email for several days, about things that > might break when you were to set

backwards compatibility questions 2.1 to 3.x

I have 3.2.4 with /etc/postfix from 2.1, virtual domain/virtual users in mysql have not as yet set "postconf compatibility_level=2", "Postfix is running with backwards-compatible default settings" grep backward /var/log/maillog* (apart from warning about it) gives: /var/log/maillog: Dec 25

stupid question about removing maildir attachments

Hi list, A bit offtopic, but I need cli-tool to remove attachments from specific maildir messages, so how to do that? Eero

Re: TLS session tickets versus TLS session cache

> On Dec 29, 2017, at 1:54 PM, J Doe wrote: > > I have noticed in the Postfix documentation (man 5 postconf), that the > smtpd_tls_session_cache_database parameter notes: > > “As of Postfix 2.11 the preferred mechanism for session resumption is RFC > 5077 TLS

TLS session tickets versus TLS session cache

Hi, I have noticed in the Postfix documentation (man 5 postconf), that the smtpd_tls_session_cache_database parameter notes: “As of Postfix 2.11 the preferred mechanism for session resumption is RFC 5077 TLS session tickets...for Postfix >= 2.11 this parameter should generally be left empty”

Re: question on fallback transport usage

> On Dec 29, 2017, at 1:18 PM, l carr wrote: > > One question from your email: > > - We're not sure what you mean by a list of valid recipients A complete list of the email addresses that exist in the domain, allowing you to definitively reject email messages

Re: question on fallback transport usage

Thank you, Viktor. We will try your recommended configuration. One question from your email: - We're not sure what you mean by a list of valid recipients so I'll state - In our scenario, the Postfix server is an intermediary server, and not accessible from outside of our IP space. Mail that

Re: question on fallback transport usage

I see that both you and Viktor responded to my posting, thank you. While Viktor provided a potential solution, I am answering your questions here in case this information is still relevant to the issue. - To be 'undeliverable' means the entry exists in the LDAP but either the entry is

Re: Rebuilding mail server from scratch

Viktor Dukhovni: > > > > On Dec 29, 2017, at 11:51 AM, Wietse Venema wrote: > > > > I think the biggest break is smtpd_relay_restrictions because that > > was introduced before the compatibility_level safety net. You may > > have to explictly set smtpd_relay_restrictions

Re: Rebuilding mail server from scratch

> On Dec 29, 2017, at 11:51 AM, Wietse Venema wrote: > > I think the biggest break is smtpd_relay_restrictions because that > was introduced before the compatibility_level safety net. You may > have to explictly set smtpd_relay_restrictions to empty. The default is:

Re: Rebuilding mail server from scratch

Stephen Satchell: > So, a question: is there a best-practices guide, manual, or book that > describes how to set up all the modern goodies like DKIM and TLS? What > I found thus far: You should be able to build the new Postfix, use the old config files, do 'postfix upgrade-configuration", and

Rebuilding mail server from scratch

OK, I've been using Postfix for, um, years. In fact, the current server has been running -- and is *still* running -- on CentOS 4 for more than a decade -- a distribution that's been moribound since early 2012. Still on PostFix 2.2.10, which is WAY past the sell-by date. I'm so far into

Re: Outlook 2010 smtp auth probs ?

> On Dec 29, 2017, at 9:43 AM, @lbutlr wrote: > > As I understand it port 465 was deprecated 20 years ago. Strangely enough, it may get a second life: https://tools.ietf.org/html/draft-ietf-uta-email-deep-12#section-3

Re: Outlook 2010 smtp auth probs ?

On 29 Dec 2017, at 02:18, Matus UHLAR - fantomas wrote: > ssl usually means port 465 with implicit SSL, while 587 requires explicit > ssl (aka starttls). As I understand it port 465 was deprecated 20 years ago. It holds on in some servers because old versions (like pre 2010)

Re: Outlook 2010 smtp auth probs ?

>> so, it connects on port 25...? > > apparently - did you look to master.cf if there's "-o syslog_name" option > in the submission service? Matus, thanks for your help no, no syslog: # grep syslog master.cf # BUT, I got the user to EDIT her existing account and, alter server host names from

Re: Outlook 2010 smtp auth probs ?

On 29.12.17 20:47, Voytek wrote: On Fri, December 29, 2017 8:18 pm, Matus UHLAR - fantomas wrote: ssl usually means port 465 with implicit SSL, while 587 requires explicit ssl (aka starttls). with Outlook 2010, it has: none/tls/ssl/auto so it's the same as 2007. TLS means starttls and

Re: Outlook 2010 smtp auth probs ?

On Fri, December 29, 2017 8:18 pm, Matus UHLAR - fantomas wrote: > ssl usually means port 465 with implicit SSL, while 587 requires explicit > ssl (aka starttls). with Outlook 2010, it has: none/tls/ssl/auto so, I've tried tls as well as ssl, just in case > However, with default

Re: Outlook 2010 smtp auth probs ?

On 29.12.17 15:32, Voytek wrote: smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unlisted_recipient, permit_mynetworks, check_sasl_access hash:/etc/postfix/sasl_access

Re: report from google relate to failed dkim

You are still top-posting please don't... See bottom for my reply... On 29 December 2017 at 06:21, Poliman - Serwis wrote: > But "signing domain" and domain in "From" will never be matched. Server has > own domain s1.domain.net. On this server are hosted few websites. These