On Sat, December 30, 2017 3:51 am, Wietse Venema wrote:
> You should be able to build the new Postfix, use the old config
> files, do 'postfix upgrade-configuration", and look for warnings while
> Postfix handles email for several days, about things that
> might break when you were to set
I have 3.2.4 with /etc/postfix from 2.1, virtual domain/virtual users in
mysql
have not as yet set "postconf compatibility_level=2", "Postfix is running
with backwards-compatible default settings"
grep backward /var/log/maillog* (apart from warning about it) gives:
/var/log/maillog:
Dec 25
Hi list,
A bit offtopic, but I need cli-tool to remove attachments from specific
maildir messages, so how to do that?
Eero
> On Dec 29, 2017, at 1:54 PM, J Doe wrote:
>
> I have noticed in the Postfix documentation (man 5 postconf), that the
> smtpd_tls_session_cache_database parameter notes:
>
> “As of Postfix 2.11 the preferred mechanism for session resumption is RFC
> 5077 TLS
Hi,
I have noticed in the Postfix documentation (man 5 postconf), that the
smtpd_tls_session_cache_database parameter notes:
“As of Postfix 2.11 the preferred mechanism for session resumption is RFC 5077
TLS session tickets...for Postfix >= 2.11 this parameter should generally be
left empty”
> On Dec 29, 2017, at 1:18 PM, l carr wrote:
>
> One question from your email:
>
> - We're not sure what you mean by a list of valid recipients
A complete list of the email addresses that exist in the domain,
allowing you to definitively reject email messages
Thank you, Viktor. We will try your recommended configuration.
One question from your email:
- We're not sure what you mean by a list of valid recipients so I'll state - In
our scenario, the Postfix server is an intermediary server, and not accessible
from outside of our IP space. Mail that
I see that both you and Viktor responded to my posting, thank you. While Viktor
provided a potential solution, I am answering your questions here in case this
information is still relevant to the issue.
- To be 'undeliverable' means the entry exists in the LDAP but either the entry
is
Viktor Dukhovni:
>
>
> > On Dec 29, 2017, at 11:51 AM, Wietse Venema wrote:
> >
> > I think the biggest break is smtpd_relay_restrictions because that
> > was introduced before the compatibility_level safety net. You may
> > have to explictly set smtpd_relay_restrictions
> On Dec 29, 2017, at 11:51 AM, Wietse Venema wrote:
>
> I think the biggest break is smtpd_relay_restrictions because that
> was introduced before the compatibility_level safety net. You may
> have to explictly set smtpd_relay_restrictions to empty.
The default is:
Stephen Satchell:
> So, a question: is there a best-practices guide, manual, or book that
> describes how to set up all the modern goodies like DKIM and TLS? What
> I found thus far:
You should be able to build the new Postfix, use the old config
files, do 'postfix upgrade-configuration", and
OK, I've been using Postfix for, um, years. In fact, the current server
has been running -- and is *still* running -- on CentOS 4 for more than
a decade -- a distribution that's been moribound since early 2012.
Still on PostFix 2.2.10, which is WAY past the sell-by date.
I'm so far into
> On Dec 29, 2017, at 9:43 AM, @lbutlr wrote:
>
> As I understand it port 465 was deprecated 20 years ago.
Strangely enough, it may get a second life:
https://tools.ietf.org/html/draft-ietf-uta-email-deep-12#section-3
On 29 Dec 2017, at 02:18, Matus UHLAR - fantomas wrote:
> ssl usually means port 465 with implicit SSL, while 587 requires explicit
> ssl (aka starttls).
As I understand it port 465 was deprecated 20 years ago.
It holds on in some servers because old versions (like pre 2010)
>> so, it connects on port 25...?
>
> apparently - did you look to master.cf if there's "-o syslog_name" option
> in the submission service?
Matus,
thanks for your help
no, no syslog:
# grep syslog master.cf
#
BUT, I got the user to EDIT her existing account and, alter server host
names from
On 29.12.17 20:47, Voytek wrote:
On Fri, December 29, 2017 8:18 pm, Matus UHLAR - fantomas wrote:
ssl usually means port 465 with implicit SSL, while 587 requires explicit
ssl (aka starttls).
with Outlook 2010, it has: none/tls/ssl/auto
so it's the same as 2007. TLS means starttls and
On Fri, December 29, 2017 8:18 pm, Matus UHLAR - fantomas wrote:
> ssl usually means port 465 with implicit SSL, while 587 requires explicit
> ssl (aka starttls).
with Outlook 2010, it has: none/tls/ssl/auto
so, I've tried tls as well as ssl, just in case
> However, with default
On 29.12.17 15:32, Voytek wrote:
smtpd_recipient_restrictions = reject_unknown_sender_domain,
reject_unknown_recipient_domain, reject_non_fqdn_sender,
reject_non_fqdn_recipient, reject_unlisted_recipient, permit_mynetworks,
check_sasl_access hash:/etc/postfix/sasl_access
You are still top-posting please don't... See bottom for my reply...
On 29 December 2017 at 06:21, Poliman - Serwis wrote:
> But "signing domain" and domain in "From" will never be matched. Server has
> own domain s1.domain.net. On this server are hosted few websites. These
19 matches
Mail list logo