Viktor Dukhovni wrote in
<20200825182533.gw37...@straasha.imrryr.org>:
|On Tue, Aug 25, 2020 at 07:06:29PM +0200, Steffen Nurpmeso wrote:
|
|>|because:
|>|
|>|1. The server indicated support for SASL in its EHLO response.
|>|2. The client chose to perform SASL auth.
|>|
|>|If
Okey, i think i got an idea of what i have to do now! :)
Thank you again for the advises.
On Tue, Aug 25, 2020 at 6:51 PM Wietse Venema wrote:
> Manuel Mely:
> > In a nutshell: use the policy access server for basic rules and actions
> at
> > first, and only if the ruleset gets
> > complicated
On Tue, Aug 25, 2020 at 07:06:29PM +0200, Steffen Nurpmeso wrote:
> |because:
> |
> |1. The server indicated support for SASL in its EHLO response.
> |2. The client chose to perform SASL auth.
> |
> |If you want clients to skip SASL auth, configure them to not use
> |SASL auth
Wietse,
Viktor,
Thanks for your kind answer.
It seems a bit difficult but I'll try to understand and apply it.
This request (redirect emails of certain domains to 3rd party mail
providers with auth) can't be denied because we are moving from
commercial mail security appliance to postfix
Viktor Dukhovni wrote in
<20200825160538.gt37...@straasha.imrryr.org>:
|On Tue, Aug 25, 2020 at 04:56:26PM +0200, Steffen Nurpmeso wrote:
|> Emmanuel Fusté wrote in
|> :
|>|Le 24/08/2020 à 21:14, Steffen Nurpmeso a écrit :
|>|> Something else, maybe.
|>|> I do not understand why my
Manuel Mely:
> In a nutshell: use the policy access server for basic rules and actions at
> first, and only if the ruleset gets
> complicated with content filtering, return a "FILTER" action in the server,
> and continue filtering
> with a milter? Probably i will have then to double check the
Viktor Dukhovni wrote in
<20200825161847.gu37...@straasha.imrryr.org>:
|On Tue, Aug 25, 2020 at 05:56:41PM +0200, Steffen Nurpmeso wrote:
|You have still now answered Wietse's question. If you were to do
|"EXTERNAL" auth, what determines whether a user presented a valid
|credential,
Thanks for your instant reply Wietse.
Postfwd looks like a great tool, but i think it wont fit well in my
requirements.
For example, it is all file based configurations. Even when i could
replicate the files
to all nodes, I would prefer to store the rules and actions in a DB as
those are created
On Tue, Aug 25, 2020 at 05:56:41PM +0200, Steffen Nurpmeso wrote:
> Twenty years ago i was an angry young man because the new German
> passports did not include S/MIME++ certificates and PGP keys,
> signed by the German government. In the meantime the
> "Bundesdruckerei" (which has become more
On Tue, Aug 25, 2020 at 04:56:26PM +0200, Steffen Nurpmeso wrote:
> Emmanuel Fusté wrote in
> :
> |Le 24/08/2020 à 21:14, Steffen Nurpmeso a écrit :
> |> Something else, maybe.
> |> I do not understand why my (stupid) config
> |>
> |>smtpd_sender_restrictions =
> |>
Hello.
Wietse Venema wrote in
<4bbwrb5qbbzj...@spike.porcupine.org>:
|What is the trust model: can anyone send email as long as they have
|a valid certificate that is signed by one of hundreds of CAs, and
I am a political person and can only response to this politically.
Other than that i do
Manuel Mely:
> Hi there,
>
> I?m at the moment in the concept stage for the implementation of custom
> policies which will be attached to several postfix instances.
>
> A brief description of what i have now:
>
> I have three postgres tables: mail_filter, mail_filter_rule and
>
Hi there,
I’m at the moment in the concept stage for the implementation of custom
policies which will be attached to several postfix instances.
A brief description of what i have now:
I have three postgres tables: mail_filter, mail_filter_rule and
mail_filter_action
a filter (mail_filter
Emmanuel Fusté wrote in
:
|Le 24/08/2020 à 21:14, Steffen Nurpmeso a écrit :
|> Something else, maybe.
|> I do not understand why my (stupid) config
|>
|>smtpd_sender_restrictions =
|>check_ccert_access hash:/etc/postfix/relay_clientcert,
|>permit_tls_clientcerts,
|>
What is the trust model: can anyone send email as long as they have
a valid certificate that is signed by one of hundreds of CAs, and
as long as their certificate contains an email address that matches
smtpd_sender_login_maps?
Wietse
Le 24/08/2020 à 21:14, Steffen Nurpmeso a écrit :
Something else, maybe.
I do not understand why my (stupid) config
smtpd_sender_restrictions =
check_ccert_access hash:/etc/postfix/relay_clientcert,
permit_tls_clientcerts,
reject_unknown_sender_domain,
16 matches
Mail list logo