[pfx] Re: configure a relayhost

On 10.09.23 10:38, François Patte via Postfix-users wrote: relayhost = [smtp.myfai.fqdn]:465 smtp_sasl_auth_enable = yes smtp_sasl_mechanism_filter = login smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd what is on your /etc/postfix/sasl_passwd ? It should be [smtp.myfai.fqdn]:465

[pfx] Re: Postfix mails accepted for delivery, but never received

On 10.09.23 21:05, Jesper Hansen via Postfix-users wrote: My ISP might be filtering port 25, I have no idea. BUT, I’m NOT connecting to my ISP as the mail log show. I connect directly to the recipients SMTP and get the right reply. That’s why I find suspicious that I get a bounce where the ISP

[pfx] Re: configure a relayhost

And updated the security level to "secure". On 11/09/23 19:59, François Patte via Postfix-users wrote: If I turn this to "secure", I get in maillog file: server certificate verification failed for smtp.gmx.com[212.227.17.174]:465: num=62:hostname mismatch On 11.09.23 23:33, Peter via

[pfx] Re: configure a relayhost

On 11/09/23 19:59, François Patte via Postfix-users wrote: And updated the security level to "secure". If I turn this to "secure", I get in maillog file: server certificate verification failed for smtp.gmx.com[212.227.17.174]:465: num=62:hostname mismatch Le 11/09/2023 à 13:33, Peter via

[pfx] Re: mask "mail from: " for Microsoft

Marc Lucke via Postfix-users: re: https://techcommunity.microsoft.com/t5/exchange-team-blog/updated-requirements-for-smtp-relay-through-exchange-online/ba-p/3851357 That text is about relaying email: you originate a message, and use Postfix to ask a Microsoft email service to deliver that

[pfx] Re: mask "mail from: " for Microsoft

On 14.09.23 13:08, Marc Lucke via Postfix-users wrote: re: https://techcommunity.microsoft.com/t5/exchange-team-blog/updated-requirements-for-smtp-relay-through-exchange-online/ba-p/3851357 Let's say I send an email.  I use: mail from: and in the data (body) From: Professional Legit

[pfx] Re: tracing smtp submission issues/ server timed out?

On Sun, September 10, 2023 2:03 am, Viktor Dukhovni via Postfix-users wrote: Your amavis content filter has a non-trivial backlog of mail, probably because each message takes a long time to process. Here the message sat 5.4 seconds in the incoming queue and then took 11 seconds to to deliver to

[pfx] Re: tracing smtp submission issues/ server timed out?

On 08.09.23 23:13, lists--- via Postfix-users wrote: a user reported mail client message: "It hard to sent mail we try 2-3 times then sent." screengrab from mail client had: sending failed, couldn't send, connection to outgoing server timed out logs from unsuccessful attempts are important,

[pfx] Re: tracing smtp submission issues/ server timed out?

On Sat, September 9, 2023 2:42 am, Matus UHLAR - fantomas via Postfix-users wrote: On 08.09.23 23:13, lists--- via Postfix-users wrote: logs from unsuccessful attempts are important, not from the one that succeeded. On 09.09.23 20:03, lists--- via Postfix-users wrote: is there some proper

[pfx] Re: Postscreen dnsbl logs

a way to >log more information about the threshold for each rejected email(maybe >for each dnsbl_site). Matus UHLAR - fantomas via Postfix-users: Note that this can even result into logging DNSWL as reason for blocking, if e.g. IP hits one DNSWL but multiple DNSBLs. You can use postscree

[pfx] Re: Postscreen dnsbl logs

information about the threshold for each rejected email(maybe for each dnsbl_site). Matus UHLAR - fantomas via Postfix-users: Note that this can even result into logging DNSWL as reason for blocking, if e.g. IP hits one DNSWL but multiple DNSBLs. You can use postscreen_dnsbl_reply_map to map the list

[pfx] Re: Domain-Specific inbound relay host rules

On 15.10.23 08:52, B Williams via Postfix-users wrote: There is a spam network that has figured out that they can bypass my spam filtering service by ignoring the MX record and just sending mail directly to the mail server. Pretty sneaky. Spammers do this for decades. So what I’m trying to

[pfx] Re: Recommendation for dkim signing

Jens Hoffrichter via Postfix-users wrote in : |On Mon, Oct 30, 2023 at 8:12 PM Steffen Nurpmeso via Postfix-users | wrote: ... |> Btw i would wonder: why do -- as email operators -- still use DKIM |> at all, since there is ARC and it also offers signatures and |> verification? The OpenSSL

[pfx] Re: [ext] Re: Question about postscreen

On 02.11.23 10:49, Ivan Ionut via Postfix-users wrote: > Hi, it's possible that postscreen does not block the email when > postscreen_dnsbl_threshold is reached but to pass that email to > spamassassin(with a score and a tag). * Matus UHLAR - fantomas via Postfix-users : Postsc

[pfx] Re: Question about postscreen

On 02.11.23 10:49, Ivan Ionut via Postfix-users wrote: Hi, it's possible that postscreen does not block the email when postscreen_dnsbl_threshold is reached but to pass that email to spamassassin(with a score and a tag). Postscreen does not tag. It passes or blocks the mail. -- Matus UHLAR

[pfx] Re: Recommendation for dkim signing

Dnia 2.11.2023 o godz. 09:42:01 Matus UHLAR - fantomas via Postfix-users pisze: (once more: DKIM applies on header From:, SPF on envelope from:). On 02.11.23 11:18, Jaroslaw Rafa via Postfix-users wrote: And DMARC requires that both be identical (actually, from the same domain - user part

[pfx] Re: Recommendation for dkim signing

On 02.11.23 12:04, Jens Hoffrichter via Postfix-users wrote: Actually, I was just discussing these things - this is just regarding the new requirements from Google and Yahoo starting Feb 1st. What happens, if a mail is sent from AmazonSES, with a signature key from amazonses.com, but with a

[pfx] Re: resolv.conf in chroot

Jesper Dybdal via Postfix-users skrev den 2023-11-05 13:48: To avoid using a public name server for DNSBL lookups, I would like the DNSBL checks to be done using only the name server running on localhost. But I would like the rest of the system to have for instance Google as a secondary name

[pfx] Re: GMail is rejecting mail I forward

On 29.10.23 16:43, Robert Inder via Postfix-users wrote: For 10 years now I've been running a Linux (CentOS 7) server, using Postfix to handle mail for a handful of users. Specifically, I'm running Postfix 2.2, because that is the most recent version yum will fetch from the current/default set

[pfx] Re: Recommendation for dkim signing

On 30.10.23 10:06, Jens Hoffrichter via Postfix-users wrote: We are looking into implementing DKIM signing for one of our services, and there are multiple ways to implement that. So far I have found that you can do it with opendkim and amavis - any recommendation for one or the other, or maybe

[pfx] Re: GMail is rejecting mail I forward

On Oct 29, 2023, at 10:59, Matus UHLAR - fantomas via Postfix-users wrote: I did SRS by using postsrs, see https://github.com/roehling/postsrsd This way, even forwarding using ~user/.forward will get SRS'ed. However, any mail from foreign domains without DKIM may still get rejected

[pfx] Re: read postscreen database?

On 31.10.23 12:26, Michael W. Lucas via Postfix-users wrote: Is there a way to dump the postscreen database, showing which addresses are cached and why? I guess postmap -s could do that. http://www.postfix.org/postmap.1.html -- Matus UHLAR - fantomas, uh...@fantomas.sk ;

[pfx] Re: local ROOT - forward + keep copy

On 06.11.23 09:31, lejeczek via Postfix-users wrote: I'd hope some experts here have it figured out long time ago & would be happy to advise on: How to keep root's mail locally, on each machine + at the same time have a copy forwarder to another address. I personally redirect all root's

[pfx] Re: milter outgoing not working

On 24.09.23 04:39, Stanislav via Postfix-users wrote: After upgrading from postfix 3.7.3 to postfix 3.8.2, I've noticed my email is not signed with DKIM anymore. After further investigation, I've found that Postfix ignores milter on outgoing emails (incoming goes through milter ok). do you

[pfx] Re: Possible (indirect) libspf2 security issues

On 01.10.23 00:00, mailmary--- via Postfix-users wrote: In my case, libspf2 is a dependent package of OpenDMARC (Alma Linux, Rocky Linux, Oracle Linux) Debian too, but this problem should only appear opendmarc does SPF resolution. This seems only to happen when SPFSelfValidate is true and

[pfx] Re: IP protocol inconsistency

Wietse Venema via Postfix-users: > It's a rather long explanation for "why not do X". like several > times longer than the text that explains what protocol preferences > do. And this is the only place where adding that text would help. On Sun, Sep 24, 2023 at 06:25:36PM -0400, Wietse Venema

[pfx] Re: IP protocol inconsistency

On 26.09.23 10:45, Polarian via Postfix-users wrote: The complaint and the reason why some email providers intentionally do not support IPv6 is that the IPv4 exhaustion can be used as a benefit for lazy security. Due to the number of IPv6, email server spam is a lot harder to block, there is

[pfx] Re: user based transport

On 12.10.23 00:56, wesley--- via Postfix-users wrote: How can I setup username based transport? for incoming messages, such as use...@foo.com will be delivered to host a. use...@foo.com will be delivered to host b. transport_maps support username@domain notation:

[pfx] Re: *.mail.protection.outlook.com reporting "452 4.5.3 Too many recipients (AS780090)" for many domains

On 11.10.23 15:06, Ralf Hildebrandt via Postfix-users wrote: Since this morning, various MX hosts in *.mail.protection.outlook.com reporting are reporting back temporary errors for us: Exhibit A) host ohri-ca.mail.protection.outlook.com[104.47.75.228] said: 452 4.5.3 Too many recipients

[pfx] Re: Wildcard sender_transport

On 24.10.23 14:00, Mark Constable via Postfix-users wrote: Hi folks, I have googled for this but not found a definitive answer. I have two IPs for my postfix server and want to send out most emails from one IP but a few via the alternate IP. I'm using this in main.cf...

[pfx] Re: dkim and submission and opendkim

On 24.10.23 14:35, Nick Edwards via Postfix-users wrote: I need a refresher hand with DKIM, we have in main.cf smtpd_milters = inet:127.0.0.1:8891,inet:127.0.0.1:8892 non_smtpd_milters = $smtpd_milters milter_default_action = accept spfpolicy_time_limit = 3600 milter_protocol = 6 DKIM is 8891,

[pfx] Re: smtp auth on port 25

On August 15, 2023 2:15:21 AM GMT+02:00, Jon Smart via Postfix-users wrote: I have disabled port 587/465 to be accessed publicly. but port 25 must be open to internet for MTA communications. My question is, can external users access port 25 for smtp auth and send mail then? Not if you

[pfx] Re: new waves of connect/disconnect from *.outlook.com; any add'l pfx configs useful for further remediation?

On Tue, Aug 15, 2023 at 04:14:58PM -0400, pgnd via Postfix-users wrote: 2023-08-14T13:11:53.782611-04:00 svr01 postfix/postscreen[27910]: CONNECT from [52.101.56.17]:32607 to [209.123.234.54]:25 2023-08-14T13:11:59.860098-04:00 svr01 postfix/postscreen[27910]: PASS NEW [52.101.56.17]:32607

[pfx] Re: reverse DNS question for HELO hostname

On 22.08.23 18:43, Peter H via Postfix-users wrote: When my mailserver talks to other MTA, it certainly will issue a HELO command. Saying the hostname after HELO is: mail.host.com, which points to an IP. But this IP's PTR doesn't point back to the hostname above. That's saying, the IP does

[pfx] Re: returned message path

On 25.08.23 13:45, Henrik Y via Postfix-users wrote: If the messages was delivered into peer system, and peer MTA found it was invalid for delivery, will this message be returned back to the sender host, or returned back to MX server of sender domain? In addition to what has been said, the

[pfx] Re: Replacing ancient Qmail with Postfix.

On 09.11.23 15:27, Shaun Erickson via Postfix-users wrote: We use a fake (internal, externally-unregistered) domain, for our division’s servers. Let’s call it fakedomain.com or fd.com, for short. Just FYI, there are domain names like: example.com example.net example.org example invalid

[pfx] Re: [P-U] Re: New List Host and Reply-to Header

Is it the best idea to add a reply-to header to the author on mailing list emails? The problem I see is many people will hit reply in their email client which will create an email from them to the author, bypassing the mailing list. This has also happened before when someone 'r'eplied to the

[pfx] Re: about openSRS for forwarding

On 10.03.23 19:25, pyh--- via Postfix-users wrote: I am running a postfix server for email forwarding. Should I enable openSRS for this forwarding service? if you want to forward mail and also allow users to do that, you apparently should do SRS. Otherwise forwarding destination can reject

[pfx] Re: Fwd: milter-reject: END-OF-MESSAGE

On 10.03.23 11:32, Adrian Huryn via Postfix-users wrote: Mar 10 11:23:56 poczta postfix/smtpd[28240]: input attribute name: (end) Mar 10 11:23:56 poczta postfix/smtpd[28240]: > gateway11d.dhl.com[165.72.200.204]: 354 End data with . Mar 10 11:23:56 poczta postfix/cleanup[28321]: 7F2A2352540:

[pfx] Re: Simple Backup MX with relay recipient validation

On 15.03.23 21:49, Fongaboo via Postfix-users wrote: myhostname = I usually don't set "myhostname" and let postfix use the one set in system. I configure my systems with hostname set to FQDN. smtpd_banner = $myhostname ESMTP mynetworks = 127.0.0.0/24 I prefer autoconfiguration via

[pfx] Re: timeout after END-OF-MESSAGE

Fourhundred Thecat via Postfix-users: I occasionally see timeout after END-OF-MESSAGE in my logs: On 2023-03-20 15:30, Wietse Venema via Postfix-users wrote: When asking a timing related question, it would be helpful if you did not delete the timing related onfo from the logs. On 20.03.23

[pfx] Re: Is it possible to add a dynamic value to a heder by header_checks?

Dnia 23.03.2023 o godz. 12:48:36 Tobi via Postfix-users pisze: I wonder if the following is possible: can postfix add a header with a dynamic value? My goal would be to add a header with the current unix timestamp on the edge system and then check that header against current time on last system

[P-U] Re: Postfix lists are migrating to a new list server

FYI header rewriting and DKIM signing works correctly, ARC does not. Say both spamassassin and openarc-milter X-Spam-Status: No, score=-0.9 required=3.5 tests=ARC_INVALID,ARC_SIGNED, A_DKIM_VERIFIED,A_SPF_PASS,BAYES_00,DCC_CHECK,DCC_REPUT_70_89,

[pfx] Re: externel MX question

On 24.03.23 09:16, fh--- via Postfix-users wrote: I have a domain setup in postfix as virtual domains. But MX records for this domain point to external systems currently, such as google workspace. When other users in this postfix system send email to users in this domain, will it be delivered

[pfx] Re: behavior of smtp_connection_cache_destinations

On 25.03.23 08:26, Amit Gupta via Postfix-users wrote: According to https://www.postfix.org/CONNECTION_CACHE_README.html#implementation there are "two connection caching strategies". Are smtp_connection_cache_on_demand and smtp_connection_cache_destinations mutually exclusive?

[pfx] Re: [P-U] Re: New List Host and Reply-to Header

Peter via Postfix-users skrev den 2023-03-26 01:05: Mailman has a setting that addresses this, reply_goes_to_list. According to mm docs, this adds the original From: address as a CC On 26.03.23 01:55, Benny Pedersen via Postfix-users wrote: there will be a day when mailman dont sink ships, so

[pfx] Re: MX primary & secondary setup for multiple domains on multiple servers

On 24.03.23 13:55, Arrigo Triulzi via Postfix-users wrote: I am trying to migrate my personal Sendmail setup (five domains) to Postfix and I am not entirely sure how to replicate what I have at the moment. Each domain has a different server and each of them acts as secondary for the other

[pfx] Re: Allow TLSv1 only for internal senders

Gerd Hoerst via Postfix-users skrev den 2023-03-18 14:54: smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1 smtpd_tls_protocols   = !SSLv2,!SSLv3,!TLSv1 in main.cf in main.cf put a # in this lines, so its default from postconf -d but unfortunately i have a sender (its a

[P-U] Re: Postfix lists are migrating to a new list server

OpenDMARC is segfaulting. That's what 'signal 11' means. On Mar 7, 2023, at 11:37 AM, postfix--- via Postfix-users As far as i know everything is up to date. [root]# opendmarc -V opendmarc: OpenDMARC Filter v1.4.1 SMFI_VERSION 0x101 libmilter version 1.0.1 Active

[pfx] Re: /etc/postfix/access only doamin is blocked

On 15.03.23 14:12, Gerd Hoerst via Postfix-users wrote: but i also tried with header_checks /^From:\.*@.*\.com\.com/    DISCARD NO SUBDOMAINS ^^ this expects literal dot. look at your logs. From: Der heutige Gewinner! That is is a header, that not used in SMTPD access maps. Look in

[pfx] Re: /etc/postfix/access only doamin is blocked

On 15.03.23 11:17, Gerd Hoerst via Postfix-users wrote: in my /etc/postfix/main.cf parent_domain_matches_subdomains = . . smtpd_access_maps .. smtpd_sender_restrictions = .. check_sender_access hash:/etc/postfix/access in my main.cfs domain.com DISCARD Spam rule domain block

[pfx] Re: /etc/postfix/access only doamin is blocked

On 15.03.23 13:09, Gerd Hoerst via Postfix-users wrote: in email source text is From: Der heutige Gewinner! what's the envelope from address (the one in logs)? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this

[pfx] Re: SPF: HELO does not publish an SPF Record

Matus UHLAR - fantomas wrote in |fantomas.fantomas.sk descriptive text "v=spf1 a -all" On April 12, 2023 2:00:01 PM UTC, Steffen Nurpmeso via Postfix-users wrote: Interesting this still works for you. I had to change to ~all because some behind-alias-expansion-and-forward collocutor

[pfx] Re: header_checks not work with regexp

On 17.04.23 08:54, SysAdmin EM via Postfix-users wrote: Hello everyone the problem persists. Maybe I’m doing something wrong. Step 1, I add the rule in the /etc/postfix/header_checks file /^Subject:.*You may need to add/ DISCARD TMP_BLOCK Step 2, postmap /etc/postfix/header_checks and postfix

[pfx] Re: header_checks not work with regexp

On Fri, Apr 14, 2023 at 05:51:21PM -0300, SysAdmin EM via Postfix-users wrote: postmap -q "Subject: [KIS] ERROR (EXTERNAL IP): Invalid HTTP_HOST header: '10.54.130.188:8020'. You may need to add u'10.54.130.188' to ALLOWED_HOSTS." regexp:/etc/postfix/header_checks On 14.04.23 18:15, Viktor

[pfx] Re: Question about automatic added headers

On 20.04.23 09:25, Silamael Darkomen via Postfix-users wrote: I have a question about the automatic adding of missing headers. Did an experiment with always_add_missing_headers = no. I sent a mail via telnet manually to postfix and checked, what it's forwarding to the next mail server.

[pfx] Re: Open relay clarification

On 17.04.23 13:38, Tyler Montney via Postfix-users wrote: Before getting started, this has been publicly disclosed by someone else a while ago. However, I still don't think it's necessary to name the organization to explain myself. My goal here is not only to give a proper argument to the

[pfx] Re: Questions for the third party plugins

On 21.04.23 12:08, tom--- via Postfix-users wrote: do policyd-service (such as rate-limit) and milter (such as opendkim) use the same communication way to postfix? policy services use the policy protocol: http://www.postfix.org/SMTPD_POLICY_README.html milters support milter protocol:

[pfx] Re: www.postfix.org certificate expired

* Peter Ajamian via Postfix-users: Verify return code: 10 (certificate has expired) On 22/04/23 22:18, Ralph Seichter via Postfix-users wrote: Thanks. For some reason, the web server had not been restarted after the last certificate update, which normally happens automatically. I just

[pfx] Re: postfix does not add Return-Path if mail is missing it

On 23.04.23 11:19, Benny Pedersen via Postfix-users wrote: Subject: [pfx] postfix does not add Return-Path if mail is missing it imho a bug Matus UHLAR - fantomas via Postfix-users skrev den 2023-04-23 16:43: it's added in local if delivering to mbox or maildir: http://www.postfix.org

[pfx] Re: Sender address rejected, but domain is found?

Hi, I realize this is probably one of the most frequently asked questions, but I really can't figure out why this was rejected. Apr 25 12:06:01 petra postfix-226/smtpd[592344]: NOQUEUE: reject: RCPT from mail.email.eurobank.rs [195.242.76.237]: 450 4.1.8

[pfx] Re: postscreen question

On 26.04.23 19:40, Ken Peng via Postfix-users wrote: Using rspamd instead of postscreen? no, using spamassassin or rspamd in addition to postscreen. postscreen is great for eliminating bots, which is something other spam filters only hardly detect. It's also can machines listed in multiple

[pfx] Re: Postfix server is sending non-delivery notifications with a blank "from" address

On Thu, Apr 27, 2023 at 11:13:13AM -0300, Rejaine Monteiro via Postfix-users wrote: > And is there any way to not send bounces to a specific email (ex: > don't send bounces to nore...@domain.com) Em qui., 27 de abr. de 2023 às 11:57, Viktor Dukhovni via Postfix-users <

[pfx] Re: Postfix Amavis (Virus Checker) PHPList workaround

On 24.04.23 14:23, Wayne Spivak via Postfix-users wrote: I run a postfix install which requires authentication and pipes all email through Amavis (spam checking). My PHPList (broadcast only) goes through port 587, and since it sits on the server, it doesn't need authentication (I'm the only

[pfx] Re: postfix mail server qmgr log entry query

On 26.04.23 05:48, Jitendra Chaudhari via Postfix-users wrote: The strange thing that is observed in the log is no-reply=19=tjsb@xxx.co.in The user email id at the email server is tjsb@xxx.co.in so my worry is what is the " no-reply=19=" string getting appended before the user email

[pfx] Outlook's "Recall:" messages

Hello, or customer tried to recall send message (outlook/exchange feature) and the recipient started bombing server and original sender with mails "message recall failed" (outlook/microsoft failure). I was able to drop the messages using header_checks but I'm curious if anyone knows better

[pfx] Re: Painful Postfix

On 30.04.23 07:35, Kolusion K via Postfix-users wrote: My e-mail server is able to deliver e-mail to some hosts but will time out when attempting to deliver to other hosts. What could be causing this problem? network firewall at your or recipients' side. Routing problems can cause this

[pfx] Re: Painful Postfix

On 30.04.23 07:25, Kolusion K via Postfix-users wrote: Subject: [pfx] Painful Postfix it would be much better if you provided better Subject: for questions/problems like this, e.g. "debug_peer_level question". Can somebody please tell me what levels are available for the

[pfx] Re: E-mail delivery problem

On 01.05.23 14:24, Kolusion K via Postfix-users wrote: E-mail server enp0s3 interface IP address: 192.168.1.2 E-mail server ppp0 interface IP address: 192.168.2.2 VPS enp6s18 interface IP address: 1.2.3.4 What could be causing my e-mail delivery problem? your firewall rules show nopthing

[pfx] Re: Future Date:

On 01.05.23 15:41, Jon LaBadie via Postfix-users wrote: I've been getting a lot of spam with Date: headers containing future dates, typically 1 year. I don't find any header checks that would look for this type of message. Have I over looked it? In the meantime I've implemented a script and

[pfx] Re: E-mail delivery problem

On 02.05.23 09:19, Kolusion K via Postfix-users wrote: So I have just had another look at my e-mail server regarding my situation, and I found something very odd.   Postfix seems to be unable to send e-mail to IPv4 addresses, but it can send e-mail to IPv6 addresses. This is odd because

[pfx] Re: Njal.la

May 2, 2023 at 4:42 PM, "pripercat--- via Postfix-users" wrote: Hi, my hosting Njal.la don't permit send email from my postfix server port number 25 to prevent spam. But they say that i can use this setup https://njal.la/docs/postfix-smarthost/ with; relayhost = [emailserver.tld]:submission

[pfx] Re: Future Date:

Matus UHLAR - fantomas via Postfix-users skrev den 2023-05-02 15:28: perhaps you would want to set up spam filter? spamassassin has check for date in future and also many other for spammy signs. On 02.05.23 17:47, Benny Pedersen via Postfix-users wrote: Viktor provided a milter that test

[pfx] Re: Regarding transport maps (sender_dependent_relayhost_maps not working)

On 23.04.23 13:43, Byung-Hee HWANG via Postfix-users wrote: Andrew Athan via Postfix-users writes: (...) My goal is to silently discard all inbound mail from a certain domain. Or actually, I may wish to redirect all of that mail either to a flat file (similar to the proposed blackhole

[pfx] Re: postfix does not add Return-Path if mail is missing it

On 23.04.23 11:19, Benny Pedersen via Postfix-users wrote: Subject: [pfx] postfix does not add Return-Path if mail is missing it imho a bug it's added in local if delivering to mbox or maildir: http://www.postfix.org/local.8.html -- Matus UHLAR - fantomas, uh...@fantomas.sk ;

[pfx] Re: Blocked Sender

On 27.03.23 12:39, natan via Postfix-users wrote: /etc/postfix/sender_checks.pcre /@scripkabox\.com/ /etc/postfix/recipient_checks.pcre smtpd_sender_restrictions =     permit_mynetworks     check_sender_access pcre:/etc/postfix/sender_checks.pcre    

[pfx] Re: question on relay_domains

On 27.03.23 18:08, fh--- via Postfix-users wrote: I plan to add a backup mx for the domain. When I checked the doc for "relay_domains" which says, Note: Postfix will not automatically forward mail for domains that list this system as their primary or backup MX host. See the permit_mx_backup

[pfx] Re: HELO checks for desktop clients

On 11.04.23 07:31, tom--- via Postfix-users wrote: If I added this config in main.cf: smtpd_helo_restrictions = permit_mynetworks, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname,

[pfx] Re: Debugging SSL_accept error Connection reset by peer

On Fri, Apr 07, 2023 at 11:25:33AM -0400, micah via Postfix-users wrote: 2023-04-06T07:34:42.281789+00:00 mx1 postfix/smtpd[1680368]: SSL_accept:before SSL initialization 2023-04-06T07:34:42.300347+00:00 mx1 postfix/smtpd[1680368]: SSL_accept:before SSL initialization

[pfx] Re: aliases for mailbox domain

On 10.04.23 16:19, tom--- via Postfix-users wrote: Maybe I am not clear about virtual_mailbox_domains and virtual_alias_domains. Say I have this mailbox domain: myposts.ovh And a real user t...@myposts.ovh which exists in dovecot-users table. After then, can I create aliases in

[pfx] Re: postfix and opendkim

On 10.04.23 16:00, Fourhundred Thecat via Postfix-users wrote: I am setting up opendkim on my postfix server: what is the practical difference between using inet or UNIX domain socket in /etc/opendkim.conf ? UNIX domain socket must be in postfix chroot. That's why I use inet socket for

[pfx] Re: Access control review

On Tue, Mar 28, 2023 at 08:42:42AM +0200, Mihaly Zachar via Postfix-users wrote: smtpd_recipient_restrictions = reject_non_fqdn_recipient reject_unknown_recipient_domain permit_mynetworks permit_sasl_authenticated reject_unauth_destination On 28.03.23 12:15, Viktor

[pfx] Re: Success DSN for virtual mailboxes not working

Nuno Pereira via Postfix-users skrev den 2023-03-30 20:29: > We have tried to figure out why this happens, but haven't found a > solution until now. logs ? On 31.03.23 12:10, Nuno Pereira via Postfix-users wrote: I don't find anything relevant in logs: just an indication that a DSN was sent

[pfx] Re: Different set of milters for one domain?

Dan Mahoney (Gushi) via Postfix-users skrev den 2023-03-28 12:10: Dayjob sometimes receives mail for one domain that we'd like to have bypass certain milters (specifically, we want to exempt them from some filtering/scanning mitlers since the domain is pretty much entirely passthrough) -- On

[pfx] Re: Debugging SSL_accept error Connection reset by peer

On 2023-04-11 15:49:30, Matus UHLAR - fantomas via Postfix-users wrote: Perhaps you could disable STARTTLS extension for this particular address by using smtpd_discard_ehlo_keyword_address_maps: smtpd_discard_ehlo_keyword_address_maps=hash:/etc/postfix/smtpd_keywords /etc/postfix

[pfx] Re: SPF: HELO does not publish an SPF Record

On 12.04.23 12:41, Fourhundred Thecat via Postfix-users wrote: I have domain mydomain.com, with mx record: Use example.com unless you are real owner of mydomain.com I have no SPF record on mail.mydomain.com itself. Now, when I check my email score on mail-tester.com, it says:

[pfx] Re: Getting Recipient when Message size limit is exceeded

On Fri, Jul 07, 2023 at 11:54:44AM -0400, Viktor Dukhovni via Postfix-users wrote: If the client uses PIPELINING, the pipelined "RCPT TO" after the rejected "MAIL FROM" will presumably be logged. On 7/7/2023 11:07 AM, Viktor Dukhovni via Postfix-users wrote: Turns out that's not the case.

[pfx] Re: Postfix "sendmail -bv" command: Trouble with spamassassin and virtual_aliases

On 10.07.23 01:17, Robert Senger via Postfix-users wrote: Thanks to all of you for your tips and advices! This turned out to be far more complicated than I thought... I am staying with spamass-milter and bash scripting for the moment (but implemented all of your programming advices), it's a

[pfx] Re: Need some help with postsrsd

On 30.05.23 06:51, Shimon Weinreich (Gmail) via Postfix-users wrote: I need some help. I defined posrsrsd with postfix and all is working. I mean, while sending an e-mail it changes the 'from' like this: SRS0=imkW=BT=yahoo.com=shimo...@openu.ac.il did it change header From: too? But when I

[pfx] Re: Split emails with multiple recipients

On 05.06.23 10:07, Michael via Postfix-users wrote: I have a postfix with rspamd as milter. When a mail is sent with many recipients, rspamd gets the mail with all recipients. If I want to reject only one specific recipient, the whole mail is rejected. Is there any way to split the mail per

[pfx] Re: Split emails with multiple recipients

On Mon, Jun 05, 2023 at 10:21:47AM +0200, Matus UHLAR - fantomas via Postfix-users wrote: I've read a trick to reject particular recipient with temporary failure, which results in mail for other recipient being accepted, and further retry from sending server should only include that recipient

[pfx] Re: relayhost and backup MX

:38, Matus UHLAR - fantomas via Postfix-users wrote: messages will go TO the relay_ip unless you override it in transport_maps. example.com relay:example.com sorry, correct: example.com relay:[primary-mx.example.com] so we don't deliver to backup MX addresses. the first example

[pfx] Re: relayhost and backup MX

On 21.05.23 15:53, Tom Reed via Postfix-users wrote: My postfix has setup another MTA for relay host, relayhost = [relay_ip] If I setup this postfix as backup mx for a domain, such as foo.com. will messages for foo.com relay from relay_ip too, or go directly to the primary MX? messages will

[pfx] Re: SPF questions

Dnia 10.06.2023 o godz. 17:33:06 Gerd Hoerst via Postfix-users pisze: my entry e.g.    600 IN TXT    "v=spf1 a mx -all" that mean all servers listet in MX enrties of my domain are allowed to send emails from my domain So if you receive an email from my domain which are not sent from

[pfx] Re: SPF questions

Note there is also RFC 7505 "Null MX" where you simply add "IN MX 0 ." to any DNS name you wish not to send or accept e-mail. (this is designed to work around implicie MX records when A record is present). On 12.06.23 07:50, wesley--- via Postfix-users wrote: I saw some domains have MX

[pfx] Re: delivery loop?

On 22.05.23 20:26, Tom Reed via Postfix-users wrote: Given the case that: 1. postfix is a backup MX for foo.com 2. this postfix uses other MTA as relay_host When the primary MX for foo.com is down, messages to u...@foo.com will be delivered into backup MX. And, backup MX delivers the message

[pfx] Re: messages passing DMARC are being rejected as failing

On 24.07.23 16:03, Gomes, Rich via Postfix-users wrote: Clarification below: I see no clarification, just added disclaimer. It says nothing about DMARC, just that the mail was sent from external organization. From: Gomes, Rich via Postfix-users Sent: Monday, July 24, 2023 11:27 AM To:

[pfx] Re: SMTP client: How to log reason for untrusted TLS connection to MX?

Dnia 24.07.2023 o godz. 17:05:40 Paul Menzel via Postfix-users pisze: (Also from the legal perspective, without being a lawyer, I’d say, that actually all German (European) companies are required to only transmit messages over a verified TLS connection.) On 24.07.23 19:02, Jaroslaw Rafa via

[pfx] Re: Accepting mail from old Dell iDRAC

On 05.08.23 00:35, Charles Sprickman via Postfix-users wrote: Just following up to myself here, but this Dell POS just bails if it can't do TLS, lol: Aug 5 00:30:52 mail postfix/smtpd[76663]: < unknown[10.3.2.5]: EHLO ANON Aug 5 00:30:52 mail postfix/smtpd[76663]: discarding EHLO keywords:

[pfx] Re: bounce management

> We're only doing basic spam protection for them, What is the nature of the "basic spam protection"? Can it be done pre-queue? On 07.08.23 15:19, Alex via Postfix-users wrote: Yes, most likely, I would think. It's a basic spamassassin setup with a few rules looking for specific patterns, as

  1   2   3   >