[pfx] Re: IPv6 and Cloud server CPU

> On Nov 22, 2023, at 11:20 PM, Peter via Postfix-users > wrote: > > On 23/11/23 14:22, Gerald Galster via Postfix-users wrote: >>> Q2: >>> given the minuscule work-load, is there any preference/preclusion between >>> employing the 'usual' x86 processor or 2 Arm Ampere processors? Both offer

[pfx] Re: IPv6 and Cloud server CPU

> On Nov 22, 2023, at 8:15 PM, DL Neil via Postfix-users > wrote: > > So, there's no particular advantage to staying with the traditional x86-style > model, nor to moving to the newer Arm-based offerings? It seems like some vendors really want to push ARM and a side-effect of that might be

[pfx] Re: Accepting mail from old Dell iDRAC

> On Aug 5, 2023, at 3:38 PM, Viktor Dukhovni via Postfix-users > wrote: > > On Sat, Aug 05, 2023 at 03:27:01PM -0400, Charles Sprickman via Postfix-users > wrote: > >>> Nope, ever since SSL 3.0 the client proposes and the server chooses. >>> The is

[pfx] Re: Accepting mail from old Dell iDRAC

On Aug 5, 2023, at 3:01 PM, Viktor Dukhovni via Postfix-users wrote: > > On Sat, Aug 05, 2023 at 11:23:06AM -0700, Dan Mahoney via Postfix-users wrote: > >> Under the hood, idracs do use openSSL, and it’s not unreasonable to >> assume that both the SMTP client and the web server use the same

[pfx] Re: Accepting mail from old Dell iDRAC

> On Aug 4, 2023, at 1:23 PM, Charles Sprickman via Postfix-users > wrote: > > > >> On Aug 3, 2023, at 5:46 AM, Jaroslaw Rafa via Postfix-users >> wrote: >> >> Dnia 2.08.2023 o godz. 23:28:09 Charles Sprickman via Postfix-users pisze: >&

[pfx] Re: Accepting mail from old Dell iDRAC

> On Aug 3, 2023, at 5:46 AM, Jaroslaw Rafa via Postfix-users > wrote: > > Dnia 2.08.2023 o godz. 23:28:09 Charles Sprickman via Postfix-users pisze: >>> The iDRAC is trying to use STARTTLS, so encrypted SMTP transport appears >>> to be supported. As noted

[pfx] Re: Accepting mail from old Dell iDRAC

Hi Viktor and everyone else - replying with more information inline... > On Aug 2, 2023, at 9:33 AM, Viktor Dukhovni via Postfix-users > wrote: > > On Wed, Aug 02, 2023 at 01:26:43AM -0400, Charles Sprickman via Postfix-users > wrote: > >> [root@mail /usr/local/e

[pfx] Accepting mail from old Dell iDRAC

Hi all, I'm having a heck of a time figuring out how to see just what this Dell is offering when speaking to Postfix... It's an "iDRAC7", which is just a little management card. I want it to be able to send some email alerts, but I keep getting warnings about a cipher mismatch. With some

[pfx] Re: server does not pick up new certificates

> On Jul 23, 2023, at 2:29 PM, Viktor Dukhovni via Postfix-users > wrote: > > On Sun, Jul 23, 2023 at 08:18:21PM +0200, lejeczek via Postfix-users wrote: > >>> You need to rebuild it periodically. Once a week should be enough, >>> ACME certificates are typically good for 90 days and get

[P-U] Re: sys4 is listed in Abusix

> On Mar 7, 2023, at 1:14 PM, Robert Schetterer via Postfix-users > wrote: > > Am 07.03.23 um 18:57 schrieb Patrick Ben Koetter via Postfix-users: >> * toganm--- via Postfix-users : >>> Maybe it would have been a better idea to check if the mail server is listed >>> in any rbl sites. For one

Re: Replacing initial "Received:" line on submission?

> On Jan 15, 2023, at 12:13 AM, Peter wrote: > > On 15/01/23 17:34, Viktor Dukhovni wrote: >> The typical user who wants to lightly censor Received lines is not >> trying to hide a specific IP address, by far the more common need >> is to prune IP addresses from received headers add by a

Re: Replacing initial "Received:" line on submission?

> On Jan 12, 2023, at 2:40 PM, Viktor Dukhovni > wrote: > > On Thu, Jan 12, 2023 at 01:49:33PM -0500, post...@ptld.com wrote: > >> My solution... >> >> main.cf: >> smtp_header_checks = pcre:/etc/postfix/header_checks_smtp >> >> >> /etc/postfix/header_checks_smtp: >> /^Received:/

Replacing initial "Received:" line on submission?

Howdy, I'm thinking that for my personal mail server I would like to stop showing the world the IP that I'm sending email from, for various reasons, but mostly privacy. I see lots of sketchy options out there using header checks, but I'd ideally like to not just strip out the first received

Re: Verbose logging issues of postfix in docker container

> On Dec 11, 2022, at 7:11 PM, Sam wrote: > **I really can't debug any smtp issues whatsoever.** [...] > and in master.cf, I added `-v` flag on smtpd. Nothing comes out of it. Zero > logging to both stdout and /var/log/. Be aware that Postfix and most daemons don't log directly, they are

Re: Reject when delivering to a pipe?

I think that as long as the script returns the appropriate error code on failure you don't have to do anything special; from pipe(8): In the case of a non-zero exit status, a limited amount of command output is logged, and reported in a delivery status notification. When

Re: Postfix.org website

> On Sep 9, 2022, at 10:54 AM, Viktor Dukhovni > wrote: > > On Fri, Sep 09, 2022 at 11:23:18PM +1000, Simon Wilson wrote: > >> I have no insight into why security firms, government departments, >> etc. recommend to block what they do. > > Note that the recommendations you quoted, suggest

Re: Why the name Postfix?

> On Mar 27, 2022, at 3:18 PM, Viktor Dukhovni > wrote: > > On Sun, Mar 27, 2022 at 09:08:53AM +0530, Amarjeet Anand wrote: > >> What’s the story behind choosing the name as “Postfix”? > > One of the stories can be found here: > >

Re: Choosing relay based on sasl username?

> On Feb 23, 2022, at 10:30 AM, Wietse Venema wrote: > > Wietse Venema: >> Charles Sprickman: >>> Oops, sorry, "sender_dependent_relayhost_maps" should be >>> "sender_dependent_default_transport_maps" below... >> >> In

Re: Choosing relay based on sasl username?

Oops, sorry, "sender_dependent_relayhost_maps” should be “sender_dependent_default_transport_maps” below... > On Feb 23, 2022, at 2:17 AM, Charles Sprickman wrote: > > Hi all, > > I’m having some issues figuring out if this is possible and then if so, how > to

Choosing relay based on sasl username?

Hi all, I’m having some issues figuring out if this is possible and then if so, how to approach it. This isn’t for production use, just some internal testing and experimentation... My goal is to set a relay destination based on the SASL username used for smtp authentication. So if I have

Re: https://www.postfix.org/ in trouble

> On Jan 11, 2022, at 2:07 PM, Dan Mahoney wrote: > > > >> On Jan 11, 2022, at 10:38 AM, Claus R. Wickinghoff > > wrote: >> >> Mojn, >> >>> Today I find only a directory listing at www.postfix.org >>> or www.postfix.com

Re: postfix.org site CSS change

> On Jun 2, 2021, at 1:40 PM, post...@ptld.com wrote: > >> On 06-02-2021 1:35 pm, Josef Vybíhal wrote: >>> the background was changed to white. >> curl -sI http://www.postfix.org/postfix.css | grep Last >> Last-Modified: Sun, 20 Feb 2011 12:14:00 GMT > > Any ideas why the background "to me" is

Re: Postfix restrictions

;> recommended to avoid: postgrey > >>> On Jun 7, 2020, at 8:03 AM, Laura Smith >>> wrote: >>> I agree. Greylisting is a primitive, last century "sledgehammer to crack a >>> nut". >>> >>> It has no place in 2020's anti-spam. >

Re: The historical roots of our computer terms

> On Jun 7, 2020, at 2:03 PM, vi...@vheuser.com wrote: > > Why not take it off this list and contact the developers? > Users can't make small changes. > Enough already. The intersection of “this is meaningless politics, stop being such a carelord” and “shield my eyes from further discussion

Re: Postfix restrictions

> On Jun 7, 2020, at 8:03 AM, Laura Smith > wrote: > > >> I wonder that two very new documents describe something that has been long >> recommended to avoid: postgrey > > I agree. Greylisting is a primitive, last century "sledgehammer to crack a > nut". > > It has no place in 2020's

Re: Preferred/maintained greylisting options?

> On May 24, 2020, at 7:21 PM, Wietse Venema wrote: > > Charles Sprickman: >> Hi all, >> >> I have a site with a very old domain that's at the front of the >> alphabet. For some reason (age, alphabetical order, ???) that >> domain gets bombarded wi

Re: Preferred/maintained greylisting options?

> On May 24, 2020, at 3:59 PM, Laura Smith > wrote: > >> >> I’ve been sort of opposed to greylisting in the past due to a userbase >> that’s sensitive to delays, but… the spam is worse. >> > > > IMHO Greylisting is rather pointless. Its a blunt tool, and not only that it > does that

Preferred/maintained greylisting options?

Hi all, I have a site with a very old domain that’s at the front of the alphabet. For some reason (age, alphabetical order, ???) that domain gets bombarded with spam before the senders make it onto any of the blacklists I use (even trialed a few for-profit blacklists). Literally some of these

Re: may we suggest ICANN not run that many new tlds?

> On Nov 19, 2019, at 3:28 PM, Antonio Leding wrote: > > But I predict it will fall on deaf ears… > > Suggesting this is tantamount to suggesting the PSTN not increase the # of > area codes or NXX numbers. Things like this are created as the demand > grows…and due to the complete

Re: Dictionary attacks

> On Nov 3, 2019, at 12:04 PM, Phil Stracchino wrote: > > On 2019-11-03 05:24, Allen Coates wrote: >> >> >> On 03/11/2019 02:42, Wietse Venema wrote: >>> John Schmerold: What is the best way to protect against dictionary attacks in Postfix? >>> >>> Reportedly, fail2ban (no first-hand

Re: OT: Postscreen and scoring/blocking by ISP

> On May 31, 2019, at 7:45 PM, Wietse Venema wrote: > > Charles Sprickman: >> https://www.team-cymru.com/IP-ASN-mapping.html#dns >> <https://www.team-cymru.com/IP-ASN-mapping.html#dns> >> >> That?s part way there. I can easily find the ASNs I care to

Re: OT: Postscreen and scoring/blocking by ISP

> On May 30, 2019, at 5:38 PM, Allen Coates wrote: > > > On 30/05/2019 22:21, Allen Coates wrote: >> Currently, I am using a CIDR access-control-list to block (in PostScreen) >> hosts >> from certain "nuisance" countries. A weekly script derives the netblocks >> from >> the zone lists

Re: OT: Postscreen and scoring/blocking by ISP

your spam blocking configuration look like? I > can send you mine if you think it would help. > > Dave. > > > On 5/20/19, Charles Sprickman wrote: >> Hi all, >> >> I was looking through a few lists of RBLs and I’m not finding quite what I >> want. >> >

OT: Postscreen and scoring/blocking by ISP

Hi all, I was looking through a few lists of RBLs and I’m not finding quite what I want. I have quite a bit of my spam blocking working fairly well, but I’m seeing quite a bit of “snowshoe spam” from a few providers. Rather than look up their netblocks and outright block them, I’d like to

Re: Troubleshooting postscreen/dnsblog

> On Feb 21, 2019, at 3:26 PM, Wietse Venema wrote: > > Charles Sprickman: >> Hi all, >> >> Looking for some help on troubleshooting postscreen? >> >> I was recently reworking the list of rbls that I use with postscreen and >> realized that

Troubleshooting postscreen/dnsblog

Hi all, Looking for some help on troubleshooting postscreen… I was recently reworking the list of rbls that I use with postscreen and realized that quite a bit of spam that was getting through was in fact on enough blacklists to hit my postscreen threshold. I’m not seeing anything obvious in

Re: Google blocking...again...

> On Feb 2, 2019, at 4:36 PM, Scott Lambert wrote: > > On Sat, Feb 02, 2019 at 11:46:35AM -0500, micah anderson wrote: >> SH Development writes: >> >>> I'm about at my wits end with Google. >>> >>> A couple of weeks ago, we had a user account get compromised. About >>> 11,000 spam emails

Re: Spamhaus blocking Spectrum IPs; rbl_override not working

> On Aug 21, 2018, at 11:42 AM, Fongaboo wrote: > > > > Last night, it would appear that zen.spamhaus.org started blacklisting a > number of IPs assigned to Spectrum consumers, of which I am one. […] > # Spectrum > 23.0.0.0/8 OK > 24.0.0.0/8 OK […] OT, but is your list of exemptions

Re: Looking for opinions on FreeBSD OS for Postfix

This is probably drifting off-topic, but I have a few questions regarding your setup... On Tue, 18 Aug 2009, Jordi Espasa Clofent wrote: 85.000 aprox. mail account here (spanish web-hosting company) using: * 25 FreeBSD 7.x as reception-only mailservers (3500 accounts per server aprox) * 3

Re: Looking for opinions on FreeBSD OS for Postfix

On Mon, 17 Aug 2009, Sahil Tandon wrote: On Mon, 17 Aug 2009, Guy wrote: I'm considering FreeBSD as an alternative, but I was wondering what people think of FreeBSD as a platform for Postfix. It's obviously not as easy to maintain as Ubuntu, but it does have a reputation for stability. Any

spam/virus scanning, high volume server

___ Charles Sprickman NetEng/SysAdmin Bway.net - New York's Best Internet - www.bway.net sp...@bway.net - 212.655.9344

Re: Spam Prevention

On Sun, 2 Aug 2009, Willy De la Court wrote: On Sun, 02 Aug 2009 11:24:17 +0100, Clunk Werclick clunk.wercl...@wibblywobblyteapot.co.uk wrote: [snip] reject_rbl_client no-more-funn.moensted.dk reject_rbl_client bl.spamcop.net reject_rbl_client dnsbl-1.uceprotect.net

Re: Stop spammers sending us spam from users in our domain...

On Wed, 29 Jul 2009, Matthew D. Fuller wrote: On Wed, Jul 29, 2009 at 03:03:43PM +0100 I heard the voice of Clunk Werclick, and lo! it spake thus: My apologies for the terse caveat. As I understand it, there are some external mail services that roaming users may use that forward mail into

Re: Catchall account and lots of spam in a short period

On Mon, 27 Jul 2009, Simon Waters wrote: On Monday 27 July 2009 11:13:34 Martijn de Munnik wrote: Losing catchall seems to be the best solution but some of my customers want to create an emailaddress for every website the register on. m...@desjors.nl pay...@desjors.nl deb...@desjors.nl They

Re: OT: Why are my servers strong passwords compromised

-passwd on the shell server (which is hooked-in to the vpopmail db via pam_mysql) Charles 2009/7/18 Charles Sprickman sp...@bway.net: On Sat, 18 Jul 2009, ram wrote: We run smtp services for our clients using smtp-auth. And nowadays we also enforce a strong password (minimum alphanumeric

Re: Postfix Toaster - replacing vpopmail

On Sat, 18 Jul 2009, Charles Marcus wrote: On 7/18/2009, Sahil Tandon (sa...@tandon.net) wrote: Just so I understand, you don't use POP3 on the server you manage; you have never compared POP3 performance on Dovecot vs. $something_else, but you are commenting on the lack of performance benefit?

Re: OT: Why are my servers strong passwords compromised

On Sat, 18 Jul 2009, ram wrote: We run smtp services for our clients using smtp-auth. And nowadays we also enforce a strong password (minimum alphanumeric) But still people's passwords get compromised. Even a relatively strong password. To save our postfix servers I have implemented rate-limits

Re: Postfix Toaster - replacing vpopmail

On Thu, 16 Jul 2009, Charles Marcus wrote: On 7/16/2009, Charles Sprickman (sp...@bway.net) wrote: -Continued use of Courier-IMAP. Not so much because I like it, but I don't want POP UUIDs changing or any big changes in IMAP quirks that suddenly cause users grief. It seems like Courier