c::d, mynetworks,
smtpd__restrictions, etc).
Am I on the right track with the previous paragraph, or is/are there
better way(s) to accomplish this?
Sincerely,
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an e
On 25/04/24 19:42, Benny Pedersen via Postfix-users wrote:
Peter via Postfix-users skrev den 2024-04-25 09:19:
On 15/04/24 10:14, Benny Pedersen via Postfix-users wrote:
Authentication-Results list.sys4.de; dkim=pass
header.d=porcupine.org; arc=none (Message is not ARC signed);
dmarc=pass
going to run down the postfix list for your
own failure at least have the decency to do it *on* the postfix list.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
are all changed to postfix.org so it's all in alignment.
Just to be clear, both porcupine.org and postfix.org have SPF and DKIM
policies and Wietse's messages pass both when passing through the list.
Peter
___
Postfix-users mailing list -- postfix-users
On 21/02/24 12:40, Wietse Venema via Postfix-users wrote:
Peter via Postfix-users:
A quick status update.
First, several features have been logging warnings that they would
be removed for 10 years or more, so we could delete them in good
conscience (perhaps keeping the warning
, with postfix start, start-fg,
check, reload, or status.
Just a quick thought here. I think it would make sense to release this
as Postfix 4.0 since removing and deprecating a large number of features
should probably be considered quite a major change.
Peter
ever managed to set it up successfully, however.
Right, postscreen has similar functionality to greylisting, but since it
has a different goal there are some features of postgrey that aren't
present in postscreen.
Peter
___
Postfix-users mailing list
ssage*, so in a manner of speaking the message is still valid and a
different connection might accept it (e.g. by attempting a different
MX). An MTA that wants to reject the message should should wait until
after the RCPT TO command to reject the actual message
server to
defer (disconnect and try again later). This is very similar to how
greylisting works.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
this approach.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
).
Good luck,
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
d (VirtualBox host). The others are all test
> beds.
Glad to hear you've upgraded nearly all of your machines, though I would
have recommended a different approach to Elevate (as stated above).
Peter
___
Postfix-users mailing list -- postfi
.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
onsibility on Wietse to try to build binary rpms for every distro
under the sun.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
Dear Viktor, dear Wietse,
thanks again for your vigilant eyes.
On 2024-01-05 19:31:35 +0100, Viktor Dukhovni via Postfix-users wrote:
On Fri, Jan 05, 2024 at 06:46:01PM +0100, Peter Wienemann via Postfix-users
wrote:
RFC 2033 says: "The LMTP protocol is identical to the SMTP protocol
Dear Wietse,
thanks for your careful review.
On 2024-01-05 16:11:56 +0100, Wietse Venema via Postfix-users wrote:
Peter Wienemann via Postfix-users:
smtp(8):
The Postfix SMTP+LMTP client supports multiple destinations
few words directly in the Postfix documentation rather
than refer to the RFC, but this would be really tough to achieve.
Best regards,
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
On 3/01/24 01:27, Peter via Postfix-users wrote:
There is a link at the bottom to the postfix-specific lmtp configuration
page which is broken, it means that page was not properly ported. Please
post to the dovecot mailing list and let them know as this is something
they need to fix
page which is broken, it means that page was not properly ported.
Please post to the dovecot mailing list and let them know as this is
something they need to fix.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send
or add to it.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
is
implemented on the level of individual entries of the relay host list
rather than on the ensemble of relay host entries. Maybe it is worth
clarifying this point in the Postfix documentation.
Best regards,
Peter
___
Postfix-users mailing list -- postfix
Hi Wietse,
On 2023-12-29 18:36:59 +0100, Wietse Venema via Postfix-users wrote:
Peter Wienemann via Postfix-users:
On 2023-12-15 22:17:08 +0100, Wietse Venema via Postfix-users wrote:
There is no such thing as falling back to A or records after
trying MX records. The two are mutually
Dear Wietse,
On 2023-12-15 22:17:08 +0100, Wietse Venema via Postfix-users wrote:
Peter Wienemann via Postfix-users:
Thanks Wietse! Your pseudo-code clarifies the approach chosen by
Postfix. What still remains unclear to me is the order in which
destinations are tried. Let us again consider
Hello everyone,
I need an easy way to add a custom header that depends on the domain part
of the envelope rcpt to. If the receiving domain matches the custom header
should be added. I know about header_checks, but that can´t be used because
the receiver is not included in the header to.
On 2023-12-12 15:51:58 +0100, Wietse Venema via Postfix-users wrote:
Peter Wienemann via Postfix-users:
Dear Postfix experts,
checking the documentation for the relayhost parameter [0] I find no
indication how Postfix behaves in case of multiple relay hosts with
multiple DNS entries. Let us
], mail2.example.com
relayhost = [mail1.example.com], [mail2.example.com]
Best regards,
Peter
[0] https://www.postfix.org/postconf.5.html#relayhost
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le
in
SPF failing when an IPv6 connection is established.
This, of course, is just a WAG. If you want someone to review the
issues with google then you'll need to show headers and/or logs from the
connection to google. Protonmail headers doesn't really help for this.
Peter
On 28/11/23 05:50
On 24/11/23 19:52, Peter via Postfix-users wrote:
It's not the distro. It's common for Linux distros to fully support
ARM, but that does not put any obligation on 3rd-party distros, just
like if someone were to create a 3rd-party distro for BSD it would be up
to them to decide which arches
t
reflect on the support by the distro itself.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
software that is only
available from 3rd-party repos or where 3rd-party repos have newer
versions taht you want to use, but not for ARM.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users
CentOS no
longer provides a stable Linux platform beyond CentOS 7.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
e setting to get rid of these dozens of false-attempts from
diverse IPaddresses, please?
Disable the LOGIN mech?
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
ned for mail.gmx.com, either change the relayhost setting
to reflect this or create a new cert that also includes smtp.gmx.com.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
t a custom
configuration (directory), you need command line options.
Or you can set the MAIL_CONFIG environment variable, which should be
easy enough to do system-wide.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubs
On 22/08/23 22:59, Peter via Postfix-users wrote:
You forgot:
smtpd_tls_auth_only = no
Sorry, scratch this last bit, it's only if you need to do AUTH without
TLS, and I don't think you're trying to do AUTH here.
Peter
___
Postfix-users mailing
vel = none
smtp_sasl_auth_enable = no
smtp_use_tls = no
You forgot:
smtpd_tls_auth_only = no
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
, and
web.host.com points to that IP correctly.
But my mailserver doesn't use web.host.com as HELO hostname, instead
it's using mail.host.com which has correct A RR, though that IP address
doesn't resolve back to mail.host.com.
Does this have an adverse effect on sending behavior?
Thank you.
Peter
On 15/08/23 21:08, Benny Pedersen via Postfix-users wrote:
Peter via Postfix-users skrev den 2023-08-15 10:44:
This is a bad idea for several reasons. If you want submission use
ports 465 and/or 587 as they are intended. Don't try to use a service
that is meant for a different purpose
. Don't try to use a service
that is meant for a different purpose for this.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
:
1.2.3.0/24 OK
5.6.7.128/25 OK
main.cf:
smtpd_sender_restrictions =
check_client_access cidr:/etc/postfix/sender_override.cidr
check_sender_access type:table
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email
a response of either REJECT or DUNNO and
it should be called with all of the relevant info you want.
See SMTPD_POLICY_README, access(5) and spawn(8).
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix
Technically it's an invalid MX record because MX records must point to a
hostname, not an IP address.
They are probably trying (but failing) to implement a null MX record:
https://www.rfc-editor.org/rfc/rfc7505
Peter
On 12/06/23 19:50, wesley--- via Postfix-users wrote:
Note
in username is until after the
login completes and is reported back to Postfix by the Dovecot server.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
, though.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
empty has the
same effect as setting it to all (it will listen on all interfaces)?
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
On 4/05/23 08:31, Wietse Venema via Postfix-users wrote:
Peter via Postfix-users:
Is this behavior of inet_interfaces overridden by smtp_bind_address?
From the way it's worded it looks to me like the inet_interfaces
setting overrides smtp_bind_address but this isn't clear to me. Can
On 4/05/23 08:31, Wietse Venema via Postfix-users wrote:
Peter via Postfix-users:
Is this behavior of inet_interfaces overridden by smtp_bind_address?
From the way it's worded it looks to me like the inet_interfaces
setting overrides smtp_bind_address but this isn't clear to me. Can
Is this behavior of inet_interfaces overridden by smtp_bind_address?
From the way it's worded it looks to me like the inet_interfaces
setting overrides smtp_bind_address but this isn't clear to me. Can
that be clarified (one way or the other)?
Peter
On 4/05/23 04:48, Wietse Venema via
On 3/05/23 17:51, Ken Peng via Postfix-users wrote:
But anybody can use our (even setup correctly) mailserver as backscatter source?
Not if you configure postfix properly.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
the
backscatter DNSRBL. Make sure you follow the instructions for setting
it up properly:
https://www.backscatterer.org/?target=usage
If used correctly it will only block DSNs from known backscatter sources.
Peter
___
Postfix-users mailing list -- postfix
or a
content filter.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
On 22/04/23 22:18, Ralph Seichter via Postfix-users wrote:
* Peter Ajamian via Postfix-users:
Verify return code: 10 (certificate has expired)
Thanks. For some reason, the web server had not been restarted after the
last certificate update, which normally happens automatically. I just
Verify return code: 10 (certificate has expired)
...
Issuer: C=US, O=Let's Encrypt, CN=R3
Validity
Not Before: Jan 21 22:10:55 2023 GMT
Not After : Apr 21 22:10:54 2023 GMT
Subject: CN=www.postfix.com
Peter
t the case.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
but rather to defer.
That said, there is nothing wrong with this setting if that's what you
actually want to happen if the policyd isn't working.
now it works perfectly.
Excellent, glad you were able to work it out.
Peter
___
Postfix-users mailing list
On 9/04/23 23:02, Peter via Postfix-users wrote:
On 9/04/23 21:23, tom--- via Postfix-users wrote:
I am using the policyd-spf by default configuration (never changed a
line), and this is the doc:
https://manpages.debian.org/testing/postfix-policyd-spf-python/policyd-spf.conf.5.en.html
d that will tell you if policyd
is the issue or not.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
difference.
what action code policyd should return for passing the request to next
check?
"DUNNO", see access(5).
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
that limit with everyone else
who uses that resolver and will not get reliable results that way.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
S resolver (such as 8.8.8.8). You *must*
run your own DNS resolver for DNSRBLs to work properly.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
On 2/04/23 09:03, Jaroslaw Rafa via Postfix-users wrote:
Dnia 1.04.2023 o godz. 13:04:30 Peter via Postfix-users pisze:
Secondary, or backup MXes are almost never recommended in the modern
internet and tend to be a relic of the 1990s dialup internet.
[...]
None of this is what you
nd efforts on the primary server.
I am afraid the secondary MX was abused by spammers.
Indeed, it often is.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
On 26/03/23 18:37, Benny Pedersen via Postfix-users wrote:
Peter via Postfix-users skrev den 2023-03-26 06:15:
DKIM and ARC signatures need to be checked right after the message is
received,
not really, all that is needed is to frezze stata of dkim, arc, dmarc at
recieve state,
which
On 26/03/23 13:55, Benny Pedersen via Postfix-users wrote:
Peter via Postfix-users skrev den 2023-03-26 01:05:
Mailman has a setting that addresses this, reply_goes_to_list.
According to mm docs, this adds the original From: address as a CC
there will be a day when mailman dont sink ships
On 25/03/23 11:50, raf via Postfix-users wrote:
On Fri, Mar 10, 2023 at 09:11:58AM +1300, Peter via Postfix-users
wrote:
* Don't add a Reply-To:. I actually question if this is really needed as we
likely want replies to go to the list the vast majority of time anyways. I
have seen other
ing with this setting,
and if you are not correct then it will cause you to downgrade potential
encrypted connections to plain text. I know someone will likely argue
with me, but I can really think of no valid reason to set this.
Peter
___
Postfix-us
smtpd_reject_unlisted_recipient=no
-o smtpd_recipient_restrictions=$mua_recipient_restrictions
-o milter_macro_daemon_name=ORIGINATING
...or similar for a submission (non-wrappermode) port.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
apable
for TLSv1.1 and up..
As others have pointed out, TLSv1.0 is not that bad for smtp. Others
have posted a solution for this, but honestly I would just allow >=TLSv1
and not worry about it.
Peter
___
Postfix-users mailing list -- post
oes get found in a cipher
you will get an update to openssl from your OS vendor which will remove
that cipher from the list, unless you do something like override it like
you are doing above.
smtpd_tls_mandatory_ciphers = high
This is fine.
Pe
of the childish reference it
invokes. I don't want to see postfix associated with that reference in
any way.
I think that [postfix] or [postfix-users] and [postfix-devel]
[postfix-announce] are just fine, but if you want shortened versions,
might I suggest:
[pf] [pf-dev] [pf-ann]
Peter
, please consider changing it.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
as they do with other messages.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
pt that you should trust the
middle man (who's trust is already in question). That said, it doesn't
really hurt to have it and can help for gmail recipients.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
On 10/03/23 09:07, Matthew McGehrin via Postfix-users wrote:
Hi Peter.
The Reply-To has always been the original poster for 10+ years. No sense
changing it now. :)
On the contrary, this is the perfect time to change it, if we're going
to change it. We've already made a number of changes
en other lists explicitly exclude this step and it
works well.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
List-Post: defaults to "Reply List".
I've found that hiding the normal reply button in TB and enabling the
smart reply button has made my world way easier when dealing with
mailing lists.
Peter
___
Postfix-users mailing list -- postfix-users@p
opendmarc
[Service]
Restart=on-failure
...so that opendmarc will restart when it does crash for this or any
other reason.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
On 9/03/23 08:11, Peter wrote:
On 8/03/23 15:46, Scott Kitterman via Postfix-users wrote:
For Debian, if someone can find/test patches, I can get them into
Debian's package. I assume other distributors are similar. Feel free
to update the Debian bug with information. It's unfortunate we
solution.
The patch appears to be committed in github:
https://github.com/andreasschulze/OpenDMARC/commit/e8e7b41fef40032398d35650489a717108ac70de.patch
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email
be a dmarc replacement or solution for RHEL systems?
Looks like there's a COPR available with the patch for this issue:
https://copr.fedorainfracloud.org/coprs/abo/opendmarc/
I can't vouch for how trustworthy it is.
Peter
___
Postfix-users mailing
=DORX
^
I suppose this should be changed to "lmtp", shouldn't it?
Best regards,
Peter
Or in main.cf (obsolescent feature):
lmtp_assume_final = yes
Do "postfix reload" after changing the configuration.
Don't mess with del
On 25/02/23 12:48, Peter wrote:
On 25/02/23 01:57, Wietse Venema wrote:
James Brown:
Sorry if this is a bit of a basic question, but I?m trying to compile
from source on macOS 13.21.1 but the makefile has lines commented out.
I'm trying:
make -f Makefile.init makefiles \
CCARGS='-DUSE_TLS
the end, which as you can probably
imagine, really messes things up.
Peter
.
Peter
On 16/01/23 11:06, Charles Sprickman wrote:
OP here - just noting that's not what I was after. Just the hop before the
server (ie: the MUA).
The premise is the same, craft a PCRE expression that matches what you
want and use the REPLACE action.
Peter
but certainly I figure that he can tweak,
modify, whatever the expression to suit his needs once being pointed in
the right direction.
Your example is probably better and now he has more to draw on to
accomplish what he's after.
Peter
On 14/01/23 23:34, Viktor Dukhovni wrote:
On Sat, Jan 14, 2023 at 03:16:53PM +1300, Peter wrote:
Perhaps:
/^(Received:.*)192\.168\.1\.2(.*)$/ REPLACE ${1}127.0.0.2${2}
No. This is neither precise nor accurate.
* Precision, the proposed regular expression can match unexpected
easy to identify it as the one
that got replaced because other references to the loopback address will
be 127.0.0.1. Modify to suit.
Peter
aster[58283]: reload -- version 3.5.17, configuration /etc/postfix
postfix/master[58283]: warning: service smtp: ignoring inet_interfaces
change
postfix/master[58283]: warning: to change inet_interfaces, stop and
start Postfix
---
Peter
On 06.01.23 17:33, Wietse Venema wrote:
Peter Wienemann:
On 06.01.23 13:15, Wietse Venema wrote:
is there a way to dump the effective postfix configuration rather than
the one specified in main.cf/master.cf? It seems that changes to
main.cf/master.cf have an immediate impact on the output
Ceph case or
"condor_config_val [daemon]" [1] in case of HTCondor.
Peter
[0] https://docs.ceph.com/en/latest/rados/configuration/ceph-conf/#commands
[1]
https://htcondor.readthedocs.io/en/latest/man-pages/condor_config_val.html
Hi,
is there a way to dump the effective postfix configuration rather than
the one specified in main.cf/master.cf? It seems that changes to
main.cf/master.cf have an immediate impact on the output of postconf
regardless of whether a reload/restart of the service was performed.
Peter
sed) and starts submitting a bunch of spam. It basically means
you can block mail from one script instead of having to block it from an
entire system user, or even the entire system which would affect
multiple sources of mail.
Peter
config and help you
to fix it to avoid this problem in a much better way than dropping mail.
* https://en.wikipedia.org/wiki/Backscatter_(email)
Peter
operators will want to know what addresses to remove from the
distribution lists, even for newsletters.
I'm suspecting a badly configured server which has become a backscatter
source.
Peter
-transmittal, and out-of-order handling
functionality of TCP, and the mandatory division of data into small
chunks all add overhead which you do not have with a Unix-domain socket.
That makes sense, thanks.
Peter
nd then we can create a #opendkim
channel and branch to there if you want.
Peter
ort of old appliance that cannot authenticate in any
other way.
Peter
ing a UNIX socket to
work and just give up and use a TCP socket instead.
Peter
. If not, a
fork might be a good idea.
Hopefully something comes of this. Opendkim is indeed highly used
throughout the email community in both individual and commercial
landscapes. It deserves to be well maintained.
Peter
1 - 100 of 780 matches
Mail list logo