[pfx] Re: long header folding and DKIM fails

On April 29, 2024 9:27:20 PM UTC, Steffen Nurpmeso via Postfix-users wrote: >Tim Coote via Postfix-users wrote in > : > |Thanks very much for the detailed response. My original issue was why \ > |dkim signatures were failing on some emails from email lists when arriving \ > |at my Postfix

[pfx] Re: Postfix stable release 3.9.0

On Thursday, March 7, 2024 12:09:51 PM EDT Wietse Venema via Postfix-users wrote: > Postfix stable release 3.9.0 is available. Postfix 3.5 - 3.8 were > updated earlier this week; after that, Postfix 3.5 will no longer > be updated. > > The main changes are below. See the RELEASE_NOTES file for

[pfx] Re: Milter multiline header formatting

real whitespace. >The email i just sent was accepted by Google, this one should also >wrap, and we see what this software does (rspamd is it i think). > >So it seems to me, without having looked what OpenDKIM does, and >maybe i should explicitly Cc: Scott Kitterman for his dkimpy, but

[pfx] Re: problem to add, alias failed

On Tuesday, January 30, 2024 1:57:18 PM EST Maurizio Caloro via Postfix-users wrote: > if adding a new user with postfixadmin 3.3.8 or with cli this will run > without problem. > > > > GRANT ALL PRIVILEGES ON mailserver.* TO markus@'domain.com > ' IDENTIFIED BY >

[pfx] Re: Postfix and reproducible builds

I expected the same, but our CI test for reproducibility passed without it. I was surprised. Hopefully I'm about to learn something. Scott K On January 30, 2024 4:00:59 PM UTC, Matus UHLAR - fantomas via Postfix-users wrote: >On 30.01.24 10:12, Scott Kitterman via Postfix-users wr

[pfx] Re: Postfix and reproducible builds

It looks to me like it does fix it. Thanks, Scott K On Tuesday, January 30, 2024 9:14:09 AM EST Wietse Venema via Postfix-users wrote: > Scott Kitterman via Postfix-users: > > In case anyone is unfamiliar, you can read about reproducible builds here: > > reproduc

[pfx] Postfix and reproducible builds

In case anyone is unfamiliar, you can read about reproducible builds here: reproducible-builds.org It looks like Postfix as shipped is very close to being reproducible. We got positive results on reproducibility with the patch below added. Is this something you could include in a future

[pfx] Re: postfix repo

On January 16, 2024 3:11:37 AM UTC, Peter via Postfix-users wrote: >On 12/01/24 04:08, Wietse Venema via Postfix-users wrote: >> Viktor Dukhovni via Postfix-users: >>> On Thu, Jan 11, 2024 at 03:53:35PM +0100, natan via Postfix-users wrote: Hi Wietse Have you thought about postfix repo

[pfx] Re: postfix repo

On January 11, 2024 2:53:35 PM UTC, natan via Postfix-users wrote: >Hi Wietse Have you thought about postfix repo for Debian, just like dovecot >has for his relase ? > >I'm asking by the way Current postfix updates for supported Debian releases are available through Debian:

[pfx] Re: SMTP Smuggling, workarounds and fix

On December 30, 2023 3:17:52 PM UTC, "Håkon Alstadheim via Postfix-users" wrote: >Just FYI, I got postfix 3.7.9-0+deb12u1 from bookworm-updates (i.e. Debian) >today. > For those still using Debian Bullseye (oldstable), postfix 3.5.23-0+deb11u1 is also available from bullseye-updates. Both

[pfx] Re: sasl_passwd hash

Cyrus SASL mailing lists can be found here: https://cyrus.topicbox.com/groups Scott K On December 17, 2023 1:45:02 PM UTC, "saunders.nicholas--- via Postfix-users" wrote: >Would you be able to point me to anyone there, or a contact? > >I'm not seeing any contact information. > >thanks, >

[pfx] Re: Milter own Postfix-prepended Received

On December 10, 2023 3:54:13 PM UTC, Carlos Velasco via Postfix-users wrote: > >Wietse Venema via Postfix-users escribió el 10/12/2023 a las 15:53: >> Carlos Velasco via Postfix-users: >>> 2. Duplicated SMTP Access Policy Delegation >>> This issue is related to headers too. >>> I'm using

[pfx] Re: Recommendation for dkim signing

On November 6, 2023 12:39:35 PM UTC, Scott Kitterman via Postfix-users wrote: > > >On November 6, 2023 10:51:06 AM UTC, Patrick Ben Koetter via Postfix-users > wrote: >>* Jens Hoffrichter via Postfix-users : >>> Hi! >>> >>> We are looking

[pfx] Re: Recommendation for dkim signing

On November 6, 2023 10:51:06 AM UTC, Patrick Ben Koetter via Postfix-users wrote: >* Jens Hoffrichter via Postfix-users : >> Hi! >> >> We are looking into implementing DKIM signing for one of our services, >> and there are multiple ways to implement that. >> >> So far I have found that you

[pfx] Re: Recommendation for dkim signing

On November 2, 2023 10:18:38 AM UTC, Jaroslaw Rafa via Postfix-users wrote: >Dnia 2.11.2023 o godz. 09:42:01 Matus UHLAR - fantomas via Postfix-users >pisze: >> (once more: DKIM applies on header From:, SPF on envelope from:). > >And DMARC requires that both be identical (actually, from the

[pfx] Re: Recommendation for dkim signing

ormer is > IIRC no longer actively maintained. Note, though have similar > configuration formats, they're not quite identical. Where the > OpenDKIM signers file wants: > > domain keyname > > the opendkimpy-milter wants: > > *@domainkeyname > > Scott

[pfx] Re: Typo in man postconf ("Postix")

On July 3, 2023 10:04:05 PM UTC, Viktor Dukhovni via Postfix-users wrote: >On Mon, Jul 03, 2023 at 09:52:28PM +0000, Scott Kitterman via Postfix-users >wrote: > >> >Should I ask WTF BTS? >> >> Bug Tracking System. No. > >I see... The Postfix project does

[pfx] Re: Typo in man postconf ("Postix")

On July 3, 2023 9:43:39 PM UTC, Viktor Dukhovni via Postfix-users wrote: >On Tue, Jul 04, 2023 at 06:19:26AM +1000, Trent W. Buck via Postfix-users >wrote: > >> master:postfix/proto/postconf.proto:6450: This feature is available in >> Postix 2.10 and later. >>

[pfx] Re: Is it possible in postfix spf policy to utilize multiple action=prepend to add multiple headers?

On June 19, 2023 9:44:59 PM UTC, Viktor Dukhovni via Postfix-users wrote: >On Mon, Jun 19, 2023 at 09:12:29PM +, Anton Hvornum via Postfix-users >wrote: > >> Yea found libmilter, appears to have some python bindings too. > >You don't need to go that far down the stack. Try the "Milter"

[pfx] Re: [pfx]: DKIM and DMARC

On May 16, 2023 1:20:53 PM UTC, Ralf Hildebrandt via Postfix-users wrote: >* Scott Kitterman via Postfix-users : > >> DKIM has no policy mechanism associated with it, so there's no basis in any >> standardized mechanism to determine if a DKIM failure should be cause for

[pfx] Re: DKIM and DMARC

On May 16, 2023 12:16:21 PM UTC, Tom Reed via Postfix-users wrote: >Hello list, > >Should we reject failed message on DKIM validation stage, or DMARC >validation stage, or both? No and it depends. DKIM has no policy mechanism associated with it, so there's no basis in any standardized

[pfx] Re: DKIM questions

On Tuesday, April 25, 2023 2:12:23 PM EDT Ken Peng via Postfix-users wrote: > Hello > > Can the domain certificates sign its sub domain? > For example, mail.a.com was signed by certs of a.com. > If so, does this make sense to DMRC of mail.a.com? Yes. If I understand the second question

[pfx] Re: SPF: HELO does not publish an SPF Record

On April 12, 2023 2:00:01 PM UTC, Steffen Nurpmeso via Postfix-users wrote: >Matus UHLAR - fantomas wrote in > : > |On 12.04.23 12:41, Fourhundred Thecat via Postfix-users wrote: > ... > |>Does it mean that I should either: > |> > |> 1) create SPF record for mail.mydomain.com > ... > |I would

[pfx] Re: Question to reject_rbl_client zen.spamhaus.org

On April 10, 2023 4:52:04 AM UTC, tom--- via Postfix-users wrote: >On 2023-04-10 12:39, Peter via Postfix-users wrote: >> On 10/04/23 14:21, tom--- via Postfix-users wrote: >>> I have resolved the issue by: >>> >>> 1. install unbound as dns resolver locally >> >> This is good. >> >>> 2.

[pfx] Re: simple content filter for outgoing message

On April 6, 2023 11:39:10 AM UTC, Corey Hickman via Postfix-users wrote: >Hello buddies, > >I just want to make some simple filters for outgoing messages. >for example, the message content has some keywords (like "VPN sale") included, >it will be rejected by the system. > >I know there are

[pfx] Re: [P-U] Re: New List Host and Reply-to Header

On March 24, 2023 10:50:35 PM UTC, raf via Postfix-users wrote: >On Fri, Mar 10, 2023 at 09:11:58AM +1300, Peter via Postfix-users > wrote: > >> * Don't add a Reply-To:. I actually question if this is really needed as we >> likely want replies to go to the list the vast majority of time

[pfx] Re: MySQL error from not all the receiver

On Sunday, March 12, 2023 7:02:41 PM EDT Gerald Galster via Postfix-users wrote: > > unfortunately I don't know this topic, but I'm really willing to study. > > Please do you have any documentation on this? > Sorry, I can't recommend an up to date howto. Perhaps other list members can > help. >

[pfx] Re: milter: could it splice (, somehow)?

On March 11, 2023 6:05:52 PM UTC, Steffen Nurpmeso via Postfix-users wrote: >postfix-users@postfix.org wrote in > : > |On Sat, Mar 11, 2023 at 01:54:01AM +0100, Steffen Nurpmeso via Postfix-u\ > |sers wrote: > | > |> - sign the entire message as for now, > | > |You're confusing the message

[pfx] Re: [P-U] Re: New List Host and Reply-to Header

On Friday, March 10, 2023 7:04:30 AM EST Patrick Ben Koetter via Postfix-users wrote: > * Gerald Galster via Postfix-users : > > > >>> This list uses Mailman configuration settings, not handcrafted code. > > >>> If people believe that it is worthwhile to change the Mailman > > >>> implementation

[pfx] Re: [P-U] Re: Postfix lists are migrating to a new list server

On Wednesday, March 8, 2023 1:52:47 AM EST Patrick Ben Koetter via Postfix- users wrote: > * Scott Kitterman via Postfix-users : > > ... > > > > For Debian, if someone can find/test patches, I can get them into Debian's > > package. I assume other distributors are si

[P-U] Re: Postfix lists are migrating to a new list server

On March 7, 2023 11:37:53 PM UTC, Phil Stracchino via Postfix-users wrote: >On 3/7/23 15:28, John Stoffel via Postfix-users wrote: >>> "mailmary---" == mailmary--- via Postfix-users >>> writes: >> >>> Unfortunately I've seen this crash as well, its actually quite >>> frequent in my

Re: Postfix with opendkim generates "ssl error"

On February 11, 2023 3:41:06 PM UTC, nj140...@yahoo.com wrote: >Trying to send an email from n...@complete-web-solutions.com on the >host sv9.complete-web-solutions.com results in the following messages >in mail.log: >... >But opendkim seems correctly configured because the command:

Re: SPF fail and domain fail, why?

On January 17, 2023 2:25:34 AM UTC, raf wrote: >On Mon, Jan 16, 2023 at 08:01:10PM +0100, Maurizio Caloro >wrote: > >> Hello >> >> Please one more thing about Opendmarc, if send any email to any where >> i see in log SPF fail, domain.ch fail ? >> >> Jan 16 19:43:39 nmail opendkim[16490]:

Re: postfix/pickup question

On January 16, 2023 2:13:42 PM UTC, Wietse Venema wrote: >Maurizio Caloro: >> The option that was cause: >> -failurereports >> -failureReportssendby emailaddress > >DO NOT run milters as the 'postfix' user. Only Postfix programs >should use that userid. FYI, Since this appears to be a

Re: after update - postfix turble with %i

Sending again with the right address. Scott K On January 11, 2023 7:02:58 PM UTC, Scott Kitterman wrote: >This is related to Debian specific packaging scripts, not upstream Postfix. >Please file a bug in the Debian Bug Tracking System (BTS) and we'll work on it >there. > >As

Re: warning: disabling connection caching

On December 20, 2022 11:40:02 AM UTC, Fourhundred Thecat <400the...@gmx.ch> wrote: >> On 2022-12-20 12:13, Wietse Venema wrote: >> Fourhundred Thecat: >> >>> Also, if I wanted to test scache, how can I trigger it? >>> >>> If I send one email to multiple email addresses on same domain, will

Re: Is it possible to rewrite the envelop from address for all mail that's being relayed?

On December 5, 2022 4:19:21 PM UTC, Sean Hennessey wrote: >I'm curios if it's possible to set up postfix to rewrite the envelop from >address for all email the instance is relaying? I'm doing some research and >want to force the envelop from to be a known value that I know will pass spf

Re: How do check DKIM and SPF on incoming email?

On November 20, 2022 11:47:02 PM UTC, raf wrote: >On Sun, Nov 20, 2022 at 03:29:33PM +0100, Matus UHLAR - fantomas > wrote: > >> > On 16/11/2022 11:45, Matus UHLAR - fantomas wrote: >> > > I use: >> > > spf-milter (the same source as policyd-spf-python) >> > > opendkim >> > > openarc >> > >

Re: SPF questions

On November 18, 2022 3:04:44 AM UTC, linux...@gmx.net wrote: >Dear List, > >I have enabled policyd-spf in postfix: > >smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, >reject_unauth_destination, check_policy_service unix:private/policyd-spf > > >but can you help

Re: Issue routing mail

On Sunday, November 13, 2022 7:26:25 PM EST David wrote: > Folks > I'm noticing that two installations of Postfix: > version 3.4.13-0ubuntu1.2) on Ubuntu 20.04.5 > version 3.6.4-1ubuntu1 on Ubuntu 22.04.1 > are both failing to use the MX value for outgoing > mail. Specifically, sending mail

Re: policyd-spf error

On October 31, 2022 8:12:08 AM UTC, Forums wrote: >Hello, > >Since this morning I can receive email, whitout doing something on my server. > >In maillog I can see the following errors: > > >2022-10-31 08:59:37 >postfix/smtpd[6632]: NOQUEUE: reject: RCPT from fr-srvcomm[192.168.1.170]: 451

Re: Postfix+SASL chrooted - out of ideas (SASL_README tweak)

On June 3, 2022 3:20:31 PM UTC, Viktor Dukhovni wrote: >On Fri, Jun 03, 2022 at 09:27:15AM -0400, Viktor Dukhovni wrote: >> On Fri, Jun 03, 2022 at 11:09:08AM +0200, Matus UHLAR - fantomas wrote: >> >> > >Also can you "apt-get source postfix", and post a link to the tarball? >> > >> > this

Re: Postfix+SASL chrooted - out of ideas (SASL_README tweak)

On June 1, 2022 10:38:55 PM UTC, raf wrote: >On Wed, Jun 01, 2022 at 03:56:02PM +1200, Peter wrote: > >> On 30/05/22 2:48 pm, raf wrote: >> > > If set >> > > +empty (the default value) the search path is the one compiled into the >> > > +Cyrus SASL library. >> > >> > I don't think that's

Re: postfix-policyd-spf-python

On May 13, 2022 12:14:38 PM UTC, Alex wrote: >> >> Not sure if this is the right place to post the question concerning >> >> postfix-policyd-spf-python but I can't seem to find any working links >> >> for the openspf project. >> >> >> > >> >You should start here, >> > >> >

Re: postfix-policyd-spf-python

On May 12, 2022 9:12:44 PM UTC, Michael Orlitzky wrote: >On Thu, 2022-05-12 at 21:03 +, Dino Edwards wrote: >> Hi, >> >> Not sure if this is the right place to post the question concerning >> postfix-policyd-spf-python but I can't seem to find any working links >> for the openspf project.

Re: postfix-policyd-spf-python

On May 12, 2022 9:03:32 PM UTC, Dino Edwards wrote: >Hi, > >Not sure if this is the right place to post the question concerning >postfix-policyd-spf-python but I can't seem to find any working links for the >openspf project. > >Our postfix-policyd-spf-python server recently rejected an

Re: PATCH: Postfix throws fatal errors when milter is not found

On Wednesday, April 6, 2022 3:09:52 AM EDT Christian Degenkolb wrote: > Hi, > > On 2022-04-04 21:11, Wietse Venema wrote: > > christ...@degenkolb.net: > >> How high is the possibility this will, on success, land in a future > >> release of postfix so I one day I can stop the "build postfix in a >

Re: SPF and policyd

On Sunday, February 20, 2022 10:26:56 AM EST Alex wrote: > Hi, I'm using the SPF policyd service recommended here some time ago. > I hoped I could ask some questions about how it works since it doesn't > appear to have any other direct support avenues available. > > I'm trying to understand the

Re: Received-SPF: Temperror

On Sunday, February 6, 2022 7:28:22 AM EST Matus UHLAR - fantomas wrote: > >The spf.py script seems to take the first nameserver only, and whet it > >gets no response generates the Tempfail error. > > That's bad SW design. If one nameserver returns fail, you should try > another one. It's an

Re: Received-SPF: Temperror

On Saturday, February 5, 2022 11:36:40 AM EST Fourhundred Thecat wrote: > > On 2022-02-05 16:00, Scott Kitterman wrote: > > On Saturday, February 5, 2022 8:48:22 AM EST Fourhundred Thecat wrote: > >> policyd-spf: prepend Received-SPF: Temperror (mailfrom) > >>

Re: Received-SPF: Temperror

On Saturday, February 5, 2022 8:48:22 AM EST Fourhundred Thecat wrote: > Hello, > > I am using python3-spf and I am getting following error from one host > trying to deliver email: > >policyd-spf: prepend Received-SPF: Temperror (mailfrom) > identity=mailfrom; client-ip=77.75.76.210;

Re: Multi-instance and outbound fails SPF

On Friday, February 4, 2022 3:14:29 PM EST Wietse Venema wrote: > Alex: > > Hi, > > I have a multi-instance postfix config and am trying to figure out why > > Microsoft 365 is marking my email from the outbound instance as SPF > > softfail. > > > > I am trying to send mail from my gmail account

Re: Postfix "fatal: daemon initialization failure"

On January 26, 2022 4:57:09 PM UTC, Laura Smith wrote: >Good news, I found the cause of of the problem. > >I was using interface aliases to permit different postfix instances. > >However these were configured in the traditional/legacy manner using >/etc/network/interfaces. > >It seems that

Re: How to filter email (DKIM) without keeping the message in memory and without writing it to disc twice?

On Saturday, January 15, 2022 8:08:51 PM EST Robert Siemer wrote: > > > Conceptually DKIM needs to go over the email twice: once to calculate > > > and sign the checksum and once to write it out with the result of the > > > previous step in the headers.¹ > > > > Prepending a header does not

Re: Received-SPF: Softfail

On Monday, January 10, 2022 11:00:43 PM EST Fourhundred Thecat wrote: > Hello, > > is it safe to ban senders that generate SPF Softfail ? > >policyd-spf: prepend Received-SPF: Softfail > > I have pasted full header here: https://ctxt.io/2/AABg5vIYEw > > What I am asking is, are there

Use of CIDR with mynetworks tables

Last one on my postfix bug triage pile for today: A Debian user complained that using CIDR notation in hash tables for mynetworks doesn't work. Of course it doesn't. I found discussions about this going back a long time [1], which suggests to me that the documentation might be improved to

Re: Possible issue when user has single space as comment

On Monday, January 3, 2022 10:24:07 AM EST Wietse Venema wrote: > Scott Kitterman: > > I have been remiss in forwarding this bug report, thinking I would get > > time to build a concise test case. It keeps not happening, so here you > > go. > > > > A Debian

Possible issue when user has single space as comment

I have been remiss in forwarding this bug report, thinking I would get time to build a concise test case. It keeps not happening, so here you go. A Debian user reported [1] a problem where their cleanup process was killed by signal 11 during local mail injection: Aug 06 16:57:30 amilcar

Re: message_size_limit documentation

On Thursday, December 23, 2021 3:51:57 PM EST Wietse Venema wrote: > Scott Kitterman: > > Currently, postconf.5 has this to say about message_size_limit: > > > > message_size_limit (default: 1024) > > > > The maximal size in bytes of a message, inclu

message_size_limit documentation

Currently, postconf.5 has this to say about message_size_limit: message_size_limit (default: 1024) The maximal size in bytes of a message, including envelope information. Note: be careful when making changes. Excessively small values will result in the loss of non-delivery

Re: postconf outputs 2 bounce_notice_recipient lines

On Wednesday, December 22, 2021 11:00:12 AM EST Wietse Venema wrote: > Scott Kitterman: > > > > Any chance of the glibc-2.34 fix being in there too? We haven't > > > > switched, so not a rush directly for Debian, but some of our > > > > downs

Re: postconf outputs 2 bounce_notice_recipient lines

On Wednesday, December 22, 2021 9:35:20 AM EST Wietse Venema wrote: > Scott Kitterman: > > >> I was just reviewing the 3.7 development changelog and didn't see > > >> 2025 > > >> listed. Is this fix still planned? > > > > > >The fix is

Re: postconf outputs 2 bounce_notice_recipient lines

On December 22, 2021 2:34:22 AM UTC, Wietse Venema wrote: >Scott Kitterman: >> On Monday, November 15, 2021 9:03:32 AM EST wrote: >> > Vincent Lefevre: >> > > Under Debian, after the postfix upgrade from 3.5.6 to 3.5.13, >> > > postconf now outpu

Re: postconf outputs 2 bounce_notice_recipient lines

On Monday, November 15, 2021 9:03:32 AM EST wrote: > Vincent Lefevre: > > Under Debian, after the postfix upgrade from 3.5.6 to 3.5.13, > > postconf now outputs duplicate bounce_notice_recipient lines: > > > > zira:~> postconf | grep '^bounce_notice_recipient' > > bounce_notice_recipient =

Re: what's best guess record for SPF

On December 10, 2021 4:32:50 AM UTC, raf wrote: >On Tue, Dec 07, 2021 at 07:55:54PM +0800, Piper H wrote: > >> I sent an email from my t-online.de account to gmail. >> Gmail shows SPF pass by best guessing: >> >> Received-SPF: pass (google.com: best guess record for domain of >>

Re: Newbie question - main.cf.proto

On December 6, 2021 8:18:11 PM UTC, Herndon Elliott wrote: >I am just getting started with trying to install postifx and get it running >on a single Ubuntu 18.04 server. The documentation talks at length about >changes to be made in "/etc/postfix/main.cf" file, but there is no such >file in

Re: mail-to-script messages id and from lines

On Tuesday, November 23, 2021 6:16:43 PM EST Wietse Venema wrote: > J?rgen Weber: > > From webe...@host.my.tld Sun Nov 21 19:11:19 2021 > > Return-Path: > > X-Original-To: maild@my.virtual > > Delivered-To: ma...@host.my.tld > > Received: by host.my.tld (Postfix, from userid 1001) > > id

Re: PCRE2 Support

On November 21, 2021 10:50:24 PM UTC, Wietse Venema wrote: >Wietse Venema: >> Scott Kitterman: >> > The original PCRE library that Postfix uses is no longer maintained: >> > >> > https://pcre.org/ >> > >> > It's been replaced b

PCRE2 Support

The original PCRE library that Postfix uses is no longer maintained: https://pcre.org/ It's been replaced by PCRE2, which has a notably different API, so Postfix PCRE support would need porting. I've looked and it's beyond my limited skills. Is there any chance of getting this updated for

Re: heads up: dkimpy-milter signing breaks w/ python 3.10 (e.g., @ fedora 45 -> 35 upgrade)

On November 2, 2021 8:18:54 PM UTC, PGNet Dev wrote: > >i've reported the bug here, > > python 3.10 incompat, exec FAILs @ "SystemError: PY_SSIZE_T_CLEAN macro must > be defined for '#' formats" > https://bugs.launchpad.net/dkimpy-milter/+bug/1949520 > >fwiw, python 3.9 still works as

Re: will this break DMARC?

On August 13, 2021 12:05:44 PM UTC, post...@ptld.com wrote: >Raf, >Im confused by this, i thought as long as either dkim or spf passes then >dmarc passes. But i still see dmarc fails. > > Envelope-From: dovecot-boun...@dovecot.org > Header From: some...@netcourrier.com > > DKIM: bad

Re: postfix error shown in mail.log

On July 28, 2021 2:58:21 PM UTC, Viktor Dukhovni wrote: >If the postfix-files file does not reflect the content delivered by >the package, you would typically see errors running "postfix check". >Either the package should deliver all the files expected upstream, >or the "postfix-files" file

Re: postfix error shown in mail.log

On July 26, 2021 8:59:00 AM UTC, Vincent Lefevre wrote: >On 2021-07-24 09:29:04 +1000, raf wrote: >> On Fri, Jul 23, 2021 at 04:13:00PM +0200, Jean-François Bachelet >> wrote: >> >> > Hello ^^) >> > >> > I found that error in mail.log, at each start postfix issue that error : >> > >> >

Re: Postfix - Check SPF for outgoing email

On Monday, February 1, 2021 4:32:21 AM EST Jonathan Sélea wrote: > Hi everyone, > > We currently have a webhosting-environment with many websites. Those > websites is capable of sending email (obviously) via the local SMTP > function. > But sometimes, some of the websites is compromised and used

Re: lmd support -- available as an 'add on', or just 'compiled in'?

On July 6, 2020 6:01:28 PM UTC, Viktor Dukhovni wrote: >On Mon, Jul 06, 2020 at 10:13:11AM -0700, PGNet Dev wrote: > >> I build/use Postfix with LMDB. Works great. >> >> Looking at distro packages, don't alway find LMDB support compiled >in. >> >> I can certainly rebuild my own, but wanted

Re: setup issue -- debian /ubuntu 16.04.1 "bad string length 0 < 1: setgid_group ="

On Wednesday, June 17, 2020 12:39:06 AM EDT Bob Proulx wrote: > It resulted in this configuration entry. > > root@turmoil:~# postconf relayhost > relayhost = smtp.proulx.com:587 > > And so it is possible to use that Debian specific installation > option. Any more details here should be

Re: setup issue -- debian /ubuntu 16.04.1 "bad string length 0 < 1: setgid_group ="

On Tuesday, June 16, 2020 11:36:27 PM EDT Gary Aitken wrote: > It is using default mail port, 25; I need port 465 or 587 because it's my > understanding google blocks everything on port 25. > During the setup, I was not (I don't think) given the option of specifying > smtps or the port. There's

Re: The historical roots of our computer terms

On Sunday, June 7, 2020 2:03:18 PM EDT vi...@vheuser.com wrote: > Why not take it off this list and contact the developers? > Users can't make small changes. > Enough already. This list is the appropriate place for users to contact Postfix developers. You may not have noticed but the creator of

Re: setup issue -- debian /ubuntu 16.04.1 "bad string length 0 < 1: setgid_group ="

On Sunday, May 31, 2020 4:31:23 PM EDT Gary Aitken wrote: > On 5/31/20 11:34 AM, Matus UHLAR - fantomas wrote: > >> I'm new to postfix and trying to administer a debian > >> google-compute box, also new to me (coming from fbsd). So lots of > >> opportunities for learning... > >> > >> I modified

Re: Uninstalling postgrey

On Monday, May 25, 2020 10:26:56 PM EDT Ian Evans wrote: > On Mon, May 25, 2020 at 3:35 PM Ian Evans wrote: > > On Mon, May 25, 2020 at 4:09 AM Matus UHLAR - fantomas > > > > wrote: > >> On 24.05.20 21:04, Ian Evans wrote: > >> >Based on another thread here, I want to move to using > >> > >>

Re: "SSL_Shutdown:shutdown while in init" while sending and receiving

On Thursday, May 14, 2020 1:40:38 AM EDT Viktor Dukhovni wrote: > On Wed, May 13, 2020 at 10:01:24PM -0700, Alexander Vasarab wrote: > > May 13 21:56:38 vasaconsulting postfix/smtpd[25599]: tls_bio: > > hsfunc=(nil), rfunc=0x7f310ef36dd0, wfunc=(nil), SSL_get_error(36) = 0 > > May 13 21:56:38

Re: why DMARC PASS even SPF got failed

On Tuesday, April 28, 2020 8:17:54 AM EDT Matus UHLAR - fantomas wrote: > >>Scott Kitterman wrote: > >>> Yes. If either passes and the relevant identifier is aligned, DMARC > >>> passes. > > > >On April 28, 2020 9:29:59 AM UTC, Philip wrote: > >

Re: why DMARC PASS even SPF got failed

On April 28, 2020 9:29:59 AM UTC, Philip wrote: >Scott Kitterman wrote: >> Yes. If either passes and the relevant identifier is aligned, DMARC >passes. > >Scott, I have another question. >Given the case there is no DKIM signed in original message, when >forwar

Re: why DMARC PASS even SPF got failed

On April 28, 2020 9:20:01 AM UTC, Philip wrote: >Scott Kitterman wrote: >> I predict you won't find this a satisfying answer, but the rest of >RFC 7489. >> >> Instead of quoting bits of various web sites and how-to's back and >forth, l think it makes sense to re

Re: why DMARC PASS even SPF got failed

On April 28, 2020 8:58:28 AM UTC, Philip wrote: >Scott Kitterman wrote: >>> My question is, since SPF got SOFTFAIL by gmail, why it still says >>> DMARC >>> PASS? Shouldn't SPF failed cause DMARC failure? >> No. See RFC 7489, Section 4.2, last paragraph

Re: why DMARC PASS even SPF got failed

On April 28, 2020 8:42:20 AM UTC, Philip wrote: >Hello > >I sent a message from mail.ru, who has p=reject setting in their DMARC >record, to an email account at OVH. > >OVH forwards this email to gmail, as we know during the forwarding OVH >doesn't implement SRS. So after receiving the

Re: PATCH: Glibc-2.31 DNSSEC and GCC 10

On Thursday, April 16, 2020 10:31:56 AM EDT Wietse Venema wrote: > With the minnimal patch below, it looks like Postfix DANE support > will continue to work after a breaking change in Glibc 2.31. Tested > on Fedora 32 beta. > > This patch also deals with the 'multiple definition' errors caused >

Re: MTA-STS?

On Tuesday, April 7, 2020 11:15:27 AM EDT David Mehler wrote: > Hello, > > I just heard about this and started reading on it. Is MTA-STS > something Postfix works with? You need https://github.com/Snawoot/postfix-mta-sts-resolver and then yes. Scott K

Re: delaying postfix until/unless VPN is up/connected

On Monday, March 23, 2020 7:47:25 PM EDT Bob Proulx wrote: > On my Debian (and therefore Ubuntu, Mint, other derivatives) I would > add a script /etc/network/if-up.d/postfix-local (in addition to the > already existing "postfix" script there) that does this when the VPN > interface comes up, and a

Re: Postfix stable release 3.5.0

On March 16, 2020 10:49:26 PM UTC, Viktor Dukhovni wrote: >On Mon, Mar 16, 2020 at 10:16:13AM -0400, Wietse Venema wrote: > >> [An on-line version of this announcement will be available at >> http://www.postfix.org/announcements/postfix-3.5.0.html] >> >> Postfix stable release 3.5.0 is

Re: How to match From as MAILFROM

On Monday, March 16, 2020 5:54:02 AM EDT Burn Zero wrote: > Hi, > > I have configured an internal postfix server where users will use that as > relay servers to relay emails to outside and internal users. > > I have restricted postfix to allow only one domain as MAILFROM and deny > rest all. But

Re: tls stopped working after update from 3.1.14 to 3.4.8

On February 24, 2020 8:47:49 AM UTC, Viktor Dukhovni wrote: >> >> On Feb 24, 2020, at 2:27 AM, Michael wrote: >> >> Feb 22 08:50:07 mail postfix/smtpd[12952]: connect from >bendel.debian.org[82.195.75.100] >> Feb 22 08:50:07 mail postfix/smtpd[12952]: setting up TLS connection >from

Re: SPF IP addresses limit question

On February 24, 2020 4:30:37 AM UTC, Mohamed Lrhazi wrote: >Thanks all, > >My question still was: Suppose I comply with all the recommendations >and >best practices in composing my SPF records... Do I still need to worry >about the number of IP addresses (v4/v6/ciders) that I put in each

Re: SPF IP addresses limit question

On Sunday, February 23, 2020 6:44:34 PM EST Mohamed Lrhazi wrote: > On Sun, Feb 23, 2020 at 3:23 PM Benny > > > https://dmarcian.com/spf-survey/?domain=spf.255.cuaemail.org > > > > see Record flattening > > record flattening is the process of replacing include, and other lookup > generating

Re: SPF IP addresses limit question

On Sunday, February 23, 2020 3:26:07 PM EST Benny Pedersen wrote: > Scott Kitterman skrev den 2020-02-23 21:03: > > There is no hard limit. See RFC 7208 Section 3.4. > > sadly :( > > even ip4:0.0.0.0/0 is valid > > could pypolicyd-spf break rfc so only domains under

Re: SPF IP addresses limit question

On Sunday, February 23, 2020 2:53:28 PM EST Mohamed Lrhazi wrote: > Hello all, > > Sorry for a non-postfix specific question. > > I am running into an issue with a big SPF record I had been maintaining. I > went ahead a broke it up using the include: mechanism, but am still trying > to figure

Re: Disable function "said: 550 Blocked by SPF () (in reply to MAIL FROM command))"

On Tuesday, January 14, 2020 7:39:05 AM EST Emanuel wrote: > Hello everyone.! > > I see this error in the postfix logs: > > said: 550 Blocked by SPF () (in reply to MAIL FROM command)) > > Jan 14 09:31:46 antartida postfix/smtpd[16086]: 9248680010: >

New dkimpy-milter release with multiple domain support

There's been more than once that someone asked here when I'd have multiple domain support available for dkimpy-milter. Now. I've released 1.2.0. It can be installed via pip or you can download the source from pypi or https:// launchpad.net/dkimpy-milter/1.2/1.2.0 . I don't intend to make a

Re: smtpd_policy_service_timeout question

On Sunday, December 29, 2019 9:01:12 AM EST Wietse Venema wrote: > Scott Kitterman: > > If Postfix smtpd is waiting for a response to an in progress request > > An SMTP client request or policy request? Policy request. > > and the smtpd_policy_service_timeout is reach

smtpd_policy_service_timeout question

If Postfix smtpd is waiting for a response to an in progress request and the smtpd_policy_service_timeout is reached, does Postfix keep the pipe open until that request completes or does it close it right away? Is it sufficient to set it to slightly higher than the maximum time the policy

  1   2   3   >