> On Mar 13, 2018, at 11:36 AM, LuKreme wrote:
>
> In general, or these specific exclusions?
Mostly in general. Why do cleartext with clients that can't do strong ciphers,
let them encrypt with their medium ciphers.
> I've had
>
> smtpd_tls_exclude_ciphers = MD5, SEED,
> On Mar 13, 2018, at 12:00 PM, Matus UHLAR - fantomas
> wrote:
>
> smtpd_tls_ciphers=high
> smtpd_tls_mandatory_ciphers=high
> smtpd_tls_exclude_ciphers=aNULL
My recommendation is:
smtpd_tls_ciphers = medium
smtpd_tls_mandatory_ciphers = high
There's not much need to
Patrick Ben Koetter, 12.03.2018:
> You'll probably have to use a (more modern) syslog service, e.g. rsyslogd, to
> split log by content into multiple files.
In addition, you could add the option "-o syslog_name=postfix-587" (or
"25") to the corresponding entry in master.cf. This will make postfix
Patrick Ben Koetter, 12.03.2018:
You'll probably have to use a (more modern) syslog service, e.g. rsyslogd, to
split log by content into multiple files.
On 13.03.18 09:35, Christian Schmidt wrote:
In addition, you could add the option "-o syslog_name=postfix-587" (or
"25") to the
Hai Matus,
Thank you for the reply, most apriciated.
No, but its a "government" server, so i need to be very sure.. ;-)
Thanks, i was looking in the wrong rfc.
Best regards,
Louis
> -Oorspronkelijk bericht-
> Van: uh...@fantomas.sk
> [mailto:owner-postfix-us...@postfix.org]
Thanks.
On 2018-03-11 10:39 PM, john wrote:
I was just taking a look through my postfix configuration and noticed
that I have a "check_policy_service" for postgrey a greylisting service.
I greylisting still considered worthwhile or should I drop it?
TIA
John A
Hai,
Im reading through rfc's but the following is still not clear for me.
E-mail is rejected base on the envelop-from adres from a mail-daemon with
postfix + postfix-policyd-spf
I saw the following in the postfix logs.
Feb 7 00:00:16 hostname postfix/smtpd[31726]: Untrusted TLS
On 13.03.18 13:54, L.P.H. van Belle wrote:
Im reading through rfc's but the following is still not clear for me.
E-mail is rejected base on the envelop-from adres from a mail-daemon with
postfix + postfix-policyd-spf
I saw the following in the postfix logs.
Feb 7 00:00:16 hostname
On Mar 13, 2018, at 09:17, Viktor Dukhovni wrote:
>> smtpd_tls_exclude_ciphers = eNULL, aNULL, LOW, EXP, MEDIUM, ADH, AECDH, MD5,
>> DSS, ECDSA, CAMELLIA128, CAMELLIA256, 3DES
>
> This too is unwise. Remove this setting.
In general, or these specific exclusions?
> On Mar 13, 2018, at 10:53 AM, L.P.H. van Belle wrote:
>
> Yes, i've set smtpd_tls_ask_ccert to yes.
You almost certainly don't need this.
> Hmmm, i now also noticed i dont have Trusted or Verified anymore, this must
> be a miss on my side after the switch from 2.10 to 3.1
On Mar 13, 2018, at 02:35, Christian Schmidt
wrote:
> In addition, you could add the option "-o syslog_name=postfix-587" (or
> "25") to the corresponding entry in master.cf. This will make postfix
> "label" the logfile entries - and maybe enable your
On 13.03.18 09:36, LuKreme wrote:
On Mar 13, 2018, at 09:17, Viktor Dukhovni wrote:
smtpd_tls_exclude_ciphers = eNULL, aNULL, LOW, EXP, MEDIUM, ADH, AECDH, MD5,
DSS, ECDSA, CAMELLIA128, CAMELLIA256, 3DES
This too is unwise. Remove this setting.
In general, or
> On Mar 13, 2018, at 8:54 AM, L.P.H. van Belle wrote:
>
> Feb 7 00:00:16 hostname postfix/smtpd[31726]: NOQUEUE: reject: RCPT from
> smtp1..nl[x.xx.xxx.xx]]: 450 4.1.8 :
> Sender address rejected: Domain not found;
>
Hello Victor,
> -Oorspronkelijk bericht-
> Van: postfix-us...@dukhovni.org
> [mailto:owner-postfix-us...@postfix.org] Namens Viktor Dukhovni
> Verzonden: dinsdag 13 maart 2018 15:27
> Aan: Postfix users
> Onderwerp: Re: question about envelop from.
>
>
>
> > On Mar 13, 2018, at 8:54
On 14/03/18 15:51, li...@lazygranch.com wrote:
> I'm getting hit every 10 minutes from this spammer. As you can see I am
> rejecting the message. I wonder if the offending email server doesn't
> know the message is being rejected?
>
> Mar 13 23:28:58 centos-1gb-sfo1-01 postfix/smtpd[22153]:
Kevin A. McGrail skrev den 2018-03-14 03:55:
On 3/13/2018 10:51 PM, li...@lazygranch.com wrote:
I'm getting hit every 10 minutes from this spammer. As you can see I
am
rejecting the message. I wonder if the offending email server doesn't
know the message is being rejected?
Mar 13 23:28:58
On 3/13/2018 10:51 PM, li...@lazygranch.com wrote:
> I'm getting hit every 10 minutes from this spammer. As you can see I am
> rejecting the message. I wonder if the offending email server doesn't
> know the message is being rejected?
>
> Mar 13 23:28:58 centos-1gb-sfo1-01 postfix/smtpd[22153]:
On 13 Mar 2018, at 22:51 (-0400), li...@lazygranch.com wrote:
I'm getting hit every 10 minutes from this spammer. As you can see I
am
rejecting the message. I wonder if the offending email server doesn't
know the message is being rejected?
It's not being rejected, it's being deferred.
Mar
I'm getting hit every 10 minutes from this spammer. As you can see I am
rejecting the message. I wonder if the offending email server doesn't
know the message is being rejected?
Mar 13 23:28:58 centos-1gb-sfo1-01 postfix/smtpd[22153]: NOQUEUE:
reject: RCPT from unknown[113.247.6.67]: 450 4.7.1
On 13 Mar 2018, at 23:35 (-0400), Bill Cole wrote:
OR: if you don't get any legitimate mail from Hunan, Chongqing, or
Hong Kong you can probably safely block 113.240.0.0/12 from talking at
all to your SMTP port (or just the /13 to limit it to Hunan.)
OR: Use the Spamhaus ZEN DNSBL, which has
On Tue, 13 Mar 2018 23:35:01 -0400
"Bill Cole" wrote:
> On 13 Mar 2018, at 22:51 (-0400), li...@lazygranch.com wrote:
>
> > I'm getting hit every 10 minutes from this spammer. As you can see
> > I am
> > rejecting the message. I wonder if the
21 matches
Mail list logo