Never mind.. I figured it out:
in main.cf:
transport_maps = hash:$config_directory/tables/smtp_transport_maps
smtpd_recipient_restrictions =
...
check_recipient_access
hash:$config_directory/tables/smtpd_allow_nullroute
...
tables/smtpd_allow_nullroute:
nullro...@mydomai
On Mon, 2009-06-29 at 16:14 -0400, Charles Marcus wrote:
> On 6/29/2009, Steve (steve.h...@digitalcertainty.co.uk) wrote:
> > Genius coders often don't see why something matters to an end user.
> > They get stuck in arguing the semantics.
>
> It is impossible to communicate effectively without usi
I need to set up a nullroute address which is accepted without any
kind of warning, and then silently discarded.
I have it working using check_recipient_maps as:
nullro...@somedomain.net discard blackholed
("nullroute" is set up as an alias on $mydomain in aliases so that
it's accepted)
Ho
On Mon, June 29, 2009 22:59, postfix-l...@monmouth.com wrote:
> Alternatively is there a way of REJECT-ing all mail that does not match the
> desired entries (currently set to DUNNO) short of
> explicitly enumerating all TLD's and appending REJECT to each of them, which
> is kind of kludgy and w
On Mon, June 29, 2009 22:59, postfix-l...@monmouth.com wrote:
> The postconf(5) manage says: 'a result of "OK" is not allowed for safety
> reasons.'
> Is there a way to bypass this? I wish to make check_recipient_mx_access into
> a whitelist instead of a blacklist.
dont make it with mx recipie
Jan P. Kessler wrote:
Noel Jones wrote:
postfix-l...@monmouth.com wrote:
The postconf(5) manage says: 'a result of "OK" is not allowed for
safety reasons.'
Is there a way to bypass this?
No.
Is it possible to use permit_auth_destination here?
No, nothing that resolves to an OK or permit
Noel Jones wrote:
> postfix-l...@monmouth.com wrote:
>> The postconf(5) manage says: 'a result of "OK" is not allowed for
>> safety reasons.'
>> Is there a way to bypass this?
>
> No.
Is it possible to use permit_auth_destination here?
postfix-l...@monmouth.com wrote:
The postconf(5) manage says: 'a result of "OK" is not allowed for safety
reasons.'
Is there a way to bypass this?
No.
I wish to make check_recipient_mx_access into a whitelist instead of a
blacklist.
Alternatively is there a way of REJECT-ing all mail tha
Tomasz Chmielewski wrote:
Victor Duchovni wrote:
Anyone there adding custom headers in Postfix?
Use smtp_header_checks, defined in master.cf on the "smtp" service.
Requires postfix 2.5 or newer.
http://www.postfix.org/postconf.5.html#smtp_header_checks
# master.cf
smtp unix - -
mouss pisze:
all that said, I don't find that dkim is bringing me anything, with all
the problems that it brings. so I am hesitating: unless I see good args,
I will disable it.
About the only one I can see is that I am able to complain loudlier to
some mail service providers arguing that not o
K bharathan a écrit :
> hi all
> currently i've gota smtp out postfix server and one main and several
> subdomains are using it to send mails out
> want to put a DKIM sign on all the outbound mails; understand there are
> MAIL-DKIM and DKIMproxy, DKIM-milters etc..
> which one i can choose for this
Steve a écrit :
> On Sun, 2009-06-28 at 20:44 +0100, Steve wrote:
>> On Sun, 2009-06-28 at 14:38 -0500, Noel Jones wrote:
>>> Steve wrote:
Hi,
I've been looking at some archive posts regarding white listing by
intended recipient domain.
Say for example I wish to white
Robert Becskei a écrit :
> Hello,
>
> I have a virtual domain hosting posfix config here with amavisd-new. I
> needed to silently bcc any recieved messages from one user to two other
> users.
> I've managed to do it with help like this
>
> recipient_bcc original user to alias
>
> u...@capriolobi
On Mon, Jun 29, 2009 at 03:20:02PM -0500, Jay G. Scott wrote:
> > To configure the location of the Cyrus config file for smtpd, use:
> >
> > cyrus_sasl_config_path = /some/path/etc
>
> that didn't work for me, FWIW. trussing the postfix daemons
> showed me where it was looking for the file,
Hi there,
We have a mail relay in the DMZ (SRV1) which receives all mail sent to
example dot com, but we also have an additional server on the internal
network (SRV2) wich receives some mails from the same domain. To do
this in SRV1, the transport has:
us...@example.com smtp:ip_SRV2
us...@example.
Victor Duchovni wrote:
Anyone there adding custom headers in Postfix?
Use smtp_header_checks, defined in master.cf on the "smtp" service.
Requires postfix 2.5 or newer.
http://www.postfix.org/postconf.5.html#smtp_header_checks
# master.cf
smtp unix - - n - -
problem solved. I had forgotten it. at the end of the statement
Le lundi 29 juin 2009 22:27, fake...@fakessh.eu a écrit :
> I get a weird error
>
> [swilt...@localhost ~]$ host -t txt mail._domainkey.fakessh.eu.
> bitsy.mit.edu.
> Using domain server:
> Name: bitsy.mit.edu.
> Address: 18.72.0.3#
On Jun 29, 2009, at 3:51 PM, "EASY steve.h...@digitalcertainty.co.uk" > wrote:
On Mon, 2009-06-29 at 15:23 -0400, Sahil Tandon wrote:
Please don't feed the trolls. :)
Oh yawn. Is that the best you can do? Can you not contribute something
useful? I don't think you are really worth the effort
The postconf(5) manage says: 'a result of "OK" is not allowed for safety
reasons.'
Is there a way to bypass this? I wish to make check_recipient_mx_access into a
whitelist instead of a blacklist.
Alternatively is there a way of REJECT-ing all mail that does not match the
desired entries (curre
I get a weird error
[swilt...@localhost ~]$ host -t txt mail._domainkey.fakessh.eu.
bitsy.mit.edu.
Using domain server:
Name: bitsy.mit.edu.
Address: 18.72.0.3#53
Aliases:
Host mail._domainkey.fakessh.eu not found: 3(NXDOMAIN)
[swilt...@localhost ~]$
[swilt...@localhost ~]$ host -t txt mai
On Mon, Jun 29, 2009 at 02:56:51PM -0400, Victor Duchovni wrote:
> On Mon, Jun 29, 2009 at 01:38:11PM -0500, Jay G. Scott wrote:
>
> > -
> > /etc/postfix/main.cf snippet:
> > -
> >
> > smtpd_sasl_path = smtpd
> >
On 6/29/2009, Steve (steve.h...@digitalcertainty.co.uk) wrote:
> Genius coders often don't see why something matters to an end user.
> They get stuck in arguing the semantics.
It is impossible to communicate effectively without using well defined
terms...
Maybe you should look up the meaning of '
On Mon, 2009-06-29 at 21:36 +0200, Erwan David wrote:
> 2821
Indeed. I'm glad you pointed that out;
4.2.5 Reply Codes After DATA and the Subsequent .
When an SMTP server returns a positive completion status (2yz code)
after the DATA command is completed with ., it accepts
responsibility
i dkimproxy update to the latest version which is in beta
my secondary dns is not to me he plays tricks
Le lundi 29 juin 2009 05:12, Byung-Hee HWANG a écrit :
> "fake...@fakessh.eu" writes:
> > that right now
> > [swilt...@your-ab6cd29f8e ~]$ host -t txt
> > fakessh.eu._domainkey.fakessh.eu. fa
On Mon, 2009-06-29 at 15:13 -0400, Terry Carmen wrote:
> > On Mon, 2009-06-29 at 14:24 -0400, Terry Carmen wrote:
> >
> > Whilst Wietse's Postfix mostly rocks you need to drop that 'God' like
> > arse licking Terry. It makes you look a tit dude. If something sucks it
> > sucks. No matter who wrote
Le Mon 29/06/2009, EASY steve.h...@digitalcertainty.co.uk disait
> On Mon, 2009-06-29 at 14:56 -0400, Charles Marcus wrote:
> > On 6/29/2009 2:41 PM, Steve wrote:
> > >>> You are, of course, correct. It would be totally retarded to be able to
> > >>> switch of bounce/ndr messages.
> >
> > >> Yes,
On Mon, 2009-06-29 at 14:56 -0400, Charles Marcus wrote:
> On 6/29/2009 2:41 PM, Steve wrote:
> >>> You are, of course, correct. It would be totally retarded to be able to
> >>> switch of bounce/ndr messages.
>
> >> Yes, it would, since it breaks smtp...
>
> > So does the notion of 'Before Queue
Please don't feed the trolls. :)
> On Mon, 2009-06-29 at 14:24 -0400, Terry Carmen wrote:
>
> Whilst Wietse's Postfix mostly rocks you need to drop that 'God' like
> arse licking Terry. It makes you look a tit dude. If something sucks it
> sucks. No matter who wrote it, who's project it is, or the cost of it.
I appreciate Wietse'
On 6/29/2009, EASY steve.h...@digitalcertainty.co.uk wrote:
> And this come to think of it: strict_rfc821_envelopes
> We can disable.
? It is disabled by default.
If you mean you can enable this, you should be aware it *will* block
legitimate mail.
That said, it has nothing to do with your desir
On Mon, Jun 29, 2009 at 01:38:11PM -0500, Jay G. Scott wrote:
> -
> /etc/postfix/main.cf snippet:
> -
>
> smtpd_sasl_path = smtpd
> ---
> now,
> "smtpd_sasl_path = smtpd"
> means
On 6/29/2009 2:41 PM, Steve wrote:
>>> You are, of course, correct. It would be totally retarded to be able to
>>> switch of bounce/ndr messages.
>> Yes, it would, since it breaks smtp...
> So does the notion of 'Before Queue Filtering'. I think it goes
> something like 'You must decide to accept
On Mon, 2009-06-29 at 19:41 +0100, Steve wrote:
> On Mon, 2009-06-29 at 14:29 -0400, Charles Marcus wrote:
> > On 6/29/2009, Steve (steve.h...@digitalcertainty.co.uk) wrote:
> > > You are, of course, correct. It would be totally retarded to be able to
> > > switch of bounce/ndr messages.
> >
> > Y
On Mon, 2009-06-29 at 14:29 -0400, Charles Marcus wrote:
> On 6/29/2009, Steve (steve.h...@digitalcertainty.co.uk) wrote:
> > You are, of course, correct. It would be totally retarded to be able to
> > switch of bounce/ndr messages.
>
> Yes, it would, since it breaks smtp...
So does the notion of
On Mon, 2009-06-29 at 14:24 -0400, Terry Carmen wrote:
> >>
> >> Steve, you know the answer to this question: I will repeat it once
> >> more time. Don't reject mail after accepting it.
> >>
> >>Wietse
> > Wietse,
> >
> > You are, of course, correct. It would be totally retarded to be able to
i hope i've come to the right list for this. i didn't think
this was a "developer" issue.
trying to set up:
solaris 10
postfix-2.6.2 w/ tls, compiled from source
cyrus-sasl-2.1.23, compiled from source
the postfix-tls part was/is working. i can send/recv mail
and it has the tls header in it.
On 6/29/2009, Steve (steve.h...@digitalcertainty.co.uk) wrote:
> You are, of course, correct. It would be totally retarded to be able to
> switch of bounce/ndr messages.
Yes, it would, since it breaks smtp...
Otherwise, the CEO of your new biggest prospect will never know that his
'I'll take it!'
>>
>> Steve, you know the answer to this question: I will repeat it once
>> more time. Don't reject mail after accepting it.
>>
>> Wietse
> Wietse,
>
> You are, of course, correct. It would be totally retarded to be able to
> switch of bounce/ndr messages. Mail admins are totally perfect an
On Mon, 2009-06-29 at 12:52 -0400, Wietse Venema wrote:
> EASY steve.h...@digitalcertainty.co.uk:
> > On Mon, 2009-06-29 at 11:32 -0400, Wietse Venema wrote:
> > > EASY steve.h...@digitalcertainty.co.uk:
> > > > Appreciate that - but to do this defeats the object of rejecting mail at
> > > > SMTP t
EASY steve.h...@digitalcertainty.co.uk:
> On Mon, 2009-06-29 at 11:32 -0400, Wietse Venema wrote:
> > EASY steve.h...@digitalcertainty.co.uk:
> > > Appreciate that - but to do this defeats the object of rejecting mail at
> > > SMTP time (to avoid the bounce in the first place). What appears to
> >
On Mon, 2009-06-29 at 09:19 -0500, Noel Jones wrote:
> Steve wrote:
> > The one observation I've made is there is no way of spotting in the logs
> > that the mail was subjected to a whitelist. For example;
> >
> > map:
> > example.com OK putting text here does not log it
> >
> > I'm guessing I ca
On Mon, 2009-06-29 at 11:32 -0400, Wietse Venema wrote:
> EASY steve.h...@digitalcertainty.co.uk:
> > Appreciate that - but to do this defeats the object of rejecting mail at
> > SMTP time (to avoid the bounce in the first place). What appears to
> > happening is the spambot sending the mail does n
-Original Message-
From: Noel Jones
Sent: Monday, June 29, 2009 7:19 AM
To: steve.h...@digitalcertainty.co.uk; postfix users list
Subject: Re: Whitelisting by recipient domain name
Steve wrote:
> The one observation I've made is there is no way of spotting in the logs
> that the mail
On Mon, Jun 29, 2009 at 10:35:58AM -0500, Noel Jones wrote:
> Tomasz Chmielewski wrote:
>> I would like to add custom headers to outgoing messages only:
>> X-Custom: my-header
>> I tried that with:
>> smtpd_data_restrictions =
>> check_client_access cidr:/etc/postfix/add_headers/header
>>
Tomasz Chmielewski wrote:
I would like to add custom headers to outgoing messages only:
X-Custom: my-header
I tried that with:
smtpd_data_restrictions =
check_client_access cidr:/etc/postfix/add_headers/header
and the content of that file:
127.0.0.1 PREPEND X-Custom: my-header
Bu
EASY steve.h...@digitalcertainty.co.uk:
> Appreciate that - but to do this defeats the object of rejecting mail at
> SMTP time (to avoid the bounce in the first place). What appears to
> happening is the spambot sending the mail does not hang around for the
> 250 OK at the end of the .. If it did,
I would like to add custom headers to outgoing messages only:
X-Custom: my-header
I tried that with:
smtpd_data_restrictions =
check_client_access cidr:/etc/postfix/add_headers/header
and the content of that file:
127.0.0.1 PREPEND X-Custom: my-header
But it gets appended to both
On Mon, 2009-06-29 at 08:20 -0400, Charles Marcus wrote:
> On 6/29/2009, Steve (steve.h...@digitalcertainty.co.uk) wrote:
> > I've read a few archive posts regarding the generation of bounce/ndr
> > messages and I can understand some of the cutting remarks such as
'don't
> > accept mail for invalid
On Mon, 2009-06-29 at 09:19 -0500, Noel Jones wrote:
>
> Only one action is allowed per lookup. If you want to note in
> the logs or use PREPEND to add a header indicating the mail
> was whitelisted, you'll need two lookup tables - first to WARN
> or PREPEND, then another table to OK.
>
> I s
Steve wrote:
The one observation I've made is there is no way of spotting in the logs
that the mail was subjected to a whitelist. For example;
map:
example.com OK putting text here does not log it
I'm guessing I can do this
example.com WARN whitelisted
example.com OK
Only one action is allowe
On Mon, Jun 29, 2009 at 10:49:34AM +0200, Willy Janssen wrote:
> We scan all outgoing mail as we absolutely don't want to send out any
> virusses. To accomplish this, we have a two-stage (separate) Postfix setup,
> connected via a content_filter for Amavis/ClamAV:
>
> Postfix (incoming stage) --
On Mon, Jun 29, 2009 at 07:17:02AM +0200, Magnus B?ck wrote:
> Nitpick: I believe "any time" means "at the very earliest the next
> second", i.e. a queue id won't be reused until the second component
> of the current time has rolled over to the next.
Where "next" is measured from the time the que
On Jun 29, 2009, at 5:41 PM, K bharathan wrote:
hi all
currently i've gota smtp out postfix server and one main and several
subdomains are using it to send mails out
want to put a DKIM sign on all the outbound mails; understand there
are MAIL-DKIM and DKIMproxy, DKIM-milters etc..
which on
On 6/29/2009, Steve (steve.h...@digitalcertainty.co.uk) wrote:
> I've read a few archive posts regarding the generation of bounce/ndr
> messages and I can understand some of the cutting remarks such as 'don't
> accept mail for invalid users in the first place'.
Yep - but accepting for invalid user
Hello,
I have a virtual domain hosting posfix config here with amavisd-new. I
needed to silently bcc any recieved messages from one user to two other
users.
I've managed to do it with help like this
recipient_bcc original user to alias
u...@capriolobike.com -> silental...@capriolobike.com
slie
Please note:
> # wants exclusive mails only ;-)
> id=GROUP3; recipient==j...@doe.local; recipient_count>=1; \
> action=REJECT too many rcpts $$recipient_count >= 1
>
The recipient attribute is only valid for single recipient mails at
smtpd_data_restrictions. So this rule works, but other rec
Magnus Bäck wrote:
> On Monday, June 29, 2009 at 06:11 CEST,
> R Pradeepa wrote:
>
>> Can we have restriction on "smtpd_recipient_limit" parameter for one
>> group of users whereas for others we dont need this limitation.
>
> There is no Postfix builtin for this, but a custom policy server would
>
> The one observation I've made is there is no way of spotting in the logs
> that the mail was subjected to a whitelist. For example;
>
> map:
> example.com OK putting text here does not log it
>
> I'm guessing I can do this
> example.com WARN whitelisted
> example.com OK
>
> But is there a way to
hi all
currently i've gota smtp out postfix server and one main and several
subdomains are using it to send mails out
want to put a DKIM sign on all the outbound mails; understand there are
MAIL-DKIM and DKIMproxy, DKIM-milters etc..
which one i can choose for this purpose
do i've to add anything t
On Mon, 2009-06-29 at 10:49 +0200, Willy Janssen wrote:
> Hello,
>
> We scan all outgoing mail as we absolutely don't want to send out any
> virusses. To accomplish this, we have a two-stage (separate) Postfix
> setup, connected via a content_filter for Amavis/ClamAV:
>
> Postfix (incoming stag
Hello,
We scan all outgoing mail as we absolutely don't want to send out any
virusses. To accomplish this, we have a two-stage (separate) Postfix
setup, connected via a content_filter for Amavis/ClamAV:
Postfix (incoming stage) --> Amavis/ClamAV --> Postfix (sending stage)
However, during th
On Sun, 2009-06-28 at 20:44 +0100, Steve wrote:
> On Sun, 2009-06-28 at 14:38 -0500, Noel Jones wrote:
> > Steve wrote:
> > > Hi,
> > >
> > > I've been looking at some archive posts regarding white listing by
> > > intended recipient domain.
> > >
> > > Say for example I wish to white list any in
Hi,
I've read a few archive posts regarding the generation of bounce/ndr
messages and I can understand some of the cutting remarks such as 'don't
accept mail for invalid users in the first place'.
That aside, is it actually possible to stop the SENDING (or the
generation) of NDR/Bounce messages.
63 matches
Mail list logo