Hi
On 31 August 2010 03:42, Victor Duchovni
wrote:
>
> Probably not surprising when the Cyrus library is pre-empted by Apple's
> "pw" server, and the mechanism list is defined in an Apple-specific
> configuration parameter.
I just compiled sendmail for mac os 10.6.
And it's behaving perfectly w
Hi
On 31 August 2010 03:04, Wietse Venema wrote:
>
> If this does not announce the SASL mechanisms that you expect, then
> the missing mechanisms are not installed with the Cyrus SASL library.
I do appreciate that you took the time to answer my questions..
Especially as I understand it you're th
I have a question regarding recipient delimiters. I need to set the recipient
delimiter for my mailing lists (mailman) with "-" but I also need to set the
recipient_delimiter to "+" for my calendar server.
How can I set the recipient_delimiter to include both values?
Thank you for your assist
First, I submit my postconf -n, made anonymous, but should still be
accurate.
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
alternate_config_directories = /etc/postfix-alt
anvil_rate_time_unit = 60s
anvil_status_update_time = 600s
biff = no
bounce_queue_lifetime
On 8/30/2010 4:54 PM, Justin Pasher wrote:
Hello,
I have a box running multiple instances of Postfix on multiple
IP addresses (this is a pre-2.6 installation, so the multiple
instances are handled the old way by defining multiple postfix
config directories). I currently have "syslog_name" set fo
Patrick Lists put forth on 8/30/2010 6:00 PM:
> On 08/31/2010 12:40 AM, Stan Hoeppner wrote:
> [snip]
>>
>> /^[12]?[0-9]{1,2}(-[12]?[0-9]{1,2}){3}\.(customer|dsl|dial-up)\.telesp\.net\.br$/
>>
>> REJECTGeneric - Please relay via ISP (telesp.net.br)
>>
>> That's all one line, TB wrapped it. You
"Marco Rebsamen" wrote in message
news:f70fd6682c026e40970a322e98e764545...@tranceiver.hive.loc...
Hello Everybody
I wan't to have my local recipeints checked against my Active Directory. So I
have created the .cf file with the LDAP parameters:
bind_dn = u...@domain.local
bi
.*
--
From: "Patrick Lists"
Sent: Monday, August 30, 2010 2:34 PM
To:
Subject: Regexp for blocking dynamic hosts?
Hi,
I got a lot of spam lately from dynamic hosts so gradually I have been
adding rules to block them with the help of the rules
Stan Hoeppner:
> Wietse Venema put forth on 8/30/2010 1:29 PM:
> > Victor Duchovni:
> >> On Mon, Aug 30, 2010 at 01:06:28PM -0500, Stan Hoeppner wrote:
> >>
> >>> Is there a straightforward (i.e. relatively painless) way to check the
> >>> header from, reply-to, and message-id domains against dbl.s
On 08/31/2010 12:40 AM, Stan Hoeppner wrote:
[snip]
/^[12]?[0-9]{1,2}(-[12]?[0-9]{1,2}){3}\.(customer|dsl|dial-up)\.telesp\.net\.br$/
REJECT Generic - Please relay via ISP (telesp.net.br)
That's all one line, TB wrapped it. You may as well just use this.
Over 1600 regex patterns matching gene
Patrick Lists put forth on 8/30/2010 4:34 PM:
> Hi,
>
> I got a lot of spam lately from dynamic hosts so gradually I have been
> adding rules to block them with the help of the rules from
> http://gabacho.reto.jp/en/anti-spam/anti-spam-system.html
>
> Unfortunately this type keeps slipping throug
Wietse Venema put forth on 8/30/2010 1:29 PM:
> Victor Duchovni:
>> On Mon, Aug 30, 2010 at 01:06:28PM -0500, Stan Hoeppner wrote:
>>
>>> Is there a straightforward (i.e. relatively painless) way to check the
>>> header from, reply-to, and message-id domains against dbl.spamhaus.org
>>> and reject
Hello,
I have a box running multiple instances of Postfix on multiple IP
addresses (this is a pre-2.6 installation, so the multiple instances are
handled the old way by defining multiple postfix config directories). I
currently have "syslog_name" set for each instance so I can correlate
the l
Hi,
I got a lot of spam lately from dynamic hosts so gradually I have been
adding rules to block them with the help of the rules from
http://gabacho.reto.jp/en/anti-spam/anti-spam-system.html
Unfortunately this type keeps slipping through:
Received: from 200-161-108-143.dsl.telesp.net.br
My r
On 30.08.10 22:11, mouss wrote:
> are you saying dovecot lmtp implementation has such a bug?
I think that Dovecot is a great piece of software and would not presume
to imply that it has a faulty LMTP implementation. More likely, I made
some mistake in configuring Dovecot. Currently, all my effort
Le 30/08/2010 11:19, Ralph Seichter a écrit :
On 29.08.10 21:40, Noel Jones wrote:
Sorry, I forgot to specify the map type in my example. It must be
either regexp: or pcre:.
No need for you to apologize. I feel quite silly, because you obviously
specifed a regular expression in your example,
also sprach Victor Duchovni
[2010.08.30.2148 +0200]:
> Exactly as promised. Trusted != Verified. Trusted just means that
> the peer certificate signature is valid, but no actual validation
> of the peername took place.
Oh, I am sorry for this oversight on my side.
--
martin | http://madduck.ne
On Mon, Aug 30, 2010 at 09:46:26PM +0200, Marco Rebsamen wrote:
> > > search_base = DC=hive, DC=loc
> > > query_filter = proxyAddresses=smtp:*...@unimatrix0.ch
> > > result_attribute = proxyAddresses
> >
> > What is that pesky "*" doing in your query filter!!!
>
> It's a damn wildcard! I thought
On Mon, Aug 30, 2010 at 09:42:29PM +0200, martin f krafft wrote:
> also sprach Victor Duchovni
> [2010.08.30.1604 +0200]:
> > > Due to some issues we've been having[0], I would like to have a more
> > > permanent means of confirmation that everything is in order.
> > > Specifically, I would like
-Ursprüngliche Nachricht-
Von: Victor Duchovni [mailto:victor.ducho...@morganstanley.com]
Gesendet: Montag, 30. August 2010 21:18
An: Marco Rebsamen
Cc: postfix-users@postfix.org
Betreff: Re: local_recipient_maps with LDAP
On Mon, Aug 30, 2010 at 08:50:33PM +0200, Marco Rebsamen wrote:
also sprach Victor Duchovni
[2010.08.30.1611 +0200]:
> > Is it intentional then that the TLS policy map is searched for
> > the nexthop, if one is defined there?
>
> Yes.
>
> > Does it /also/ check the policy for the recipient domain?
>
> No. TLS policy is by nexthop. TLS is a hop-by-hop secur
also sprach Wietse Venema [2010.08.28.2324 +0200]:
> > Due to some issues we've been having[0], I would like to have a more
> > permanent means of confirmation that everything is in order.
> > Specifically, I would like to see in the logs when a security policy
> > was matched and applied. No matt
SMTP engine (similar to the smtp-sink
test program) to log the client/helo/sender/recipient for blocked
mail, and c) a simple form of greylisting if time permits.
Wietse
Incompatibility with snapshot 20100830
==
Use "postfix reload" after
On Mon, Aug 30, 2010 at 08:50:33PM +0200, Marco Rebsamen wrote:
>
> Ok, I'm really confused about that LDAP lookup stuff :-/
> What I want to do is to check if an address to which a message is addressed
> really exists.
>
> I'm currently using this script for local receipient checks:
>
> bind_
Ok, I'm really confused about that LDAP lookup stuff :-/
What I want to do is to check if an address to which a message is addressed
really exists.
I'm currently using this script for local receipient checks:
bind_dn = j...@hive.loc
bind_pw =
server_host = 192.168.8.254
#Global Catalog po
Victor Duchovni:
> On Mon, Aug 30, 2010 at 01:06:28PM -0500, Stan Hoeppner wrote:
>
> > Is there a straightforward (i.e. relatively painless) way to check the
> > header from, reply-to, and message-id domains against dbl.spamhaus.org
> > and reject on a positive reply as with reject_r*bl_client?
>
On 08/30/2010 02:06 PM, Stan Hoeppner wrote:
> Is there a straightforward (i.e. relatively painless) way to check the
> header from, reply-to, and message-id domains against dbl.spamhaus.org
> and reject on a positive reply as with reject_r*bl_client?
>
> Without having to write a content filter t
On Mon, Aug 30, 2010 at 01:06:28PM -0500, Stan Hoeppner wrote:
> Is there a straightforward (i.e. relatively painless) way to check the
> header from, reply-to, and message-id domains against dbl.spamhaus.org
> and reject on a positive reply as with reject_r*bl_client?
Not from Postfix. There is
Is there a straightforward (i.e. relatively painless) way to check the
header from, reply-to, and message-id domains against dbl.spamhaus.org
and reject on a positive reply as with reject_r*bl_client?
Without having to write a content filter to be called in action
filter:nexthop in header_checks.p
On Mon, Aug 30, 2010 at 01:32:25PM -0400, Adam Tauno Williams wrote:
> On Mon, 2010-08-30 at 13:04 -0400, Wietse Venema wrote:
> > Jean-Yves Avenard:
> > > smtpd_sasl_auth_enable = yes
> > > smtpd_sasl_authenticated_header = yes
> > > smtpd_sasl_security_options = noanonymous, noplaintext
> > > sm
On Mon, 2010-08-30 at 13:04 -0400, Wietse Venema wrote:
> Jean-Yves Avenard:
> > smtpd_sasl_auth_enable = yes
> > smtpd_sasl_authenticated_header = yes
> > smtpd_sasl_security_options = noanonymous, noplaintext
> > smtpd_sasl_tls_security_options = noanonymous
> If this does not announce the SASL m
I just started to follow this thread and had deleted the rest before. If I can
be of any assistance in terms of Cyrus SASL let me know. Mac OS X runs its own
special Cyrus SASL and I might not be able to help all the way. Anyway...
p...@rick
* Wietse Venema :
> Wietse Venema:
> > Jean-Yves Aven
On Tue, Aug 31, 2010 at 02:57:05AM +1000, Jean-Yves Avenard wrote:
> smtpd_pw_server_security_options = gssapi,cram-md5,plain,login
> smtpd_recipient_restrictions = permit_sasl_authenticated
> permit_mynetworks reject_unauth_destination check_policy_service
> unix:private/policy permit
> smtpd_sa
Wietse Venema:
> Jean-Yves Avenard:
> > smtpd_sasl_auth_enable = yes
> > smtpd_sasl_authenticated_header = yes
> > smtpd_sasl_security_options = noanonymous, noplaintext
> > smtpd_sasl_tls_security_options = noanonymous
>
> If this does not announce the SASL mechanisms that you expect, then
> the
Jean-Yves Avenard:
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_authenticated_header = yes
> smtpd_sasl_security_options = noanonymous, noplaintext
> smtpd_sasl_tls_security_options = noanonymous
If this does not announce the SASL mechanisms that you expect, then
the missing mechanisms are not inst
I will be out of the office starting 08/30/2010 and will not return until
09/05/2010.
I will respond to your message when I return.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Victor Duchovni wrote:
|> It seems that postfix tries does not know what to do, as the system in the
|> referral is not reachable (that is what might require second thoughts), but
|> the firewall produces an immediate TCP reset, so 10.0.1.6 should, IM
Hi
On 31 August 2010 02:38, Wietse Venema wrote:
> When reporting a problem, please follow the mailing list
> welcome message's instructions.
>
> In particular, use "postconf -n" command output instead
> of cut-and-paste from main.cf.
I already posted those in an earlier message, am I supposed t
Jean-Yves Avenard:
> Hi
>
> On 31 August 2010 01:00, Adam Tauno Williams wrote:
> > "A separate parameter controls Postfix SASL mechanism policy during a
> > TLS-encrypted SMTP session. The default is to copy the settings from the
> > unencrypted session:"
> >
> > smtpd_sasl_security_options = no
On Mon, Aug 30, 2010 at 06:16:24PM +0200, Victoriano Giralt wrote:
> How does Postfix react to this?
> I see this in the logs:
> Aug 30 18:10:27 correoe1 postfix/proxymap[19744]: warning:
> dict_ldap_connect: Unable to bind to server ldap://10.0.1.6:389
> ldap://10.0.1.7:389 as cn=bind dn here: 9
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello, we are using LDAP for mail routing with Postfix. We have moved the
directory infrastructure and we can now do things without tearing down
servers, but ... when a server is not able to perform a search it send back
a bind referral.
How does Pos
Hi
On 31 August 2010 01:00, Adam Tauno Williams wrote:
> "A separate parameter controls Postfix SASL mechanism policy during a
> TLS-encrypted SMTP session. The default is to copy the settings from the
> unencrypted session:"
>
> smtpd_sasl_security_options = noanonymous, noplaintext
> smtpd_sasl
On Mon, Aug 30, 2010 at 04:58:48PM +0200, Patrick Ben Koetter wrote:
> * Victor Duchovni :
> > > Is "smtp:%s" sufficient? IIRC the main mail address is noted as
> > > "SMTP:%s". A
> > > query that catches those too would be this:
> >
> > The proxyAddresses field is matched case-insensitively. No
On Mon, 2010-08-30 at 22:56 +1000, Jean-Yves Avenard wrote:
> Hi there.
> Moving from sendmail to a macos 10.6 server that ships with postfix..
> There are a few things that I'm trying to replicate from sendmail into
> postifx, but I'm not having much luck.
> Problems:
> 2- When using a non encrypt
* Victor Duchovni :
> > Is "smtp:%s" sufficient? IIRC the main mail address is noted as "SMTP:%s". A
> > query that catches those too would be this:
>
> The proxyAddresses field is matched case-insensitively. No fancy gymnastics
> required:
>
> > query_filter = (|(proxyAddresses=smtp:%s)(pro
On Mon, Aug 30, 2010 at 04:45:39PM +0200, Patrick Ben Koetter wrote:
> * Patrick Ben Koetter :
> > Is "smtp:%s" sufficient? IIRC the main mail address is noted as "SMTP:%s". A
> > query that catches those too would be this:
> >
> > query_filter = (|(proxyAddresses=smtp:%s)(proxyAddresses=SMT
On Mon, Aug 30, 2010 at 04:39:46PM +0200, Patrick Ben Koetter wrote:
> * Victor Duchovni :
> > On Sun, Aug 29, 2010 at 01:20:39AM +0200, Marco Rebsamen wrote:
> >
> > > query_filter = proxyaddresses=...@domain1.ch*
> >
> > DO NOT use wildcard "*" patters to match recipients. The correct query
* Patrick Ben Koetter :
> Is "smtp:%s" sufficient? IIRC the main mail address is noted as "SMTP:%s". A
> query that catches those too would be this:
>
> query_filter = (|(proxyAddresses=smtp:%s)(proxyAddresses=SMTP:%s))
On second thought...
A query that matches all aliases goes like this:
* Victor Duchovni :
> On Sun, Aug 29, 2010 at 01:20:39AM +0200, Marco Rebsamen wrote:
>
> > query_filter = proxyaddresses=...@domain1.ch*
>
> DO NOT use wildcard "*" patters to match recipients. The correct query
> is:
>
> query_filter = proxyAddresses=smtp:%...@domain1.ch
>
> or, more
On Sat, Aug 28, 2010 at 07:00:58PM +0200, martin f krafft wrote:
> > The Postfix TLS security policy is based on where the mail is going
> > (its destination domain or administratively defined gateway).
>
> With "administratively defined gateway", you mean an entry in
> transport_maps?
Yes. This
On 30 August 2010 23:58, Jean-Yves Avenard wrote:
> I did *not* define remote_header_rewrite_domain anywhere, yet the
> recipient is being rewritten. Unless I misread how this configuration
> parameter actually works.
>
Oh, I see what's going on, as I'm doing my test from a local subnet,
the add
On Sat, Aug 28, 2010 at 07:02:48PM +0200, martin f krafft wrote:
> We are using $smtp_tls_policy_maps, in addition to
This is a feature of the Postfix SMTP *client*, that sends mail to
remote sites.
> Due to some issues we've been having[0], I would like to have a more
> permanent means of confi
Hi
On 30 August 2010 23:43, Wietse Venema wrote:
> I kindly suggest that you read the manual (RTFM) before asking
> questions that are already answered there.
>
> Canonical mappings can rewrite the envelope addresses (i.e. what
> Postfix delivers) without changing the addresses in the message
Hi
On 30 August 2010 23:25, Charles Marcus wrote:
> On 2010-08-30 8:56 AM, Jean-Yves Avenard wrote:
>> Moving from sendmail to a macos 10.6 server that ships with postfix..
>
> Per the welcome message you received when you joined the list:
>
> TO REPORT A PROBLEM see:
> http://www.postfix.org/DE
On Sun, Aug 29, 2010 at 01:20:39AM +0200, Marco Rebsamen wrote:
> query_filter = proxyaddresses=...@domain1.ch*
DO NOT use wildcard "*" patters to match recipients. The correct query
is:
query_filter = proxyAddresses=smtp:%...@domain1.ch
or, more typically:
query_filter = proxyAd
Jean-Yves Avenard:
> > I thought I could add something like this in the canonical file:
> > /^(reg)-(.*)-(.*)$/ ${2}
> >
> > However, I read in a few place that this would break recipient validation.
>
> Should add that while with the canonical above I do get the email to
> the proper mailbox deli
On 2010-08-30 8:56 AM, Jean-Yves Avenard wrote:
> Moving from sendmail to a macos 10.6 server that ships with postfix..
Per the welcome message you received when you joined the list:
TO REPORT A PROBLEM see:
http://www.postfix.org/DEBUG_README.html#mail
This means, at a minimum, postfix version
Hi again
On 30 August 2010 22:56, Jean-Yves Avenard wrote:
> 4- I have added in sendmail a very simple rule allowing to create
> dummy email address such as:
> reg-username-ser...@domain.com
>
> this is equivalent to usern...@domain.com
>
> In sendmail, I would ad in the main .mc file:
>
> LOCAL_
Hi there.
Moving from sendmail to a macos 10.6 server that ships with postfix..
There are a few things that I'm trying to replicate from sendmail into
postifx, but I'm not having much luck.
Problems:
1- People on local network (e.g. from 192.168.0.0/24) can send email
without authentication (so
On 29.08.10 21:40, Noel Jones wrote:
> Sorry, I forgot to specify the map type in my example. It must be
> either regexp: or pcre:.
No need for you to apologize. I feel quite silly, because you obviously
specifed a regular expression in your example, and I read it as such. I
don't know what made
60 matches
Mail list logo
