I'm setting up a mail server on a virtual server
smtp banner is set to myhost.mydomain
reverse dns resolves to the data centre IP address
is that going to cause me problems in the future ?
-
mxtoolbox:
OK - 111.111.222.333 resolves to server.domain.tld
Warning - Reverse DNS does n
Hello,
I'm wondering about the usefulness of smtp(d)_tls_CAfile(path) when using
opportunistic encryption in both incoming and outgoing connections. The
TLS_README suggests that certificate and key files be left empty for
opportunistic smtp processes, but it doesn't talk specifically about
smt
> > I'm thinking about trying the example suggested in the documentation for
> > "sleep":
> >
> >
> > /etc/postfix/main.cf:
> > smtpd_client_restrictions =
> > sleep 1, reject_unauth_pipelining
> > smtpd_delay_reject = no
> >
> > In general, I try to order smtpd_*_restrictions wi
- Original Message
> From: Noel Jones
> To: postfix-users@postfix.org
> Sent: Fri, April 8, 2011 9:44:12 PM
> Subject: Re: Restricting ETRN?
>
> On 4/8/2011 11:29 PM, email builder wrote:
> >
> > Or is this of no concern and/or does the junk command limit take care of
it?
>
> If
On 4/8/2011 11:29 PM, email builder wrote:
Or is this of no concern and/or does the junk command limit take care of it?
If you have no use for ETRN just set
smtpd_etrn_restrictions = reject
or maybe better
smtpd_etrn_restrictions = static:502
and then forget about it.
ETRN is not a particular
On 4/8/2011 10:57 PM, Stan Hoeppner wrote:
email builder put forth on 4/8/2011 10:14 PM:
Or is this merely a poor-man's greylisting?
In essence, yes.
No, not at all.
Greylisting breaks the connection and forces the client to
reconnect after a cool-down period before accepting mail.
Grey
Hi,
We have Running Postfix with Virtual Domains. I need some address
rewriting for Incoming and Outgoing Emails and using Canonical Maps we
have done this task:
--- main.cf config:
sender_canonical_maps = hash:/etc/postfix/canonical-sender
recipient_canonical_maps = hash:/etc/postfix/canonical-r
On 4/8/2011 10:14 PM, email builder wrote:
Hello,
I'm thinking about trying the example suggested in the documentation for
"sleep":
/etc/postfix/main.cf:
smtpd_client_restrictions =
sleep 1, reject_unauth_pipelining
smtpd_delay_reject = no
In general, I try to order smtpd_*_restricti
> > I'm concerned about having ETRN wide open. I am not very familiar with
> > ETRN
>and
>
> > have no use for it in our environment. It seems harmless, but if most of
>one's
>
> > recipient/sender/client/helo/etc. restrictions are in places they won't be
>seen
>
> > by someone trying
email builder put forth on 4/8/2011 10:18 PM:
> I'm concerned about having ETRN wide open. I am not very familiar with ETRN
> and
> have no use for it in our environment. It seems harmless, but if most of
> one's
> recipient/sender/client/helo/etc. restrictions are in places they won't be
>
email builder put forth on 4/8/2011 10:14 PM:
> Hello,
>
> I'm thinking about trying the example suggested in the documentation for
> "sleep":
>
>
> /etc/postfix/main.cf:
> smtpd_client_restrictions =
> sleep 1, reject_unauth_pipelining
> smtpd_delay_reject = no
To achieve what goal?
Hello,
I'm concerned about having ETRN wide open. I am not very familiar with ETRN
and
have no use for it in our environment. It seems harmless, but if most of one's
recipient/sender/client/helo/etc. restrictions are in places they won't be seen
by someone trying to fiddle maliciously with E
Hello,
I'm thinking about trying the example suggested in the documentation for
"sleep":
/etc/postfix/main.cf:
smtpd_client_restrictions =
sleep 1, reject_unauth_pipelining
smtpd_delay_reject = no
In general, I try to order smtpd_*_restrictions with the least costly first, so
this wou
Hello,
In http://www.postfix.org/postconf.5.html#smtp_sasl_auth_cache_name the fourth
sentence is:
As long as the smtp_sasl_password_maps information does no change...
That should be:
As long as the smtp_sasl_password_maps information does not change,
(s/no/not)
I agree,
you are already using proxying so that should help. If you have heavy load you
can look into mysql tuning(on db server). But as is you should be fine.
Aly
Sent from my BlackBerry device on the Rogers Wireless Network
-Original Message-
From: Reindl Harald
Sender: owner-postfi
Am 09.04.2011 00:04, schrieb Voytek Eymont:
> I have a small*1 Postfix server with virtual users/domains in MySQL on
> same host
>
> service is now being transferred to a new machine, with postfix on one
> host, mysql on another host
>
> I've set it up like so with 'proxy:mysql'*2 to the mysql
I have a small*1 Postfix server with virtual users/domains in MySQL on
same host
service is now being transferred to a new machine, with postfix on one
host, mysql on another host
I've set it up like so with 'proxy:mysql'*2 to the mysql machine :
seems to work OK, but I'm concerned about possibl
On 4/8/2011 10:42 AM, ego...@ramattack.net wrote:
On Fri, 08 Apr 2011 13:33:44 +0200, Patrick Ben Koetter wrote:
Am 08.04.2011 14:12, schrieb ego...@ramattack.net:
Is it possible in Postfix to allow just relaying one mail
(independent
of the number of rcpt) per sasl login?. I perhaps could
int
Amedeo Rinaldo:
> Il 08/04/2011 16:06, Wietse Venema ha scritto:
> >> .. [cut] ..
> > postscreen changes the calculation of "cost".
> >.. [cut] ..
>
>
> Really intresting point of view, i need to spend more time on it.
>
> About resource consuming .. i have to check/match my resource/snmp
> mon
Il 08/04/2011 16:06, Wietse Venema ha scritto:
.. [cut] ..
postscreen changes the calculation of "cost".
.. [cut] ..
Really intresting point of view, i need to spend more time on it.
About resource consuming .. i have to check/match my resource/snmp
monitoring to better evaluate. I'm now us
Randy Ramsdell:
> Ralf Hildebrandt wrote:
> > * Ralf Hildebrandt :
> >> * Randy Ramsdell :
> >>> Apr 8 10:10:30 atlbl6 postfix/qmgr[11959]: warning: connect to transport
> >>> private/retry: Connection refused
> >> grep retry /etc/postfix/master.cf
> >>
> >> what do you see?
> >
> > # grep retry
Hi Simon and Stan.
On Fri, 08 Apr 2011 15:19 +0200, "Simon Brereton"
wrote:
> There's a ton of howtos out there - I'm sure you can find one that suits
> all your needs. The nice thing about this one is that it'll keep you on
> the track you've been advised on - i.e. keeping things simple and ad
Ralf Hildebrandt wrote:
* Ralf Hildebrandt :
* Randy Ramsdell :
Apr 8 10:10:30 atlbl6 postfix/qmgr[11959]: warning: connect to transport
private/retry: Connection refused
grep retry /etc/postfix/master.cf
what do you see?
# grep retry /etc/postfix/master.cf
retry unix - -
Hi!
Thanks for all of your replies.
Regards,
Rodrigo.
--
M. Rodrigo Monteiro
"Free as in Freedom, not free as in free beer"
"As we are liberated from our own fear, our presence automatically
liberates others"
Linux User # 403730
* Ralf Hildebrandt :
> * Randy Ramsdell :
> > Apr 8 10:10:30 atlbl6 postfix/qmgr[11959]: warning: connect to transport
> > private/retry: Connection refused
>
> grep retry /etc/postfix/master.cf
>
> what do you see?
# grep retry /etc/postfix/master.cf
retry unix - - - -
* Randy Ramsdell :
> Apr 8 10:10:30 atlbl6 postfix/qmgr[11959]: warning: connect to transport
> private/retry: Connection refused
grep retry /etc/postfix/master.cf
what do you see?
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus B
Apr 8 10:10:30 atlbl6 postfix/qmgr[11959]: warning: connect to
transport private/retry: Connection refused
This is a new postfix server Version: 2.7.2-12.3 opensuse 11.4
Where would I begin to troubleshoot this?
RCR
On Fri, 08 Apr 2011 13:33:44 +0200, Patrick Ben Koetter wrote:
Am 08.04.2011 14:12, schrieb ego...@ramattack.net:
Is it possible in Postfix to allow just relaying one mail
(independent
of the number of rcpt) per sasl login?. I perhaps could interested
on
this... and I doubt if this can be don
Amedeo Rinaldo:
> Il 08/04/2011 14:27, Wietse Venema ha scritto:
> > Amedeo Rinaldo:
> >> But i've (obviously) noticed an high increase in dns queries (unbound
> >> local resolver) and checking my logs i've realized that about 80% of
> >> 'defer/reject' would be done by less expensive tests (not rb
> -Original Message-
> From: owner-postfix-us...@postfix.org [mailto:owner-postfix-
> us...@postfix.org] On Behalf Of Victor Duchovni
> Sent: Friday, April 08, 2011 3:38 PM
> To: M. Rodrigo Monteiro
> Cc: postfix-users@postfix.org
> Subject: Re: DSN virus
>
> On Fri, Apr 08, 2011 at 10:31:
Simon Brereton put forth on 4/8/2011 8:19 AM:
> . Add in the postfix's native spam controls, limiting and checks
In this regard, try this out in your initial setup. A brief description
and instructions are at the top of the file. It's very easy to
implement--one line in main.cf. It will st
M. Rodrigo Monteiro:
> Hi!
>
> In my Postfix (2.8.2), I want to send DSN when Amavisd-new (2.6.4)
> find a virus. Below is the log.
You will be blacklisted, because you will be sending mail to innocent
people whose email address was mis-used by a work or spammer.
http://www.postfix.org/BACKSCATT
On Fri, Apr 08, 2011 at 10:31:02AM -0300, M. Rodrigo Monteiro wrote:
> Hi!
>
> In my Postfix (2.8.2), I want to send DSN when Amavisd-new (2.6.4)
> find a virus. Below is the log.
You don't want to generate "your mail was infected" notices to the
sender, these are a terrible idea. Infected email
On 4/8/2011 9:31 AM, M. Rodrigo Monteiro wrote:
> Hi!
>
> In my Postfix (2.8.2), I want to send DSN when Amavisd-new (2.6.4)
> find a virus. Below is the log.
>
> Apr 8 10:17:35 SERVER amavis[12988]: (12988-09) Blocked INFECTED
> (Eicar-Test-Signature), [XXX.XXX.XXX.XXX] [XXX.XXX.XXX.XXX]
> ->
Hi!
In my Postfix (2.8.2), I want to send DSN when Amavisd-new (2.6.4)
find a virus. Below is the log.
Apr 8 10:17:35 SERVER amavis[12988]: (12988-09) Blocked INFECTED
(Eicar-Test-Signature), [XXX.XXX.XXX.XXX] [XXX.XXX.XXX.XXX]
-> ,
quarantine: virus-1rFPr7cPzGAO, Message-ID:
<1302268654.16516.
> From: owner-postfix-us...@postfix.org [mailto:owner-postfix-
> us...@postfix.org] On Behalf Of jeremy.als...@imap-mail.com
> Hi Victor.
>
> On Fri, 08 Apr 2011 00:59 -0400, "Victor Duchovni"
> wrote:
> > Start simple, and add features gradually. There is a steep learning
> > curve for a novice
Amedeo Rinaldo:
> Il 08/04/2011 05:47, Sahil Tandon ha scritto:
> > .. [cut] ..
> > In certain situations, some SMTP clients do not send QUIT; this is
> > logged as a HANGUP but not treated as a protocol test failure. Do not
> > mistake logging of HANGUP to mean test failure.
>
> Sahil .. that wa
Amedeo Rinaldo:
> But i've (obviously) noticed an high increase in dns queries (unbound
> local resolver) and checking my logs i've realized that about 80% of
> 'defer/reject' would be done by less expensive tests (not rbl
> dependent). Consider that at the end of my 'accept-chain' i've postfwd
kshitij mali:
> HI All
>
>
> Postfix will try to deliver email based on A record suppose the mx record is
> missing , so how to diable this .
This behavior is required by the Internet SMTP standard.
This is not configurable.
Wietse
On Fri, Apr 08, 2011 at 01:52:29PM +0200, Reindl Harald wrote:
> > I don't think it's a good idea, it's part of the standard. We have smaller
> > (legitime) mail servers receiving mails having only A record. Why would I
> > need MX record, if A is ok for me? I only set up MX records when it's
> >
Il 08/04/2011 05:47, Sahil Tandon ha scritto:
.. [cut] ..
In certain situations, some SMTP clients do not send QUIT; this is
logged as a HANGUP but not treated as a protocol test failure. Do not
mistake logging of HANGUP to mean test failure.
Sahil .. that was exactly what i was missing!!
I'v
Am 08.04.2011 13:48, schrieb Gábor Lénárt:
> On Fri, Apr 08, 2011 at 05:05:45PM +0530, kshitij mali wrote:
>> HI All
>>
>>
>> Postfix will try to deliver email based on A record suppose the mx record is
>> missing , so how to diable this .
>>
>> I mean to say postfix should send email based on MX
Il 08/04/2011 05:29, Noel Jones ha scritto:
.. [cut] ..
postscreen tests the connection and issues a reject with a 450 "try
again" code. At this point, the client has done everything postscreen
requires and testing is complete.
.. [cut] ..
The client was well-behaved and was added to the PASS lis
On Fri, Apr 08, 2011 at 05:05:45PM +0530, kshitij mali wrote:
> HI All
>
>
> Postfix will try to deliver email based on A record suppose the mx record is
> missing , so how to diable this .
>
> I mean to say postfix should send email based on MX record only and if mx
> record not bound then imme
Am 08.04.2011 13:35, schrieb kshitij mali:
> HI All
>
> Postfix will try to deliver email based on A record suppose the mx record is
> missing , so how to diable this .
>
> I mean to say postfix should send email based on MX record only and if mx
> record not bound then immediatly bounce
> t
* kshitij mali :
> HI All
>
>
> Postfix will try to deliver email based on A record suppose the mx record is
> missing , so how to diable this.
You can't. It's part of the standard.
> I mean to say postfix should send email based on MX record only and if mx
> record not bound then immediatly b
HI All
Postfix will try to deliver email based on A record suppose the mx record is
missing , so how to diable this .
I mean to say postfix should send email based on MX record only and if mx
record not bound then immediatly bounce the sender .
Regards,
Kshitij
Am 08.04.2011 14:12, schrieb ego...@ramattack.net:
> Is it possible in Postfix to allow just relaying one mail (independent
> of the number of rcpt) per sasl login?. I perhaps could interested on
> this... and I doubt if this can be done natively by postfix.
Use policyd to enforce a sender policy
Daniel Bromberg:
> Just to source it:
>
>[snapshot-2507] For the sake of Sendmail compatibility, the
>Postfix SMTP client skips over SMTP servers that greet with a 4XX
>or 5XX reply code, treating them as unreachable servers. To obtain
>prior behavior (4XX=retry, 5XX=bounce), s
Hi all,
Is it possible in Postfix to allow just relaying one mail (independent
of the number of rcpt) per sasl login?. I perhaps could interested on
this... and I doubt if this can be done natively by postfix.
Thanks a lot.
Bye!!
> [snapshot-2507] For the sake of Sendmail compatibility, the
> Postfix SMTP client skips over SMTP servers that greet with a 4XX
> or 5XX reply code, treating them as unreachable servers. To obtain
> prior behavior (4XX=retry, 5XX=bounce), specify
> "smtp_skip_4xx_greeting = no" and "smtp_skip
On 4/8/2011 2:45 AM, Ralf Hildebrandt wrote:
* Jean-Sébastien Kroll-Rabotin:
Hi,
When my Postfix server sends some mail from addresses in the local
domain, permanent errors (5XX) are treated as temporary errors (4XX)
and mail is delayed while it should definitely fail.
From your logs I cannot
52 matches
Mail list logo
