Hannes Lau:
> Dear Postfix users,
>
> I am trying to bounce all messages to a specific domain with a
> multi-line message. To do so, I added the error mailer to my
> /etc/postfix/transport and specified a bounce reason like this:
>
> domainname.tld error: first line of message \n
> second lin
On Fri, Jan 04, 2013 at 12:30:50PM -0500, Robert Moskowitz wrote:
> >There is nothing wrong with "CA:true" in a self-signed SSL certificate.
>
> By some definitions of 'wrong' :)
>
> You may not have attended the same sort of PKI policy meetings that
> I lived through! But since this is in larg
Am 04.01.2013 21:41, schrieb Hannes Lau:
>
> Dear Postfix users,
>
> I am trying to bounce all messages to a specific domain with a multi-line
> message. To do so, I added the error
> mailer to my /etc/postfix/transport and specified a bounce reason like this:
>
> domainname.tld error: first
Dear Postfix users,
I am trying to bounce all messages to a specific domain with a
multi-line message. To do so, I added the error mailer to my
/etc/postfix/transport and specified a bounce reason like this:
domainname.tld error: first line of message \n
second line of message \n
third lin
On 01/04/2013 11:38 AM, Viktor Dukhovni wrote:
On Fri, Jan 04, 2013 at 12:57:00AM -0500, Robert Moskowitz wrote:
I was noticing an error in /var/log/httpd/ssl_error_log about the
cert having basicConstraints: CA=TRUE
If some HTTP server does not like self-signed SSL certs with CA=TRUE,
that'
On Fri, Jan 04, 2013 at 10:09:44AM +0100, Kristof Bajnok wrote:
> On 01/04/2013 04:13 AM, Viktor Dukhovni wrote:
> >>> from the alias form to the canonical form. This will also validate
> >>> > > the alias form as a valid address in RCPT TO commands.
> >> >
> >> > Unfortunately, I can not accompl
On Fri, Jan 04, 2013 at 12:57:00AM -0500, Robert Moskowitz wrote:
> >>I was noticing an error in /var/log/httpd/ssl_error_log about the
> >>cert having basicConstraints: CA=TRUE
> >
> >If some HTTP server does not like self-signed SSL certs with CA=TRUE,
> >that's its own problem. Postfix will no
On 1/4/2013 9:19 AM, Viaduct Productions wrote:
> Hi folks.
>
> I'm using some middleware to generate an email that's sent to Mac OSX
> Server's installation of postfix. The email never gets through, and I don't
> know why. I've had some suggestions which I will post below, but nothing
> seem
On 1/4/13 9:53 AM, Viaduct Productions wrote:
Hi there.
Actually I have a full email client on my workstation using that as an outgoing
SMTP server. Only the middleware has problems. Having changed directives for
better verbosity, this is what just happened, without authentication:
Jan 4 1
On 1/4/13 9:19 AM, Viaduct Productions wrote:
Hi folks.
I'm using some middleware to generate an email that's sent to Mac OSX Server's
installation of postfix. The email never gets through, and I don't know why.
I've had some suggestions which I will post below, but nothing seems to work.
Hi folks.
I'm using some middleware to generate an email that's sent to Mac OSX Server's
installation of postfix. The email never gets through, and I don't know why.
I've had some suggestions which I will post below, but nothing seems to work.
I am not authenticating, and I've tried authenti
Am 04.01.2013 14:56, schrieb polloxx:
> I have a question regarding greylisting:
>
> Some of our users are complaining mails have a large delay, especially
> those from providers like gmail. This is because these use different
> IP addresses on each delivery attempt.
> Using listgrey is not an opt
Harakiri:
> > All features are described in http://www.postfix.org/TLS_README.html
>
> Is that another way of saying - NO HSM is not supported - because
> i read that document, there is no mentioning of openssl engine,
> or HSM.
If a feature is not documented then it is not supported.
> Here is
--- On Fri, 1/4/13, Wietse Venema wrote:
> From: Wietse Venema
> Subject: Re: TLS Server Key on HSM
> To: "Postfix users"
> Date: Friday, January 4, 2013, 9:12 AM
> Harakiri:
> > Is it possible to not only configure a key (pem) file
> for the
> > server key but also a location on a secure tok
* polloxx 2013.01.04 15:20:
> We use postfix-gld.
That seems to have gathered some dust. Anyway you should be able to
whitelist the affected domains _before_ the check_policy_service
statement:
check_client_access hash:/etc/postfix/client_access
...or the like.
Thomas
signature.asc
Descri
On Fri, Jan 4, 2013 at 3:13 PM, Thomas Leuxner wrote:
> * polloxx 2013.01.04 14:56:
>
>> Some of our users are complaining mails have a large delay, especially
>> those from providers like gmail. This is because these use different
>> IP addresses on each delivery attempt.
>> Using listgrey is no
* Thomas Leuxner 2013.01.04 15:13:
> You haven't told us what piece of software you are using to
> greylist. Postgrey for instance can overcome such problems
> with 'client_whitelists' and a little regex magic.
>
> Or religiously, don't use greylisting at all but postscreen:
>
> http://www.post
* polloxx 2013.01.04 14:56:
> Some of our users are complaining mails have a large delay, especially
> those from providers like gmail. This is because these use different
> IP addresses on each delivery attempt.
> Using listgrey is not an option.
>
> Anyone who has a solution for this?
You hav
Harakiri:
> Is it possible to not only configure a key (pem) file for the
> server key but also a location on a secure token ? E.g. somehow
> set the openssl engine parameter for postfix instead of using
> smtpd_tls_key_file?
>
> Is the same possible for client authentication (e.g. sending to a
> d
I have a question regarding greylisting:
Some of our users are complaining mails have a large delay, especially
those from providers like gmail. This is because these use different
IP addresses on each delivery attempt.
Using listgrey is not an option.
Anyone who has a solution for this?
Thx,
P.
Is it possible to not only configure a key (pem) file for the server key but
also a location on a secure token ? E.g. somehow set the openssl engine
parameter for postfix instead of using smtpd_tls_key_file?
Is the same possible for client authentication (e.g. sending to a domain which
requires
Michael Blessenohl:
> The security issue is, as far as I understand, that a backup MX uses an
> @ in the local part for internal purposes. Which, in theory, can be
> exploited to use the server as open relay. As long as I don't use a
> backup MX, I don't have an open relay and everything is fine
Am 04.01.2013 12:38, schrieb Michael Blessenohl:
> Well, it doesn't: all this discussion was about receiving e-mails of that
> kind.
> Not about sending them. Sending them is supported by postfix by default.
nonsense
how do you send a message which is not received from the MUA first?
MUA -> p
Am 04.01.2013 11:56, schrieb Jim Reid:
On 4 Jan 2013, at 10:12, Michael Blessenohl wrote:
If there are 'bad ideas' in standards, then why aren't the standards changed?
Because it's hard. And even if improved standards emerge from the IETF - ha! -
there may not be the business or technical in
On 4 Jan 2013, at 10:12, Michael Blessenohl wrote:
> If there are 'bad ideas' in standards, then why aren't the standards changed?
Because it's hard. And even if improved standards emerge from the IETF - ha! -
there may not be the business or technical incentives to adopt them. Or there's
too
Well the three last answers are debate on principles, which I think is
interesting but I don't think this mailinglist is the right place for.
If there are 'bad ideas' in standards, then why aren't the standards
changed? Especially if everybody agrees they are bad? For example I have
a problem w
Michael Blessenohl skrev den 2013-01-03 23:59:
Thanks a lot for the help. There is no firewall messing with SMTP
inbetween. With both options
resolve_dequoted_address = no
allow_untrusted_routing = yes
it finally works. Because I don't have a backup MX, this set-up
should be fairly safe to use.
On 01/04/2013 04:13 AM, Viktor Dukhovni wrote:
>>> from the alias form to the canonical form. This will also validate
>>> > > the alias form as a valid address in RCPT TO commands.
>> >
>> > Unfortunately, I can not accomplish this with a single query.
> Actually, you can:
>
> domain = exam
28 matches
Mail list logo
