On Thu, Oct 03, 2013 at 02:45:41PM -0400, Philip Garrett wrote:
> On Oct 3, 2013, at 2:09 PM, Viktor Dukhovni
> wrote:
>
> > Your best bet is a multi-instance configation, with separate inbound
> > and outbound mail processing.
>
> I was afraid of that.
>
> > You have a recipient-specific pol
On Thu, Oct 03, 2013 at 02:48:37PM -0400, micah wrote:
> Regarding tighter mandatory parameters on the submission port - any idea
> what these could reasonably be? For example, if I disable SSLv2/v3 am I
> going to cut off Outlook users?
With Postfix SSLv2 is off by default in the SMTP and LMTP
micah writes:
> Viktor Dukhovni writes:
>
>> On Wed, Oct 02, 2013 at 03:39:06PM -0400, Micah Anderson wrote:
>>
>>> From my understanding of the way postfix currently operates, there is no
>>> smtpd/stmp TLS setting that can be set that would provide a
>>> configuration that would result in a mo
Viktor Dukhovni writes:
> On Wed, Oct 02, 2013 at 03:39:06PM -0400, Micah Anderson wrote:
>
>> From my understanding of the way postfix currently operates, there is no
>> smtpd/stmp TLS setting that can be set that would provide a
>> configuration that would result in a more 'hardened' configurat
On Oct 3, 2013, at 2:09 PM, Viktor Dukhovni wrote:
> Your best bet is a multi-instance configation, with separate inbound
> and outbound mail processing.
I was afraid of that.
> You have a recipient-specific policy, but Postfix content filtering
> happens at the message level on input, hence yo
> Amavis looks at mail coming in from the internet on port 25 so I use it
to verify, It isn't in the pipeline for mail going out though. I looked at
that option first and decided against it for that reason. I'll look again.
Maybe it can be told what parts of itself to use depending on source and
d
On Thu, Oct 03, 2013 at 01:49:11PM -0400, Philip Garrett wrote:
> I have a special-purpose Postfix 2.6 server that is part of a
> content conversion system. I would like to quarantine any outbound
> mail that hasn't been transformed properly. I'd also like to
> quarantine relay mail that hasn't g
On 10/3/2013 12:49 PM, Philip Garrett wrote:
> I have a special-purpose Postfix 2.6 server that is part of a content
> conversion system. I would like to quarantine any outbound mail that hasn't
> been transformed properly. I'd also like to quarantine relay mail that hasn't
> gone through the r
I have a special-purpose Postfix 2.6 server that is part of a content
conversion system. I would like to quarantine any outbound mail that hasn't
been transformed properly. I'd also like to quarantine relay mail that hasn't
gone through the reciprocal transformation.
I can hold the mail using
On 10/03/2013 01:01 AM, Patrick Ben Koetter wrote:
Was choosing dkimproxy a deliberate decision? Are you aware amavis is capable to
DKIM verify incoming and DKIM sign outgoing messages as well? It would
simplify your system since it uses amavis anyway.
Amavis looks at mail coming in from the int
On Wed, Oct 02, 2013 at 09:51:52PM -0400, micah wrote:
> > What would be the point? You accept plaintext mail, but reject
> > mail encrypted with algorithms vulnerable to a costly, but not
> > infeasible brute-force effort?
>
> No, both plaintext and bad crypto would either be soft rejected with
On 03/10/2013 12:56, Wietse Venema wrote:
Mark Goodge:
If the value for mynetworks is contained in a file rather than hardcoded
into main.cf, as per this example from the documentation...
mynetworks = $config_directory/mynetworks
... is it necessary to reload Postfix when the contents of that
Mark Goodge:
> If the value for mynetworks is contained in a file rather than hardcoded
> into main.cf, as per this example from the documentation...
>
> mynetworks = $config_directory/mynetworks
>
> ... is it necessary to reload Postfix when the contents of that file
> changes, or will any cha
On Oct 3, 2013, at 06.30, Mark Goodge wrote:
> I know I could solve the problem by using authentication, but a lot of the
> outbound email is generated by cron scripts on a server inside the network,
> and rewriting all of them to authenticate when sending mail is likely to be
> considerably m
If the value for mynetworks is contained in a file rather than hardcoded
into main.cf, as per this example from the documentation...
mynetworks = $config_directory/mynetworks
... is it necessary to reload Postfix when the contents of that file
changes, or will any changes be picked up immediat
Was choosing dkimproxy a deliberate decision? Are you aware amavis is capable to
DKIM verify incoming and DKIM sign outgoing messages as well? It would
simplify your system since it uses amavis anyway.
* Lynn Dobbs :
> I have a working postfix server (2.8.11) which looks for incoming
> mail on so
16 matches
Mail list logo
