On 2014-01-30 00:08, Noel Jones wrote:
250-8 BITMIME
should it not be 8BITMIME ?
On Wed, Jan 29, 2014 at 09:42:00PM -0500, Wietse Venema wrote:
> > If postconf(1) is the same version of Postfix as smtp(8), then you
> > check with "postconf smtp_tls_loglevel". This parameter is not
> > defined when TLS support is not available.
>
> All TLS (and SASL) parameters are defined wh
Viktor Dukhovni:
> On Wed, Jan 29, 2014 at 08:20:44PM -0500, Dennis Putnam wrote:
>
> > > The only other thing that comes to mind is that your "upgrade" may
> > > have installed a version of Postfix with no TLS support. Then none
> > > of these settings matter.
> >
> > Hmmm. I hadn't thought of t
On Wed, Jan 29, 2014 at 08:20:44PM -0500, Dennis Putnam wrote:
> > The only other thing that comes to mind is that your "upgrade" may
> > have installed a version of Postfix with no TLS support. Then none
> > of these settings matter.
>
> Hmmm. I hadn't thought of that. How do I check?
If postco
On 1/29/2014 7:41 PM, Viktor Dukhovni wrote:
> On Wed, Jan 29, 2014 at 07:14:34PM -0500, Dennis Putnam wrote:
>
>> Thanks again for the reply but no joy. I have been using port 587 for a
>> couple of years until this recent problem. The only difference is I had
>> my tls_policy set like this:
> Not
On Wed, Jan 29, 2014 at 07:14:34PM -0500, Dennis Putnam wrote:
> Thanks again for the reply but no joy. I have been using port 587 for a
> couple of years until this recent problem. The only difference is I had
> my tls_policy set like this:
Not "no joy", rather failure to execute correctly. Wha
On 1/29/2014 6:22 PM, Viktor Dukhovni wrote:
> On Wed, Jan 29, 2014 at 05:58:15PM -0500, Dennis Putnam wrote:
>
>> TLS is indeed set via
>>
>> $ postconf -n smtp_tls_policy_maps
>> smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
>>
>> The entry in that file is set to:
>>
>> smtp.att.yahoo.com
On Wed, Jan 29, 2014 at 05:58:15PM -0500, Dennis Putnam wrote:
> TLS is indeed set via
>
> $ postconf -n smtp_tls_policy_maps
> smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
>
> The entry in that file is set to:
>
> smtp.att.yahoo.com may
Your original message reports problems with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 1/29/2014 4:44 PM, Dennis Putnam wrote:
> On 1/29/2014 4:22 PM, li...@rhsoft.net wrote:
>>
>> Am 29.01.2014 22:14, schrieb Dennis Putnam:
>>> I have made yet another discovery. Perhaps this is the
>>> problem. When the EHLO command is send, should
Am 29.01.2014 23:58, schrieb Dennis Putnam:
> Thanks for the reply. Keep in mind this is not a new installation. This
> has been working until recently and still works for servers requiring
> authentication other then smtp.att.yahoo.com. Clearly something must
> have changed for that particular s
On 1/29/2014 4:55 PM, Viktor Dukhovni wrote:
> On Wed, Jan 29, 2014 at 04:14:16PM -0500, Dennis Putnam wrote:
>
>> I have made yet another discovery. Perhaps this is the problem. When the
>> EHLO command is send, should there not be the line:
>>
>> 250-AUTH LOGIN DIGEST-MD5 CRAM-MD5 PLAIN
> To repe
Am 29.01.2014 23:44, schrieb Dennis Putnam:
> On 1/29/2014 4:22 PM, li...@rhsoft.net wrote:
>>
>> Am 29.01.2014 22:14, schrieb Dennis Putnam:
>>> I have made yet another discovery. Perhaps this is the problem. When the
>>> EHLO command is send, should there not be the line:
>> to the destination s
On 1/29/2014 4:22 PM, li...@rhsoft.net wrote:
>
> Am 29.01.2014 22:14, schrieb Dennis Putnam:
>> I have made yet another discovery. Perhaps this is the problem. When the
>> EHLO command is send, should there not be the line:
> to the destination server i assume
>
>> 250-AUTH LOGIN DIGEST-MD5 CRAM-M
On Jan 29, 2014, at 1:42 PM, Noel Jones wrote:
> On 1/29/2014 2:45 PM, Terry Barnum wrote:
>> Last night our mailserver networking seemed to die. This has happened
>> approximately 3 times over the last year but I haven't been able to find
>> what triggers it. In yesterday's mail log just befo
On Wed, Jan 29, 2014 at 10:47:07PM +0100, Klavs Klavsen wrote:
> I currently employ generic rewriting of sourceaddresses, like this:
> smtp_generic_maps = hash:/etc/postfix/generic
> regexp:/etc/postfix/generic_regexp
As described in http://www.postfix.org/ADDRESS_REWRITING_README.html
and in htt
On Wed, Jan 29, 2014 at 04:14:16PM -0500, Dennis Putnam wrote:
> I have made yet another discovery. Perhaps this is the problem. When the
> EHLO command is send, should there not be the line:
>
> 250-AUTH LOGIN DIGEST-MD5 CRAM-MD5 PLAIN
To repeat what I posted previously:
Save everyone some
Hi,
I currently employ generic rewriting of sourceaddresses, like this:
smtp_generic_maps = hash:/etc/postfix/generic
regexp:/etc/postfix/generic_regexp
and rewrite certain senders to a common from address.
I haven't been able to coerce them all to sending from correct from
addresses, so I would
On 1/29/2014 2:45 PM, Terry Barnum wrote:
> Last night our mailserver networking seemed to die. This has happened
> approximately 3 times over the last year but I haven't been able to find what
> triggers it. In yesterday's mail log just before losing networking there is a
> verizon wireless con
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 1/29/2014 3:14 PM, Dennis Putnam wrote:
> On 1/29/2014 9:35 AM, Dennis Putnam wrote:
>> On 1/29/2014 8:49 AM, Dennis Putnam wrote:
>>> On 1/28/2014 9:44 PM, Viktor Dukhovni wrote:
On Tue, Jan 28, 2014 at 09:15:02PM -0500, Dennis Putnam
wr
Am 29.01.2014 22:14, schrieb Dennis Putnam:
> I have made yet another discovery. Perhaps this is the problem. When the
> EHLO command is send, should there not be the line:
to the destination server i assume
> 250-AUTH LOGIN DIGEST-MD5 CRAM-MD5 PLAIN
>
> Is that not what triggers the sasl auth
On 1/29/2014 9:35 AM, Dennis Putnam wrote:
> On 1/29/2014 8:49 AM, Dennis Putnam wrote:
>> On 1/28/2014 9:44 PM, Viktor Dukhovni wrote:
>>> On Tue, Jan 28, 2014 at 09:15:02PM -0500, Dennis Putnam wrote:
>>>
The following is in my main.cf.
smtp_sasl_auth_enable = yes
smtp_sasl_pa
Last night our mailserver networking seemed to die. This has happened
approximately 3 times over the last year but I haven't been able to find what
triggers it. In yesterday's mail log just before losing networking there is a
verizon wireless connection attempt that postscreen rejects due to bar
LuKreme:
>
> On 29 Jan 2014, at 10:31 , Wietse Venema wrote:
>
> >check_recipient_access hash:/etc/postfix/rcpt_access
> >
> > /etc/postfix/rcpt_access
> >a...@domain.comreject
>
> That will reject the entire email, right? I don't think that's
> what the OP wants.
No. It r
On Wed, Jan 29, 2014 at 11:47:31AM -0700, LuKreme wrote:
>
> On 29 Jan 2014, at 10:31 , Wietse Venema wrote:
>
> >check_recipient_access hash:/etc/postfix/rcpt_access
> >
> > /etc/postfix/rcpt_access
> >a...@domain.comreject
>
> That will reject the entire email, right? I d
On 29 Jan 2014, at 10:31 , Wietse Venema wrote:
>check_recipient_access hash:/etc/postfix/rcpt_access
>
> /etc/postfix/rcpt_access
>a...@domain.comreject
That will reject the entire email, right? I don't think that's what the OP
wants.
--
'The only reason we're still ali
On 1/29/2014 9:12 AM, Duncan B. wrote:
>
> Hi all,
>
> I'd appreciate some guidance on how best to achieve a scenario:
>
> I admin a Postfix mail relay for an ISP's DSL users, which has
> recently become subject to being frequently blocked by
> Mimecast/Commtouch. As usual they are not being to
On Wed, Jan 29, 2014 at 12:31:06PM -0500, Wietse Venema wrote:
> > mail from: sen...@foo.bar"
> > rcpt to : "2...@domain.com", "3...@domain.com", "a...@domain.com"
> >
> > I want to
> >
> > "2...@domain.com" and "3...@domain.com" receive this mail.
> > but not "a...@domain.com"
>
> This is wha
Lanfeust troy:
> hi list,
>
> is it possible with postix to:
>
> receive an email from outside for example from
>
> mail from: sen...@foo.bar"
> rcpt to : "2...@domain.com", "3...@domain.com", "a...@domain.com"
>
> I want to
>
> "2...@domain.com" and "3...@domain.com" receive this mail.
> but
Probably you can use this "smtpd_end_of_data_restrictions =
check_policy_service" to tune your send limits.
Marc
Quoting Alessio Cecchi
Il 29/01/2014 14:05, Wietse Venema ha scritto:
Alessio Cecchi:
Il 28/01/2014 18:01, Marc B ha scritto:
Hi,
I've got a small issue with our Postfix
On Wed, Jan 29, 2014 at 08:32:26AM -0600, Rodolfo Gonz?lez Gonz?lez wrote:
> I have a customer who sends and receives a large number of messages
> on a given moment to/from a number of his accounts. He also has an
> account which needs to receive many mail messages with high
> priority, mostly fro
hi list,
is it possible with postix to:
receive an email from outside for example from
mail from: sen...@foo.bar"
rcpt to : "2...@domain.com", "3...@domain.com", "a...@domain.com"
I want to
"2...@domain.com" and "3...@domain.com" receive this mail.
but not "a...@domain.com"
thanks
Created a restriction_classes rule which handles the policy checks now
and I can keep the default restrictions.
[...]
smtpd_restriction_classes =
check_policy_domains
check_policy_domains =
check_policy_service unix:private/tumgreyspf,
check_policy_service inet:127.0.0.
On Wed, Jan 29, 2014 at 03:15:44PM +0100, Patrik B?t wrote:
> The problem though, is that a customer wants to send it mutual
> to us (eg. mta <-> mta), but we can always setup another transport for
> that and tell the customers customer to send mail to that one instead :)
If they are not using
Hi all,
I'd appreciate some guidance on how best to achieve a scenario:
I admin a Postfix mail relay for an ISP's DSL users, which has recently
become subject to being frequently blocked by Mimecast/Commtouch. As
usual they are not being too forthcoming with information as to why the block h
On Wed, Jan 29, 2014 at 08:49:25AM -0500, Dennis Putnam wrote:
> > You have not set "smtp_sasl_auth_enable = yes", and perhaps other
> > required settings are not in fact set as intended.
>
> Thanks for the reply. I did not thing to use -n as normally I use -d.
That's rather useless in this cont
I have below configuration on Postfix 2.3.3 running on centos 5. I would like
to bind outgoing IP to different one for specific mail from domain.
Tried using transportmaps but getting error "Bounced Mail loopbacks to self"
Please help
alias_da
On 1/29/2014 7:12 AM, Alessio Cecchi wrote:
> Il 29/01/2014 14:05, Wietse Venema ha scritto:
>> Alessio Cecchi:
>>> Il 28/01/2014 18:01, Marc B ha scritto:
Hi,
I've got a small issue with our Postfix Relay which doesn't use the
Policyd-Weight daemon or Tumgreyspf which it s
Am 29.01.2014 15:32, schrieb Rodolfo González González:
> I have a customer who sends and receives a large number of messages on a
> given moment to/from a number of his
> accounts. He also has an account which needs to receive many mail messages
> with high priority, mostly from its same
> dom
Good day,
I have a customer who sends and receives a large number of messages on a
given moment to/from a number of his accounts. He also has an account
which needs to receive many mail messages with high priority, mostly
from its same domain, but some messages also coming from Hotmail, Gmail
On 1/29/2014 8:49 AM, Dennis Putnam wrote:
> On 1/28/2014 9:44 PM, Viktor Dukhovni wrote:
>> On Tue, Jan 28, 2014 at 09:15:02PM -0500, Dennis Putnam wrote:
>>
>>> The following is in my main.cf.
>>>
>>> smtp_sasl_auth_enable = yes
>>> smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
>>> smtp
Did you try "file /etc/ssl/zbfmail-cert/2013/mail.server.de.intermediate.
crt"?
May be you will be surprised by the results...
:-)
Fernando
On Wed, Jan 29, 2014 at 12:21 PM, nano wrote:
> On 30/01/2014 12:51 AM, Marko Weber | ZBF wrote:
>
>>
>> hello,
>> viktor or any other.
>>
>> in the postf
On 30/01/2014 12:51 AM, Marko Weber | ZBF wrote:
hello,
viktor or any other.
in the postfix tls readme:" In order to use TLS, the Postfix SMTP server
generally needs a certificate and a private key. Both must be in "PEM"
format. "
i have setup this way in my main.cf:
smtpd_tls_CAfile
On ons 29 jan 2014 14:10:27, Wietse Venema wrote:
> Patrik B?t:
>> And can you somehow explicitly set this to only specified clients to
>> request client certificate?
>
> Yes. Ask client certificates on the (mail client) submission service,
> not on the (mta to mta) port 25 service.
>
> Wiets
On ons 29 jan 2014 14:51:26, Marko Weber | ZBF wrote:
>
> hello,
> viktor or any other.
>
> in the postfix tls readme:" In order to use TLS, the Postfix SMTP
> server generally needs a certificate and a private key. Both must be
> in "PEM" format. "
>
> i have setup this way in my main.cf:
>
> smtp
hello,
viktor or any other.
in the postfix tls readme:" In order to use TLS, the Postfix SMTP server
generally needs a certificate and a private key. Both must be in "PEM"
format. "
i have setup this way in my main.cf:
smtpd_tls_CAfile=
/etc/ssl/zbfm
On 1/28/2014 9:44 PM, Viktor Dukhovni wrote:
> On Tue, Jan 28, 2014 at 09:15:02PM -0500, Dennis Putnam wrote:
>
>> The following is in my main.cf.
>>
>> smtp_sasl_auth_enable = yes
>> smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
>> smtp_sasl_security_options =
> You might think so, but t
Il 29/01/2014 14:05, Wietse Venema ha scritto:
Alessio Cecchi:
Il 28/01/2014 18:01, Marc B ha scritto:
Hi,
I've got a small issue with our Postfix Relay which doesn't use the
Policyd-Weight daemon or Tumgreyspf which it should. The Policy-Weight
daemon is running and listen if I test it and t
Patrik B?t:
> And can you somehow explicitly set this to only specified clients to
> request client certificate?
Yes. Ask client certificates on the (mail client) submission service,
not on the (mta to mta) port 25 service.
Wietse
Alessio Cecchi:
> Il 28/01/2014 18:01, Marc B ha scritto:
> >
> > Hi,
> >
> > I've got a small issue with our Postfix Relay which doesn't use the
> > Policyd-Weight daemon or Tumgreyspf which it should. The Policy-Weight
> > daemon is running and listen if I test it and the config has no errors
> >
Hello!
I have a question regarding the following (smtpd_tls_ask_ccert):
Unfortunately, Netscape clients will either complain if no matching
client certificate is available or will offer the user client a list of
certificates to choose from. Additionally some MTAs (notably some
versions of qmail)
I'm such a giddy goat. Thanks Wietse for your hint.
The check_recipient_access acts as whitelist for policyd.
Mabye, when setting smtpd_restriction_classes I can restrict the
allowed Domains and use policy_service the same time.
Quoting wie...@porcupine.org:
Marc B:
I've got a small issu
Ciao,
According to the Policyd-Weight Howto it can/should be possible to set
it as last instance of the restrictions:
01: smtpd_helo_required = yes # required
02: smtpd_delay_reject = yes # suggested
03:
04: smtpd_recipient_restrictions =
52 matches
Mail list logo
