On Wed, Feb 26, 2014 at 07:43:25AM +0100, Erwan David wrote:
> > The local resolver can have the resolvers on the LAN configured as
> > forwarders, but you need the local stub resolver. No reason not to have
> > one, really, especially on a busy mail server.
>
> However your "local" resolver co
I’ve updated a working user on this test server from r...@tohuw.net to
r...@joab.tohuw.net. Under the previous address, I could successfully complete
a telnet session and convey mail for r...@tohuw.net to the local MTA.
After changing the user’s mail attribute in LDAP to r...@joab.tohuw.net and
wietse:
I don't know what people are asking for:
1 - Bounce all recipients of one specific queue file
2 - Bouncing only specific recipients
option 1 (for me)
in case of trouble I do
- mailq for visual overview
- pfqgrep -r/-s address -i | postsuper -d -
In this context it would someti
On Wed, Feb 26, 2014 at 12:46:13AM CET, DTNX Postmaster
said:
> On 26 Feb 2014, at 00:29, li...@rhsoft.net wrote:
>
> > Am 25.02.2014 17:41, schrieb Dirk Stöcker:
> >> On Tue, 25 Feb 2014, Viktor Dukhovni wrote:
> smtp_dns_support_level = dnssec
>
> was enough to fix this. I'll s
On Tue, Feb 25, 2014 at 11:30:36PM +0100, Roberto Giordani wrote:
> queue_run_delay = 150s
> minimal_backoff_time = 150s
> maximal_backoff_time = 300s
Reducing the maximal backoff time likely makes things worse, not
better.
--
Viktor.
On Wed, Feb 26, 2014 at 12:54:37AM +0100, li...@rhsoft.net wrote:
> > The local resolver can have the resolvers on the LAN configured as
> > forwarders, but you need the local stub resolver. No reason not to have
> > one, really, especially on a busy mail server
>
> yes, you normally have a loc
Peer Heinlein:
> I'm thinking about a way how to bounce mails manually *without* setting
> up a transport-map. Just bei CLI by the admin for a given Queue-ID.
>
> I'd love having a postsuper-commando to move a mail into "the bounce
> queue". Is something like that possible?
That would require inf
On 2/25/2014 7:50 PM, CSS wrote:
> On Feb 25, 2014, at 7:35 PM, Noel Jones wrote:
>
>> On 2/25/2014 6:06 PM, CSS wrote:
>>>
>>> I wonder if you could do this with a simple policy server? IIRC,
>>> the helo is one of the bits of data passed to the policy server, and
>>> logging the IP, to/from, he
On Feb 25, 2014, at 7:35 PM, Noel Jones wrote:
> On 2/25/2014 6:06 PM, CSS wrote:
>>
>> On Feb 25, 2014, at 9:50 AM, Noel Jones wrote:
>>
>>> On 2/25/2014 4:44 AM, Eivind Olsen wrote:
Hello (or should that be EHLO? :))
It has been a while since I've had a need to change my Postfi
On 26 Feb 2014, at 00:54, li...@rhsoft.net wrote:
> Am 26.02.2014 00:46, schrieb DTNX Postmaster:
>> On 26 Feb 2014, at 00:29, li...@rhsoft.net wrote:
>>> Am 25.02.2014 17:41, schrieb Dirk Stöcker:
On Tue, 25 Feb 2014, Viktor Dukhovni wrote:
>> smtp_dns_support_level = dnssec
>>
On 2/25/2014 6:06 PM, CSS wrote:
>
> On Feb 25, 2014, at 9:50 AM, Noel Jones wrote:
>
>> On 2/25/2014 4:44 AM, Eivind Olsen wrote:
>>> Hello (or should that be EHLO? :))
>>>
>>> It has been a while since I've had a need to change my Postfix
>>> configuration, so I'm a bit rusty. I have searched,
CSS:
> Also a quick question on the patch below - if you're running
> postscreen, and it has decided a sending host is "bad", will the
> connection ever hit the real smtpd daemon and be logged?
When postscreen decides a host is bad it logs the client,
helo, sender, recipient, and will not allow th
On Feb 25, 2014, at 9:50 AM, Noel Jones wrote:
> On 2/25/2014 4:44 AM, Eivind Olsen wrote:
>> Hello (or should that be EHLO? :))
>>
>> It has been a while since I've had a need to change my Postfix
>> configuration, so I'm a bit rusty. I have searched, checked the
>> configuration, etc. No luck
Am 26.02.2014 00:46, schrieb DTNX Postmaster:
> On 26 Feb 2014, at 00:29, li...@rhsoft.net wrote:
>> Am 25.02.2014 17:41, schrieb Dirk Stöcker:
>>> On Tue, 25 Feb 2014, Viktor Dukhovni wrote:
> smtp_dns_support_level = dnssec
>
> was enough to fix this. I'll see how many servers will
On 26 Feb 2014, at 00:29, li...@rhsoft.net wrote:
> Am 25.02.2014 17:41, schrieb Dirk Stöcker:
>> On Tue, 25 Feb 2014, Viktor Dukhovni wrote:
smtp_dns_support_level = dnssec
was enough to fix this. I'll see how many servers will have a
"Verified" connection in the future.
>>>
Am 25.02.2014 17:41, schrieb Dirk Stöcker:
> On Tue, 25 Feb 2014, Viktor Dukhovni wrote:
>>> smtp_dns_support_level = dnssec
>>>
>>> was enough to fix this. I'll see how many servers will have a
>>> "Verified" connection in the future.
>>
>> I hope you read the note about the importance of having
Roberto Giordani:
> Thank you for reply Noel,
> I've found some interesting info about smtp_connection_cache_destinations
> and I've added the IP of my relay.
>
> But to improve the interval between delivery and avoid a large of
> deferred mail what else do you think should I change in my conf?
Thank you for reply Noel,
I've found some interesting info about smtp_connection_cache_destinations
and I've added the IP of my relay.
But to improve the interval between delivery and avoid a large of
deferred mail what else do you think should I change in my conf?
I've already set
queue_run_d
Wietse Venema:
> There is a problem with your patch: it turns off forced DSN for all
> SMTP clients that are serviced by the same SMTP daemon process.
Oh, yes, now I see it too. var_force_dsn_on_success is global per process?
My usecases never trigger that situation.
One point more to use your su
Wietse Venema:
> Assuming that you haven't configured a global policy of "all mail
> deliveries shall use TLS",
that's exactly the limitation Peer has in mind.
Andreas
cderr:
> Greetings,
> We run postfix-2.6.6-2.2.el6_1.x86_64 and I would like to be able to
> temporarily manipulate the filesystem on the mailserver for a specific
> user (me actually), and not have to worry about doing this "quickly"
> before new incoming email arrives. Our authentication
Greetings,
We run postfix-2.6.6-2.2.el6_1.x86_64 and I would like to be able to
temporarily manipulate the filesystem on the mailserver for a specific
user (me actually), and not have to worry about doing this "quickly"
before new incoming email arrives. Our authentication is via LDAP and I
On 2/25/2014 10:10 AM, Andy Rowe wrote:
> This seems like an easy thing to do but I’m still a beginner. I have
> a postfix installation w/ dovecot, SA and postfixadmin. In addition
> to a few virtual domains, I have the linux box in front of an M$
> exchange 2003 server acting as a content filter.
On Tue, 25 Feb 2014, Viktor Dukhovni wrote:
smtp_dns_support_level = dnssec
was enough to fix this. I'll see how many servers will have a
"Verified" connection in the future.
I hope you read the note about the importance of having 127.0.0.1
and/or ::1 as the only nameservers listed in /etc/re
This seems like an easy thing to do but I'm still a beginner. I have a
postfix installation w/ dovecot, SA and postfixadmin. In addition to a
few virtual domains, I have the linux box in front of an M$ exchange
2003 server acting as a content filter. All the emails going to
legitimate accounts in t
On Tue, Feb 25, 2014 at 09:07:13AM -0600, /dev/rob0 wrote:
> > Curious what others (especially Victor) think of this response.
> > Why are they 'firmly against' NSEC's 'enumeration of domains'
> > feature, and the comment about 'very real issues...'...
>
> Good questions. I don't know. I don't ca
On Tue, Feb 25, 2014 at 08:21:14AM -0500, Charles Marcus wrote:
> On 2/24/2014 3:52 PM, /dev/rob0 wrote:
> >On Mon, Feb 24, 2014 at 01:16:39AM +0100, Dirk Stöcker wrote:
> >>Oh yes - DNSSEC. When will it come? In hundred years?
> >
> >Dirk, do you mind explaining this? Are you having trouble
> >fi
On Tue, Feb 25, 2014 at 09:06:50AM +0100, Peer Heinlein wrote:
> At the moment it's a soft failure if a TLS connection fails due to
> cipher or protocol mismatches and if tls-encryption is enforced.
>
> F266840008 3238274 Tue Feb 25 08:32:09 x...@example.com
> (TLS is required, but was not offe
* Viktor Dukhovni :
> On Tue, Feb 25, 2014 at 09:57:13AM +0100, Dirk St?cker wrote:
>
> > smtp_dns_support_level = dnssec
> >
> > was enough to fix this. I'll see how many servers will have a
> > "Verified" connection in the future.
>
> I hope you read the note about the importance of having 127
On 2/25/2014 4:44 AM, Eivind Olsen wrote:
> Hello (or should that be EHLO? :))
>
> It has been a while since I've had a need to change my Postfix
> configuration, so I'm a bit rusty. I have searched, checked the
> configuration, etc. No luck yet.
>
> Is it possible to get Postfix to log the hostn
On Tue, Feb 25, 2014 at 09:57:13AM +0100, Dirk St?cker wrote:
> smtp_dns_support_level = dnssec
>
> was enough to fix this. I'll see how many servers will have a
> "Verified" connection in the future.
I hope you read the note about the importance of having 127.0.0.1
and/or ::1 as the only namese
Peer Heinlein:
> At the moment it's a soft failure if a TLS connection fails due to
> cipher or protocol mismatches and if tls-encryption is enforced.
>
> F266840008 3238274 Tue Feb 25 08:32:09 x...@example.com
> (TLS is required, but was not offered by host
> mx3.me.com.akadns.net[17.172.34.64]
On 2/24/2014 3:52 PM, /dev/rob0 wrote:
On Mon, Feb 24, 2014 at 01:16:39AM +0100, Dirk Stöcker wrote:
On Sun, 23 Feb 2014, Viktor Dukhovni wrote:
If you want scalable security for SMTP, become an early adopter
of DANE TLS, available in Postfix 2.11. Today, you'll be able
to opportunistically a
Wietse Venema:
> Andreas Schulze:
> >
> > Hello,
> >
> > DSN for successfully deliveries are not enabled by default. They have
> > to be requested
> > by an smtp client using extra parameter on RFC5321.MAILFROM an
> > RFC5321.RCPTTO
> >
> > But not every MUA has the ability to do this. Some y
On 2/25/2014 2:57 AM, Roberto Giordani wrote:
> During one day the server deliveries about 40.000 emails, but during
> working hours I receive repeated random periods where the Postfix
> smtp client doesn't open any socket to destination main SMTPD server
> and the maillog file write
>
> dsn=4.4.2
Hello,
I have a working setup with a dedicated MX inbound which deliver via transport
to a postfix / dovecot backend server.
I found some mail, probably with forged "Delivered-To" header that make the
backend bounce with "mail forwarding loop"
Here is the log of the backend :
Feb 25 05:19:37
Andreas Schulze:
>
> Hello,
>
> DSN for successfully deliveries are not enabled by default. They have
> to be requested
> by an smtp client using extra parameter on RFC5321.MAILFROM an RFC5321.RCPTTO
>
> But not every MUA has the ability to do this. Some years ago I had a
> requirement to
>
Roberto Giordani:
> dsn=4.4.2, status=deferred (conversation with
> smtp.xxx.it[xxx.xx.xxx.xxx] timed out while sending MAIL FROM)
>
> This behavior continues for about 5 minutes and on the next queue
> manager run, all emails will be accepted and delivered.
>
> At first time I though the probl
Hello (or should that be EHLO? :))
It has been a while since I've had a need to change my Postfix
configuration, so I'm a bit rusty. I have searched, checked the
configuration, etc. No luck yet.
Is it possible to get Postfix to log the hostname presented to it during
HELO/EHLO? Any configuration
Am 25.02.2014 10:09, schrieb Birta Levente:
> On 25/02/2014 11:02, Andreas Schulze wrote:
>>
>> Birta Levente:
>>
>>> Yes, but you sould give some reason why is bounced ... which IMHO is
>>> something permanent ...
>> good point!
>> # postbounce
>>
>>> so you just set up one time some map and
On 25/02/2014 11:02, Andreas Schulze wrote:
Birta Levente:
Yes, but you sould give some reason why is bounced ... which IMHO is
something permanent ...
good point!
# postbounce
so you just set up one time some map and no more care about that
problem.
just this is unwanted and the reason
Birta Levente:
Yes, but you sould give some reason why is bounced ... which IMHO is
something permanent ...
good point!
# postbounce
so you just set up one time some map and no more care about that problem.
just this is unwanted and the reason for the request.
Andreas
Hello everybody,
I've two servers with Rhel 5.9 and Postfix 2.3.3 installed.
Each Postfix server relay all emails, received from 20 clients, to a
main smptd server with about 200/400 emails in one minute all days
during heavy load hours
This is the main.cf configured
queue_directory = /queue/
On Tue, 25 Feb 2014, Dirk Stöcker wrote:
Hmpf. It says "dane configured with dnssec lookups disabled". Seems I need to
fix the RPM first.
No, a
smtp_dns_support_level = dnssec
was enough to fix this. I'll see how many servers will have a "Verified"
connection in the future.
Ciao
--
http:/
On 25/02/2014 10:49, Andreas Schulze wrote:
Birta Levente:
Why not just delete from the queue?
from senders perspective that message is lost.
sometimes it's useful to clear bounce back to sender.
Yes, but you sould give some reason why is bounced ... which IMHO is
something permanent ... s
Birta Levente:
Why not just delete from the queue?
from senders perspective that message is lost.
sometimes it's useful to clear bounce back to sender.
Andreas
Hello,
DSN for successfully deliveries are not enabled by default. They have
to be requested
by an smtp client using extra parameter on RFC5321.MAILFROM an RFC5321.RCPTTO
But not every MUA has the ability to do this. Some years ago I had a
requirement to
force DSN on successfully deliverie
Hello,
But I have no idea how to use the postfix tools to start a TLS
connection to such an server without sending an email. This requires
too much internal knowledge I fear. Last time I tried to call smtp
tool by hand it told me not to do so and I took that advice.
/usr/sbin/sendmail -f $(
On 25/02/2014 10:10, Peer Heinlein wrote:
I'm thinking about a way how to bounce mails manually *without* setting
up a transport-map. Just bei CLI by the admin for a given Queue-ID.
I'd love having a postsuper-commando to move a mail into "the bounce
queue". Is something like that possible?
Th
Peer Heinlein:
I'm thinking about a way how to bounce mails manually *without* setting
up a transport-map. Just bei CLI by the admin for a given Queue-ID.
I'd love having a postsuper-commando to move a mail into "the bounce
queue". Is something like that possible?
thanks for the question.
I
I'm thinking about a way how to bounce mails manually *without* setting
up a transport-map. Just bei CLI by the admin for a given Queue-ID.
I'd love having a postsuper-commando to move a mail into "the bounce
queue". Is something like that possible?
Peer
--
Heinlein Support GmbH
Schwedter St
At the moment it's a soft failure if a TLS connection fails due to
cipher or protocol mismatches and if tls-encryption is enforced.
F266840008 3238274 Tue Feb 25 08:32:09 x...@example.com
(TLS is required, but was not offered by host
mx3.me.com.akadns.net[17.172.34.64])
I'd like to have this
52 matches
Mail list logo
