Re: Glibc Vulnerability -- CVE-2015-0235

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 FWIW, in the original advisory at [1], section 4, there is a snippet of C you can use to test whether you are vulnerable. If you are, you should probably upgrade asap. The fact that no exploit for a specific program has been found is no final proof t

Re: Re: Re: Where to set the one only IP address for binding in the address verify?

Helo Viktor 28. Jan 2015 06:10 by postfix-us...@dukhovni.org: > No that's > http://main.cf> . I meant > http://master.cf> . > Ach! That is my reading mistake. > This gets added as an override option to that > http://master.cf > transport definition. > > Clone "smtp unix ... smtp" or "rel

Re: Glibc Vulnerability -- CVE-2015-0235

On 28. jan. 2015 06.50.31 Peter wrote: On 01/28/2015 06:17 PM, Vijay Rajah wrote: > Hello, > > I'm sure most of you are aware of the latest Glibc vulnerability. (FYI: > http://www.openwall.com/lists/oss-security/2015/01/27/9) > > I'm not sure If postfix is vulnerable. I see from that posting th

Re: Re: Where to set the one only IP address for binding in the address verify?

On Wed, Jan 28, 2015 at 06:01:33AM +, srach wrote: > > The setting is per-transport. Therefore you need a suitable > > additional transport entry in master.cf with an > > smtp_bind_address > > override, and a custom address_verify_transport or similar. > > Okay I see the idea. > > In the m

Re: Re: Where to set the one only IP address for binding in the address verify?

Helo Viktor 28. Jan 2015 05:46 by postfix-us...@dukhovni.org: > The setting is per-transport. Therefore you need a suitable > additional transport entry in > http://master.cf> with an > smtp_bind_address > override, and a custom address_verify_transport or similar. > Okay I see the idea.

Re: Glibc Vulnerability -- CVE-2015-0235

On 01/28/2015 06:17 PM, Vijay Rajah wrote: > Hello, > > I'm sure most of you are aware of the latest Glibc vulnerability. (FYI: > http://www.openwall.com/lists/oss-security/2015/01/27/9) > > I'm not sure If postfix is vulnerable. I see from that posting that, > exim under certain configurations,

Re: Where to set the one only IP address for binding in the address verify?

On Wed, Jan 28, 2015 at 05:44:41AM +, srach wrote: > For a client's security reason I must make the IP binding for the address > verification stop to come from a certain IP address. > > How is done to set the IP bind address for the address_verify procedure ONLY, > different than the smtp_b

Where to set the one only IP address for binding in the address verify?

I am working next on the Postfix Recipient address verification step from the document http://www.postfix.org/ADDRESS_VERIFICATION_README.html#recipient. Because I must make the other parts work the parameter in main configuration is set smtp_bind_address = 0.0.0.0 All this works especialy goo

Glibc Vulnerability -- CVE-2015-0235

Hello, I'm sure most of you are aware of the latest Glibc vulnerability. (FYI: http://www.openwall.com/lists/oss-security/2015/01/27/9) I'm not sure If postfix is vulnerable. I see from that posting that, exim under certain configurations, is vulnerable. I think since postfix supports IPV6,

Re: E-mail Log Search Engine v0.9.18 released

Oh nice! Will take a look asap On 26.1.2015 22:26, Nicolas HAHN wrote: Hello there,* *I've released *version 0.9.18 of the ELSE *as a tar.gz archive on Sourceforge: https://sourceforge.net/projects/x-itools/files/X-Itools%20releases/E-mail%20Log%20Search%20Engine/

Re: Error sending email

On Tue, Jan 27, 2015 at 03:13:56AM -0700, saulos wrote: > I installed on Ubuntu server 14.04 Postfix,mysql,dovecot following > instruction on various sites, all test they suggest seems to be OK but when > I try to send email I get this error: > > connect from ec2-54-84-149-96.compute-1.amazonaws.

Re: Policyd not working

> Am 27.01.2015 um 17:53 schrieb rupesh chandurkar > : > > How I can verify my postfix is integrate with "Policyd". postconf -n There must be some check_policy_service somewhere. smtpd_recipient_restrictions = … check_policy_service … Also check with lsof -Pni :PORT_OF_YOUR_SERVICE

Re: How can I enforce TLS for certain sending hosts?

On Tue, Jan 27, 2015 at 03:42:13PM +0100, Ralf Hildebrandt wrote: > Something along the lines of: > smtp_tls_policy_maps = cdb:/etc/postfix/tls-policy > > but for smtpd (if a connection comes in from $HOST, then require > "encrypt", reject otherwise) main.cf: indexed = ${default_data

Policyd not working

Hi All, I am try to configured Policy server for control my outgoing mail by min/hour/day. I create "Quotas" for Outbound rule but it's not work. Also, didn't get any logs in "maillogs" or "cbpolicyd.log". How I can verify my postfix is integrate with "Policyd". Main.cf =

Re: SMTP SASL between different local dmains.

On 27/01/2015 9:35:44 AM, "Stefano Ruberti" wrote: It’s possible to configure Postfix to require SASL authentication for the relay between different local domains? Your question is not clear enough, on what you really want to do. Do you want to relay to local domains or to the local host. S

Re: How can I enforce TLS for certain sending hosts?

Ralf Hildebrandt: > Something along the lines of: > smtp_tls_policy_maps = cdb:/etc/postfix/tls-policy > > but for smtpd (if a connection comes in from $HOST, then require > "encrypt", reject otherwise) reject_plaintext_session? Wietse

How can I enforce TLS for certain sending hosts?

Something along the lines of: smtp_tls_policy_maps = cdb:/etc/postfix/tls-policy but for smtpd (if a connection comes in from $HOST, then require "encrypt", reject otherwise) -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München

Re: SMTP SASL between different local dmains.

I tried but it is not enough -- Stefano Il giorno 27/gen/2015, alle ore 09:47, Benny Pedersen ha scritto: > Stefano Ruberti skrev den 2015-01-27 08:35: >> It’s possible to configure Postfix to require SASL authentication for >> the relay between different local domains? > > sure post postconf

Re: Error sending email

Hi thanks, this is the result: alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes config_directory = /etc/postfix home_mailbox = Maildir/ inet_interfaces = all mailbox_size_limit = 0 mydestination = localhost mydomain

Re: Error sending email

Am 27.01.2015 um 11:13 schrieb saulos: Hi, I'm new to Postfix. I installed on Ubuntu server 14.04 Postfix,mysql,dovecot following instruction on various sites, all test they suggest seems to be OK but when I try to send email I get this error: connect from ec2-54-84-149-96.compute-1.amazonaws.c

Error sending email

Hi, I'm new to Postfix. I installed on Ubuntu server 14.04 Postfix,mysql,dovecot following instruction on various sites, all test they suggest seems to be OK but when I try to send email I get this error: connect from ec2-54-84-149-96.compute-1.amazonaws.com[54.84.149.96] Jan 26 15:51:11 lannet po

Re: SMTP SASL between different local dmains.

Stefano Ruberti skrev den 2015-01-27 08:35: It’s possible to configure Postfix to require SASL authentication for the relay between different local domains? sure post postconf -n first but if you like to try self, remove permit_mynetworks in all places

Re: SMTP SASL between different local dmains.

* Stefano Ruberti : > It’s possible to configure Postfix to require SASL authentication for the > relay between different local domains? You mean Postfix would SASL authenticate itself when it transports a message from itself to itself? p@rick -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 4