Re: Postfix relay - allow authenticated users from any ip

2016-05-26 Thread Peter
On 27/05/16 09:40, Zalezny Niezalezny wrote: > 1. How to configure relay server which will relay all E-mails from > authenticated users from any IP. > My home server external IP is changing very often, so relay server needs > to relay messages from all IPs. I would really appreciete for any > examp

Re: Postfix relay - allow authenticated users from any ip

2016-05-26 Thread Viktor Dukhovni
On Thu, May 26, 2016 at 11:40:22PM +0200, Zalezny Niezalezny wrote: > 1. How to configure relay server which will relay all E-mails from > authenticated users from any IP. main.cf: indexed = ${default_database_type}:${config_directory}/ smtpd_tls_fingerprint_digest = sha256

Postfix relay - allow authenticated users from any ip

2016-05-26 Thread Zalezny Niezalezny
Dear Colleague, I have small server at home (with dynamic IP) with Postfix as MTA. Because I`m using dynamic IP address, I decided to create simple relay server with static IP on amazon aws cloud. Here comes my question: 1. How to configure relay server which will relay all E-mails from authenti

Re: how to replicate Sendmail TLS certificate validation

2016-05-26 Thread Viktor Dukhovni
On Thu, May 26, 2016 at 05:44:28PM +0100, Rob Maidment wrote: > VERIFY verification must have succeeded Note, this does not check the peer name, it only checks the validity of the chain. > VERIFY:bits verification must have succeeded and ${cipher_bits} must > be greater than or equal bits. > ENC

Re: how to replicate Sendmail TLS certificate validation

2016-05-26 Thread Wietse Venema
Rob Maidment: > Looking at the Postfix configuration pages I can see how the > smtp_tls_policy_maps option can be used to enable verification of > remote server certificates When Postfix is the client but there > doesn't seem to be the same level of control over what verification > takes place exac

how to replicate Sendmail TLS certificate validation

2016-05-26 Thread Rob Maidment
Hello Sendmail has a number of TLS certificate validation options described here: http://www.sendmail.co.uk/sm/open_source/docs/m4/starttls.html#allow_con VERIFY verification must have succeeded VERIFY:bits verification must have succeeded and ${cipher_bits} must be greater than or equal bits. EN

Re: Best practices for message routing

2016-05-26 Thread Wietse Venema
Romaneev Vasily: > Hello! > >/External relay 1 > > Smtp client -> milter -> postfix -Local mail >\External relay 2 > > > Now i'm route this messages via transpor

Re: Best practices for message routing

2016-05-26 Thread Viktor Dukhovni
On Thu, May 26, 2016 at 04:30:15PM +0300, Romaneev Vasily wrote: > >/External relay 1 > > Smtp client -> milter -> postfix -Local mail >\External relay 2 > > >

Re: Best practices for message routing

2016-05-26 Thread Romaneev Vasily
Sorry, for confusing, of cause, i route email via header_checks and milter_header_checks /^X-MAC: Local$/i DUNNO /^X-MAC: Relay1$/i FILTER smtp:[smtp.relay1.com]:587 26.05.2016, 16:31, "Romaneev Vasily" : > Hello! > >    / External relay 1 > Smtp

Best practices for message routing

2016-05-26 Thread Romaneev Vasily
Hello! /External relay 1 Smtp client -> milter -> postfix -Local mail \External relay 2 Now i'm route this messages via transport, based on X-MAC header, which set b