Re: Was the Dovecot working well?

2016-11-14 Thread lists
I've run scripts on my logs regarding login attempts. Typically they try "info@" since many websites have that account. (I don't.) They seem to "snow shoe" the attacks. Usually 3 guesses then they go away. The most I had was 5.  Considering the IP address could be shared with someone not hacking

Re: Was the Dovecot working well?

2016-11-14 Thread Sean Greenslade
On Mon, Nov 14, 2016 at 08:21:24PM -0800, vod vos wrote: > so are there any configurations to auto ban this kind of visit, like postfix > postscreen? > > or, I should write firewall rules to do the job? I don't know if dovecot provides such functionality. I personally don't bother, since it quic

Re: Was the Dovecot working well?

2016-11-14 Thread vod vos
so are there any configurations to auto ban this kind of visit, like postfix postscreen? or, I should write firewall rules to do the job? On 星期一, 14 十一月 2016 19:23:53 -0800Sean Greenslade wrote On Mon, Nov 14, 2016 at 06:39:08PM -0800, vod vos wrote:

Re: Was the Dovecot working well?

2016-11-14 Thread Sean Greenslade
On Mon, Nov 14, 2016 at 06:39:08PM -0800, vod vos wrote: > Hi, > > > > when I read the mail.log, I found: > > > > > > Nov 14 14:45:45 mail dovecot: pop3-login: Disconnected (no auth attempts in 2 > secs): user=<>, rip=96.126.111.38, lip=108.61.22.11, TLS handshaking: > SSL_accept() syscal

Was the Dovecot working well?

2016-11-14 Thread vod vos
Hi, when I read the mail.log, I found: Nov 14 14:45:45 mail dovecot: pop3-login: Disconnected (no auth attempts in 2 secs): user=<>, rip=96.126.111.38, lip=108.61.22.11, TLS handshaking: SSL_accept() syscall failed: Connection reset by peer, session= Nov 14 14:45:47

Re: Let's Encrypt + Postfix TLS + iOS Mail

2016-11-14 Thread lists
Have you tried to add the certs to the root store on your phone? I'm not on an iPhone, but that is what I did for Let's Encrypt. And it doesn't seem to always work.There was a thread I started a while ago on just

SV: Let's Encrypt + Postfix TLS + iOS Mail

2016-11-14 Thread Sebastian Nielsen
You need to be more clear here. When you say Gmail account on port 587 I don’t entirely understand what you are doing. Are you using Gmail as upstream smarthost? This does not then have any bearing on what clients see or react to, as your server acts as a proxy to Gmail. If the iOS mail cli

Re: postfix only resolving ipv6 name from google server

2016-11-14 Thread James D. Parra
James D. Parra: > The logs are as follows; > > Nov 12 13:49:05 mail postfix/smtp[15313]: connect to > alt1.aspmx.l.google.com[2607:f8b0:4001:c0f::1a]:25: Network is unreachable > Nov 12 13:49:05 mail postfix/smtp[15313]: connect to > alt2.aspmx.l.google.com[2607:f8b0:4002:c03::1a]:25: Network i

Re: Let's Encrypt + Postfix TLS + iOS Mail

2016-11-14 Thread Viktor Dukhovni
> On Nov 14, 2016, at 9:08 PM, Steve Jenkins wrote: > > # postconf -n | grep tls > smtp_tls_CAfile = $smtpd_tls_CAfile > smtp_tls_loglevel = 1 > smtp_tls_security_level = may The above, being outgoing (SMTP client) settings have no bearing on the TLS behaviour of your server when receiving mail

Let's Encrypt + Postfix TLS + iOS Mail

2016-11-14 Thread Steve Jenkins
I've had TLS working great on my Postfix servers for years, and I recently tried switching one of my boxes to a Let's Encrypt certificate. A Gmail test account using TLS on port 587 works fine, but the iOS mail client complains about the certificate being untrusted. Further digging shows it doesn't

Re: Dovecot SASL

2016-11-14 Thread Wietse Venema
Silvio Siefke: > Hello, > > i install today postfix and all work, I think so, but SMTP-AUTH make > trouble again. > > I become: > > 554 5.7.1 : Helo command rejected: Host not found > > Have someone Idea what can change? When I use SMTP-AUTH why check helo? Because you configured Postfix to

Re: use of dash [and other] characters in parameter names

2016-11-14 Thread Wietse Venema
btb: > by chance, i happened to create a parameter which used a dash in the > name, and was referencing it in another parameter, e.g.: > > foo-param = foo > bar_param = ${foo-param} > > upon restart, postfix complained about this: > > postconf: warning: macro name syntax error: "foo-param" > pos

Re: postfix only resolving ipv6 name from google server

2016-11-14 Thread Wietse Venema
James D. Parra: > The logs are as follows; > > Nov 12 13:49:05 mail postfix/smtp[15313]: connect to > alt1.aspmx.l.google.com[2607:f8b0:4001:c0f::1a]:25: Network is unreachable > Nov 12 13:49:05 mail postfix/smtp[15313]: connect to > alt2.aspmx.l.google.com[2607:f8b0:4002:c03::1a]:25: Network is

Re: postfix only resolving ipv6 name from google server

2016-11-14 Thread James D. Parra
> Let me know if you need any other details. Well, this would be a good time to post the output of "postconf -n", "postconf -Mf" (assuming sufficiently recent version of Postfix, else the master.cf pruned of comment lines) and any pertinent transport table entries. Also output from prior delive

Re: postfix only resolving ipv6 name from google server

2016-11-14 Thread Viktor Dukhovni
> On Nov 14, 2016, at 5:14 PM, James D. Parra wrote: > > The logs are as follows; > > Nov 12 13:49:05 mail postfix/smtp[15313]: connect to > alt1.aspmx.l.google.com[2607:f8b0:4001:c0f::1a]:25: Network is unreachable > Nov 12 13:49:05 mail postfix/smtp[15313]: connect to > alt2.aspmx.l.google.

Re: postfix only resolving ipv6 name from google server

2016-11-14 Thread James D. Parra
> On Nov 14, 2016, at 2:58 PM, James D. Parra wrote: > > When attempting to send an email to a particular domain,lowlypalace.io, > postfix only gets the ipv6 address and does not fall back to the ipv4 > address. For example; > > status=deferred (connect to aspmx2.googlemail.com[2607:f8b0:4001

Re: postfix only resolving ipv6 name from google server

2016-11-14 Thread Viktor Dukhovni
> On Nov 14, 2016, at 2:58 PM, James D. Parra wrote: > > When attempting to send an email to a particular domain,lowlypalace.io, > postfix only gets the ipv6 address and does not fall back to the ipv4 > address. For example; > > status=deferred (connect to aspmx2.googlemail.com[2607:f8b0:4001

use of dash [and other] characters in parameter names

2016-11-14 Thread btb
by chance, i happened to create a parameter which used a dash in the name, and was referencing it in another parameter, e.g.: foo-param = foo bar_param = ${foo-param} upon restart, postfix complained about this: postconf: warning: macro name syntax error: "foo-param" postconf: fatal: macro proce

Dovecot SASL

2016-11-14 Thread Silvio Siefke
Hello, i install today postfix and all work, I think so, but SMTP-AUTH make trouble again. I become: 554 5.7.1 : Helo command rejected: Host not found Have someone Idea what can change? When I use SMTP-AUTH why check helo? Thank you Silvio Log Nov 14 21:54:53 postfix/smtpd[24576]: NOQUEUE

postfix only resolving ipv6 name from google server

2016-11-14 Thread James D. Parra
Hello Postfix Group, When attempting to send an email to a particular domain,lowlypalace.io, postfix only gets the ipv6 address and does not fall back to the ipv4 address. For example; status=deferred (connect to aspmx2.googlemail.com[2607:f8b0:4001:c08::1a]:25: Network is unreachable) There

Re: Full encryption

2016-11-14 Thread Karel
> On 2016-11-14 05:34, Peter wrote: > 3. Make sure you have plenty of RAM, and disable swap if you want to > make absolutely certain that plain text won't get swapped out to disk. You don't have to disable swap. Swap partition can be encrypted too, as well as /home, /var or wherever emails are st