Re: Feasible to encrypt the virtual_mailbox_base directory with ecryptfs?

On 2017-05-20 20:33:01 (-0700), pbw wrote: Has anyone tried to do this? Was it feasible? As long as the encryption is transparent to Postfix, it shouldn't matter. I run all my mail systems on encrypted volumes. Philip -- Philip Paeps Senior Reality Engineer Ministry of Information

Re: TLS warning

On 2017-05-24 14:54:34 (+0200), Bastian Blank wrote: On Wed, May 24, 2017 at 02:41:01AM -0700, li...@lazygranch.com wrote: ‎You shouldn't be accepting sslv3 due to the poodle attack. https://en.m.wikipedia.org/wiki/POODLE Please explain how exactly SMTP is exploitable using POODLE? There a

Re: Issue with SASL authentication

Hi again. On 24/05/17 17:46, Daniel Bareiro wrote: > Maybe this question is not 100% about Postfix, but it is related. I am > configuring a Postifx server with SASL authentication. > > When I do a test to authenticate, I get an error: > >

Re: Relay access denied

> On May 24, 2017, at 5:05 PM, alexvojproc wrote: > > smtpd_tls_cert_file=/etc/letsencrypt/live/REDACTED/fullchain.pem > smtpd_tls_key_file=/etc/letsencrypt/live/REDACTED/privkey.pem > smtpd_use_tls=yes The non-obsolete setting is: smtpd_tls_security_level = may though if this is a su

Multiple recipients in BCC will not relay if it contains one bad email address.

Hi Everyone first time posting, I am hoping you can help me. We have an issue when an email sent to multiple emails via BCC is deleted if an invalid email address is in the list. The email is discarded all together and I don't see any logs other then the bounces. They need to send via BCC for priva

Re: Relay access denied

I forgot to add log info (although there's nothing particularly useful): May 24 19:39:22 server postfix/smtpd[2506]: connect from REDACTED May 24 19:39:22 server postfix/smtpd[2506]: NOQUEUE: reject: RCPT from REDACTED: 454 4.7.1 : Relay access denied; from= to= proto=ESMTP helo= -- View this m

Relay access denied

I have a Google Compute VM that I would like to use as a mail server. However, outgoing ports 25, 465, and 587 are blocked so I must use a third-party mail service. I followed the instructions for Mailjet , but I changed inet_interfaces to all. I have

Issue with SASL authentication

Hi all! Maybe this question is not 100% about Postfix, but it is related. I am configuring a Postifx server with SASL authentication. When I do a test to authenticate, I get an error: -- root@server2:~# saslpasswd2 -c daniel ---

Re: TLS warning

Viktor, LazyG This is not nonsense, as I learned something from it. Now I will go and check whether it is enabled. And thanks for mentioning foundations and family etc. That is also useful. Maybe we should be a bit more polite to other folks in the list, we are mostly 'in the same boat'. Cheers

Re: Why am I accepting this email?

D'Arcy Cain: > On 2017-05-24 11:11 AM, Wietse Venema wrote: > >> I still don't understand why I accepted the email anyway. The user > >> didn't exist. > > > > Because relay recipients are blocked only when relay_recipient_maps > > lists the 'valid' recipients; this is not a required setting. > >

Re: Why am I accepting this email?

> On May 24, 2017, at 11:17 AM, D'Arcy Cain wrote: > >> Because relay recipients are blocked only when relay_recipient_maps >> lists the 'valid' recipients; this is not a required setting. > > So would this setting make sense? > > relay_recipient_maps = $virtual_maps, $alias_maps Mailboxes li

Re: TLS warning

> On May 24, 2017, at 5:30 AM, Rick Leir wrote: > > Should this TLS warning worry me? No. > May 23 11:35:43 myHostName postfix/smtpd[6619]: SSL_accept error from > sonic310-27.consmr.mail.ne1.yahoo.com[66.163.186.208]: 0 > May 23 11:35:43 myHostName postfix/smtpd[6619]: warning: TLS library p

Re: TLS warning

> On May 24, 2017, at 5:41 AM, li...@lazygranch.com wrote: > > ‎You shouldn't be accepting sslv3 due to the poodle attack. > > https://en.m.wikipedia.org/wiki/POODLE > > A search should indicate what to change to reject sslv3. > > Of course there still could be other things that need fixing. ;

Re: Why am I accepting this email?

--On May 24, 2017 at 9:25:30 AM -0400 D'Arcy Cain wrote: The following is in my logs. I have no server called nan.vex.net and no user called aida.wanda. I don't see anything in main.cf that looks like a wild card entry. Can anyone suggest why I would be accepting this message in the first pl

Re: Why am I accepting this email?

D'Arcy Cain skrev den 2017-05-24 17:17: On 2017-05-24 11:11 AM, Wietse Venema wrote: I still don't understand why I accepted the email anyway. The user didn't exist. Because relay recipients are blocked only when relay_recipient_maps lists the 'valid' recipients; this is not a required settin

Re: Why am I accepting this email?

On 2017-05-24 11:11 AM, Wietse Venema wrote: I still don't understand why I accepted the email anyway. The user didn't exist. Because relay recipients are blocked only when relay_recipient_maps lists the 'valid' recipients; this is not a required setting. So would this setting make sense? r

Re: Why am I accepting this email?

D'Arcy Cain: > On 2017-05-24 09:53 AM, Wietse Venema wrote: > > D'Arcy Cain: > >> On 2017-05-24 09:30 AM, Benny Pedersen wrote: > >>> D'Arcy Cain skrev den 2017-05-24 15:25: > The following is in my logs. > >>> > >>> provide postconf -n to get more help > >> > >> I knew I forgot something. > >

Re: Recipient Restrictions

On 5/24/2017 8:11 AM, GP wrote: > Hi all, > > is it possible to have restrictions that apply to certain users only > with postfix ? Yes, using either smtpd_restriction_classes or an external policy service. http://www.postfix.org/RESTRICTION_CLASS_README.html http://www.postfix.org/SMTPD_POLICY_R

Re: Why am I accepting this email?

On 2017-05-24 09:53 AM, Wietse Venema wrote: D'Arcy Cain: On 2017-05-24 09:30 AM, Benny Pedersen wrote: D'Arcy Cain skrev den 2017-05-24 15:25: The following is in my logs. provide postconf -n to get more help I knew I forgot something. Postfix before 3.0 by default accepts for relay all

Re: Why am I accepting this email?

D'Arcy Cain: > On 2017-05-24 09:30 AM, Benny Pedersen wrote: > > D'Arcy Cain skrev den 2017-05-24 15:25: > >> The following is in my logs. > > > > provide postconf -n to get more help > > I knew I forgot something. Postfix before 3.0 by default accepts for relay all domains listed in mydestinati

Re: Why am I accepting this email?

On 2017-05-24 09:30 AM, Benny Pedersen wrote: D'Arcy Cain skrev den 2017-05-24 15:25: The following is in my logs. provide postconf -n to get more help I knew I forgot something. -- D'Arcy J.M. Cain System Administrator, Vex.Net http://www.Vex.Net/ IM:da...@vex.net VoIP: sip:da...@vex.net a

Re: Why am I accepting this email?

D'Arcy Cain skrev den 2017-05-24 15:25: The following is in my logs. provide postconf -n to get more help

Why am I accepting this email?

The following is in my logs. I have no server called nan.vex.net and no user called aida.wanda. I don't see anything in main.cf that looks like a wild card entry. Can anyone suggest why I would be accepting this message in the first place? I really don't want to back-scatter. May 22 20:11:59 s

Recipient Restrictions

Hi all, is it possible to have restrictions that apply to certain users only with postfix ? For example I want some users not to be able to send or receive messages more than 2MB in size . Can it be done ? George

Re: TLS warning

The industry/market/whatever decided the best practice was to stop using ssl3.   This wasn't my call.  Postfix conf file instructions here as well as more information why to stop using it. http://disablessl3.com/   Original Message   From: Bastian Blank Sent: Wednesday, May 24, 2017 5:55 AM

Re: TLS warning

Hi Lists On Wed, May 24, 2017 at 02:41:01AM -0700, li...@lazygranch.com wrote: > ‎You shouldn't be accepting sslv3 due to the poodle attack. > https://en.m.wikipedia.org/wiki/POODLE Please explain how exactly SMTP is exploitable using POODLE? Bastian -- Worlds are conquered, galaxies destroyed

Re: TLS warning

‎You shouldn't be accepting sslv3 due to the poodle attack. https://en.m.wikipedia.org/wiki/POODLE A search should indicate what to change to reject sslv3. Of course there still could be other things that need fixing. ;-)   Original Message   From: Rick Leir Sent: Wednesday, May 24, 2017 2:31 A

TLS warning

Hi All Should this TLS warning worry me? cheers -- Rick Warnings smtpd (total: 1) 1 TLS library problem: error:14094416:SSL routines:SSL3_READ_BYTE... mail.log: May 23 11:35:42 myHostName postfix/smtpd[6619]: connect from sonic310-27.consmr.mail.ne1.yahoo.com[66.163