On 25 Jan 2018, at 21:30 (-0500), MK wrote:
Hosting provider has machine1.hostingdomain.com
machine2.hostingdomain.com and machine3.hostingdomain.com. One of
their customers customerdomain.com comes on board with DNS changes and
adds their mailboxes. Their employees don’t want to see
Hostingd
> On Jan 25, 2018, at 10:06 PM, MK wrote:
>
> OpenSSL implementations (OpenSSL 0.9.8 mainly which is used in Debian 8
> and others of that era of a few years ago) can't handle a server with SNI
> certificates and fails to connect.
This is not an accurate description of the problem. The real p
OpenSSL implementations (OpenSSL 0.9.8 mainly which is used in Debian 8 and
others of that era of a few years ago) can't handle a server with SNI
certificates and fails to connect. This is older --client-- openssl versions
which we saw remote machines on the internet connecting as.
Incorrect op
> On Jan 25, 2018, at 9:30 PM, MK wrote:
>
> I’d request considering allowing the SNI to be enabled per port.
Each port gets its own entry in master.cf, so you will certainly
be able to enable or disable SNI support for a given TCP endpoint.
> While using it in production we found a very smal
Amazing! Thanks!
I’d request considering allowing the SNI to be enabled per port. While using it
in production we found a very small number (<1%) of mail servers sending to our
server didn’t like SNI- likely ancient mail servers. That said, we didn’t find
any clients (outlook, phones, etc) tha
> On Jan 25, 2018, at 8:51 PM, Anvar Kuchkartaev wrote:
>
> For dns optimizations I recommend to put other domain1 MX hosts IP addresses
> to the /etc/hosts file and disable postfix dns lookups so you will reduce
> volume of dns lookups dramatically.
This is not good advice, it breaks delivery
You need to optimize 2 topics1. DNS2. ConnectionsFor dns optimizations I recommend to put other domain1 MX hosts IP addresses to the /etc/hosts file and disable postfix dns lookups so you will reduce volume of dns
On Thu, Jan 25, 2018 at 03:50:24PM -0500, Tech Gurus wrote:
> I have single mail server that send relatively large amounts of emails at
> least 3 times a day ranging from 15K to 50K each time ..
This is in general terms not a lot of mail for Postfix to handle.
Medium volume Postfix servers run at
I am using 2.10.1-6 RPM.
On Thu, Jan 25, 2018 at 6:17 PM, Anvar Kuchkartaev
wrote:
> What version of postfix are you using?
>
> Anvar Kuchkartaev
> an...@anvartay.com
> *From: *Tech Gurus
> *Sent: *jueves, 25 de enero de 2018 21:50
> *To: *postfix-users@postfix.org
> *Subject: *Configure Postfix
> On Jan 25, 2018, at 5:52 PM, Bill Cole
> wrote:
>
>> I found this discussion circa 2015 (
>> http://postfix.1071664.n5.nabble.com/postfix-and-multiple-TLS-certificates-td80968.html
>> ) which references the request, but it doesn't seem to have come into
>> fruition.
>
> That thread also
What version of postfix are you using?
On 25 Jan 2018, at 16:17 (-0500), MK wrote:
There were some discussions in 2015 and more recently about SNI
support.
For IMAP/POP, dovecot (which allows SNI support) has a configuration
like this in our setup:
local_name imap.example.org { ssl_cert =
{ ssl_cert =
Moving from a perl-based
There were some discussions in 2015 and more recently about SNI support.
For IMAP/POP, dovecot (which allows SNI support) has a configuration like this
in our setup:
local_name imap.example.org { ssl_cert = http://postfix.1071664.n5.nabble.com/postfix-and-multiple-TLS-certificates-td80968.html
Hello,
I have single mail server that send relatively large amounts of emails at
least 3 times a day ranging from 15K to 50K each time ..
80% of emails are going to one domain owned by my company *(Domain1)*.. The
current mail flow does around 1K-1.2K per minute , this is CentOS 7 VM ( 4
CPU/8GB
On Thu, Jan 25, 2018 at 11:02:51AM -0500, Zach Sheppard wrote:
> Is it possible to exempt one sender from receiving non-delivery
> notifications? We have a DMARC policy that forces DKIM headers on all mail
> and when Postfix sends a non-delivery notification to this bulk mail sender
> (a fake e-mai
On 25 January 2018 at 16:42, Dominic Raferd wrote:
>
>
>
> On 25 January 2018 at 16:02, Zach Sheppard
> wrote:
>>
>> Is it possible to exempt one sender from receiving non-delivery
>> notifications? We have a DMARC policy that forces DKIM headers on all mail
>> and when Postfix sends a non-del
On 1/25/2018 10:11 AM, Alex wrote:
> Can someone help me understand how this IP is being rejected?
>>
>>
> Jan 22 05:51:11 mail03 postfix/smtpd[21852]: NOQUEUE: reject: RCPT
> from mail-qt0-f174.google.com[209.85.216.174]: 554 5.7.1
> : Sender address rejected: Domain is spam;
>
On 25 January 2018 at 16:02, Zach Sheppard
wrote:
> Is it possible to exempt one sender from receiving non-delivery
> notifications? We have a DMARC policy that forces DKIM headers on all mail
> and when Postfix sends a non-delivery notification to this bulk mail sender
> (a fake e-mail alias) it
Hi,
On Thu, Jan 25, 2018 at 10:09 AM, Matus UHLAR - fantomas
wrote:
>>> On 25.01.18 09:13, Alex wrote:
Can someone help me understand how this IP is being rejected?
>
>
Jan 22 05:51:11 mail03 postfix/smtpd[21852]: NOQUEUE: reject: RCPT
from mail-qt0-f174.google.com[209.85.216.
Is it possible to exempt one sender from receiving non-delivery
notifications? We have a DMARC policy that forces DKIM headers on all mail
and when Postfix sends a non-delivery notification to this bulk mail sender
(a fake e-mail alias) it fails because of our DMARC policy.
I have set notify_class
On 25.01.18 09:13, Alex wrote:
Can someone help me understand how this IP is being rejected?
Jan 22 05:51:11 mail03 postfix/smtpd[21852]: NOQUEUE: reject: RCPT
from mail-qt0-f174.google.com[209.85.216.174]: 554 5.7.1
: Sender address rejected: Domain is spam;
from= to= proto=ESMTP
helo=
it's
Hi,
On Thu, Jan 25, 2018 at 9:45 AM, Matus UHLAR - fantomas
wrote:
> On 25.01.18 09:13, Alex wrote:
>>
>> I'm trying to understand where this message is coming from. The IP
>> resolves to a google address, and is blacklisted on sorbs and others,
>> but postscreen also says it was whitelisted here
On 25.01.18 09:13, Alex wrote:
I'm trying to understand where this message is coming from. The IP
resolves to a google address, and is blacklisted on sorbs and others,
but postscreen also says it was whitelisted here.
I'm not directly rejecting this IP on my system and also don't see
"Domain is
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,
reject_unauth_pipelining,
reject_invalid_helo_hostname,
reject_non_fqdn_helo_hostname,
check_helo_access hash:/etc/postfix/helo_acl,
reject_unknown_helo_hostname,
permit
On Jan 22, 2018, at 8:43 AM, Matu
Hi,
I'm trying to understand where this message is coming from. The IP
resolves to a google address, and is blacklisted on sorbs and others,
but postscreen also says it was whitelisted here.
I'm not directly rejecting this IP on my system and also don't see
"Domain is spam" anywhere.
Can someone
Sohin Vyacheslav:
>
>
> 25.01.2018 11:39, Sohin Vyacheslav ?:
>
> > is enough to add in master.cf
> > smtp inet n - n - 100 smtpd -o
> > stress=yes
> >
> > and then reload Postfix process?
> >
>
> or automatic stress-adaptive behavior is enabled by defau
25.01.2018 11:39, Sohin Vyacheslav пишет:
> is enough to add in master.cf
> smtp inet n - n - 100 smtpd -o
> stress=yes
>
> and then reload Postfix process?
>
or automatic stress-adaptive behavior is enabled by default and no need
to add something to main.cf
Hi,
Now my Postfix run with empty value stress= :
$ ps auxw | grep smtpd
postfix 26176 0.0 0.0 92072 4812 ?S09:30 0:00 smtpd
-n smtp -t inet -u -o stress= -o
To enable automatic stress-adaptive behavior with these default parameters:
smtpd_timeout = ${stress?{10}:{300}}s
smtpd_
On Wed, 24 Jan 2018, Harald Koch wrote:
It's not sooo complicated:
The length of your message contradicts that statement.
Well, I assumed that for people who operate a proper postfix instance 3
different command sets and creating two files is't complicated. If that
assumption is untrue an
On Jan 24, 2018, at 9:25 PM, li...@lazygranch.com wrote:
postfix/smtpd[14755]: warning: TLS library problem: error:140760FC:SSL
routines:SSL23_GET_CLIENT_HELLO:unknown protocol:s23_srvr.c:640:
Should I be blocking some encryption method? I thought openssl dropped
support for the hackable protoco
On 25.01.18 12:43, Voytek wrote:
in the past, I've usually entered remote office IPs into mynetworks
is putting remote office IPs into mynetworks, is that something that was
done in the past, with sending on port 25, but not anymore with using
submission ?
I currently have old_mail_server, new_
31 matches
Mail list logo
