John Fawcett:
> Hi
>
> is this the right link for the latest experimental release? I can't seem
> to get it to work.
>
> http://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-3.5-20190418.tar.gz
I forgot to upload that release. In the meantime it has been updated
to postfix-3.5-2
On 28/04/2019 23:38, Viktor Dukhovni wrote:
> On Sun, Apr 28, 2019 at 11:17:01PM +0200, John Fawcett wrote:
>
>> is this the right link for the latest experimental release? I can't seem
>> to get it to work.
>>
>> http://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-3.5-20190418.ta
On Sun, Apr 28, 2019 at 11:17:01PM +0200, John Fawcett wrote:
> is this the right link for the latest experimental release? I can't seem
> to get it to work.
>
> http://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-3.5-20190418.tar.gz
The directory contents are:
File:postfi
Hi
is this the right link for the latest experimental release? I can't seem
to get it to work.
http://ftp.porcupine.org/mirrors/postfix-release/experimental/postfix-3.5-20190418.tar.gz
John
Continuing the discussion of a strawman user interface, I see some
opportunities to generalize this and to make some improvements
elsewhere in Postfix.
We start with Postfix access control based on client certificate
feartures:
smtpd_mumble_restrictions =
...
check_tls_access {
m
Dominic Raferd:
> On Sun, 28 Apr 2019 at 16:31, Matus UHLAR - fantomas
> wrote:
>
> > >>>On 27 Apr 2019, at 15:28, TG Servers wrote:
> > But you mean to keep reject_non_fqdn_helo_hostname and
> > reject_invalid_helo_hostname, right?
> >
> > >>On 27 Apr 2019, at 14:28, Bill Cole
> > >> wro
On 4/28/19 6:32 AM, @lbutlr wrote:
>
> The rejects are very cheap (practically free) while processing the pcre file
> takes more resources. My thinking is the order is less stressful.
Yeah, this is my policy too. Straightforward yes/no rules first; run
the messages that pass *those* through th
Viktor Dukhovni:
> The socketmap service could check for DANE TLSA records first,
> and return "dane", it would have to check that the domain is
> DNSSEC signed, and then check whether all of (the first 10 by
> preference to reduce delay) the MX hosts have TLSA records.
A. Schulze:
> That mean the
On Sun, 28 Apr 2019 at 16:31, Matus UHLAR - fantomas
wrote:
> >>>On 27 Apr 2019, at 15:28, TG Servers wrote:
> But you mean to keep reject_non_fqdn_helo_hostname and
> reject_invalid_helo_hostname, right?
>
> >>On 27 Apr 2019, at 14:28, Bill Cole
> >> wrote:
> >>>Yes but as part of smtpd_
On 27 Apr 2019, at 15:28, TG Servers wrote:
But you mean to keep reject_non_fqdn_helo_hostname and
reject_invalid_helo_hostname, right?
On 27 Apr 2019, at 14:28, Bill Cole
wrote:
Yes but as part of smtpd_helo_restrictions with a substantial
check_helo_access map ahead of them which has a bun
Hello Viktor,
Am 27.04.19 um 23:26 schrieb Viktor Dukhovni:
> The socketmap service could check for DANE TLSA records first, and> return
> "dane", it would have to check that the domain is DNSSEC> signed, and then
> check whether all of (the first 10 by preference> to reduce delay) the MX
> ho
On 28 Apr 2019, at 03:00, Allen Coates wrote:
> On 27/04/2019 23:21, @lbutlr wrote:
>>
>> smtpd_helo_restrictions = permit_mynetworks, reject_invalid_helo_hostname,
>>reject_non_fqdn_helo_hostname, check_helo_access
>>pcre:/etc/postfix/helo_checks.pcre permit
> I usually put my access-c
I usually put my access-control lists EARLY, so I have yes / no /
"further-processing" options
Allen C
On 27/04/2019 23:21, @lbutlr wrote:
>
> smtpd_helo_restrictions = permit_mynetworks, reject_invalid_helo_hostname,
> reject_non_fqdn_helo_hostname, check_helo_access
> pcre:/etc/postf
On Sun, 28 Apr 2019 at 07:25, @lbutlr wrote:
> On Apr 27, 2019, at 20:15, Noel Jones wrote:
> >
> > I still use the fqrdns.pcre too, and I can't remember the last false
> negative when it rejected good mail.
>
> Thanks. That’s what I suspected, but confirmation is good to have.
I use it, and f
14 matches
Mail list logo
