On Wed, Nov 13, 2019 at 03:14:36AM +0100, Ján Lalinský wrote:
> Thanks for the insights. However, I am optimistic that for smtp sessions
> this can be made to (mostly) work, because the check for UID of the
> process holding the client port can be done some time after SMTP
> commands have been rec
Thanks for the insights. However, I am optimistic that for smtp sessions
this can be made to (mostly) work, because the check for UID of the
process holding the client port can be done some time after SMTP
commands have been received by Postfix, at which point the connection is
already established.
On Tue, Nov 12, 2019 at 05:13:05PM -0500, Viktor Dukhovni wrote:
> > To achieve this, I'd like to set up Postfix+Linux -based outgoing mail
> > server, possibly with some helper daemon. Any incoming TCP connection on
> > localhost:25 where Postfix listens will be handled in a way dependent on
> >
Dnia 12.11.2019 o godz. 21:56:51 Ján Lalinský pisze:
> To achieve this, I'd like to set up Postfix+Linux -based outgoing mail
> server, possibly with some helper daemon. Any incoming TCP connection on
> localhost:25 where Postfix listens will be handled in a way dependent on
> the UID of the proces
> On Nov 12, 2019, at 3:56 PM, Ján Lalinský wrote:
>
> To achieve this, I'd like to set up Postfix+Linux -based outgoing mail
> server, possibly with some helper daemon. Any incoming TCP connection on
> localhost:25 where Postfix listens will be handled in a way dependent on the
> UID of the p
> On Nov 12, 2019, at 3:52 PM, Bill Cole
> wrote:
>
>> For the record, it is NOT an RFC violation for the EHLO name to
>> differ from the name in the PTR record of the connecting IP.
>
> Right and as was stated & I affirmed: it is explicit in RFC5321 S.4.1.4:
>
> An SMTP server MAY verify th
Matus UHLAR - fantomas skrev den 2019-11-12 12:09:
On 11.11.19 09:29, m3047 wrote:
I (mostly) concur with what Bill Cole says (maybe I'd quibble with the
"2nd clause" part).
Here's a shopworn blade which is in my list of things to rewrite in
Python one day:
http://athena.m3047.net/pub/pe
Dear Postfix users,
I'm trying to set up email sending from local users on a shared
webhosting server. There are hundreds of different domains, each having
unique UNIX UID and they need smtp service directly available on
localhost:25, without any credentials checking. At the same time, I need
the
On 12 Nov 2019, at 14:26, Viktor Dukhovni wrote:
On Nov 11, 2019, at 11:09 AM, Bill Cole
wrote:
mail.namase.de is the HELO (EHLO) name. You must not reject mail
when helo
name differs from DNS name (RFC violation).
True.
For the record, it is NOT an RFC violation for the EHLO name to
di
Fourhundred Thecat:
> On 12/11/2019 17.14, Wietse Venema wrote:
> > Fourhundred Thecat:
> >> On 12/11/2019 16.42, Wietse Venema wrote:
> >>> remove the dependency on the proxymap service.
> >>
> >> you mean change to this ?
> >>
> >> local_recipient_maps = $alias_maps
> >
> > You seem to have no i
> On Nov 11, 2019, at 11:09 AM, Bill Cole
> wrote:
>
>> mail.namase.de is the HELO (EHLO) name. You must not reject mail when helo
>> name differs from DNS name (RFC violation).
>
> True.
For the record, it is NOT an RFC violation for the EHLO name to
differ from the name in the PTR record
You can whitelist with dnswl.org. See:
http://rob0.nodns4.us/postscreen.html
Peter
On 13/11/19 12:26 AM, Roland Freikamp wrote:
Hi,
I'm using postscreen on a mailserver.
Unfortunately, this does not work with some bigger mail providers, since
they send the mail from a random host in their
On 12/11/2019 17.14, Wietse Venema wrote:
> Fourhundred Thecat:
>> On 12/11/2019 16.42, Wietse Venema wrote:
>>> remove the dependency on the proxymap service.
>>
>> you mean change to this ?
>>
>> local_recipient_maps = $alias_maps
>
> You seem to have no idea what proxy:unix:passwd.byname does.
* 황병희:
> i did not setup SPF. Instead i think User-Agent/X-Mailer are
> important.
The contents of these headers are easily faked, so relying on them is
questionable to me. Also, you will encounter User-Agent headers
generated by various libraries, like Java SMTP implementations. Finally,
what ab
Am 12.11.19 um 03:52 schrieb Fourhundred Thecat:
> /usr/sbin/postfix quiet-quick-start
this is Debian specific
https://sources.debian.org/src/postfix/3.4.5-1/debian/patches/09_quiet_startup.diff/
You've to ask on a Debian list because - Wietse already noted - it's unsupported
Andreas
Fourhundred Thecat:
> On 12/11/2019 16.42, Wietse Venema wrote:
> >
> > With this, the Postfix SMTP server will accept mail for non-existent
> > users, the Postfix queue will fill up with bounce messages, and
> > your system will be banned because it sends backscatter email.
> >
> > Instead of dele
On 12/11/2019 16.42, Wietse Venema wrote:
>
> With this, the Postfix SMTP server will accept mail for non-existent
> users, the Postfix queue will fill up with bounce messages, and
> your system will be banned because it sends backscatter email.
>
> Instead of deleting the default setting
> loc
Fourhundred Thecat:
> I noticed that the default local_recipient_maps references proxy. So I
> changed it to empty in main.cf
>
> local_recipient_maps =
With this, the Postfix SMTP server will accept mail for non-existent
users, the Postfix queue will fill up with bounce messages, and
your syste
Hello,
I would like to simplify my postfix setup, and disable
components/services which I don't actually need.
I am not using chroot, and I don't need to "consolidate mysql
connections". So I believe, I don't really need proxymap.
I tried disabling the service by commenting out the lines in mast
> I am a big fan of rigid adherence to rDNS & SPF rules, doing so,
> [...]
Well i don't know what rules are right things. Still i did not setup
SPF. Instead i think User-Agent/X-Mailer are important. In most case
linux softwares[1] have good manners in email world.
Sincerely,
[1] Mutt, ELM, PINE
Fourhundred Thecat:
> > On 2019-11-12 13:08, Wietse Venema wrote:
> >
> > Fourhundred Thecat:
> >> If I am using simplest possible setup (single instance, no chroot), and
> >> I don't delete queue directories, can I simply skip postfix-script and
> >> post-install and start master directly from /et
Jaroslaw Rafa:
> Dnia 12.11.2019 o godz. 12:26:51 Roland Freikamp pisze:
> >
> > I'm using postscreen on a mailserver.
> >
> > Unfortunately, this does not work with some bigger mail providers, since
> > they send the mail from a random host in their mail-server-cluster, so
> > postscreen sees a
On 11/12/2019 6:27 AM, Jaroslaw Rafa wrote:
Dnia 12.11.2019 o godz. 12:26:51 Roland Freikamp pisze:
I'm using postscreen on a mailserver.
Unfortunately, this does not work with some bigger mail providers, since
they send the mail from a random host in their mail-server-cluster, so
postscreen
On 11/12/2019 6:33 AM, Dusan Obradovic wrote:
On Nov 11, 2019, at 2:27 PM, ratatouille wrote:
Hello all!
Received: from mail.namase.de (s1.bomberg.city [62.173.139.77])
I would like to reject incoming email if dns- and rdns-entries differ.
Does this make sense and how could I achieve this?
> On 2019-11-12 13:08, Wietse Venema wrote:
>
> Fourhundred Thecat:
>> If I am using simplest possible setup (single instance, no chroot), and
>> I don't delete queue directories, can I simply skip postfix-script and
>> post-install and start master directly from /etc/init.d/postfix, ie ?
>>
>> /
> On Nov 11, 2019, at 2:27 PM, ratatouille wrote:
>
> Hello all!
>
> Received: from mail.namase.de (s1.bomberg.city [62.173.139.77])
>
> I would like to reject incoming email if dns- and rdns-entries differ.
> Does this make sense and how could I achieve this?
>
> Kind regards
>
> Andreas
Dnia 12.11.2019 o godz. 12:26:51 Roland Freikamp pisze:
>
> I'm using postscreen on a mailserver.
>
> Unfortunately, this does not work with some bigger mail providers, since
> they send the mail from a random host in their mail-server-cluster, so
> postscreen sees a new IP for each retry, and so
On 12.11.19 12:26, Roland Freikamp wrote:
I'm using postscreen on a mailserver.
Unfortunately, this does not work with some bigger mail providers, since
they send the mail from a random host in their mail-server-cluster, so
postscreen sees a new IP for each retry, and so sometimes never accepts
Fourhundred Thecat:
> If I am using simplest possible setup (single instance, no chroot), and
> I don't delete queue directories, can I simply skip postfix-script and
> post-install and start master directly from /etc/init.d/postfix, ie ?
>
> /usr/lib/postfix/sbin/master &
>
> What exactly will
Snel.com - Yavuz Ayd?n:
> I think Postfix checks the parent domain or POstfix just connects back
> to the connecting mailserver to do the check (which would pass).
No, that would be immensely stupid, especially if the email address
is not remote. Postfix probes follow the same path that ordinary
e
Roland Freikamp:
> Hi,
>
> I'm using postscreen on a mailserver.
>
> Unfortunately, this does not work with some bigger mail providers, since
> they send the mail from a random host in their mail-server-cluster, so
> postscreen sees a new IP for each retry, and so sometimes never accepts
> the ma
Hi,
I'm using postscreen on a mailserver.
Unfortunately, this does not work with some bigger mail providers, since
they send the mail from a random host in their mail-server-cluster, so
postscreen sees a new IP for each retry, and so sometimes never accepts
the mail.
Is there a way around this?
On 11.11.19 09:29, m3047 wrote:
I (mostly) concur with what Bill Cole says (maybe I'd quibble with the
"2nd clause" part).
Here's a shopworn blade which is in my list of things to rewrite in
Python one day:
http://athena.m3047.net/pub/perl/mail-processing/realmailer.pl.txt
You call it fr
Dnia 12.11.2019 o godz. 10:20:01 Snel.com - Yavuz Aydın pisze:
> reject_unverified_sender. It looks like our Postfix server accepts mail
> which has a sender www-data@hostname while smtp.antispamcloud.com reject
> the same mail for a specific hostname. That specific hostname (a FQDN) is
> behind a
Hi all,
We have a setup where we have a relay server which in turn sends all
received mails through to another relay server (from a known anti-spam
vendor). We use Postfix 3.4.5 on Debian 10.
The important parts about our setup:
smtpd_sender_restrictions = reject_unknown_sender_domain
reject_unv
35 matches
Mail list logo
