Re: postfix-policyd-spf-python

2022-05-17 Thread Alex
Hi, >I also posted a question about pypolicyd-spf, so I posted it here, not at > >the above link. Is this related? > > > >My question involves understanding how the whitelist works - hosts seem to > >be whitelisted even though they're not in my Domain_Whitelist or > >skip_addresses list in my poli

Re: Sanity Check Request: smtpd_*_restrictions

2022-05-17 Thread Shawn Heisey
On 5/17/2022 9:14 AM, White, Daniel E. (GSFC-770.0)[AEGIS] wrote: This is part of what I plan to put on our new MTA (Postfix only) and MDA (Postfix/Dovecot) servers. Please tell me if I am doing anything foolish / dangerous. My concern is whether I should put "permit_mynetworks" higher in the se

Re: [EXTERNAL] Re: Sanity Check Request: smtpd_*_restrictions

2022-05-17 Thread White, Daniel E. (GSFC-770.0)[AEGIS]
Excellent points. And thanks for the access list tip. I will lose the final reject from client and relay and exclude the MX servers from mynetworks Thanks. On 5/17/22, 11:54, "owner-postfix-us...@postfix.org on behalf of Matus UHLAR - fantomas" wrote: >> > smtpd_client_restrictions =

Re: Sanity Check Request: smtpd_*_restrictions

2022-05-17 Thread Matus UHLAR - fantomas
> smtpd_client_restrictions = you'll block incoming mail with last reject. This is right off of http://www.postfix.org/SMTPD_ACCESS_README.html#lists /etc/postfix/main.cf: # Allow connections from trusted networks only. smtpd_client_restrictions = permit_mynetworks, reject On 17.05.22 1

Re: Sanity Check Request: smtpd_*_restrictions

2022-05-17 Thread White, Daniel E. (GSFC-770.0)[AEGIS]
> > smtpd_client_restrictions = > you'll block incoming mail with last reject. This is right off of http://www.postfix.org/SMTPD_ACCESS_README.html#lists /etc/postfix/main.cf: # Allow connections from trusted networks only. smtpd_client_restrictions = permit_mynetworks, reject I only per

Re: Sanity Check Request: smtpd_*_restrictions

2022-05-17 Thread Matus UHLAR - fantomas
On 17.05.22 15:14, White, Daniel E. (GSFC-770.0)[AEGIS] wrote: This is part of what I plan to put on our new MTA (Postfix only) and MDA (Postfix/Dovecot) servers. Please tell me if I am doing anything foolish / dangerous. My concern is whether I should put "permit_mynetworks" higher in the sende

Sanity Check Request: smtpd_*_restrictions

2022-05-17 Thread White, Daniel E. (GSFC-770.0)[AEGIS]
This is part of what I plan to put on our new MTA (Postfix only) and MDA (Postfix/Dovecot) servers. Please tell me if I am doing anything foolish / dangerous. My concern is whether I should put "permit_mynetworks" higher in the sender and recipient restrictions. smtpd_client_restrictions =

Re: Feature Request: postscreen support in collate.pl

2022-05-17 Thread Wietse Venema
Peter Ajamian: > Can we get postscreen support in collate.pl? In other words have it > group postscreen log entries with the rest of the log entries for a > connection, or just show postscreen log entries when postscreen defers > the connection? Postscreen should not be configured to defer cli

Feature Request: postscreen support in collate.pl

2022-05-17 Thread Peter Ajamian
Can we get postscreen support in collate.pl? In other words have it group postscreen log entries with the rest of the log entries for a connection, or just show postscreen log entries when postscreen defers the connection? Peter Ajamian