On Fri, Mar 15, 2024 at 10:13:01PM +0100, Dirk Stöcker via Postfix-users wrote:
> I recently did a misconfiguration of an internal mail server for a test
> system and as a result broke the TLSA record.
Exactly *how* was the TLSA record broken? Logs? And were alternative MX
hosts available for the
On 3/15/2024 3:06 PM, Noel Jones via Postfix-users wrote:
> You can move those checks into smtpd restrictions where there can be
an allowed sender list proceeding the DNSBL checks.
Downside to this approach is no weighting.
> Postscreen by design only looks at the IP, and has no mechanism to
Hello,
I recently did a misconfiguration of an internal mail server for a test
system and as a result broke the TLSA record. Postfix still delivered
mail to the system now with Trusted instead of Verified (BTW I find
these two outputs texts misleading, each time I check the logs I look
for a
On 3/15/2024 1:11 PM, Matt Saladna via Postfix-users wrote:
Hello,
I'm seeking a workaround for Microsoft's litany of IPs landing on
DNSBL. They'd like all mail irrespective of DNSBL status to be
delivered, which requires a skip if the sender IP is blacklisted in
postscreen. With separation b
Hello,
I'm seeking a workaround for Microsoft's litany of IPs landing on DNSBL.
They'd like all mail irrespective of DNSBL status to be delivered, which
requires a skip if the sender IP is blacklisted in postscreen. With
separation between postscreen and smtpd, postscreen rejects the
connecti
