Nicholas Reilingh via Postfix-users:
> Appreciate the help ? when I finally was able to strace smtpd, I discovered
> that it was stalling on flock(, LOCK_EX)
> for some reason.
>
> I have /var/spool/postfix as one of the persistent named volumes
> in the Docker configuration (so that any of the
> On January 2, 2025 Bill Cole via Postfix-users
> wrote:
> On 2025-01-02 at 16:47:00 UTC-0500 (Thu, 02 Jan 2025 16:47:00 -0500)
> Greg Klanderman via Postfix-users is rumored to
> have said:
>>> On January 2, 2025 Bill Cole via Postfix-users
>>> wrote:
>>
> [lots of snipping
Appreciate the help — when I finally was able to strace smtpd, I discovered
that it was stalling on flock(, LOCK_EX) for
some reason.
I have /var/spool/postfix as one of the persistent named volumes in the Docker
configuration (so that any of the queues are not volatile in the event the
contai
On 2025-01-02 at 16:47:00 UTC-0500 (Thu, 02 Jan 2025 16:47:00 -0500)
Greg Klanderman via Postfix-users
is rumored to have said:
On January 2, 2025 Bill Cole via Postfix-users
wrote:
[lots of snipping done ...]
Is there any good reason to send ehlo multiple times?
It is always correct t
Postfix does not cache DSNS lookup results. It relies on the
resolver configured in /etc/resolv.conf.
Postscreen honors the 'negative' TTL when it allowlists a client
that passes DNSBL checks, but it does not store the query result
itself.
Wietse
__
Steffen Nurpmeso wrote in
<20250102200053.OMpeoSDb@steffen%sdaoden.eu>:
|Wietse Venema via Postfix-users wrote in
| <4ypcfw1rmdzj...@spike.porcupine.org>:
||Joachim Lindenberg:
| ...
||Joachim Lindenberg:
||> To some extend the approach probably replaces blocking calls on
||> TCP layer with
> On January 2, 2025 Bill Cole via Postfix-users
> wrote:
> On 2025-01-01 at 20:13:35 UTC-0500 (Wed, 01 Jan 2025 20:13:35 -0500)
> Greg Klanderman via Postfix-users is rumored to
> have said:
>> I just noticed a single unknown host is connecting ~1000x per day,
>> with fingerprint 'ehl
I suggst that you strace the smtpd process as described in
https://www.postfix.org/DEBUG_README.html#auto_trace
This will log a lot of information, and if you are stuck with systemd
logging rate limits, then we may need to do some additional surghery
to get at the evidence.
Wietse
The f
Wietse Venema via Postfix-users wrote in
<4ypcfw1rmdzj...@spike.porcupine.org>:
|Joachim Lindenberg:
...
|Joachim Lindenberg:
|> To some extend the approach probably replaces blocking calls on
|> TCP layer with blocking calls on DNS. If we see DNS also moving
|
|Postfix blocks on DNS. The S
Hello,
I have a postfix v3.5.17 MTA running alongside the Request Tracker application
inside of a Docker container. It receives mail bound for RT forwarded from
Google Workspace’s MX.
This deployment has worked for two years, but on or around December 16th, no
longer responds to new SMTP conne
Joachim Lindenberg:
> Given the fact that "encrypt" implies no "dane" this sounds like
> a bad idea for interoperability with dane sites.
Wietse:
> No problem. Postfix currently does not try DANE (or STS) with the
> default TLS security level "may".
Joachim Lindenberg:
> Correct. But would you th
Wietse wrote:
>> Given the fact that "encrypt" implies no "dane" this sounds like a bad idea
>> for interoperability with dane sites.
> No problem. Postfix currently does not try DANE (or STS) with the default TLS
> security level "may".
Correct. But would you then ignore the suggested _smtps.exa
Joachim Lindenberg via Postfix-users:
> Wietse wrote:
> > When an SRV response for "_smtps._tcp.example.com" names the standard SMTP
> > port, the feature overrides a default TLS security level "may" with
> > "encrypt". This is on/off configurable and needs a few lines of code in the
> > SMTP cl
On 2025-01-01 at 20:13:35 UTC-0500 (Wed, 01 Jan 2025 20:13:35 -0500)
Greg Klanderman via Postfix-users
is rumored to have said:
I just noticed a single unknown host is connecting ~1000x per day,
with fingerprint 'ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4' so
that's my first target.
Failed au
Greg Klanderman via Postfix-users:
> I understand presence of any '/' indicates some error.
>
> Is 'unknown' just any unknown command? And the number before the '/'
> will always be 0?
ehlo=1 auth=0/1 rset=1 quit=1 commands=3/4
It's successful/total if there were errors, or just one number
15 matches
Mail list logo
