[pfx] Re: Postfix and Spamhaus

2025-01-13 Thread Michael Grimm via Postfix-users
Michael Grimm via Postfix-users wrote: > Tomasz Pala via Postfix-users wrote: > > [Spamhaus DQS] > >> Did you switch? How long is "mykey"? > > Mine has 27 characters. Me bad, make that 26 chars. Regards, Michael ___ Postfix-users mailing list -- p

[pfx] Re: Postfix and Spamhaus

2025-01-13 Thread Michael Grimm via Postfix-users
Tomasz Pala via Postfix-users wrote: [Spamhaus DQS] > Did you switch? How long is "mykey"? Mine has 27 characters. Don't know if they all have the same size, though. Regards, Michael ___ Postfix-users mailing list -- postfix-users@postfix.org To uns

[pfx] Re: Postfix and Spamhaus

2025-01-13 Thread Tomasz Pala via Postfix-users
On 2025-01-14 00:02, Steffan Cline via Postfix-users wrote: > > If I take out the GoogleDNS from the name servers, would that resolve this > issue? _This_ problem? - yes, you won't have any DNS available. https://www.spamhaus.org/faqs/dnsbl-usage/#simple-command-line-test-of-your-dnsbl-resolver

[pfx] Re: Postfix with Dovecot which should be listening on port 587?

2025-01-13 Thread Tomasz Pala via Postfix-users
On 2025-01-14 05:38, Peter via Postfix-users wrote: > > Dovecot submission is just a proxy, it still has to pass the submitted > message to postfix so there is little reason to use dovecot submission > unless you need BURL support. Note that if you don't know what BURL is > then you don't need

[pfx] Re: Postfix with Dovecot which should be listening on port 587?

2025-01-13 Thread Peter via Postfix-users
On 14/01/25 12:31, Scott K via Postfix-users wrote: Yes, Dovecot should be listening on port 587 if using "submission" service Dovecot submission is just a proxy, it still has to pass the submitted message to postfix so there is little reason to use dovecot submission unless you need BURL sup

[pfx] Re: Postfix and Spamhaus

2025-01-13 Thread Wietse Venema via Postfix-users
Steffan Cline via Postfix-users: > Wietse, > > 127.0.0.1 was in the resolv.conf file on the NS from the start. > If I take out the GoogleDNS from the name servers, would that resolve this > issue? You need to ensure that the resolvers on your NS VMs aren't forwarding queries through someone else

[pfx] Re: Postfix with Dovecot which should be listening on port 587?

2025-01-13 Thread Scott K via Postfix-users
Yes, Dovecot should be listening on port 587 if using "submission" service After I read that I tried uncommenting the submission line in master.cf but then Postfix wouldn't start so I commented it out again and restarted Postfix The last of these problems doesn't show in the log just Thunderbird sa

[pfx] Re: Postfix and Spamhaus

2025-01-13 Thread Steffan Cline via Postfix-users
Wietse, 127.0.0.1 was in the resolv.conf file on the NS from the start. If I take out the GoogleDNS from the name servers, would that resolve this issue? Someone else mentioned SH's DQS. The reason I switched to that was the open resolver error below. Jan 13 15:58:59 host1 postfix/smtpd[40647

[pfx] Re: Postfix and Spamhaus

2025-01-13 Thread Tomasz Pala via Postfix-users
On 2025-01-13 17:41, Steffan Cline via Postfix-users wrote: > > reject_rhsbl_sender mykey.dbl.dq.spamhaus.net=127.0.1.[2..99], >^ Let me ask you a stupid question - how long in real is "mykey" above? BTW you can use DQS via public resolvers just fine - although it's b

[pfx] Re: Postfix and Spamhaus

2025-01-13 Thread Wietse Venema via Postfix-users
Steffan Cline via Postfix-users: > Wietse, > > On my mail server, this is the resolv.conf > > # cat /etc/resolv.conf > # Generated by NetworkManager > search hldns.com > nameserver 199.249.188.251 > nameserver 199.249.188.252 > nameserver 199.249.188.253 > > These are all my own name servers how

[pfx] Re: Postfix and Spamhaus

2025-01-13 Thread Steffan Cline via Postfix-users
Randy, I was doing it just like that too but having issues. When I started googling errors from the maillog, I was directed to DQS so I was trying to use their instructions to get it working. Thank you, Steffan Cline stef...@hldns.com 602-793-0014 On 1/13/25

[pfx] Re: Postfix and Spamhaus

2025-01-13 Thread Steffan Cline via Postfix-users
Wietse, On my mail server, this is the resolv.conf # cat /etc/resolv.conf # Generated by NetworkManager search hldns.com nameserver 199.249.188.251 nameserver 199.249.188.252 nameserver 199.249.188.253 These are all my own name servers however on my NS VMs, the resolv.conf has nameserver 127.0.0

[pfx] Re: Postfix and Spamhaus

2025-01-13 Thread Randy Bush via Postfix-users
> in either case, there's the additional choice of moving some of the SH > rules to postscreen config, e.g., > > > https://docs.spamhaus.com/datasets/docs/source/40-real-world-usage/PublicMirrors/MTAs/020-Postfix.html#using-postscreen-instead thanks. looks tasty! randy ___

[pfx] Re: Quick question postfix & exchange

2025-01-13 Thread Wietse Venema via Postfix-users
Florian Piekert: Checking application/pgp-signature: FAILURE -- Start of PGP signed section. > Good evening Wietse and Viktor, > > I remember there was a recent thread about postfix, TLS and Exchange and > failures to exchange(receive email by postfix). I didn't want to bother the > list again,

[pfx] Re: Postfix and Spamhaus

2025-01-13 Thread Randy Bush via Postfix-users
fwiw, i have smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, permit_auth_destination, # reject_unauth_destination reject_rbl_client zen.spamhaus.org, reject_rhsbl_reverse_client dbl.spamhaus.org, reject_rhsbl_helo dbl.spamhaus.org, reje

[pfx] Re: Postfix and Spamhaus

2025-01-13 Thread Wietse Venema via Postfix-users
Steffan Cline via Postfix-users: > I am hoping someone has already come across this issue. > I'm trying to integrate Spamhaus with my postfix set up. I've followed their > directions below. > After applying the configs, it fails. I get a series of emails similar to > shown below. What is in your

[pfx] Postfix and Spamhaus

2025-01-13 Thread Steffan Cline via Postfix-users
I am hoping someone has already come across this issue. I’m trying to integrate Spamhaus with my postfix set up. I’ve followed their directions below. After applying the configs, it fails. I get a series of emails similar to shown below. Anyone come across this before? Postfonf fo

[pfx] Re: URGENT help needed with Postfix which stopped working on 11 Jan 2025 Saturday at about 3.00 AM

2025-01-13 Thread Matus UHLAR - fantomas via Postfix-users
On 13.01.25 11:58, Turritopsis Dohrnii Teo En Ming via Postfix-users wrote: Subject: URGENT help needed with Postfix which stopped working on 11 Jan 2025 Saturday at about 3.00 AM SYSTEM INFORMATION OS type and version AlmaLinux 9.5 Webmin version 2.202 Virtualmin version 7.30.4

[pfx] Re: Thunderbird says certificate is self signed

2025-01-13 Thread Matus UHLAR - fantomas via Postfix-users
On 13.01.25 15:36, Peter via Postfix-users wrote: Your smtp (25) and submission (587) ports are serving a different certificate, port 25 is serving the letsencrypt cert, but port 587 is serving a self-signed certificate (which is what thunderbird is seeing): depth=0 CN = mail.servicemouse.com

[pfx] URGENT help needed with Postfix which stopped working on 11 Jan 2025 Saturday at about 3.00 AM

2025-01-13 Thread Turritopsis Dohrnii Teo En Ming via Postfix-users
Subject: URGENT help needed with Postfix which stopped working on 11 Jan 2025 Saturday at about 3.00 AM SYSTEM INFORMATION OS type and version AlmaLinux 9.5 Webmin version 2.202 Virtualmin version 7.30.4 Webserver version 2.4.62 Related packagesPostfix Dear Virtualm

[pfx] Re: Trailing dot in mail address syntax?

2025-01-13 Thread Tomasz Pala via Postfix-users
On 2025-01-13 12:25, Tomasz Pala via Postfix-users wrote: > > OTOH https://datatracker.ietf.org/doc/html/rfc1035#section-2.3.1: > > ::= | " " > ::= | "." > ::= [ [ ] ] > > - so strictly speaking the domain name also cannot end with a dot, > and RFC 5321 is right not mentioning this. T

[pfx] SOLVED Re: Re: Trailing dot in mail address syntax?

2025-01-13 Thread Patrick Ben Koetter via Postfix-users
* Viktor Dukhovni via Postfix-users : > On Mon, Jan 13, 2025 at 11:02:32AM +0100, Patrick Ben Koetter via > Postfix-users wrote: > > > Is it a valid mail address if the domainpart ends with a trailing dot. e.g. > > like this: recipi...@example.com. > > No. That is not a valid email address, de

[pfx] Re: Trailing dot in mail address syntax?

2025-01-13 Thread Tomasz Pala via Postfix-users
On 2025-01-13 12:04, Tomasz Pala via Postfix-users wrote: > > I see no _explicit_ deviations from RFC 1035: > https://datatracker.ietf.org/doc/html/rfc5321#section-2.3.5 > which makes me wonder, if the RFC 5321 authors were aware what a "label" > in domain means... > > "In the case of a top-level

[pfx] Re: Trailing dot in mail address syntax?

2025-01-13 Thread Tomasz Pala via Postfix-users
On 2025-01-13 11:08, Viktor Dukhovni via Postfix-users wrote: > > No. That is not a valid email address, despite the fact that the domain > part of the addres is a valid DNS name. The RFC5321 syntax requires > a "dot-atom" for the domain part, and in a "dot-atom" all the dots > are *internal*.

[pfx] Re: Trailing dot in mail address syntax?

2025-01-13 Thread Viktor Dukhovni via Postfix-users
On Mon, Jan 13, 2025 at 11:02:32AM +0100, Patrick Ben Koetter via Postfix-users wrote: > Is it a valid mail address if the domainpart ends with a trailing dot. e.g. > like this: recipi...@example.com. No. That is not a valid email address, despite the fact that the domain part of the addres is

[pfx] Trailing dot in mail address syntax?

2025-01-13 Thread Patrick Ben Koetter via Postfix-users
Greetings, is it a valid mail address if the domainpart ends with a trailing dot. e.g. like this: recipi...@example.com. AFAIK in DNS a trailing dot in a domain name is valid and we omit it usually because it's said to be implict. TIA, p@rick -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 4