Thanks Victor (& everyone else who chimed in).
I'm going to sit down with management on Monday and see if I can explain
all this to them so as to get a consensus decision on what they'd like
to do.
Cheers
Dulux-Oz
On 26/1/25 12:50, Viktor Dukhovni via Postfix-users wrote:
On Sun, Jan 26, 2
On Sun, Jan 26, 2025 at 12:11:21AM +1100, duluxoz via Postfix-users wrote:
> ... so no, there's no separate "mail-hub" / "edge-mail-gateway" set-up
> - its all the one box with the haproxy box sitting in-front.
Understood, that makes the consolidated edge/hub/submission/... server
somewhat more c
On Sat, Jan 25, 2025 at 11:48:14AM -0500, Bill Cole via Postfix-users wrote:
> Set the server's hostname (and by default postfix's myhostname) to a
> FQDN (ideally one which is not resolvable in public DNS but is
> resolvable locally, either as a hosts file entry or in an internal DNS
> view.)
Th
On 2025-01-23 at 10:01:13 UTC-0500 (Thu, 23 Jan 2025 16:01:13 +0100)
Gerben Wierda via Postfix-users
is rumored to have said:
> I was wondering, suppose I have a user like this:
>
> f...@bar.com is the account name
> foo.lastn...@bar.com is the incoming alias and the outgoing canonical
>
> Could
Gerben Wierda via Postfix-users:
> Now, the only thing I would like to add - if possible - is to use
> this only for smtp traffic coming from outside on port 25 and not
> from inside or port submission, such that internal senders may use
> the simple usern...@domain.tld form but outside port 25 use
On 2025-01-25 14:46, Tomasz Pala via Postfix-users wrote:
> As the internal and external are separate accounts (if I understand
> correctly) this still seems to be the job for submission stage.
Since you care about header addresses and want to prevent users from accidental
use of them for Internet
On 2025-01-25 13:27, duluxoz via Postfix-users wrote:
> alerts/reports (to the sys-ops) and by users for internal organisation
> communication. Those users that require external email access also have
> an email account in an externally-facing domain, and usually use the
> appropriate domain when s
On 2025-01-25 10:30, Viktor Dukhovni via Postfix-users wrote:
>
> This does not do what you think it does, because the classification of
> addresses into address classes happens in the trivial-rewrite service,
> not in smtpd(8). Best to not jump-in and reply with "I would try", if
> you don't act
Well, the organisation is only small (-ish) - call it SME-sized - so
there's only a single email-stack server (postfix, dovecot, clamav,
etc), a separate webserver (hosting both internally and
externally-facing websites, including roundcube hosting all the email
domains), a haproxy "gateway/bas
So, the internal email domain is used by both servers sending in email
alerts/reports (to the sys-ops) and by users for internal organisation
communication. Those users that require external email access also have
an email account in an externally-facing domain, and usually use the
appropriate
On Sat, Jan 25, 2025 at 11:27:13PM +1100, duluxoz via Postfix-users wrote:
> So, the internal email domain is used by both servers sending in email
> alerts/reports (to the sys-ops) and by users for internal organisation
> communication. Those users that require external email access also have an
On 23 Jan 2025, at 17:55, Wietse Venema via Postfix-users
wrote:
>
> Gerben Wierda via Postfix-users:
>> I was wondering, suppose I have a user like this:
>>
>> f...@bar.com is the account name
>> foo.lastn...@bar.com is the incoming alias and the outgoing canonical
>>
>> Could I force incomin
On Sat, Jan 25, 2025 at 10:06:36AM +0100, Tomasz Pala via Postfix-users wrote:
> > Emails are permitted to be sent between all three domains.
>
> I would try:
>
> master.cf:
> smtpd [...]
> -o virtual_mailbox_domains=example.com,example.org
This does not do what you think it does, because
If that doesn't work - different approach, using only restrictions, e.g.
smtpd_recipient_restrictions = permit_mynetworks [...]
reject_unauth_destination
check_recipient_access hash:/etc/$config_directory/my_domains
my_domains:
example.internal521 Unauthorized
- do no acc
On 2025-01-25 09:53, duluxoz via Postfix-users wrote:
>
> Emails are permitted to be sent between all three domains.
I would try:
master.cf:
smtpd [...]
-o virtual_mailbox_domains=example.com,example.org
main.cf:
virtual_mailbox_domains=example.com,example.org,example.internal
- this w
Hi All,
I'm not sure how to go about doing this (what I'm about to describe
below) so I'm hoping someone here can point me in the right direction.
My postfix box hosts multiple email domains, including one which is
fully internal to our network (ie does not receive nor send emails out
onto t
16 matches
Mail list logo
