Hi,
> Aug 22 01:36:33 iceman postfix-199/smtpd[584336]: connect from
> > mail-dm6nam04on2133.outbound.protection.outlook.com[40.107.102.133]
> > Aug 22 01:36:34 iceman postfix-199/smtpd[584336]: A5C9812D6:
> > client=mail-dm6nam04on2133.outbound.protection.outlook.com
> [40.107.102.133]
> > Au
n.outlook.com servers.
Given the instructions in https://www.postfix.org/BDAT_README.html
I've disabled BDAT support for now, hoping this will alleviate the
problem until I can identify the cause.
Thanks,
Alex
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
cate that wasn't the case, I
installed the vacation binary from the vacation package from a fedora38
system:
# rpm -q vacation
vacation-1.2.7.1-24.fc38.x86_64
That fixed it. The last changes to the vacation package for fedora40 were
back in Jan, so not sure how a bug like this wouldn't
er 3762 dumped core.
Stack trace of thread 468215:
#0 0x00404610 strlcpy (vacation + 0x4610)
#1 0x00402e0e main (vacation + 0x2e0e)
#2 0x7f2a6f8a0088 __libc_start_call_main (libc.so.6 +
0x2a088)
#3 0x7f2a6f8a014b __libc_start_main@@GLIBC_2.34
(libc.so.6 + 0x2a14b)
#4 0x00403525 _start (vacation + 0x3525)
ELF object binary architecture: AMD x86-64
The server isn't saving coredumps because I have no resources to debug them.
vacation is used to send auto-away messages.
Thanks,
Alex
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
Hi,
On Thu, Aug 8, 2024 at 2:13 PM Wietse Venema via Postfix-users <
postfix-users@postfix.org> wrote:
> Alex via Postfix-users:
> > Hi,
> >
> > I've migrated my config and user data from a fedora38 system to a
> fedora40
> > system with postfix-3.8.5
Hi,
I've migrated my config and user data from a fedora38 system to a fedora40
system with postfix-3.8.5 and now vacation is segfaulting for some users. I
don't understand why it's failing for some while succeeding for others.
Aug 8 12:44:00 cipher postfix/local[403497]: 280B665FBD: to=<
61...@e
Hi,
On Sun, Aug 4, 2024 at 2:31 PM Jaroslaw Rafa via Postfix-users <
postfix-users@postfix.org> wrote:
> Dnia 4.08.2024 o godz. 20:14:34 Peter via Postfix-users pisze:
> > My best advice when forwarding to gmail is to instead configure the
> > gmail account to fetch the mail. You will need to e
ilter: OpenDKIM Filter v2.11.0 cipher.example.com E73BC3F217
Authentication-Results: cipher.example.com;
dkim=policy reason="signing key too small" (512-bit key,
unprotected) header.d=hotelplanner.com header.i=@hotelplanner.com
header.a=rsa-sha256 header.s=HotelPlanner header.b
Hi,
I have a fedora38 system with postfix-3.7.9 that fails to start on boot
because of the below problem. I have intentionally set inet_interfaces to
only 127.0.0.1 because it's my outbound interface that communicates with
amavisd on 10025.
This must be related to the fedora systemd scripts using
sers
> |> @postfix.org> wrote:
> |> Alex via Postfix-users:
> |>> Hi,
> |>> I have a few postfix systems on fedora38 with nearly identical
> |>> configurations. I'd like to be able to push changes to them from a
> third
> |>> system wi
Hi, I'm using postfix-3.7.9 multi-instance on fedora38 and can't figure out
why always_bcc and recipient_bcc_maps aren't working on the outbound
instance. It would work best in the outbound instance because of other
processing that's happening in the inbound instances.
# postmulti -l
-
Hi,
I'm using postfix-3.7.9 on fedora38 and would like to implement ARC to
assist with authenticating emails being forwarded by users to Gmail and
others. The research I've done points to OpenARC as a dead project.
This looks like a great guide to get started, but I'm having trouble
identifying wh
suitable
> entry to the sender_login_maps file. Run postmap on the file.
>
> That entry probably should look like:
>
> @example.com alex
>
Thank you - I initially didn't think the format supported that, but also
just realized it.
Thanks,
Alex
__
jected" because
the user isn't defined in the smtpd_sender_login_maps.
Mar 28 15:55:01 cipher roundcube: SMTP Error: Failed to add
recipient 're...@gmail.com': 5.7.1 : Sender address
rejected: not owned by user alex (Code: 553) in
/usr/share/roundcubemail/program/lib/Rou
Hi,
I have a few postfix systems on fedora38 with nearly identical
configurations. I'd like to be able to push changes to them from a third
system without having to login to them directly to do so. What's the
best/most secure way to do this?
For example, I'd like to push the recipient access file
Hi,
On Mon, Feb 12, 2024 at 5:39 AM Jaroslaw Rafa via Postfix-users <
postfix-users@postfix.org> wrote:
> Dnia 11.02.2024 o godz. 17:47:05 Alex via Postfix-users pisze:
> > My concern would be with multiple MX records for the same domain - is it
> > possible it would come b
Hi,
> It has multiple benefits against bots, like:
> > - few seconds delay for refusing clients that send helo/ehlo before
> > esmtp greeting (I have used this for years with sendmail)
> > - dnwsl/dnsbl scoring system.
> >
> > These are pretty safe to use.
>
> These are the tests that are enabled
Hi,
I'm hoping I could ask for some advice. We have a pretty large percentage
of users who forward mail through our systems to personal Gmail accounts.
Sometimes it is mail from bulk senders like mailgun and lanyon/cvent.
Would ARC help here, or is DKIM enough for DMARC alignment with forwarded
m
Hi,
I need help with making a decision involved in determining whether to add
an IP to my client_checks to bypass a blocklist entry on the Barracuda
blocklist that is impacting one of our users. The problem is that
this would also bypass the checks for other Zix hosted customers.
Jan 16 12:04:30
Hi,
I'm using python-policyd-spf with postfix as a check_policy_service and
having some trouble with domains very broadly being whitelisted. My policy
is to reject on mailfrom fail. However, we have few domains that need to
be whitelisted, like mycuservices.com, because they are sending from an I
ple
> MX hostnames for your various domains. A common MX hostname is MUCH
> easier to manage, and does not then require SNI.
>
The problem is that I'm forced to use the mail.example.com cert and some
users would be confused seeing Example, Inc. in t
Hi,
I think I'm having a problem with my certificate for submission not being
configured properly. I'm trying to install roundcube but having a problem
with properly configuring the cert for submission, but when using openssl
to check, it reports a cert problem. This is a cert from Digicert.
open
Hi,
I have a postfix-3.7.4 server with openssl-3.0.9 on fedora38 and receiving
the following errors in my logs:
Sep 11 14:19:51 cipher postfix/smtps/smtpd[3992923]: warning: TLS library
problem: error:0AC1:SSL routines::no shared
cipher:ssl/statem/statem_srvr.c:2220:
What kind of clients is t
Hi,
I'm hoping I could ask what is probably an FAQ but I haven't seen anything
on it recently. I've already implemented some type of rate limiting for
delivering to gmail, but it's apparently not working satisfactorily for
them. Notice it's already going through my throttled transport.
This mail s
Hi,
On Tue, Aug 15, 2023 at 8:49 AM Bill Cole via Postfix-users <
postfix-users@postfix.org> wrote:
> On 2023-08-14 at 17:23:34 UTC-0400 (Mon, 14 Aug 2023 17:23:34 -0400)
> Alex via Postfix-users
> is rumored to have said:
>
> > Hi,
> > I have what appears to be a
e, the recipient
does exist. I don't believe it's ever happened with a non-existent
recipient.
We aren't pulling the list of valid recipients, but instead just letting
their system send us the reject for non-existent recipients.
Thanks,
Alex
> Regards Paul
> On 14/0
;
We are relay for both companyA and companyB. Both are also on M365, so mail
originates from M365 at companyA, goes through our xavier, then out to M365
at companyB.
I also see five relay=companyB entries in the logs, but companyB doesn't
report ever receiving five copies.
Thanks so much,
A
nced (host 127.0.0.1[127.0.0.1]
said: 554 5.4.0 id=136757-17 - Rejected by next-hop MTA on relaying, from
MTA(smtp:[127.0.0.1]:11025): 554 5.4.0 Error: too many hops (in reply to
end of DATA command))
Any ideas for either what's going on with this email or what I can do to
tro
; http://www.postfix.org/postconf.5.html#smtpd_proxy_filter
>
> provided you can dedicate an IP address (port 25 smtpd(8) instance) for
> this destination.
So I would do this in place of the transport filter I currently have in
place?
example.comsmtp:mx1.hc4719.iphmx.com
Th
not always spam that
they reject, but otherwise legitimate messages that are blocked by policy.
I also realize having them adjust their policy is probably the best
solution, but that's not possible right now. How can I either immediately
drop these messages or simply not allow t
Hi,
On Mon, May 22, 2023 at 9:47 PM Viktor Dukhovni via Postfix-users <
postfix-users@postfix.org> wrote:
> On Mon, May 22, 2023 at 06:06:00PM -0400, Alex wrote:
>
> > Yes, I wasn't aware that's how it worked. I've now explicitly defined the
> > bcc-
pient did?
>
Yes, I wasn't aware that's how it worked. I've now explicitly defined the
bcc-user to use the same transport, but the problem is that there is one
bcc-user but multiple transports, each with their own policy.
>
> > /etc/postfix-120/transport
> >
Hi,
> According to the subject, you appear to be looking for per-domain
> header/body check. That is not the right tool, and I would not
> spend my cycles on a design for that.
>
> Instead I recommend filters between a front and back-end instance,
> using transport_maps to select a filter dependi
Hi,
> > > > internet -> front-end Postfix instance -> filter -> back-end
> > > Postfix
> > > > > instance
> > > > >
> > > > > The front-end Postfix instance uses transport_maps to select a
> suitable
> > > > > filter.
> > > > >
> > > > > example.com: smtp:
> > > > > example.org: smtp:
Hi,
On Sun, May 21, 2023 at 4:41 PM Wietse Venema via Postfix-users <
postfix-users@postfix.org> wrote:
> Alex via Postfix-users:
> > > > I'd say, start with one instance per domain. The 'cost' of doing so
> > > > is really small.
> > &
Hi,
On Sun, May 21, 2023 at 12:39 PM Wietse Venema via Postfix-users <
postfix-users@postfix.org> wrote:
> Wietse Venema via Postfix-users:
> > Alex via Postfix-users:
> > > Hi,
> > > I'm using multi-instance postfix-3.7.2 on fedora37 and would like to be
${indexed}transport
/etc/postfix-120/transport
domain1.com alex:[127.0.0.1]:10029
I've tried adding "receive_override_options = no_address_mappings" in
main.cf but it seems to be ignored.
I thought it might be helpful to show the log entries (except for the more
Hi,
I'm using multi-instance postfix-3.7.2 on fedora37 and would like to be
able to control which header and body checks apply to which domain in a
specific instance. I'm looking for advice on the best way to do this.
I have about ten domains right now, and would probably need a number of
policies
Viktor,
On Thu, May 18, 2023 at 7:16 PM Viktor Dukhovni via Postfix-users <
postfix-users@postfix.org> wrote:
> On Thu, May 18, 2023 at 09:20:38AM -0400, Alex via Postfix-users wrote:
>
> > Maybe my issue is that the always_bcc user is going through a transport
> at
> &
Hi,
> Is there a way to control smtpd_recipient_restrictions on a per-domain
> > basis so I can relax some of these restrictions for cases like this,
> > instead of a more reactive approach where I'm always adding
> > sender_checks.pcre entries?
>
> Instead of
>
> /etc/postfix/main.cf:
> smtpd
Hi,
Maybe my issue is that the always_bcc user is going through a transport at
all, and instead should just be delivered locally, or perhaps processed
only by the local_transport? How can I do that?
I recall many years ago doing that, before I set up multi-instance postfix.
Thanks,
Alex
On Thu
On Thu, May 18, 2023 at 4:39 AM Matus UHLAR - fantomas via Postfix-users <
postfix-users@postfix.org> wrote:
> On 17.05.23 22:11, Alex via Postfix-users wrote:
> >I'm using postfix (postmulti) with amavisd and trying to have separate
> >content filters based on the doma
Hi,
I'm using postfix (postmulti) with amavisd and trying to have separate
content filters based on the domain so I can make decisions on the destiny
of the email from within amavisd. Currently all mail is processed by the
same amavisd policy_bank. The problem now is that mail is being sent
through
Hi,
On Tue, May 16, 2023 at 4:16 PM Viktor Dukhovni via Postfix-users <
postfix-users@postfix.org> wrote:
> On Tue, May 16, 2023 at 11:27:52AM -0400, Alex via Postfix-users wrote:
>
> > > > $ host info.apr.gov.rs
> > > > Host info.apr.gov.rs not found: 2(SE
pd_recipient_restrictions on a per-domain
basis so I can relax some of these restrictions for cases like this,
instead of a more reactive approach where I'm always adding
sender_checks.pcre entries?
Thanks,
Alex
___
Postfix-users mailing list --
Hi,
I have a postfix-3.7.3 fedora37 system and have a few users who want me to
disable reject_non_fqdn_sender because it seems many of their users have
DNS problems. For example, email from nore...@info.apr.gov.rs fails to
resolve with:
$ host info.apr.gov.rs
Host info.apr.gov.rs not found: 2(SERV
Hi,
I have postscreen implemented on postfix-3.7.3 on fedora37, and not sure I
understand if it's working properly. Sometimes I see the postscreen/dnsblog
combination ending with a simple DISCONNECT. In this case, it met the
8-point threshold to be rejected, but appears to only received a DISCONNE
Hi,
On Tue, Apr 25, 2023 at 1:03 PM Gerald Galster via Postfix-users <
postfix-users@postfix.org> wrote:
> Hi, I realize this is probably one of the most frequently asked questions,
> but I really can't figure out why this was rejected.
>
> Apr 25 12:06:01 petra postfix-226/smtpd[592344]: NOQUEUE
smtpd_tls_cert_file = /etc/letsencrypt/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/privkey.pem
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
tls_random_source = dev:/dev/urandom
smtpd_tls_session_cache_database =
btree:${data_directory}/smtpd_tls_session_cache
Thanks so much for any ideas.
Alex
aus.net as 127.0.0.11
Dec 10 20:09:39 mail03 postfix/dnsblog[54775]: addr 5.170.224.57 listed by
domain mykey.zen.dq.spamhaus.net as 127.0.0.3
Dec 10 20:09:39 mail03 postfix/dnsblog[54775]: addr 5.170.224.57 listed by
domain mykey.zen.dq.spamhaus.net as 127.0.0.4
Thanks,
Alex
On Sat, Dec 10, 2022 at 8:
Hi, I hoped someone could help me clear up some confusion. I
understand postscreen_dnsbl_reply_map is for postscreen_dnsbl_sites, but I
have dnsblog entries revealing my spamhaus key from entries in the
postscreen_dnsbl_sites section, not smtp_recipient_restrictions.
postscreen_dnsbl_sites =
Hi,
On Thu, Dec 8, 2022 at 2:17 AM Matus UHLAR - fantomas
wrote:
> On 07.12.22 12:28, Alex wrote:
> >smtp_tls_security_level = may
> >smtpd_tls_security_level = may
> >smtp_tls_mandatory_protocols= !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
> >smtp_tls_protocols
Hi,
I have a few mail relays using Lets Encrypt certs to provide TLS. I'm
pretty sure I've configured them properly, but hope someone would confirm.
I've seen a few errors that I believe are a result of a poorly configured
client, but I wanted to be sure.
Dec 7 10:27:32 armor postfix-110/smtpd[57
Hi,
I have a fedora36 system with postfix-3.6.4 and trying to
get postscreen_dnsbl_reply_map to work properly. I have it working with the
same configuration on a fedora37 system and postfix-3.7.3, although I can't
imagine postfix versions would be the problem here.
postscreen_dnsbl_reply_map =
reject_rbl_client b.barracudacentral.org=127.0.0.2
...
Any suggestions greatly appreciated.
Thanks,
Alex
>
>
> > This appears to indicate that generalatlantic.com is using the workday
> > service to send email, but the generalatlantic.com SPF record does not
> > include myworkday.com on the list of authorized senders.
> >
> > I've added the following to my sqlgrey FQDN whitelisting entries, but
> > so
to reject this mail? How can I otherwise
permit the 209.177.165.0/24 network?
Thanks,
Alex
In my case, a single alias was used that expands to 5000 or more addresses in a
virtual_alias_maps table (after increasing virtual_alias_expansion_limit).
The error is reproduced both when sending an email to this alias address and when just
checking with 'sendmail -bv'.
John
On 10/6/22 16:3
Hi, I encountered the same issue on two FreeBSD 13.1 + Postfix 3.7.2 installations. It
only occurs when trying to send an email with >4999 recipients (the mail queue is
otherwise empty). This issue does not happen on another machine with FreeBSD 13.0 +
Postfix 3.6.3.
After some search I found
,
check_sender_access pcre:$config_directory/sender_checks.pcre,
check_sender_access ${indexed}spamsources,
check_sender_ns_access ${indexed}blacklist_ns.cf,
reject_unknown_sender_domain
/*.localdomain/ REJECT
Thanks,
Alex
that it seems to affect how my welcomlist_auth
> >entries work with spamassassin.
>
> I renamed pypolicyd-spf spf-engine when I added the option of using the
> milter interface. That's the right place to ask questions.
>
I posted a question on the spf-engine page some time ag
question/701685
The problem I'm having is that it seems to affect how my welcomlist_auth
entries work with spamassassin.
Thanks,
Alex
ound-robin?
Thanks,
Alex
Hi,
It appears that entries included in my postscreen_access_list are
being used to also bypass SPF checks by policyd-spf. Is this
intentional? Would someone explain to me how this works?
smtpd_recipient_restrictions =
...
check_policy_service unix:private/policy-spf,
postscreen_access_l
Hi,
On Thu, Mar 10, 2022 at 5:23 PM Viktor Dukhovni
wrote:
>
> > On 10 Mar 2022, at 3:48 pm, Alex wrote:
> >
> > Can I use sender_checks to bypass a host like mail.coupahost.com? The
> > client IP will constantly change, but I can rely on the sending do
Hi,
> > Following up with my other email, I think I can ask the question more
> > directly.
>
> Off hand, I did not see any questions in your post.
Yes, I think I was just generally confused :-)
> > I found it was necessary to have an entry in a check_recipient_access
> > map with the old addre
Hi,
Following up with my other email, I think I can ask the question more directly.
I found it was necessary to have an entry in a check_recipient_access
map with the old address as well as in my virtual map that redefines
the old address with the new one, and I don't understand why.
It looks li
Hi,
> >> >How does using virtual_alias_maps affect my existing configuration if
> >> >I'm not currently using virtual domains or virtual maps? Currently the
> >> >server is processing mail for one domain listed in relay_domains.
> >>
> >> virtual_alias_maps is processed each time a mail is receive
Message-ID: <6e.b8.17947.1d0fb...@smtp03.nrtc.email-ash1.sync.lan>
I've pasted the entire message here
https://pastebin.com/zEkxMzuq
How should I handle this? Ideas greatly appreciated.
Thanks,
Alex
> >The best course of action is to bounce the messages with a
> >relocated_maps entry and force the sender to resend?
>
> "the best" is subjective. using relocated_maps
> http://www.postfix.org/relocated.5.html
> you make sure people will not receive mail to the old address, and any mail
> must be
ver is processing mail for one domain listed in relay_domains.
Thanks,
Alex
>
> Op 6 apr. 2022 20:33 schreef Alex :
>
> Hi,
>
> We hae a set of users who wish to change their account names from
> name123@ to just name@ and I'm trying to determine the best way to
> man
vecot.
I've been thinking one approach would be to create password/shadow
entries for these new users and set their home directories to be the
same as their old ones, then also add new entries to the
check_client_access map. Does that make sense?
Thanks,
Alex
e
client IP will constantly change, but I can rely on the sending domain
to remain the same.
If so, how do I control the ordering to be sure the mime_header_checks
are processed after the sender_checks?
On Fri, Mar 4, 2022 at 5:15 PM Alex wrote:
>
> Hi,
>
> > > I believe there'
> > Mar 7 13:25:36 armor postfix-113/smtpd[4009829]: NOQUEUE: reject:
> > RCPT from unknown[173.213.231.144]: 504 5.5.2 : Helo command
> > rejected: need fully-qualified hostname; from=<>
> > to= proto=ESMTP helo=
> >
> > reject_non_fqdn_helo_hostname,
>
> > It also appears that smtpd_helo
is still set to the default
'no', but wouldn't it normally be advisable to enable that check?
What am I missing?
Thanks,
Alex
Hi,
> > I believe there's a dot missing in the first one, as in '.(386' but
> > it's more than that, because I experimented with that too.
>
> No, it would have to be: \.(386|...)
> otherwise '.' just matches any character. Your RE pattern is sloppy
> in places, ... correct REs take some care.
f.html not allowed
Now I feel silly because I was experimenting with adding "html" to the
first regex, but apparently left it out when I sent the email, but
neither the .pdf.html nor the html in the first regex works and I just
don't understand why.
I believe there's a dot missing in the first one, as in '.(386' but
it's more than that, because I experimented with that too.
Thanks so much,
Alex
Hi Viktor,
> > Content-Type: text/html; charset="US-ASCII"; name="download.html"
> > Content-Disposition: attachment; filename="download.html"
> >
> > And this is the regex I currently have. Hopefully it wraps properly.
>
> > /^Content-(Disposition|Type):\s+.+?(?:file)?name="?.+?\(386|exe|ad[ept]|
2}\})\b/
REJECT ".$2" file attachment types not allowed
Thanks so much,
Alex
Hi,
I'm not sure if this is a postfix config problem or an amavis/SA
problem. I have a multi-instance postfix config, and my mailer-daemon
messages are being filtered by my amavisd/SA config, many of which are
being quarantined as spam instead of being returned to the sender.
Of course it's possib
Hi, I'm using the SPF policyd service recommended here some time ago.
I hoped I could ask some questions about how it works since it doesn't
appear to have any other direct support avenues available.
I'm trying to understand the following log entry:
Feb 20 10:01:59 armor policyd-spf[2466782]: pre
Microsoft in a manner than has them doing
> any SPF or DKIM checks at all.
Yes, makes sense. All indications are that a mail filter can be used
to bypass the SPF checks, but I'm going to research further.
Would this be a use-case for SRS?
Thanks, as always.
Alex
Hi,
> > I have a multi-instance postfix config and am trying to figure out why
> > Microsoft 365 is marking my email from the outbound instance as SPF
> > softfail.
>
> Because you're forwarding email received from an external domain,
> and it is *that* (envelope sender) domain's SPF records that
Hi,
I have a multi-instance postfix config and am trying to figure out why
Microsoft 365 is marking my email from the outbound instance as SPF
softfail.
I am trying to send mail from my gmail account to the multi-instance
postfix system through to my Microsoft 365 account, where I've set up
mail f
use transport_maps?
Maybe something like:
/etc/postfix-117/transport
domain1 relay:[127.0.0.1]:10024
domain2 relay:[127.0.0.1]:10025
Ideas/direction would be greatly appreciated.
btw, off-topic, but is anyone using fuglu in place of amavisd, which
seems kind of dead now?
Thanks,
Alex
. I recall reading about that many years ago, but I haven't
been able to find anything that isn't related to using Microsoft 365
as the relay, or that is using SASL to relay mail TO Microsoft 365,
not FROM it.
Thanks,
Alex
Hi,
> > I'm using postfix-3.5.10 and would like to use it to front-end a
> > domain currently being managed by Google Workspace to be able to send
> > mail through our filters first.
>
> I take it this means *inbound* mail sent from outside users to your
> users, whose mailboxes are ultimately hos
ce on how best to do this would be appreciated.
Thanks,
Alex
TLSv1.1
smtpd_tls_exclude_ciphers = MD5, RC4, 3DES, IDEA, SEED, aNULL
tls_preempt_cipherlist = yes
smtpd_tls_mandatory_ciphers = high
tls_ssl_options = NO_COMPRESSION, NO_RENEGOTIATION
Is excluding SSL and TLS for smtpd_tls_protocols above the same as
stipulating >=TLSv1.2 with smtpd_tls_mandatory_protocols?
Thanks,
Alex
) - F
This is a LetsEncrypt cert - do I need to make changes there, or is
this all done with postfix configs?
And what nmap command can be run to probe port 25 for its cipher suite?
Thanks,
Alex
On Mon, Jan 10, 2022 at 11:08 AM Alex wrote:
>
> Hi,
>
> I have a postfix-3.5.10 syste
.redhat.com/articles/1468593
I believe I was told that trying to explicitly define the cipher list
was a bad idea.
Thanks,
Alex
Am 04.01.2022 um 16:25 schrieb Wietse Venema:
Alex JOST:
Am 04.01.2022 um 02:02 schrieb Ken Wright:
$ sudo chmod g+s /usr/sbin/postdrop
$ ls -la /usr/sbin/postdrop
-r-xr-sr-x 1 postfix postdrop 22808 Sep 7 02:58 /usr/sbin/postdrop
Wietse, is this what's expected?
AFAICT you are la
Am 04.01.2022 um 02:02 schrieb Ken Wright:
$ sudo chmod g+s /usr/sbin/postdrop
$ ls -la /usr/sbin/postdrop
-r-xr-sr-x 1 postfix postdrop 22808 Sep 7 02:58 /usr/sbin/postdrop
Wietse, is this what's expected?
AFAICT you are lacking write permission for the user.
--
Alex JOST
nstall the 'libsasl2-modules' package? What's the output of
'postconf -A'?
--
Alex JOST
Hi,
> >>smtpd_tls_session_cache_database
> >
> > This is defined to the default for all instances:
> > smtpd_tls_session_cache_database =
> > btree:/var/lib/postfix/smtpd_tls_session_cache
>
> That's wrong. The session cache needs to be:
>
>smtpd_tls_session_cache_database =
> ${data_dir
Hi,
I recently ran testssl.sh (https://github.com/drwetter/testssl.sh) on
my mail server, and it's still showing TLS 1 and 1.1 still being
offered, as well as DES:
Testing protocols via sockets
SSLv2 not offered (OK)
SSLv3 not offered (OK)
TLS 1 offered (deprecated)
TLS 1.1
e =
btree:/var/lib/postfix/smtpd_tls_session_cache
> Also, what is the configure random source, and what OS?
>
> tls_random_source
This is fedora34:
tls_random_source = dev:/dev/urandom
Thanks,
Alex
sender or "all emails sent between these dates" or "today's
rejected email to Joe" to see if an email he was expecting was instead
rejected.
Thanks,
Alex
acing all of the processes from
the initial CONNECT through to the eventual delivery.
Thanks,
Alex
in postfix already?
I see there are several github projects available, but many haven't
been updated in many years. Any guidance on the best implementation,
pros/cons, and perhaps even an existing web front-end to do this would
be greatly appreciated.
Thanks,
Alex
1 - 100 of 520 matches
Mail list logo
