[pfx] Re: SSL cert authority, letsencrypt error

2025-05-08 Thread Carl Brewer via Postfix-users
On 9/05/2025 10:49 am, Viktor Dukhovni via Postfix-users wrote: On Fri, May 09, 2025 at 10:18:19AM +1000, Carl Brewer via Postfix-users wrote: I changed it to this : smtpd_tls_security_level = may smtpd_tls_cert_file = /usr/local/etc/letsencrypt/live/rollcage13.aboc.net.au/fullchain.pem

[pfx] Re: SSL cert authority, letsencrypt error

2025-05-08 Thread Carl Brewer via Postfix-users
thing as long as the certs are in the correct order. -Dan On May 8, 2025, at 15:34, Carl Brewer via Postfix-users wrote: Hi, I've been running postscript on a FreeBSD 13.x server with Letsencrypt running as a cron job to keep SSL certs up to date automagically : in main.cf : smt

[pfx] Re: SSL cert authority, letsencrypt error

2025-05-08 Thread Carl Brewer via Postfix-users
On 9/05/2025 10:06 am, Carl Brewer via Postfix-users wrote: On 9/05/2025 9:08 am, Dan Mahoney wrote: There’s only one certificate in your chain, you need to send the intermediate cert as well. The cert you’re signing with isn’t trusted by browsers. Certificate chain   0 s:CN = rollcage13

[pfx] SSL cert authority, letsencrypt error

2025-05-08 Thread Carl Brewer via Postfix-users
Hi, I've been running postscript on a FreeBSD 13.x server with Letsencrypt running as a cron job to keep SSL certs up to date automagically : in main.cf : smtpd_tls_security_level = may smtpd_tls_cert_file = /usr/local/etc/letsencrypt/live/rollcage13.aboc.net.au/cert.pem smtpd_tls_key_fi

[pfx] useful error messages! Thank you!

2024-02-02 Thread Carl Brewer via Postfix-users
In a world where error messages are increasingly being obfuscated, it's great to see : Feb 3 00:00:28 rollcage13 postfix/postscreen[22418]: warning: postscreen_access_list: non-null host address bits in "2403:5814:f681:ab0c::0/48", perhaps you should use "2403:5814:f681::/48" instead Fe

Re: [External] Re: turning off spamass-milter for authenticated submissions? SPF for submitted emails?

2021-10-11 Thread Carl Brewer
On 12/10/2021 10:36 am, Benny Pedersen wrote: On 2021-10-12 01:14, Carl Brewer wrote: On 12/10/2021 9:56 am, Benny Pedersen wrote: Carl: add -o smtpd_milters= to submission service in master.cf to turn of sasl users in spamas-milter Thank you, that's done it. Is it possible to select

Re: [External] Re: turning off spamass-milter for authenticated submissions? SPF for submitted emails?

2021-10-11 Thread Carl Brewer
On 12/10/2021 9:56 am, Benny Pedersen wrote: Carl: add -o smtpd_milters= to submission service in master.cf to turn of sasl users in spamas-milter Thank you, that's done it. Is it possible to selectively enable some milters? ie: clamav? Carl

Re: [External] Re: turning off spamass-milter for authenticated submissions? SPF for submitted emails?

2021-10-11 Thread Carl Brewer
On 12/10/2021 9:06 am, Kevin A. McGrail wrote: On 10/11/2021 5:32 PM, Carl Brewer wrote:  0.0 URIBL_BLOCKED  ADMINISTRATOR NOTICE: The query to URIBL was     blocked.  See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block

Re: turning off spamass-milter for authenticated submissions? SPF for submitted emails?

2021-10-11 Thread Carl Brewer
On 12/10/2021 8:17 am, Carl Brewer wrote: This is what's in the SMTP header when it fails : ('s added by me) The IP address of the mail client's PC is failing the SPF check, as I would expect it to. I don't know what I've done wrong that's making it

turning off spamass-milter for authenticated submissions? SPF for submitted emails?

2021-10-11 Thread Carl Brewer
Hi, I'm trying to sort out a spamassassin issue, using spamass-milter, submitted email is failing SPF checks, as spamassassin is seeing the IP address of the mail client and - it fails SPF as you'd expect. I think this is due to a mis-configuration of my setup of the SMTP submission stuff i

Re: socketmap:unix and virtual_mailbox_maps with Cyrus 3.4.2 and Postfix 3.7 "need service transport:endpoint" error

2021-09-19 Thread Carl Brewer
On 20/09/2021 12:13 pm, Carl Brewer wrote: I'm trying to get Postfix 3.7 running on a FreeBSD 13 server, with Cyrus IMAP 3.4.2 The instructions on the Cyrus website https://www.cyrusimap.org/quickstart.html say I need this line in main.cf : virtual_mailbox_maps = socketmap:unix:/var

socketmap:unix and virtual_mailbox_maps with Cyrus 3.4.2 and Postfix 3.7 "need service transport:endpoint" error

2021-09-19 Thread Carl Brewer
I'm trying to get Postfix 3.7 running on a FreeBSD 13 server, with Cyrus IMAP 3.4.2 The instructions on the Cyrus website https://www.cyrusimap.org/quickstart.html say I need this line in main.cf : virtual_mailbox_maps = socketmap:unix:/var/imap/socket/smmap But whenever I do, I get this er

order of execution - transport vs local vs virtual user?

2016-07-25 Thread Carl Brewer
G'day, Quick one, while I migrate a bunch of users from an old sendmail server to a new postfix one. What gets carried out first? transport maps, local or virtual users? I'd like to over-ride some, but am not sure of the order that they get carried out. Can anyone here point me at the relev

Re: rejecting relay from localhost?

2015-07-20 Thread Carl Brewer
On 21/07/2015 1:44 AM, Viktor Dukhovni wrote: Try: mynetworks = 127.0.0.1/32, hash:/etc/pkg/etc/postfix/network_table That fixed it smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination reject_unknown_recipient_domain reject_un

rejecting relay from localhost?

2015-07-20 Thread Carl Brewer
G'day, I've got a moderately new postfix setup on NetBSD 5.x running from pkgsrc, postfix 2.11.5 I'm having trouble with squirrelmail on localhost sending outbound email, and also if I just telnet to it from itself, so it's not trusting localhost, the error : bash-4.3# telnet localhost 25

Re: cyrus imapd, lmtp, postfix and case sensitivity in domain names

2015-02-12 Thread Carl Brewer
On 13/02/2015 10:01 AM, Noel Jones wrote: You need to fix this in cyrus. I don't use cyrus, but surely this is some sort of configuration issue. Older versions of postfix could do a gross hack where a wildcard regexp would lowercase the input. This is probably what you've found on the web. Thi

cyrus imapd, lmtp, postfix and case sensitivity in domain names

2015-02-12 Thread Carl Brewer
Last question! (I hope ...) I also posted this on the cyrus mailing list but more aimed at a proper fix. I have a problem with cyrus lmtp delivery and case sensitive domain names(!). This gets through : u...@domain.foo This does not : u...@domain.foo with lmtp_downcase_rcpt: 1 set in imapd.c

Re: sorting out virtual aliases in a postfix/cyrus imapd/virtual domain setup

2015-02-09 Thread Carl Brewer
On 10/02/2015 6:31 PM, Viktor Dukhovni wrote: On Tue, Feb 10, 2015 at 06:25:22PM +1100, Carl Brewer wrote: Have you checked that the "postmapped" virtual alias table actually contains the address that fails verification? Report the output of: bash-4.3# export PATH=/usr/pkg/sbin:

Re: sorting out virtual aliases in a postfix/cyrus imapd/virtual domain setup

2015-02-09 Thread Carl Brewer
On 10/02/2015 6:21 PM, Viktor Dukhovni wrote: On Tue, Feb 10, 2015 at 06:10:42PM +1100, Carl Brewer wrote: /usr/pkg/sbin/postconf -n mailbox_transport = lmtp:unix:/var/imap/socket/lmtp queue_directory = /var/spool/postfix smtpd_recipient_restrictions = permit_mynetworks

Re: sorting out virtual aliases in a postfix/cyrus imapd/virtual domain setup

2015-02-09 Thread Carl Brewer
On 10/02/2015 6:05 PM, Viktor Dukhovni wrote: On Tue, Feb 10, 2015 at 05:58:34PM +1100, Carl Brewer wrote: IN OTHER WORDS: post the output of "/usr/pkg/sbin/postconf -Mf" (non-comment /usr/pkg/etc/postfix/master.cf file content)! bash-4.3# /usr/pkg/sbin/postconf -Mf smtp

Re: sorting out virtual aliases in a postfix/cyrus imapd/virtual domain setup

2015-02-09 Thread Carl Brewer
On 10/02/2015 5:49 PM, Viktor Dukhovni wrote: On Tue, Feb 10, 2015 at 05:32:41PM +1100, Carl Brewer wrote: You have recipient address verification configured, and have somehow managed to disable recipient rewriting in the cleanup(8) service used by the verify(8) service. Non-default entries

Re: sorting out virtual aliases in a postfix/cyrus imapd/virtual domain setup

2015-02-09 Thread Carl Brewer
On 10/02/2015 5:49 PM, Viktor Dukhovni wrote: On Tue, Feb 10, 2015 at 05:32:41PM +1100, Carl Brewer wrote: You have recipient address verification configured, and have somehow managed to disable recipient rewriting in the cleanup(8) service used by the verify(8) service. Non-default entries

Re: sorting out virtual aliases in a postfix/cyrus imapd/virtual domain setup

2015-02-09 Thread Carl Brewer
On 10/02/2015 5:10 PM, Viktor Dukhovni wrote: On Tue, Feb 10, 2015 at 04:05:08PM +1100, Carl Brewer wrote: I'm trying to get my head around how to get virtual aliases to work with my cyrus setup (NetBSD, postfix 2.11.0). I'm using 2.11.3 from pkgsrc, and I imagine 2.11.4 will be o

sorting out virtual aliases in a postfix/cyrus imapd/virtual domain setup

2015-02-09 Thread Carl Brewer
G'day, I'm trying to get my head around how to get virtual aliases to work with my cyrus setup (NetBSD, postfix 2.11.0). I have realtime address checking using lmtp : mailbox_transport = lmtp:unix:/var/imap/socket/lmtp virtual_transport = lmtp:unix:/var/imap/socket/lmtp and that seems to w

Re: postfix, cyrus imap, backscatter?

2015-02-05 Thread Carl Brewer
On 1/02/2015 10:21 PM, Carl Brewer wrote: On 1/02/2015 7:21 PM, Robert Schetterer wrote: and where is your postfix conf..? read i.e http://de.postfix.org/httpmirror/postconf.5.html#smtpd_reject_unlisted_recipient as well as other setup examples and conf stuff I checked the server from

Re: postfix, cyrus imap, backscatter?

2015-02-01 Thread Carl Brewer
On 1/02/2015 7:21 PM, Robert Schetterer wrote: and where is your postfix conf..? read i.e http://de.postfix.org/httpmirror/postconf.5.html#smtpd_reject_unlisted_recipient as well as other setup examples and conf stuff I checked the server from another server, not telnet'ing from localhost

postfix, cyrus imap, backscatter?

2015-02-01 Thread Carl Brewer
G'day, I've been running sendmail for years with cyrus and realtime address checking to (supposedly!) stop backscatter, but it seems to be broken, so it's probably a good time to migrate to postfix (been putting off for years ...) This document isn't very helpful : http://www.postfix.org/CY

Re: virtual domains, cyrus and lmtp integration

2013-05-30 Thread Carl Brewer
On 30/05/2013 7:47 PM, Stan Hoeppner wrote: If you deliver from Postfix to Cyrus via LMTP it may be possible to target RAV against the Cyrus' LMTP server. http://www.postfix.org/ADDRESS_VERIFICATION_README.html#recipient I don't know if anyone has tried RAV via LMTP, but since RCPTO exists in

Re: virtual domains, cyrus and lmtp integration

2013-05-29 Thread Carl Brewer
On 30/05/2013 1:23 PM, Viktor Dukhovni wrote: On Thu, May 30, 2013 at 01:03:04PM +1000, Carl Brewer wrote: Firstly, the doco I've read suggests that every mailbox needs an entry in the virtual_mailbox_maps file, with my current sendmail setup sendmail checks against Cyrus for if a ma

virtual domains, cyrus and lmtp integration

2013-05-29 Thread Carl Brewer
G'day, I'm making the long, long overdue migration to postfix from an ancient Sendmail setup that's using virtual domains and real-time username checks against a Cyrus mail spool (no local UNIX accounts). I've done a lot of googling and found a few different howtos that mostly agree, but I h

Re: 2.7 RPM

2010-02-24 Thread Carl Brewer
For the archive, I had to change the postfix.spec slightly for it to build on CentOS 5.4 x64, by setting with_sasl to 2 The sender_dependent_default_transport_maps feature works a treat, thankyou Wietse. Carl

Re: 2.7 RPM

2010-02-24 Thread Carl Brewer
Carlos Williams wrote: Does anyone happen to know if anyone is kindly dedicating their time to creating a Postfix 2.7 RPM for download? I know this is extremely time consuming but I am really interested to try out Postfix 2.7 on my CentOS x64 server. I realize Simon was responsible for creating t

Re: Postfix 2.7.0 stable release available

2010-02-15 Thread Carl Brewer
Wietse Venema wrote: - Support for reputation management based on the local SMTP client IP address. This is typically implemented with "FILTER transportname:" actions in access maps or header/body checks, and mail delivery transports in master.cf with unique smtp_bind_address values. I'm

Re: Setting a different IP address for different users?

2010-02-10 Thread Carl Brewer
Carl Brewer wrote: A quick one, I hope, postfix v 2.3.3 on a server with multiple IP addresses. Is it possible to have a policy stating that email from a particular address goes out using a specific IP address, and everything else by the system's default IP address? I want to isol

Setting a different IP address for different users?

2010-02-10 Thread Carl Brewer
A quick one, I hope, postfix v 2.3.3 on a server with multiple IP addresses. Is it possible to have a policy stating that email from a particular address goes out using a specific IP address, and everything else by the system's default IP address? I want to isolate a mailing list to its own

Re: quick query re forwarding local mail to another server

2010-01-05 Thread Carl Brewer
mouss wrote: move all domains from mydestination and virtual_mailbox_domains to relay_domains. To confirm, (there's no relay_domains in my main.cf at the moment) : I have at present : mydestination = $myhostname, localhost.$mydomain, localhost, /etc/postfix/relay_domains.cf I should cha

quick query re forwarding local mail to another server

2010-01-05 Thread Carl Brewer
I'm having to do an urgent job on a postfix box that I'm not overly familiar with, and it involves moving to a new server. I've got a bunch of local accounts and while the move is happening I need the local accounts emails to be forwarded to the new box, which has the same accounts on it.