On Fri, 2013-05-31 at 17:33 -0700, Bryan Irvine wrote:
> I've always found the OpenBSD method the easiest. after 2.9 comes 3.0 then
> 3.13.9 then 4.0.
Guess that depends on how one interprets version "numbers"
Is it a plain number? Then the model as also used by OpenBSD makes sense
as 3.1
On Fri, 2013-05-31 at 16:43 -0500, /dev/rob0 wrote:
> My wish is that Postfix 3.0, should it ever happen, would be a
> rewrite which sacrifices backward compatibility and the easy
> upgradability. Many things were learned over the course of Postfix
> 1.x/2.x development, and a Postfix 3.0 (in my
Hi.
I think the best is major.minor.patch, with major being really ground
breaking changes, or those that add major incompatibilities... e.g.
getting rid of all kind of legacy config option names or such...
Minor being used for all other feature releases (which do not add major
incompatibilities
On Tue, 2012-10-30 at 09:24 -0400, Wietse Venema wrote:
> I repeat my constructive solution: contribute code and documentation
> that makes the mailbox format configurable.
I had noted below in the email before, that I'll need to take a loot at
the code first, before I can decide whether I can make
On Tue, 2012-10-30 at 02:06 +0100, Matthias Andree wrote:
> (I am aware of Wietse's reply to the message I am quoting.)
Yeah... so ongoing discussion on the issue itself is rather pointless,
nevertheless...
> > Well quoted printable encoding is of course a way around this, but
> > similarly as yo
Hey Matthias.
On Mon, 2012-10-29 at 21:45 +0100, Matthias Andree wrote:
> Well, if you'd looked at the date of your sources, you'd have known that
> others have failed establishing alternatives to what DJB or Rahul Dhesi
> or whoever dubbed "mboxo" in nearly two decades.
Well there are several pro
Hi Peter.
On Mon, 2012-10-29 at 12:36 +1300, Peter wrote:
> You know you could just use a different delivery agent that supports the
> mbox format you want. Nothing says that you have to use local(8).
Yeah of course...
But my wish to improve this is not for myself... neither do I use mbox*
(well
Oh and one more thing...
On Sun, 2012-10-28 at 17:00 -0400, Wietse Venema wrote:
> Breaking compatibility? Over my dead body.
You always seem to put high priority in having the most secure and
stable way in your decisions...
Even if there was some major compatibility issue with mboxrd (which I
do
On Sun, 2012-10-28 at 17:00 -0400, Wietse Venema wrote:
> Breaking compatibility?
Could you explain why you think it would break compatibility?
AFAIU, mboxrd just means that you also quote lines like
>From foo
to
>>From foo
(and the same for more trailing ">").
I wouldn't see how an existing clien
Hey Wietse.
On Fri, 2012-10-26 at 22:33 -0400, Wietse Venema wrote:
> Postfix implements traditional UNIX mbox format and locks.
Yeah clear...
> Theoretically it is possible to add a support bazillion variants.
Well... I only know about 4 variants, of which only one is really broken
(mboxo).
>
Hi Wietse, et all.
Not sure whether this is known already or not,... in any case I think
it's quite critical..
I recently stumbled over several MUAs/tools (e.g. Evolution, getmail)
that have their problems with the mbox format, namely by corruption
stored or imported mail in not quoting From_ li
On Wed, 2010-12-01 at 17:41 +0100, Ben wrote:
> Postfix choose
> local to deliver the mail, but I can't find why. I would like it uses
> maildrop instead.
You need to set up your hosted domains to be virtual hosted
(http://www.postfix.org/VIRTUAL_README.html).
Or change the transport for local d
On Mon, 2010-10-25 at 19:49 +0200, Jeroen Geilman wrote:
> Like doesn't enter into it.
>
> Discussion of SPF is verboten. simple.
Yeah I know,... but I thought Wietse might excuse me because I hoped one
could judge this as only answering a DNS question ;-D
Cheers,
Chris.
I know SPF is disliked here ;)
On Mon, 2010-10-25 at 14:20 -0200, Leonardo Rodrigues wrote:
> nnnINTXT"v=spf1 include:domain.com.br -all"
But using TXT for it is (IIRC) discouraged by the RFC and "SPF" RR
shoudl be used.
Cheers,
Chris.
On Thu, 2010-07-22 at 12:54 +0200, Denis BUCHER wrote:
> 4. But now when I try a "telnet (this machine) 25" from 213.213.213.213
> I get "Welcome" and I am not rejected ?
>
> Could someone tell me what I did wrong ?
Check http://www.postfix.org/SMTPD_ACCESS_README.html#timing which tells
you _whe
On Tue, 2010-01-12 at 04:02 -0600, Stan Hoeppner wrote:
> resolvconf has a long list of conflicts including ifupdown and bind8/9.
Uhm has it?
> Would using resolvconf
> break bind?
Unlikely,.. at least I'm using it together with bind9
> Aptitude seems to suggest this.
Well the resolvconf packag
On Tue, 2010-01-12 at 00:23 +0100, Dr. Lars Hanke wrote:
> Thanks Stefan,
> > The Debian packages of Postfix are running smtpd in a chroot by
> > default. The files necessary for this are copied by the init script
> > /etc/init.d/postfix - and amongst them is the resolv.conf you changed.
> >
> I
On Mon, 2010-01-11 at 11:04 -0500, Dennis Putnam wrote:
> I want to enforce TLS but I don't care what certificate the receiver
> uses. Thanks.
Apart from the fact that enforcing TLS with SMTP is usually a bad idea,
setting the
smtp_tls_security_level = encrypt
should usually do what you mean, enfor
On Sat, 2010-01-09 at 19:58 -0500, Wietse Venema wrote:
> EX_TEMPFAIL defers mail, as does EX_OSERR (system resource not
> available). All others are hard coded as non-retryable.
Thanks.
> Making this
> configurable is a couple hours of work (design a user interface,
> implement the code, test th
Hi.
Is there somewhere some documentation how each of the exit codes from
sysexit.h is interpreted by Postfix when used with pipe(8) (returned
e.g. by maildrop)?
I just now the EX_TEMPFAIL means that mail is defered, and I assume
EX_UNAVAILABLE leads to a bounce.
What about the others?
Hi Wietse.
The following could be another case were the scripts you've mentioned
create incorrect links:
http://www.postfix.org/MAILDROP_README.html#direct links in the first
sentence with the word maildrop to
http://www.postfix.org/QSHAPE_README.html#maildrop_queue . But I think
the word
Quoting Wietse Venema :
I suppose you can provide text for these?
It would be an honour :)
1)
The sender domain matches $href="postconf.5.html#mydestination">mydestination, $href="postconf.5.html#inet_interfaces">inet_interfaces or
$proxy_interfaces, but
the sender is not listed in $href="
Hi.
I might have found some further bugs or improvable positions:
1) http://www.postfix.org/postconf.5.html#smtpd_reject_unlisted_sender
tells which senders are accepted with which domains.
It seems however that sen...@domain is also accepted if it is set in
virtual_alias_maps and not only f
On Tue, 2009-12-29 at 17:29 -0500, Victor Duchovni wrote:
> > Adding example.com (or remote.domain) to mydestination above should mean
> > that ONLY @example.com (or @remote.domain or
> > @ is accepted, right?
> No. It means that example.com becomes a local domain.
Ok,.. of course,.. but only @ sho
On Tue, 2009-12-29 at 01:11 -0500, Victor Duchovni wrote:
> No, it means that address *normalization* to standard form is done
> at least three times:
>
> - smtpd resolve envelope addresses to
> (transport, nexthop, standard form)
> for ac
On Mon, 2009-12-28 at 14:27 -0500, Victor Duchovni wrote:
> The trivial-rewrite service does the rewriting, and the cleanup service
> updates the queue-file updating addresses in headers, ...
> No, but smtpd(8) uses normalized (via trivial-rewrite) recipient
> and sender addresses to make access d
Hi.
I'm still trying to understand some things, so perhaps some of you
could help me.
1) As far as I understood the address rewriting manual, rewriting
(including the app...@origin and append.domain) happens in
cleanup/trivial-rewrite, right?
But I have the impression that at least some r
Quoting Philippe Cerfon :
Regards,
Philippe
Uhm?! Aren't you Christoph? :-P
The bad face of identity theft ^^
Oops,.. ^^ That comes from not cleanly removing quotes ^^
Cheers,
Chris.
This message was sent using IMP, the Internet
Quoting John Peach :
No it should not - they know. The RFCs were written way before the
problems we have now. Feel free to update the RFCs if you so wish.
ok,... The problem is however, that it's quite difficult for "normal"
users to find restrictions which are more strict that the default but
Quoting Noel Jones :
To insure that local users aren't confused by a HEADER that looks as
if it came from the local domain, I use
remote_header_rewrite_domain = domain.invalid
Ah and by the way: This does not help if the remote user specifies a
fully qualified address (e.g. r...@host.domain),
Hi Ralph.
Quoting Ralph Johnston :
I would like to "collapse" (alias?) all our domains and subdomains
down to one, so email to a name @ any of our domains ends up in one
mailbox. I have this working (as best as I can tell) using virtual
domains.
In principle you could also do this by using
Hi Noel!
Quoting Noel Jones :
Of course I understand that mail does not guarantee sender authenticity
but this is still a security problem, isn't it?
I mean it's easily possible to reject reject_non_fqdn_sender and I think
even envelope sender addresses that match any of the canonical
domains,..
Hi.
btw: Thanks for your efforts in answering my questions, and sorry for
posting to -devel before (did not notice in the beginning, that this
is not meant for bug/feature reports).
Quoting Wietse Venema :
clients (depending on local_header_rewrite_clients) and for remote
clients only if r
Hi list.
Sorry for asking questions again ;)
Quoting Wietse Venema :
As far as I understood the documentation, if those two are at their default:
local_header_rewrite_clients = permit_inet_interfaces
remote_header_rewrite_domain =
local clients are subject to address rewriting, but remote ones
Quoting Wietse Venema :
> Virtual alias maps apply to all domains.
Uhm... ok,.. but for what is virtual_alias_domains then good for?
See: http://www.postfix.org/ADDRESS_CLASS_README.html
I've had read this before,.. but still did not understand the need for
virtual_alias_domains.
Now I think
Hi.
Regarding TLS ciphers for SMTP client and server and this aNULL thingy.
I was not really able to find some more information about this on the web.
What does it mean exactly? What is the issue with anonymous ciphers?
Is it "just" that client certificate authentication does not work with the
Hi.
As far as I understood the documentation, if those two are at their default:
local_header_rewrite_clients = permit_inet_interfaces
remote_header_rewrite_domain =
local clients are subject to address rewriting, but remote ones are not.
Unfortunately it seems that my postfix (2.6.5 from Debian
37 matches
Mail list logo
