On 1/21/2015 6:46 AM, Scott Kitterman wrote:
The Perl implementation is very simple. Depending on your needs, it may or
may not be sufficient.
What would you want to see done differently with the Perl version?
On 1/18/2015 12:49 PM, SW wrote:
I have contacted the port maintaner but he couldn't help.
Can anyone else assist please?
There are known issues with DNS lookups in python. You could use
postfix-policyd-spf-perl instead.
On 12/14/2014 5:05 PM, Richard Damon wrote:
Other mailing list systems have adopted some work arounds for this
problem, a common one is to "munge" the From: line to be the list
address (and setting Reply-To: to the poster), or wrapping the message
in a wrapper that is from the list, and the messa
On 11/25/2014 8:48 AM, Viktor Dukhovni wrote:
On Tue, Nov 25, 2014 at 08:10:28AM -0800, Darren Pilgrim wrote:
For example, if a domain has MX records, but we drop them all, it
may not be appropriate to then use the A/ records. Rather, it
seems that such a domain is unreachable. So the
On 11/25/2014 8:06 AM, Viktor Dukhovni wrote:
On Mon, Nov 24, 2014 at 01:38:15PM -0500, Wietse Venema wrote:
/etc/postfix/smtp_dns_reply_filter:
# /domain ttl IN address/ action, all case-insensitive.
# Note: the domain name ends in ".".
/^\S+\.g
On 11/24/2014 8:03 AM, Wietse Venema wrote:
Darren Pilgrim:
On 11/23/2014 8:42 PM, Peter wrote:
On 11/24/2014 02:25 PM, Darren Pilgrim wrote:
You can't use policy services with the smtp client, only the smtp server.
Weitse's proposal to use tcp tables is probably a better approa
On 11/23/2014 8:42 PM, Peter wrote:
On 11/24/2014 02:25 PM, Darren Pilgrim wrote:
You can't use policy services with the smtp client, only the smtp server.
Weitse's proposal to use tcp tables is probably a better approach
anyways, but you can use a policy daemon and route from s
On 11/23/2014 1:46 AM, Peter wrote:
On 11/23/2014 02:10 PM, Wietse Venema wrote:
It could be kludged together with a transport map based on tcp_table
or socketmap, plus some clever scripting to generate the right
transport map responses.
I think a more elegant solution that should work would b
On 11/23/2014 9:59 AM, John wrote:
If you can explain why adding the stanzas to master "cures" the problem
I am all ears!
It didn't. Some other factor (e.g., path or load problems with HE's
nameservers) is the real culprit. Google's DNS lookup paths are overly
sensitive to resolution delays
On 11/22/2014 5:10 PM, Wietse Venema wrote:
Darren Pilgrim:
if ipv4 is still working you could
- modify your local dns resolver to strip the part in it's answer
for the hosts in question
I thought about that, but the domains in question use DNSSEC and I
generally try not to break
On 11/22/2014 1:12 PM, A. Schulze wrote:
Darren Pilgrim:
But now I have a second such doamin, and I'd like to head-off a
maintenance problem. All such domains use the same set of MXes, so
it's an obvious pattern to switch transports if the next hop is one
of the offending MXes.
I've run into a problem with a hosting service's IPv6 connectivity.
Their IPv6 broken such that they get odd transient failures. Normally
not a problem, but their anti-spam appliance or whatever they're using
in front of their mail servers hard-bounces on those failures instead of
following th
On 8/26/2014 12:12 PM, Wietse Venema wrote:
Darren Pilgrim:
On 8/22/2014 4:17 AM, Wietse Venema wrote:
Darren Pilgrim:
Postfix doesn't appear to do alias resolution on the REDIRECT'ed
address. Do I need to add something to a setting that controls
lookups on redirects?
REDIRECT
On 8/22/2014 4:17 AM, Wietse Venema wrote:
Darren Pilgrim:
Postfix doesn't appear to do alias resolution on the REDIRECT'ed
address. Do I need to add something to a setting that controls
lookups on redirects?
REDIRECT addresses are currently not subject to "before queue&quo
On 8/21/2014 2:49 PM, Viktor Dukhovni wrote:
On Thu, Aug 21, 2014 at 02:22:46PM -0700, Darren Pilgrim wrote:
I want to rewrite the envelope recipient of a message if it's from a
specific sender, but have that rewrite change the envelope before reaching
permit_auth_destination (i.e
On 8/21/2014 2:49 PM, Viktor Dukhovni wrote:
On Thu, Aug 21, 2014 at 02:22:46PM -0700, Darren Pilgrim wrote:
I want to rewrite the envelope recipient of a message if it's from a
specific sender, but have that rewrite change the envelope before reaching
permit_auth_destination (i.e
I want to rewrite the envelope recipient of a message if it's from a
specific sender, but have that rewrite change the envelope before
reaching permit_auth_destination (i.e., an immediate, before-queue
rewrite). I want this so that I don't have to allow open relay from a
given address just to
On 7/18/2012 9:51 AM, Wietse Venema wrote:
Darren Pilgrim:
On 2012-07-18 03:08, Wietse Venema wrote:
Darren Pilgrim:
inet_protocols = ipv4
Well there is your problem.
No, that was postconf -n from the working config (which is ipv4 only).
I offered to help, and you sent the configuration
On 2012-07-18 03:08, Wietse Venema wrote:
Darren Pilgrim:
inet_protocols = ipv4
Well there is your problem.
No, that was postconf -n from the working config (which is ipv4 only).
Per the first email, I set inet protocols = ipv4, ipv6 when I added the
IPv6 address.
On 2012-07-17 03:58, Wietse Venema wrote:
Darren Pilgrim:
I have Postfix v2.9.1 installed from ports. My OS is:
# uname -a
FreeBSD catnip.pilgrimaccounting.com 8.3-RELEASE-p3 FreeBSD
8.3-RELEASE-p3 #0: Thu Jun 14 13:08:22 PDT 2012
r...@catnip.pilgrimaccounting.com:/usr/obj/usr/src/sys/CATNIP
I have Postfix v2.9.1 installed from ports. My OS is:
# uname -a
FreeBSD catnip.pilgrimaccounting.com 8.3-RELEASE-p3 FreeBSD
8.3-RELEASE-p3 #0: Thu Jun 14 13:08:22 PDT 2012
r...@catnip.pilgrimaccounting.com:/usr/obj/usr/src/sys/CATNIP amd64
When I enable IPv6 with the following in main.cf:
On 2011-02-19 05:47, Wietse Venema wrote:
Darren Pilgrim:
IPv6 prefixes that should match 2001:db8::/32 and fe80::/16,
respectively, per the search algorithm, but they have less than two
octet pairs.
You are now talking about a PREFIX.
A PREFIX is not an ADDRESS.
The ADDRESS is 3-8 fields
The man pages given in the subject both state an IPv6 address "is a
sequence of three to eight hexadecimal octet pairs separated by ':'."
I find that a tad unclear. How is :: handled? Can I put 2001:db8:1::1
or do I need to enter it as 2001:db8:1:0:0:0:0:1? Does the format
support trimming
I'm testing a filter that's available as both a milter and as a
postfix-style policy daemon listening on a unix socket. Either way, the
functionality of the filter is identical. Which approach is better?
Milter or unix socket? In this case, better is actually two separate
criteria: performan
Steve wrote:
It seems a bit convoluted by my guess would be to set up two main.cf
files, the seconds (short) version denying everything and then get cron
to swap these in and out at the required times. I guess, doing it this
way, I can set some exemptions and white listing in the second conf.
W
ram wrote:
Can I implement smtp_sender_login_maps such a way that
* for selective accountids reject_sender_login_mismatch
* And the for the rest Permit any sender id if authenticated
smtp_sender_login_maps works the other way around (it maps MAIL FROM to
SASL login). What you want involve
Simon wrote:
Jun 8 07:15:19 mail-in1 postfix/trivial-rewrite[23183]: warning: mysql
query failed: Illegal mix of collations (latin1_swedish_ci,IMPLICIT) and
(utf8_general_ci,COERCIBLE) for operation '='
Jun 8 07:15:19 mail-in1 postfix/trivial-rewrite[23183]: fatal:
mysql:/etc/postfix/mysql-tr
admin2 wrote:
hi there list people,
I am just getting used to admin'ing postfix and got TLS working on both
port 25 and port 587.
I am now attempting to get SSL via port 465 working. I have the port
answering, can see the banner, and can even authenticate when I 'telnet
localhost 465' afte
Wietse Venema wrote:
Wietse Venema:
Darren Pilgrim:
Wietse Venema wrote:
The "domain in a host" approach appears to be more common with web
services: 3346 of 3755 domains used the same IP addresses for the
domain itself as for web services (http://www.domain). I had
expected a lar
Wietse Venema wrote:
The "domain in a host" approach appears to be more common with web
services: 3346 of 3755 domains used the same IP addresses for the
domain itself as for web services (http://www.domain). I had
expected a larger number here.
Number of domains = 3755
with A records = 3147
Matthias Dietrich wrote:
Am 02.05.2009 um 22:15 schrieb Darren Pilgrim:
Mail store folder creation is the responsibility of your delivery
agent, but you didn't state which delivery agent you're using.
When going through the tutorial I didn't thought about MDAs, but as I
s
post...@corwyn.net wrote:
if I have an account us...@example.com it works just
fine. However, when mail is sent to us...@example.com it also
delivers, but ends up creating a new file structure so I end up with:
/var/spool/mail/example.com/user1 (with lower case mail in it)
and
/var/spool/mail
I have a setup with postfix MXes handing mail off to postfix backend
mailbox servers via smtp. I currently have transport_maps returning
"relay:[fqdn]" where fqdn is the backend server hostname to which mail
is delivered. I want to change this to individual transports (one per
backend) so I c
Ed W wrote:
Anyone got any good recipes for restricting mail in the case of mail
apparently sent FROM a local address, TO the same local address, apart
from obviously writing a policy server?
(It's to try and tighten up some checks on high probability spam)
How do you want to restrict the em
Alexander Hoogerhuis wrote:
Patrick wrote:
/etc/postfix/main.cf:
smtpd_recipient_restrictions =
permit_mynetworks
reject_authenticated_sender_login_mismatch
permit_sasl_authenticated
reject_unauth_destination
(etc)
smtpd_sender_login_maps = mysql:/etc/pos
Udo Rader wrote:
Hmm, I've never heard of dovecot being able to deal with non-plaintext
passwords in connection with SASL. Are you sure that that can be done
without patching?
Dovecot supports[1] quite a few non-plaintext mechanisms.
1: http://wiki.dovecot.org/Authentication/Mechanisms
Which
Dave wrote:
On Wed, Jan 28, 2009 at 7:31 PM, Darren Pilgrim wrote:
Dave (DavesTechShop.net) wrote:
Jan 28 19:18:23 ubuntu postfix/smtp[27317]: 13n20: to=,
relay=none, delay=8, delays=7.9/0.01/0/0, dsn=5.4.4, status=bounced (Host or
domain name not found. Name service error for name
Dave (DavesTechShop.net) wrote:
Jan 28 19:18:23 ubuntu postfix/smtp[27317]: 13n20:
to=, relay=none, delay=8, delays=7.9/0.01/0/0,
dsn=5.4.4, status=bounced (Host or domain name not found. Name service
error for name=localhost type=: Host not found)
You probably need "::1 localhost
Paweł Leśniak wrote:
The worst is I also have ~500 IPs which I can't
tell from logs (sender, recipient, ip, helo)
whether I want those messages or not.
They will filter themselves for you. Legitimate MTAs will retry dozens
to hundreds of times in 24 hours; however, zombies will only a try fe
A while back someone posted a message about how MTAs generally respond
to an unresponsive server given three different ways of setting up
multiple MX mail servers:
1. A single MX record with multiple A's for the hostname:
example.com mail is handled by 10 a.mx.example.com
a.mx.
IBBoard wrote:
I've been looking around but so far haven't been able to find anything
(partly because it's difficult to phrase a search query!). If someone
has a solution/config for this then that'd be great.
Before anyone points out issues with GMail and lack of control, this is
all being do
Frank Millman wrote:
Before (not working)
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = example.com
myhostname = fcserver.example.com
myorigin = $mydomain
example.com is not in $mydestination, so Postfix relays all example.com
mail to $relayhost.
Frank Millman wrote:
Assume our domain name is example.com, and our email addresses are
f...@example.com, b...@example.com, etc.
In main.cf, I had the following -
myhostname = fcserver.example.com
mydomain = example.com
myorigin = $mydomain
I have now changed it to -
myhostname = example.com
Patrick wrote:
I have Postfix set up using virtual domains with sasl enabled such that to
send an e-mail they need to login with "usern...@domain.com".
As it is, however, when a user logs in to the smtpd, they can thereafter
treat my mail server as an open relay & forge their "Mail From" address
mouss wrote:
Darren Pilgrim a écrit :
mouss wrote:
Charles Marcus a écrit :
On 12/25/2008, Darren Pilgrim (post...@bitfreak.org) wrote:
Cyrus-SASL 2.1.22 (on B and C for SMTP client SASL)
You might try just using dovecot-sasl - one less package to
install/maintain, and it works as well or
I have three Postfix instances, A, B and C. A is an MX for B and C's
domains and the relayhost for B and C. B and C are mailbox and
submission hosts for their users. The servers presently use PLAIN
authentication. I want them to use DIGEST-MD5 authentication instead.
Software:
Dovecot 1.1.
aio shin wrote:
we have a local access restriction that denied emails from outside to
be able to reach those users on the access list.
smtpd_recipient_restrictions =
check_sender_access hash:/etc/postfix/restricted_senders
permit_mynetworks
permit_sasl_authenticated
King Spook wrote:
I'm getting hit pretty hard with spam, and was hoping to reduce it a
bit by adding the following smtpd restrictions:
smtpd_helo_restrictions = reject_invalid_helo_hostname,
reject_non_fqdn_helo_hostname
smtpd_sender_restrictions = reject_non_fdqn_sender
Is that safe to do?
Y
vivek.agrawal wrote:
relayhost=smtp.gmail.com
If you want to use GMail as a smarthost relay, you need to enable SASL
authentication and TLS on Postfix's smtp transport and provide a
username and password for GMail's server. There's a section[1] in the
SASL_README on this. To enable TLS, yo
Swati Meghanand wrote:
I have configured a postfix mail server with mysql virtual domains/users.
I had a (test) domain say foo.test.com and a user
for that domain no...@foo.test.com
The mail server is having IP address 222.333.444.55
But now if
I send mail from: no...@foo.test.com to rcpt to:
Rob Tanner wrote:
Hi,
I need to run a separate instance of postfix in order to accommodate a
FAX server. I created the directory /etc/postfix/fax and copied and
customized the main.cf and master.cf files from the default directory to
this new directory. I also copied post-install, postfix-f
Stephen Liu wrote:
Nov 17 16:31:59 xen05 authdaemond: failed to connect to mysql server
(server=localhost, userid=mail): Access denied for user
'mail'@'localhost' (using password: YES)
Nov 17 16:31:59 xen05 imapd: LOGIN FAILED, [EMAIL PROTECTED],
ip=[:::192.168.0.110]
Nov 17 16:31:59 xen05 im
52 matches
Mail list logo
