I'm quite locked to running the distributions version of postfix
(currently 2.6.6), but also would very much to take advantage of
postscreen for turning away zombies. I saw in the postfix-2.7.0
announcement that it would be possible to use postscreen from v2.8
with postfix v2.7, and also the POSTSC
On Thu, Oct 20, 2011 at 08:44:03AM -0500, k...@rice.edu wrote:
>
> I would think that a SAN cert with all the names of the gateways
> listed should work and is available from most "reputabble" CA's.
Yes, you're right, and then there are cheap wildcard certs too -- but
that adds maintenance. Will
I'm considering if I should enable opportunistic TLS on our smtp
gateways. Our gateways are known by several DNS names, so I think it
will be difficult to use certificates signed by a "reputable" CA.
It seems safe enough to enable smtp_tls_security_level=may, but how
do other mailservers behave i
On Wed, Aug 31, 2011 at 07:12:12AM -0400, Wietse Venema wrote:
> >
> The server replies with 502 because LMTP uses LHLO, while SMTP uses
> HELO or EHLO, and for good reasons: the protocol has different
> replies for multi-recipient email.
Doh... I was confused and thought it was connecting to por
On Wed, Aug 31, 2011 at 09:16:36AM +0200, Jan-Frode Myklebust wrote:
> I would like to point postfix' virtual_transport at several addresses
> for lmtp delivery, and hopefully want postfix to gracefully handle that
> any one of them might be down.
>
>
I would like to point postfix' virtual_transport at several addresses
for lmtp delivery, and hopefully want postfix to gracefully handle that
any one of them might be down.
virtual_transport = lmtp:loadbalancers.example.com:24
What's the best way of doing that? Will simple rr-dns work:
On Thu, May 12, 2011 at 07:59:02AM -0400, Wietse Venema wrote:
> Jan-Frode Myklebust:
> > We just got bitten by a strange problem with our mynetworks-file. In
> > main.cf we have mynetworks = /etc/postfix/mynetworks, and the
> > /etc/postfix/mynetworks has been used to bot
We just got bitten by a strange problem with our mynetworks-file. In
main.cf we have mynetworks = /etc/postfix/mynetworks, and the
/etc/postfix/mynetworks has been used to both include and exclude
networks for ages... using the format:
BLACKLISTING ###
## Only blocked systems
On Thu, Jan 13, 2011 at 10:38:05AM -0200, Deives Michellis wrote:
> Perdition works WITH dovecot (or whatever imap server you use). It's
> just a proxy - will redirect connections based on username, origin,
> etc...
Yes, I know, and "dovecot director" also works with dovecot (or any
other imap ser
On Thu, Jan 13, 2011 at 09:59:26AM -0200, Deives Michellis wrote:
> Have you guys considered using Perdition to proxy/redirect IMAP/POP to
> distribute backend storage to as many as backends as you want?
Yes, but I prefer dovecot (since that's what we're running on the
backend POP/IMAP-servers). I
On Thu, Jan 13, 2011 at 07:36:12AM +0200, Jaques Cochet wrote:
>
> I'm working on a mail system design for an ISP that includes hosting
> of multiple virtual domains managed by this ISP (300.000 mailbox). HA
> and performance are both important concerns for the client, so I have
> at least 2 of ev
On Tue, Sep 07, 2010 at 06:38:15PM -0500, Noel Jones wrote:
> If you have customers sending large amounts of abusive mail, seems
> as if there would be better ways to deal with that eg. sender
> quotas, monitoring of undeliverable mail, inbound spam/virus
> scanning, etc. But I'm not an ISP; I can
On Tue, Sep 07, 2010 at 08:20:36PM +0200, Jeroen Geilman wrote:
> On 09/07/2010 06:57 PM, mouss wrote:
> >
> >OP is an ISP providing outbound relay to residential users. his
> >problem is not easy to solve.
> >
Thanks for understanding. I´ve gotten information off list that gmail
are setting the s
On Mon, Sep 06, 2010 at 06:29:28PM -0500, Noel Jones wrote:
>
> I fail to see how controlling your users From: addresses will affect
> a backscatterer.org listing.
I'm thinking we can accept sending some backscatter to our own
customers, at least as long as it's authenticated backscatter and we c
We want to get our smarthosts off the backscatterer.org lists,
but still needs to let our users send from addresses not under
our control, so I was thinking of maybe of forcing all users
that wants to send email from not-our-addresses to sasl-authenticate
and hopefully postfix can then set envelop
15 matches
Mail list logo
