[pfx] Re: Check Client Access

2025-07-30 Thread Jaroslaw Rafa via Postfix-users
xtended regular expressions. Both above are extended REs. Use pcre: instead of regex: to use extended REs. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a H

[pfx] Re: Postfix authentication with LDAP

2025-07-02 Thread Jaroslaw Rafa via Postfix-users
housands of them, any method of storing the data should do. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." _

[pfx] Re: Postfix authentication with LDAP

2025-07-02 Thread Jaroslaw Rafa via Postfix-users
; > Yes, I am looking for authentication. For example, printers, scanners, > applications will need to send email to relay servers and this > requires authentication. These probably have fixed IP addresses (if not, they should). Could you just allow mail from them by IP address? -- Regards,

[pfx] Re: Let's Encrypt ending TLS Client Authentication

2025-05-14 Thread Jaroslaw Rafa via Postfix-users
a publicly available CA like Let's Encrypt. So this change should not affect you at all. By the way: I don't see "smtp_use_tls=yes" in your config; there's only "smtpd_use_tls=yes". So it seems that you are *sending* the mail unenc

[pfx] Re: MTA-STS and STARTTLS

2025-05-14 Thread Jaroslaw Rafa via Postfix-users
it's OK as well, if they don't make the procedure too hard and complicated. But putting a MiTM box without user consent, and even knowledge, is not. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there

[pfx] Re: Postfix Not Refreshing TLS Certs Even After Reboot

2025-05-14 Thread Jaroslaw Rafa via Postfix-users
rvice) > will be in plain text as intended.To the rest of the list I Sadly it's not. Something is still changing your email to HTML. Good that your original issue was resolved however :) -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they

[pfx] Re: MTA-STS and STARTTLS

2025-05-14 Thread Jaroslaw Rafa via Postfix-users
ferent IP address than the actual IP address of your server - the address of the "middle" box. They probably don't tell you that address, which means you can't even set your SPF record properly! If I were you, I would move the VPS to a provider that behaves normally. -- Regards,

[pfx] Re: Postfix Not Refreshing TLS Certs Even After Reboot

2025-05-13 Thread Jaroslaw Rafa via Postfix-users
e, don't send HTML-only mail to the list. It's a part of longstanding mailing list etiquette that you don't do this. Some of us are reading the eamil in plain text. -- Pozdrowienia, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they'

[pfx] Re: Incoming OpenDKIM signature verification failing

2025-05-09 Thread Jaroslaw Rafa via Postfix-users
y and seeing the first failed signature, indicates the overall result as DKIM failure. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub."

[pfx] Re: Postfix TLS Library Problem No such file

2025-05-06 Thread Jaroslaw Rafa via Postfix-users
(/usr/local/etc/letsencrypt/live/kasdivi.com/privkey.key, r): Chroot problem? -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with

[pfx] Re: Would Postfix be suitable for transferring data from local mobile devices via email?

2025-04-29 Thread Jaroslaw Rafa via Postfix-users
access that server, you don't even actually need a functioning DNS for that, the only thing you need is that the private domain you choose is set up in the Postfix configuration so that Postfix recognizes it as its proper destination domain. -- Regards, Jaros

[pfx] Re: Would Postfix be suitable for transferring data from local mobile devices via email?

2025-04-29 Thread Jaroslaw Rafa via Postfix-users
uters in my network to my "main" computer, and I don't have to use different tools on different devices (and learn them all). -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they&

[pfx] Re: How to correctly prepend headers to email with multiple recipients?

2025-04-24 Thread Jaroslaw Rafa via Postfix-users
arlier, full session log from Sendmail was perfect > solution for us, but Postfix does not have such functionality. As usual in such cases, I think you can write a milter that would do the job exactly as you want. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids

[pfx] Re: How to correctly prepend headers to email with multiple recipients?

2025-04-23 Thread Jaroslaw Rafa via Postfix-users
ients that are in the envelope and already are in "To:" or "Cc:" headers, what's the point of it? -- Pozdrowienia, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with h

[pfx] Re: Help with whitelist RBL lists

2025-04-14 Thread Jaroslaw Rafa via Postfix-users
not matched by any of these rules, it is allowed, which means only that it passes this stage of restrictions and proceeds to next ones, which can still reject a message. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they

[pfx] Re: Bests Database

2025-03-29 Thread Jaroslaw Rafa via Postfix-users
the default configurations to just update nftables on localhost. Maybe I'm missing something, but doesn't fail2ban in such a simple case just do it "out of the box"? -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they'

[pfx] Re: mail forwarding loop (chaining fetchmail | spamc | sendmail)

2025-03-17 Thread Jaroslaw Rafa via Postfix-users
e message and move it to another folder, but as far as I remember, there are some tools for that (movemail comes to mind, but I think it's discontinued...) -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there

[pfx] Re: mail forwarding loop (chaining fetchmail | spamc | sendmail)

2025-03-16 Thread Jaroslaw Rafa via Postfix-users
then you can do that with a simple "mv" command. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." _

[pfx] Re: postconf -e and missing trailing newline in main.cf

2025-03-15 Thread Jaroslaw Rafa via Postfix-users
y say that a *proper* text editor - among other features - allows you to create text files with or without a trailing newline, depending on your choice, and doesn't force anything on you :) -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they&#

[pfx] Re: dmarc, dkim & spf failed but that message was delivered anyway

2025-03-11 Thread Jaroslaw Rafa via Postfix-users
stress that tese mechanisms were never designed as a means to filter spam. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her

[pfx] Re: dmarc, dkim & spf failed but that message was delivered anyway

2025-03-09 Thread Jaroslaw Rafa via Postfix-users
certainly might have to receive and read these messages, as they may be important to you. And the fact that the originator chose *not* to DKIM sign these messages has nothing to do with their importance or unimportance. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, whe

[pfx] Re: dmarc, dkim & spf failed but that message was delivered anyway

2025-03-09 Thread Jaroslaw Rafa via Postfix-users
r all. No. The goal of SPF and DKIM is *not* fighting spam, and never was. These are mechanisms to protect against *forgery* of email. Forgery has nothing to do with spam. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: o

[pfx] Re: double dkim signature (sendmail)

2025-03-08 Thread Jaroslaw Rafa via Postfix-users
milters out there). If you run amavisd-new, it can call spamassassin code internally, so you don't need a separate spamassassin milter. You can of course use rspamd instead, or in addition to above. It all depends on how do you want to configure it. -- Regards, Jaroslaw Rafa r...@rafa

[pfx] Re: smtp_fallback_relay and smtp_tls_wrappermode

2025-02-28 Thread Jaroslaw Rafa via Postfix-users
localhost:1 to relay_server:465, and set in Postfix config to use just localhost:1 as a relay, without STARTTLS at all. Stunnel is a great tool when you want to make a TLS-wrapped connection from, or to, something that doesn't support TLS wrapper mode natively :) -- Regards, Jaros

[pfx] Re: smtp_fallback_relay and smtp_tls_wrappermode

2025-02-28 Thread Jaroslaw Rafa via Postfix-users
ion into stunnel, that should work. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." ___ Postfi

[pfx] Re: Searching for old Postfix 2.0.6 RPM-packaged for Red Hat 6.2 (classic)

2025-01-30 Thread Jaroslaw Rafa via Postfix-users
seems to be down. It responds to pings, but FTP connection times out. The IP addresses for the domain archive.download.redhat.com resolve to PTRs that indicate it is hosted on Akamai CDN, which probably doesn't support FTP. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million

[pfx] Re: Is it possible/easy to block incoming for the real account name but accept the alias/canonical?

2025-01-26 Thread Jaroslaw Rafa via Postfix-users
ges that are coming from the secondary MX to the primary, and reject if they are sent directly to primary. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with he

[pfx] Re: milter service connection refused

2025-01-22 Thread Jaroslaw Rafa via Postfix-users
new opendkim above. That's typical "wrapper" approach used when you want to modify behaviour of a program that is called from within other program. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids g

[pfx] Re: sender_bcc_maps & recipient_bcc_maps question

2025-01-15 Thread Jaroslaw Rafa via Postfix-users
your problem, but I just want to mention that you don't need to run an external process (cat) here. You can just alias ignorethis to /dev/null with pretty much the same effect, but you save running an additional process. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million ye

[pfx] Re: Is possible with postfix to do port-based routing?

2024-12-20 Thread Jaroslaw Rafa via Postfix-users
eply sent by the (human) recipient should go, and there's "Return-Receipt-To", to indicate the address where automatically-generated replies - like DSNs - should go. There's no such thing as "Return-To". -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a mill

[pfx] Re: DHL messed their DNS?

2024-12-11 Thread Jaroslaw Rafa via Postfix-users
org/ -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." ___ Postfix-users mailing list -- postfix-u

[pfx] Re: chroot and debian: a blast from the past

2024-12-09 Thread Jaroslaw Rafa via Postfix-users
" of time the system is running, but for me it happens often enough that I don't want to go each time through remount-rw/remount-ro routine. Of course, I understand that someone may choose to do this as a "safety net" - as you said - but it's just not my thing :). -- Regards

[pfx] Re: chroot and debian: a blast from the past

2024-12-09 Thread Jaroslaw Rafa via Postfix-users
hing then? -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." ___ Postfix-users mailing list -- post

[pfx] Re: virtual alias expansion explicit prevention

2024-12-05 Thread Jaroslaw Rafa via Postfix-users
ipient_bcc_maps ), bcc_recipient_maps is applied only once, and the recipients mentioned there don't get another copy of the same message ("To avoid mailer loops, automatic BCC recipients are not generated after Postfix forwards mail internally, or after Postfix generates mail itself.")

[pfx] Re: virtual alias expansion explicit prevention

2024-12-05 Thread Jaroslaw Rafa via Postfix-users
le.net", what should happen to that mail? Maybe there are some other scenarios that I don't see right now, and that should be considered (for example what should happen if one of the employees mails "off...@example.net" ?). -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- &q

[pfx] Re: Problems Receiving Email But Only from Microsoft/Outlook [lost connection after EHLO]

2024-12-03 Thread Jaroslaw Rafa via Postfix-users
Dnia 3.12.2024 o godz. 17:38:40 Wietse Venema via Postfix-users pisze: > (*) Someone roported long ago that they fixed an obscure Postfix > networking problem by plugging the server into a different port. Hm... candidate for another case of "500 mile email" ? -- Regards,

[pfx] Re: [ext] Re: Odd bounce referrring to BareLinefeedsAreIllegal

2024-11-27 Thread Jaroslaw Rafa via Postfix-users
sender's side did the same - connected to your server, then rejected the message and aborted connection? -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she

[pfx] Re: [ext] Re: Odd bounce referrring to BareLinefeedsAreIllegal

2024-11-27 Thread Jaroslaw Rafa via Postfix-users
our Postfix, *then* rejects the message because of bare LFs and closes the connection to your Postfix without completing the SMTP transaction. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, a

[pfx] Re: mail records on CNAME

2024-11-04 Thread Jaroslaw Rafa via Postfix-users
didn't see it in actual use): example1.com.INCNAME example.com example.com. INMX10 mail.example.com. example.com. INTXT "v=spf1 a mx ~all" and the question is, how MX and SPF lookups for example1.com (not example.com) will behave.

[pfx] Re: mydestination shared domains?

2024-11-03 Thread Jaroslaw Rafa via Postfix-users
"mydestination" parameter elsewhere, for example in virtual alias file. You cannot use the same domain in both places; the domain can be either a local one (used in "mydestination" parameter) or a virtual one (used in virtual alias file), but not both. -- Regards, Jaroslaw Rafa

[pfx] Re: User unknown in local recipient table (in reply to RCPT TO command)

2024-10-29 Thread Jaroslaw Rafa via Postfix-users
igin mydestination > myhostname = MacServe.home > myorigin = $mydomain > mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain We already know that "user@home" works and "u...@macserve.home" does not. Have you tried the other two (user@localhost and u...@loca

[pfx] Re: smtp_tls_security_level defaults question

2024-10-23 Thread Jaroslaw Rafa via Postfix-users
Something bad happened to the list (?), as your message seems to be repeated multiple times, with Chinese characters prepended to the subject and list footer appended to the body multiple times. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to s

[pfx] Re: Postfix and sasl question

2024-10-23 Thread Jaroslaw Rafa via Postfix-users
blishing an IMAP session first, this solution is not for you. But in my case it works very well. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub.&q

[pfx] Re: Delay when sending mail via email client

2024-10-16 Thread Jaroslaw Rafa via Postfix-users
rver, you *should* run your local resolver. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." ___

[pfx] Re: [RFC, sketch] IPv6 only trust of mail network

2024-10-15 Thread Jaroslaw Rafa via Postfix-users
operator of a "secure email" system may put some provisions in place to be able to send mail from "secure email" system to "normal" email recipient (but I'm not sure what about a reply?). Do I understand you correctly? That's why I called it "walled garden

[pfx] Re: [RFC, sketch] IPv6 only trust of mail network

2024-10-15 Thread Jaroslaw Rafa via Postfix-users
from half of the Internet. I don't see a third option here... -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." __

[pfx] Re: [RFC, sketch] IPv6 only trust of mail network

2024-10-15 Thread Jaroslaw Rafa via Postfix-users
ing this. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." ___ Postfix-users mailing list -- post

[pfx] Re: [RFC, sketch] IPv6 only trust of mail network

2024-10-14 Thread Jaroslaw Rafa via Postfix-users
our users into thinking that they can actually send "email" to any email address, while this won't be true for a large majority of potential recipients. Thank you for your understanding. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school

[pfx] Re: filtering maillog events from yesterday

2024-10-10 Thread Jaroslaw Rafa via Postfix-users
rts at the beginning of the line. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." ___ Postfix-use

[pfx] Re: filtering maillog events from yesterday

2024-10-10 Thread Jaroslaw Rafa via Postfix-users
500 Does your /var/log/maillog *really* contain dates in "%Y-%m-%d" format? Because mine contains only like "Oct 10" at the beginning. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school,

[pfx] Re: XCLIENT and permit_sasl_authenticated

2024-09-30 Thread Jaroslaw Rafa via Postfix-users
ot;smtpd_relay_restrictions=permit_mynetworks,reject" should do what you want. While I don't know the exact value of your "mynetworks" parameter, it almost always includes localhost :). Normally one does always start the restrictions with "permit_mynetworks", so you would

[pfx] Re: RBLs at smtp level

2024-09-07 Thread Jaroslaw Rafa via Postfix-users
ly put it into spam folder if it exceeds some threshold. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." ___

[pfx] Re: Is possible with postfix to do port-based routing?

2024-08-15 Thread Jaroslaw Rafa via Postfix-users
custom-written application to send mail)? In the first case, you must have additional services defined in master.cf that listen on ports 7025, 7026. These can have different configuration than the main service on port 25. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, wh

[pfx] Re: openarc and forwarding to gmail

2024-08-04 Thread Jaroslaw Rafa via Postfix-users
crypted? No. That you have to give your account credentials to Google. This is so obvious yet people seem to miss it??? -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and

[pfx] Re: openarc and forwarding to gmail

2024-08-04 Thread Jaroslaw Rafa via Postfix-users
server, then you can configure gmail to access your > server and fetch the mail from it. This has a number of advantages: Buit this has one HUGE disadvantage, that is so obvious that I always wonder how people who advise to do this can not mention it? -- Regards, Jaroslaw Rafa r...@rafa.

[pfx] Re: Trouble blocking spammer domain

2024-07-31 Thread Jaroslaw Rafa via Postfix-users
n.spamgateway.nil". Do you see that sender address in your logs? If it's only the *connecting client IP address* that resolves to somehost.spamgateway.nil, and the sender's domain is different, then you should use check_client_access, not check_sender_access. -- Regards, Jaroslaw

[pfx] Re: Do you reject DMARC failures?

2024-07-30 Thread Jaroslaw Rafa via Postfix-users
al access list, but I don't remember when I last had to use it. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." ___

[pfx] Re: Do you reject DMARC failures?

2024-07-30 Thread Jaroslaw Rafa via Postfix-users
content filtering (SA + many custom rules). And as for the latter, the messages are sent to spam folder, never rejected. Rejections are based only on first two. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there

[pfx] Re: #5.7.0 Must issue a STARTTLS command first (in reply to MAIL FROM command) - how to repair?

2024-07-29 Thread Jaroslaw Rafa via Postfix-users
on_cache_database = btree:${data_directory}/smtpd_scache > smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtp_tls_security_level = may is missing here. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: on

[pfx] Re: #5.7.0 Must issue a STARTTLS command first (in reply to MAIL FROM command) - how to repair?

2024-07-29 Thread Jaroslaw Rafa via Postfix-users
mail at all? If they reject plaintext mail with a message that STARTTLS is required and refuse STARTTLS when issued... ? -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and sh

[pfx] Re: #5.7.0 Must issue a STARTTLS command first (in reply to MAIL FROM command) - how to repair?

2024-07-29 Thread Jaroslaw Rafa via Postfix-users
target server not advertising it? -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." ___ Postfix-use

[pfx] Re: RFC logs_check

2024-07-24 Thread Jaroslaw Rafa via Postfix-users
an block it. It's all the matter of writing proper rules for fail2ban. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." ___

[pfx] Re: Cyrus SASL summary

2024-07-18 Thread Jaroslaw Rafa via Postfix-users
efers to Dovecot documentation: https://doc.dovecot.org/configuration_manual/howto/postfix_and_dovecot_sasl/ which covers only configuring submission auth. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once t

[pfx] Re: How to bounce e-mail when using catchall

2024-07-12 Thread Jaroslaw Rafa via Postfix-users
y incoming mail and forward it to the main server. Then the main server can regularly reject the mail for the non-existing recipient and accept it for the "catchall" one. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna kno

[pfx] Re: Need help debugging Python in Postfix

2024-07-09 Thread Jaroslaw Rafa via Postfix-users
ard_email.py And how do you call that filter from your config? Because just defining it in master.cf does nothing except the fact that it is defined :). But you have to actually *use* it after defining. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to sch

[pfx] Re: Handing off via localhost:10025 to spamassassin for scanning failure

2024-06-28 Thread Jaroslaw Rafa via Postfix-users
at I finally noticed is that the connection > in coming > from "localhost[::1]" a ipv6 connection. > > So on a long-shot I changed "inet_protocols = ipv4" and then > delivery worked. Let me guess: you don't have IPv6 address [::1] in "mynetworks=" ? --

[pfx] Re: No email forwarding?

2024-06-23 Thread Jaroslaw Rafa via Postfix-users
e done by any MTA without need to install additional software), and if spam will be identified in such message, it should not count towards forwarding server's reputation. But nobody wants to implement this, they rather want to advise against forwarding. -- Regards, Jaroslaw Rafa r...@ra

[pfx] Re: question for a directive in master.cf

2024-06-21 Thread Jaroslaw Rafa via Postfix-users
to enable it? Yes, you should. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." ___ Postfix-users

[pfx] Re: question for a directive in master.cf

2024-06-21 Thread Jaroslaw Rafa via Postfix-users
> alive? These commented out directives in master.cf are NOT defaults. They are commented out because by default, submission services are NOT enabled at all. If you want to enable them, you have to uncomment ALL lines for submission service to work correctly. -- Regards, Jaroslaw Rafa

[pfx] Re: SPF hostname and domainname

2024-06-21 Thread Jaroslaw Rafa via Postfix-users
ould align with the From: header domain. > > 4. Message should be DKIM signed. > > 5. Domain for the DKIM signature should align with the From: header domain. Maybe it's obvious, but if it's meant to be a checklist, you should add FCrDNS to that, and probably as the very f

[pfx] Re: REJECT sending mails to no-reply accounts

2024-06-20 Thread Jaroslaw Rafa via Postfix-users
havior by most mail providers, and if you routinely do sender callout, you may end up being blacklisted and having trouble when sending email yourself. I personally don't agree with this, but this is the position most mail server operators are taking now. -- Regards, Jaroslaw Rafa r...@

[pfx] Re: REJECT sending mails to no-reply accounts

2024-06-20 Thread Jaroslaw Rafa via Postfix-users
; ticket system gateway is out of the willingness to spend money on. > So any technical solution you can propose here, will be way out of > the area of interest of those people which will make those > decisions. They should not be *sending* any mail then. Simple enough? -- Regard

[pfx] Re: Troubleshooting roundcube connections to postfix

2024-06-17 Thread Jaroslaw Rafa via Postfix-users
: Is your Roundcube really connecting to the correct server? It's worth to double-check this. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she l

[pfx] Re: dmarc domain question

2024-06-02 Thread Jaroslaw Rafa via Postfix-users
s absent, DMARC will be checked based on SPF only. Because - as you have found - Google will anyway apply the DMARC record for the parent domain eu.org, over which you have no control, I think it is still better to have the own one. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a mi

[pfx] Re: dmarc domain question

2024-06-02 Thread Jaroslaw Rafa via Postfix-users
ARC record on the top-level .com domain for example. The various xxx.eu.org domains belong to different entities so they should not be processed under a common "umbrella". Use DMARC for your own domain to clearly signal that your xxx.eu.org domain and the parent eu.,org domain are NO

[pfx] Re: how does smtpd know the connection is a submission request, or a MX request?

2024-05-26 Thread Jaroslaw Rafa via Postfix-users
or any other port you configure in master.cf and use in your submission client configuration), while MX clients connect to port 25. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she live

[pfx] Re: Strengthen email system security

2024-05-23 Thread Jaroslaw Rafa via Postfix-users
ons. It probably horribly bad with regard to performance as it is basically launched by Postfix everytime it is needed, but for my low volume server it is OK. However, to scale it to higher volumes, it may need to be reworked. I can send you the script offline if you wish. -- Regards, Jaroslaw R

[pfx] Re: Strengthen email system security

2024-05-23 Thread Jaroslaw Rafa via Postfix-users
the ones that I saw) first establish an IMAP session with the server, and then try to authenticate with SMTP when the user wants to actually send mail. And I see much, much less attacks (authentication attempts) on IMAP service than on SMTP. So it works for me. -- Regards, Jaroslaw Rafa r...@

[pfx] Re: TLS for SMTP Outbound -- Only One tlsproxy

2024-05-21 Thread Jaroslaw Rafa via Postfix-users
x continues with connection setup? If timeout in question is 25 seconds, this would explain why the value is so constant here... -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there wa

[pfx] Re: Selection of a custom smtp-transport based on recipient addresse's MX with check_recipient_mx_access doesn't work

2024-05-21 Thread Jaroslaw Rafa via Postfix-users
on domain, but not by destination MX. Probably what you need to do is to write an external program that interfaces with Postfix via "socketmap" or "tcp" type lookup table, checks the MX for the destination domain, and returns the name of the transport to be used. -- R

[pfx] Re: Mails ending up in spam when sending to gmail address

2024-05-16 Thread Jaroslaw Rafa via Postfix-users
rs, similar problems were reported multiple times (I also of course reported mine there). So neither you nor I are the only one with this issue... Now, since maybe a half year, I don't have this problem anymore - so maybe it is gone for good. But nobody can guarantee that. We can only say

[pfx] Re: reliable RBL

2024-04-10 Thread Jaroslaw Rafa via Postfix-users
S, I use only their "Dynamic IP" list. That combination seems to work very well for me. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub.&quo

[pfx] Re: Aliases with "@" in it

2024-04-09 Thread Jaroslaw Rafa via Postfix-users
use virtual_alias_maps= table in main.cf file and define the aliases there. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub."

[pfx] Re: Setting up another "smarthost" with Postfix

2024-03-28 Thread Jaroslaw Rafa via Postfix-users
you process permit_mynetworks, so please post these parameters. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub."

[pfx] Re: Setting up another "smarthost" with Postfix

2024-03-27 Thread Jaroslaw Rafa via Postfix-users
by Debian package installer when installing Postfix on a Debian machine. You get four or five (AFAIR) choices of configuration presets to start with, and "Internet Site" is one of them. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they&

[pfx] Re: strict access restrictions and bounces

2024-03-27 Thread Jaroslaw Rafa via Postfix-users
f domains from which mail should be accepted, you can configure that in mailman too. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her d

[pfx] Re: strict access restrictions and bounces

2024-03-25 Thread Jaroslaw Rafa via Postfix-users
allow to specify who is able to send to the list (usually the choice is everyone/subscribers only/moderators only, sometimes additionally you can block or allow particular senders). So please describe more clearly, what do you actually want to do. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- &quo

[pfx] Re: smtpd filter orig_client

2024-03-19 Thread Jaroslaw Rafa via Postfix-users
quot; then? And if "client=" is the original client (ie. all messages come from your local host), where does "orig_client=" come from? -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a

[pfx] Re: collect emails in maildir folder without delivering them to user

2024-03-19 Thread Jaroslaw Rafa via Postfix-users
rticular alias) to a separate maildir. I'm sure there are newer tools with the same functioality as procmail available. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: on

[pfx] Re: Change unknown_address_reject_code on a smarthost to a 5xx reply?

2024-02-15 Thread Jaroslaw Rafa via Postfix-users
after 4h and send it only once? I guess the internal server is not Postfix, because by default Postfix does not send notifications about temporary failures (delay_warning_time is set to 0 by default). -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to

[pfx] Re: ARC or DKIM or SRS?

2024-02-12 Thread Jaroslaw Rafa via Postfix-users
, not the addresses from which mail is sent. These would be specified in SPF record (if present). -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her d

[pfx] Re: Is there a way to reject an internal domain on our border MXes

2024-02-04 Thread Jaroslaw Rafa via Postfix-users
message), > but for me mutt is accessing the mailstore via IMAP. I don't want to bother with additional configuration of Postfix/Dovecot/mutt for this, if local(8) works just out of the box. The simpler the better - at least this is my view... -- Regards, Jaroslaw Rafa r...@rafa.eu.o

[pfx] Re: Is there a way to reject an internal domain on our border MXes

2024-02-03 Thread Jaroslaw Rafa via Postfix-users
store should > own the mailbox, not the user. Well, I'm an old school type... :) I prefer to ssh to the server and launch mutt or something similar to access my mail :) -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna kn

[pfx] Re: Is there a way to reject an internal domain on our border MXes

2024-02-03 Thread Jaroslaw Rafa via Postfix-users
this is the most easy and natural way to go... -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." ___

[pfx] Re: Feature Request: Adjustable Header Log Size Limit in INFO/WARN/REJECT Header_Check

2024-01-25 Thread Jaroslaw Rafa via Postfix-users
sed so long subject lines, with the LAST characters being the most meaningful, then the recipients themselves wouldn't be able to recognize the messages properly, because most email clients don't display as many characters in the subject when displaying a list of messages in the inbox. -- Rega

[pfx] Re: Feature Request: Adjustable Header Log Size Limit in INFO/WARN/REJECT Header_Check

2024-01-24 Thread Jaroslaw Rafa via Postfix-users
in the code, just change them to a value that suits you and rebuild Postfix for yourself. It's one of the advantages of being open source, anyway. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushp

[pfx] Re: Preparation of switch from OpenSMTPd to Postfix -> syntax/behaviuor of virtual_alias_maps

2024-01-21 Thread Jaroslaw Rafa via Postfix-users
be effectively forwarded to extu...@example.net, and not delivered to local user simon (but the same applies to all mail addressed to local user simon, regardless of the origin). -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gon

[pfx] Re: improper command pipelining

2024-01-15 Thread Jaroslaw Rafa via Postfix-users
Dnia 15.01.2024 o godz. 09:34:06 Admin Beckspaced via Postfix-users pisze: > do i need to be worried? As your logs clearly show it's Shodan, then either ignore it or simply block it right away. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids

[pfx] Re: 25 years today

2023-12-14 Thread Jaroslaw Rafa via Postfix-users
] > That was a long time ago. Postfix has evolved as the Internet has > changed. I am continuing the overhaul of this software, motivated > by people like you on this mailing list. Big thanks and congratulations, Wietse! -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a mill

[pfx] Re: printer ip SMTP AUTH / mynetworks question

2023-12-13 Thread Jaroslaw Rafa via Postfix-users
ection (encrypted) to port 465 (not 587, as 465 is TLS-wrapped submission and 587 is STARTTLS) on your mail server. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once th

  1   2   3   4   5   6   >