[pfx] Re: Pflogsumm: Postscreen Logging Summaries Proposals And Request For Log Samples

On Wed, 4 Jun 2025 23:41:54 +0200 Tom Hendrikx via Postfix-users wrote: > On 03-06-2025 21:33, Jim Seymour via Postfix-users wrote: > > Hi All, [snip-a-roo] > > > > Lastly: I'm asking again for log samples. I've been unable to test > > the following RE

[pfx] Pflogsumm Version 1.1.11 Released

RT" in them) I didn't know what to do with. So I cannot guarantee postscreen reporting is 100%. As always: Here's where to get it: https://jimsun.linxnet.com/postfix_contrib.html Regards, Jim -- Note: My mail server employs *very* aggressive anti-spam filtering. If you reply to th

[pfx] Pflogsumm: Postscreen Logging Summaries Proposals And Request For Log Samples

INE) from \[(.+)\]:(\d+) after .+ (BDAT without valid RCPT) from \[(.+)\]:(\d+) (COMMAND LENGTH LIMIT) from \[(.+)\]:(\d+) after .+ (DATA without valid RCPT) from \[(.+)\]:(\d+) (NOQUEUE: reject: CONNECT) from \[(.+)\]:(\d+): all server ports busy (reject: connect) from \[(.+)\]:(\d+)

[pfx] Pflogsumm: Postscreen Logging Questions And Request For Log Samples

annot be listed or downloaded by anybody. They *can* be over-written, though, so use a unique filename. Thanks In Advance, Jim -- Note: My mail server employs *very* aggressive anti-spam filtering. If you reply to this email and your email is rejected, please accept my apologies

[pfx] Pflogsumm Version 1.1.10 Released

_contrib.html Regards, Jim -- Note: My mail server employs *very* aggressive anti-spam filtering. If you reply to this email and your email is rejected, please accept my apologies and let me know via my web form at <http://jimsun.LinxNet.com/co

[pfx] Re: Pflogsumm Version 1.1.9 Released

On Tue, 27 May 2025 17:43:37 -0400 Jim Seymour via Postfix-users wrote: > Hi All, > > Pflogsumm version 1.1.9 has been released. This is a Beta release > that supersedes the v1.1.7 and v1.1.8 Beta releases. [snip] This morning's pflogsumm report again contained a mismatch

[pfx] Pflogsumm Version 1.1.9 Released

nd 1.1.8. Documentation bugfix: "Addresses" misspelled as "adresses." Thanks and a tip o' the hat to Sven Hoexter (sven-at-stormbind-dot-net) for the heads up. Here's where to get it: https://jimsun.linxnet.com/postfix_contrib.html Regards, Jim -- Note: My mail serv

[pfx] Pflogsumm Version 1.1.8 Released

gfile entries, submitted by Michiel Buddingh (michiel-at-michielbuddingh-dot-net) on 2012-12-03. I've yet to evaluate it, but I'd been thinking of doing that, anyway. To military, ex-military, and military families throughout the world: Thank you for your service and the

[pfx] Re: Pflogsumm Version 1.1.7 Released

On Sat, 24 May 2025 14:37:52 -0400 Phil Stracchino via Postfix-users wrote: > On 5/24/25 13:38, Jim Seymour via Postfix-users wrote: > > This one is a biggie. It encompasses eleven years of bug fixes and > > enhancement requests I never got around to releasing in the > &g

[pfx] Re: Pflogsumm Version 1.1.6 Released

On Fri, 23 May 2025 14:25:17 +0200 Xavier Humbert via Postfix-users wrote: [snip] > > Hi Jim, > > May I suggest a patch I use from years to handle IPv6 addresses : > > --- pflogsumm-1.1.6/pflogsumm 2025-05-22 20:57:37.0 +0200 > +++ pflogsumm    2025-04-18 14:

[pfx] Pflogsumm Version 1.1.7 Released

body'd care to send me some limited log samples I'd be grateful. In updating the web page I just realized that pflogsumm is over 26 years old. Wow. Speaking of which: Here's where to get it: https://jimsun.linxnet.com/postfix_contrib.html To military, ex-military, and militar

[pfx] Re: Pflogsumm Version 1.1.6 Released

On Thu, 22 May 2025 15:15:47 -0400 Jim Seymour via Postfix-users wrote: [snip] > > >From the ChangeLog: > > rel-1.1.6 20250521 > [snip] I'm a bit rusty doing this. ChangeLog release date changed to 20250522. Regards, Jim -- Note: My mail server employs *ver

[pfx] Pflogsumm Version 1.1.6 Released

rs, but have been too lazy to formalize and publish. I went back to 1.1.5 to merge the Debian patches and run the test harness on it. Next I'll put all that other stuff back in. I'll also finally remove the stuff that's been deprecated for years. I apologize for allowing pflo

[pfx] Re: MTA-STS and STARTTLS

fortunately, this is standard industry practice and cannot be > disabled." [snip] It's not "standard industry practice" as far as *I* know, and I would not be inclined to tolerate it unless I had no other choice. I'd be looking for a new ISP. Regards, Jim -- Note: My m

[pfx] Re: XOAUTH2 without Dovecot?

On 2/12/2025 11:22, Wietse Venema via Postfix-users wrote: Jim Garrison via Postfix-users: I have a Postfix server that does outbound-only relay in a small network via a smarthost. There is no incoming mail (so no Dovecot), and outbound is restricted to a very small set of clients. The relay

[pfx] XOAUTH2 without Dovecot?

l true if one doesn't want to install Dovecot? The github repo shows recent commits, so it looks like it's still being maintained. Thanks for any insight. -- Jim Garrison j...@acm.org ___ Postfix-users mailing list -- postfix-users@post

[pfx] Re: Can't connect to www.postfix.org

) since ex9k1.dc6.hel1.hetzner.com (213.239.252.198) IS responding to ping. -- Jim Garrison j...@acm.org ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: Can't connect to www.postfix.org

212.133.6.2) 9 core32.hel1.hetzner.com (213.239.224.26) 10 ex9k1.dc6.hel1.hetzner.com (213.239.252.198) 11 ra.horus-it.com (65.108.3.114) 181.064 ms * * So if you can ICMP ping successfully, then a blacklist, if one exists would be on the Postfix web server itself. -- Jim Garris

[pfx] Re: Still no luck with Cyrus SASL

ot 12288 Jun 22 23:36 /var/spool/postfix/etc/sasldb2 After all that is in place, I use the following to add/list/delete accounts: saslpasswd2 -c me@desktop saslpasswd2 -c me@oldPC sasldblistusers2 hth, -Jim P. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: [ext] list.sys4.de fails with starttls

l.net postfix/smtpd[2306]: SSL_accept error from list.sys4.de[188.68.34.52]: lost connection Sep 17 13:25:42 mx1.domainmail.net postfix/smtpd[2306]: lost connection after STARTTLS from list.sys4.de[188.68.34.52] Sep 17 13:25:42 mx1.domainmail.net postfix/

[pfx] Re: Anyone using SMTP relay through dnsexit.com?

On 6/23/23 17:13, Christian Kivalo via Postfix-users wrote: Your lookup key is missing the [ ] you used for the relayhost setting. This results in no authentication to the dnsexit relay. This is described in the section "Enabling SASL authentication in the Postfix SMTP/LMTP client" of the SASL

[pfx] Anyone using SMTP relay through dnsexit.com?

Hey all.  Recently my ISP (Spectrum) decided (after this was working for me for almost 20 years) to make it impossible for a self hosted domain to relay through their SMTP server unless it was actually a spectrum.com email address being used.  After going back and forth with them to try to find

[pfx] Re: [External] Re: Error when telnet testing, 1st cmd always fails

Thanks Wietse, you are correct. I went into the putty config for that profile and unchecked a few things ("Answer back to ^E" was set to PuTTy, Telnet Negotiation from Active to Passive, etc) and its working now. Thanks again. Jim -Original Message- From: Wietse Venema v

[pfx] Error when telnet testing, 1st cmd always fails

Anyone have a clue whats going on/what setting needs changed/whats busted? Thanks Jim This message may contain confidential information. If you are not the intended recipient, do not disseminate, distribute, or copy this e-mail or its attachments. Please notify the sender of the error immediately b

[pfx] Re: www.postfix.org certificate expired

e next scheduled certbot run. This > is a design flaw. > Yep. Just use renew_hook in /etc/letsencrypt/renewal/whatever.conf much more reliable. - -Jim P. -BEGIN PGP SIGNATURE- iQIzBAEBCAAdFiEE3RmV4WutJ2KyCS2zPcxbabkKGJ8FAmREAuwACgkQPcxbabkK GJ/58hAAtFiHlMghxV

[pfx] Re: [P-U] Re: Postfix lists are migrating to a new list server

oth projects could use some polishing maybe, but that is not something that is "sad" -Jim P. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

postconf manpage suggestion

or include a warning about the possible issue under Unicode locales. -- Jim Garrison j...@acm.org

Re: Restrict access relay to single client

On 12/23/22 19:06, raf wrote: On Fri, Dec 23, 2022 at 01:14:26PM -0800, Jim Garrison wrote: [snip] Not relevant to your problem, but the above says that only ipv4 is used but your config includes ipv6 addresses. You might want to delete it (and default to "all"), or remove the ipv6

Re: Restrict access relay to single client

On 12/23/22 17:24, Wietse Venema wrote: You should also include "postconf -P" for parameter settings in master.cf. Wietse Not much there... $ postconf -P relay/unix/syslog_name = postfix/$service_name -- Jim Garrison j...@acm.org

Restrict access relay to single client

I have Postfix running inside a private LAN as an outgoing relay via GMail (no incoming Internet connections). I have two goals 1. Relay only to one specific domain 2. Accept relay from only one specific LAN client So I configured the following (complete postconf -n appended below): myhost

Re: Send email to one @domain.com via authenticated relay?

On Sat, 2022-12-03 at 10:37 -0500, John Stoffel wrote: > > > > > > "Jim" == Jim Popovitch writes: > > > On Fri, 2022-12-02 at 11:36 -0500, John Stoffel wrote: > > I check, but I find my IP for mail.stoffel.org in the UCEPROTECT-3  > > spam lis

Re: Send email to one @domain.com via authenticated relay?

On Fri, 2022-12-02 at 11:36 -0500, John Stoffel wrote: I check, but I find my IP for mail.stoffel.org in the UCEPROTECT-3  spam list. Nothing I can do about it.  I doubt that many sites block by using UCEPROTECH-3 alone, but you can  use www.whitelisted.org to be excluded from it. -Jim P.

Re: Save all emails in transit, including envelope data

On Tue, 2022-09-06 at 12:07 -0400, Wietse Venema wrote: > Jim Popovitch: > > On Tue, 2022-09-06 at 09:25 -0400, Viktor Dukhovni wrote: > > > On Tue, Sep 06, 2022 at 06:35:05AM -0400, Wietse Venema wrote: > > > > > > > > Any suggest

Re: Save all emails in transit, including envelope data

ails for a mailinglist to debug a bounce processing problem. tia, -Jim P.

fail2ban filter for spurious connections?

ands=[0123] This would trigger on any SMTP session that disconnected before processing a valid RCPT command. With a suitable maxretry setting (say 5) this would stop most probes. The Postfix question: Is there a reason this is a bad idea, and could it cause legitimate MTAs to be banned? -- Jim

Re: warning: unknown[137.xxx.xxx.253]: SASL LOGIN authentication failed: UGFzc3dvcmQ6

rd when it changed on the server. It seems the error message always contains the base64 encoding of "Password:" regardless of the actual userid/password. Anybody know why the error message displays this (base64 encoded)? -- Jim Garrison j...@acm.org

Re: Postfix+SASL chrooted - out of ideas

On 5/28/2022 7:07 PM, Viktor Dukhovni wrote: On Sat, May 28, 2022 at 05:11:22PM -0700, Jim Garrison wrote: Foreground saslauthd command, including debug output from successful testsaslauthd but no log entries corresponding to the immediately above extract from the Postfix log: $ sudo

Re: Postfix+SASL chrooted - out of ideas

postfix:x:117: Is there an option to increase the debug level in Postfix's interaction with saslauthd? -- Jim Garrison j...@acm.org

Postfix+SASL chrooted - out of ideas

250-DSN 250-SMTPUTF8 250 CHUNKING AUTH PLAIN [redacted base64] 535 5.7.8 Error: authentication failed: bad protocol / cancel QUIT DONE -- Jim Garrison j...@acm.org

Re: Migrate mbox from 2.6.6 to 3.5.6

r end. Otherwise, indeed the mbox file format hasn't changed in decades. Thanks to all who have responded. I'll be performing the cutover later this weekend. -- Jim Garrison j...@acm.org

Migrate mbox from 2.6.6 to 3.5.6

host for each user? I.e. is the mbox format used still the same, or will I run into incompatibilities? If a conversion or format upgrade is necessary, what is involved? Thanks -- Jim Garrison j...@acm.org

if/endif header_check

Hello! I'm trying to get a complex header_check to work, and unfortunately it isn't. :( I started in #postfix and figured I would follow up here too. The goal is to put mail on HOLD if it is not spam and is destined for 2 role accounts. Any help is much appreciated. ~$ cat header_checks.pcre

Re: postconf -d smtpd_relay_restrictions

On Thu, 2022-01-06 at 12:23 -0500, Wietse Venema wrote: > Jim Popovitch: > > This config produces the warning/error message: > > > > mail_version = 3.6.3 > > smtpd_relay_restrictions = ${{$compatibility_level} > {permit_mynetworks, permit_sasl_authenticated

Re: postconf -d smtpd_relay_restrictions

On Thu, 2022-01-06 at 11:32 -0500, Wietse Venema wrote: > Jim Popovitch: > > On Thu, 2022-01-06 at 22:29 +1100, Viktor Dukhovni wrote: > > > > > > > > > Removing the compatibility_level setting entirely could introduce > > > the reported sympto

Re: postconf -d smtpd_relay_restrictions

gs in smtpd_recipient_restrictions, however I do have permit_auth_destination set. -Jim P.

Re: postconf -d smtpd_relay_restrictions

On Thu, 2022-01-06 at 00:11 +0100, John Fawcett wrote: > On 05/01/2022 21:21, Jim Popovitch wrote: > > On Wed, 2022-01-05 at 20:45 +0100, John Fawcett wrote: > > > On 05/01/2022 20:19, Jim Popovitch wrote: > > > > This can't be right > > > > >

Re: postconf -d smtpd_relay_restrictions

On Wed, 2022-01-05 at 20:45 +0100, John Fawcett wrote: > On 05/01/2022 20:19, Jim Popovitch wrote: > > This can't be right > > > > Using 'postconf -d smtpd_relay_restrictions'... > > > > ...on postfix v3.5 (Debian/Buster) > > sm

postconf -d smtpd_relay_restrictions

This can't be right Using 'postconf -d smtpd_relay_restrictions'... ...on postfix v3.5 (Debian/Buster) smtpd_relay_restrictions = ${{$compatibility_level} < {1} ? {} : {permit_mynetworks, permit_sasl_authenticated, defer_unauth_destination}} ...on postfix v3.6.3 (Debian/Bookworm) smtpd_relay

Re: Fatal: no SASL authentication mechanisms

r/lib/mailman/bin/postfix-to-mailman.py > ${nexthop} > ${user} > policyd-spf unix - n n - 0 spawn > user=policyd-spf > argv=/usr/bin/policyd-spf > > Those lines above look debian'ish to me. If you are running debian, then make sure you have libsasl2-2, libsasl2-modules and libsasl2- modules-db installed. -Jim P.

Re: feature request: improve vague/incorrect error message

On Tue, Nov 16, 2021 at 11:41 (-0500), Kris Deugau wrote: > Jim wrote: >> On Mon, Nov 15, 2021 at 12:25 (-0500), Wietse Venema wrote: >>> Instead, use Maildir format with one message per file, >> I thought about that once, but I decided I have too many e-mail >>

Re: feature request: improve vague/incorrect error message

Wietse, On Mon, Nov 15, 2021 at 12:25 (-0500), Wietse Venema wrote: > Jim: >> On Artix, the default is 5120. (Aside: in 1985, that would have > Postfix has limits on everything, so that the mail system will not > get stuck. It's really a bad idea to disable them. I ag

feature request: improve vague/incorrect error message

in fact wrong, because (a) it didn't need to *create* the output file, and (b) it was able to write to the output file, it just didn't want to.) Thanks for reading. Jim

Re: "parameter inet_interfaces: no local interface found for 127.0.0.2" at reboot, but not on manual systemctl start

On 7/29/2021 12:34 AM, Matus UHLAR - fantomas wrote: On 28.07.21 12:54, Jim Garrison wrote: This means that Postfix now starts up before the network is completely up, and systemd's DNS resolution hack (systemd-resolved.service), finding no interfaces up yet, resolves 'localhost

Re: "parameter inet_interfaces: no local interface found for 127.0.0.2" at reboot, but not on manual systemctl start

On 7/28/2021 1:49 PM, Wietse Venema wrote: Jim Garrison: For anyone encountering this error, I've traced it to a regression of a very old bug relating to systemd service ordering dependencies. In my case, OS is CentOS Linux release 8.4.2105 postfix-3.5.8-1.el8.x86_64 Since a recent u

"parameter inet_interfaces: no local interface found for 127.0.0.2" at reboot, but not on manual systemctl start

tfix.service" and restore the "After=" dependency on network-online.target -- Jim Garrison j...@acm.org

Re: Illegal address syntax in MAIL command

That did the trick! Many thanks. ;) On 2021-07-07 10:21, Kevin N. wrote: It seems that in the MAIL command the IP address is still not between []. should be On a quick look, it seems that you could try setting resolve_numeric_domain = yes in your Postfix configuration and see if that cha

Re: Illegal address syntax in MAIL command

I believe you are correct, but again I have no control over that part. Also, I mistakenly attached the log attempt from the telnet session I tried, the actual systems having issues have the from address within brackets, here is the system in question: Jul 6 15:18:42 localhost postfix/smtpd[4

Illegal address syntax in MAIL command

Hello folks. I have set up a fresh instance of Postfix at my office to help do some troubleshooting on another issue. There is a relay upstream that is having issues forwarding mail from some devices here, and this seemed the easiest way to get some data to help them troubleshoot. Install is

Re: Search for free MX Backup Service

nturyLink due to some things outside of my control. I'm 100% sure the reverse situation exists somewhere even though I may not know about it today. So my resolution to others' corporate greed and neck beard routing laziness is more than 1 MX. -Jim P.

Re: Does smtpd_milters=inet:.... round-robin if the hostname has multiple IPs?

On Mon, 2021-05-31 at 19:07 -0400, Wietse Venema wrote: > Jim Popovitch: > > > Postfix will try each IP address in the order as returned from > > > getaddrinfo(3) until it can establish a TCP connection. Postfix > > > will not reconnect when an established Milter

Re: Does smtpd_milters=inet:.... round-robin if the hostname has multiple IPs?

On Mon, 2021-05-31 at 18:20 -0400, Wietse Venema wrote: > Jim Popovitch: > > On Mon, 2021-05-31 at 16:18 -0400, Wietse Venema wrote: > > > Jim Popovitch: > > > > Hello, > > > > > > > > If given hostname that resolves to multiple A/ reco

Re: Does smtpd_milters=inet:.... round-robin if the hostname has multiple IPs?

On Mon, 2021-05-31 at 16:18 -0400, Wietse Venema wrote: > Jim Popovitch: > > Hello, > > > > If given hostname that resolves to multiple A/ records, will > > smtpd_milters=inet:... cycle through all A/ records until if > > finds a host that it can connect

Does smtpd_milters=inet:.... round-robin if the hostname has multiple IPs?

Hello, If given hostname that resolves to multiple A/ records, will smtpd_milters=inet:... cycle through all A/ records until if finds a host that it can connect to? If so, does it make sense to reduce milter_connect_timeout to 10 or 15 seconds? tia, -Jim P.

Re: strange characters in log

ˆÙ„-العالمي.شبكة" to ASCII form: UIDNA_ERROR_DISALLOWED -Jim P.

Re: Logging Question: SASL Auth Failures?

om the web, which is often incorrect. Ok. Thanks, Wietse. Regards, Jim -- Note: My mail server employs *very* aggressive anti-spam filtering. If you reply to this email and your email is rejected, please accept my apologies and let me know via my web form at <http://jimsun.LinxNet.com/contact/scform.php>.

Logging Question: SASL Auth Failures?

addition to, the mail log. Anybody know what is the syslog severity level and facility code attached to SASL auth errors? Thanks, Jim -- Note: My mail server employs *very* aggressive anti-spam filtering. If you reply to this email and your email is rejected, please accept my apologies and let me

Re: Connection refused / telnet: connect to address 10.5.2.1: Connection refused

> On 29 Dec 2020, at 12:58, Wolfgang Paul Rauchholz > wrote: > > The server is listening on port 25, 587 and 465 > netstat -plutn | grep 25 and 587 > tcp0 0 127.0.0.1:250.0.0.0:* LISTEN > 28704/master > tcp0 0 127.0.0.1:587 0

Re: Postfix 3.5.5 and TLS handshake failure

tem_srvr.c:2259: Jul 26 07:00:37 morbo postfix/master[49852]: warning: process /usr/local/libexec/postfix/smtpd pid 73115 killed by signal 11 When the me.com server tries again, the TLS handshake works: Jul 26 07:10:34 morbo postfix/smtpd[73299]: Anonymous TLS connection established from st11p00im-ztba01351701.me.com[17.172.82.217]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits) Jul 26 07:10:34 morbo postfix/smtpd[73299]: 4BF4bG2wSxzwPm: client=st11p00im-ztba01351701.me.com[17.172.82.217] -jim

Re: may we suggest ICANN not run that many new tlds?

> On 19 Nov 2019, at 09:58, Merrick wrote: > > in the coming future, everything is a TLD, the cat, the dog, the pig, the > rose, the coffee, the wine, the bike ... > that would be terrible for domain based validation. > we have already too many TLDs today. > may we suggest ICANN not open a ne

Re: Error 46 with TLS

e/smtp.domainmail.net/privkey.pem smtpd_tls_cert_file=/etc/letsencrypt/live/smtp.domainmail.net/cert.pem smtpd_tls_CAfile=/etc/letsencrypt/live/smtp.domainmail.net/fullchain.pem smtpd_tls_CApath=/etc/ssl/certs/ -Jim P.

Re: Refuse mail from hosts with closed port 25

> On 16 Sep 2019, at 14:17, Paul van der Vlis wrote: > >> A significant number of installations will use different servers for >> inbound and outbound email. > > I know a provider what is actually using this. I guess only the big > providers will have different servers for inbound and outboun

Re: Refuse mail from hosts with closed port 25

> On 16 Sep 2019, at 13:47, Paul van der Vlis wrote: > > How can I refuse mail from hosts who don't have an open port 25? > > What do you think from such a check? It’s a stunningly bad idea. Don’t do it. Many enterprises and cloud-based mail providers have discrete servers/systems handling

Re: 'SERVFAIL' error on DNS 'TXT' lookup

> On 14 Jun 2019, at 14:24, klirstr wrote: > > host smtp.customerdomain.com[customer-mx-server-ip] said: 450 4.7.1 > : Recipient address rejected: > SPF-Result=smtp.mydomain.com: 'SERVFAIL' error on DNS 'TXT' lookup of > 'smtp.mydomain.com' (in reply to RCPT TO command)) >

Re: Can postscreen whitelist?

On Mon, 2019-04-15 at 10:21 -0600, Shawn Heisey wrote: > On 4/15/2019 10:02 AM, Jim P. wrote: > > Sure. You want postscreen_access_list, which defaults to permit_mynetworks. > > Just add it to your config with a lookup table like so: > > > > postscreen_access_list = p

Re: Can postscreen whitelist?

permit # camomile.cloud9.net 168.100.1.4 permit # russian-caravan.cloud9.net 2604:8d00:0:1::4permit # russian-caravan.cloud9.net 168.100.1.7 permit # english-breakfast.cloud9.net 2604:8d00:0:1::7permit # english-breakfast.cloud9.net hth, -Jim P.

Re: OpenDKIM not signing

Try using ExternalIgnoreList (i don't know why it works, but it does) #InternalHosts refile:/etc/opendkim/InternalHosts ExternalIgnoreList refile:/etc/opendkim/InternalHosts hth, -Jim P.

What's new in log file parsers? Anything better than pflogsumm?

I'm looking for a postfix log file parser that can provide the number of messages delivered, broken down by sending domain, and per hour counts on a daily basis. I have looked at pflogsumm, but it seems a bit dated, and isn't as flexible as I had hoped. Can someone suggest any alternatives? -

Re: Rethinking the Postfix release schedule

d personnel. -Jim P.

Re: mailer-daemon bounce notifications with original message in clear text?

As a followup, we found a workaround... postconf -e bounce_size_limit=1 zmcontrol restart (Yes, this is Zimbra.) This had the effect of including the bounce notification and headers, but without the original email content (and no .eml attachment). -- Sent from: http://postfix.1071664.n5.nabbl

Re: mailer-daemon bounce notifications with original message in clear text?

The sending platform is Sitecore, which I believe is a Microsoft platform. -- Sent from: http://postfix.1071664.n5.nabble.com/Postfix-Users-f2.html

mailer-daemon bounce notifications with original message in clear text?

We have a client connecting with a custom pop-client script that wants to parse mailer-daemon bounce notifications. But the original email content is being returned as an .eml attachment. Is there any way to configure bounce to compose the response message in clear text (message/rfc822)? mail_v

Re: SSL not working after unwanted server migration

gth, it's default on Debian is 1024. -Jim P.

Re: Installing LetsEncrypt For Postfix and Dovecot

On Thu, 2018-11-29 at 09:28 +0100, Matus UHLAR - fantomas wrote: > > On Wed, 2018-11-28 at 10:03 +0100, Matus UHLAR - fantomas wrote: > > > But I prefer dehydrated over bloated certbot. > > On 28.11.18 09:49, Jim P. wrote: > > This comes up enough to warrant the foll

Re: Installing LetsEncrypt For Postfix and Dovecot

On Wed, 2018-11-28 at 12:25 -0500, Viktor Dukhovni wrote: > > On Nov 28, 2018, at 9:49 AM, Jim P. wrote: > > > > 1) What do you do about restarting services after automatic cert > > renewals in the middle of a holiday weekend?  (i.e. renew_hook in > > /etc/letsencr

Re: Installing LetsEncrypt For Postfix and Dovecot

middle of a holiday weekend? (i.e. renew_hook in /etc/letsencrypt/renewal/*.conf) 2) What do you do to list all certs to show revocation, expiration, renewal status (e.g. certbot certificates) -Jim P.

Re: A bit stuck compiling Postfix on Mac Mojave.

On 19 Nov 2018, at 15:42, Robert Chalmers wrote: > > "_OpenSSL_version", referenced from: > import-atom in libpostfix-tls.dylib > ... > "_X509_up_ref", referenced from: > import-atom in libpostfix-tls.dylib > ld: symbol(s) not found for architecture x86_64 > clang: error: linker comm

Re: Reminder DNSSEC Root KSK roll today

> On 11 Oct 2018, at 19:07, pg...@dev-mail.net wrote: > >> The switch to the new KSK seems the most likely cause, assuming DNSSEC >> validation always worked for you before then. > > It's been 'working' for ages. Yes, I could have been 'just lucky for a long > time'. DNSSEC is very brittl

Re: Reminder DNSSEC Root KSK roll today

On 11 Oct 2018, at 18:27, pg...@dev-mail.net wrote: > > Changing my local dns (named) config to > > - dnssec-enable yes; > + dnssec-enable no; > dnssec-lookaside no; > - dnssec-validation yes; > + dnssec-validation no; > > ge

Re: [Postfix] Re: [Postfix] Re: [Postfix] Re: Question about disabling SSLv2 and SSLv3 and Opportunistic TLS

On Tue, 2018-05-29 at 13:57 -0400, Viktor Dukhovni wrote: > > On May 29, 2018, at 1:54 PM, Jim P. wrote: > > > > It's more of a language "feature".  This works: > > > > LANG=C comm -1 -2 <(postconf -n) <(postconf -d) > > >

Re: [Postfix] Re: [Postfix] Re: Question about disabling SSLv2 and SSLv3 and Opportunistic TLS

On Tue, 2018-05-29 at 13:32 -0400, Viktor Dukhovni wrote: > > On May 29, 2018, at 12:28 PM, Jim P. wrote: > > > > FWIW, I had to use this: > > > > comm -1 -2 <(postconf -n|sort) <(postconf -d|sort) > > That'd only be needed if you have a funny

Re: [Postfix] Re: Question about disabling SSLv2 and SSLv3 and Opportunistic TLS

everything identical to > > default. > > You can get changed parameters that are at their default value with: > > comm -1 -2 <(postconf -n) <(postconf -d) FWIW, I had to use this: comm -1 -2 <(postconf -n|sort) <(postconf -d|sort) -Jim P.

Re: Hotmail spam prevention mech.

> On 16 Jan 2018, at 10:49, jin&hitman&Barracuda wrote: > > We are having difficulties while delivering mails to Microsoft's domains like > hotmail and outlook. They appear to have a DNS problem which is causing outbound mail to fail. Their SMTP servers are using non-existent hostnames when

Re: Accurate install guide for Postfix on Ubuntu 16.04 LTS

> On 15 Sep 2017, at 11:07, pjakcity wrote: > > All i want is enough understanding that wont take me years so i can set this > up, but understand what features are present and what they do (in a broad > sence) Note the O/P's email address Dear Internet, please do my classwork for me.

Re: Check out my Kickstarter

For those that are user’s of Kickstarter, might I suggest reported this campaign for spamming. Here’s the link: https://www.kickstarter.com/projects/1349369124/endfirst-accelerate-your-business-communication-fo?ref=nav_search --- Jim McCorison Orcas Island, WA > On Apr 12, 2017, at 3:14

Re: Where are bounce messages for milters configured?

> On 10 Mar 2017, at 16:48, Linda Pagillo wrote: > > Also, is SMFIS_REJECT* even a file where I can configure a bounce message or > is it just a protocol which means "reject”. SMFIS_REJECT is a status/error code in the milter protocol. What some milter application does when SMFIS_REJECT gets

launchd plist files on MacOSX

> On 3 Jan 2017, at 14:37, Robert Chalmers wrote: > > To start Postscript I use the following plist file. Based in > /Library/LaunchDaemons > > org.postfix.master.plist Don’t do that. Pick names for your own plist files that don’t clash with the ones Apple use. There will be confusion if yo

Re: DNS round robin on helo?

> On 15 Dec 2016, at 16:01, L.P.H. van Belle wrote: > > Hello Noel/Jim, > > Thank you for the replies. If you’re going to continue hiding the actual names and addresses, don’t bother posting followups. As far as I know, nobody on this list is a mind reader. How do you e

Re: DNS round robin on helo?

> On 15 Dec 2016, at 14:56, L.P.H. van Belle wrote: > > Now the thing i dont get. > > 1) if both ipnumbers have a hostname, why do i see : unknown[1.2.3.4] Your starting assumption is wrong or mistaken. If the postfix logs are saying "unknown[1.2.3.4]” it means reverse lookups of tha

Re: TLD blocking revisited

> On 21 Sep 2016, at 01:40, Sebastian Nielsen wrote: > > I would really suggest using DISCARD instead of "500 This TLD sends spam - g > e t lost.". > Thus the spammer dosen't get to know he got stuck in a spam filter and can > update their tools to bypass it. Spammers generally don’t pay that l

Re: TLD blocking revisited

> On 20 Sep 2016, at 21:10, li...@lazygranch.com wrote: > > What is the simplest way to block a TLD? Put the offending TLD in a map and have that map referenced through check_sender_access and/or check_client_access. ie in main.cf: smtpd_client_restrictions = permit_mynetworks

  1   2   3   >