Re: Regex in header_check is not working

On 2014.09.25 16:34:51 +1000, Dr Michael Daly wrote: > /(^Subject: [^a-z]+$)/ REJECT <--not working To give an idea: /^Subject: [^a-z]+$)/i REJECT i (default: on) Toggles the case sensitivity flag. By default, matching is case insensitive. > Online PCRE regex checkers seem to indicate th

Re: How to configure fixed nexthop destination for smtp in master.cf

On 2013.11.21 16:42:10 +0100, Michael Storz wrote: > I am trying to configure a fixed destination for a smtp transport in > master.cf instead of confguring the destination in a transport_map. > Since smtp has no special command-line option for this I suppose I > have to specify a generic Postfix da

Re: How to configure fixed nexthop destination for smtp in master.cf

On 2013.11.21 17:45:29 +0100, Michael Storz wrote: > Am 2013-11-21 17:26, schrieb Manuel Bieling: > >On 2013.11.21 16:42:10 +0100, Michael Storz wrote: > >You specify command line options for the smtp daemon via '-o'. > >All options are well documented in > >

Re: incoming mail errors

On 2013.11.20 20:19:50 +0200, Dave Johnsom wrote: > How Do I disable te plugin > smtpd_recipient_restrictions = reject_unknown_sender_domain, > reject_unknown_recipient_domain, reject_non_fqdn_sender, > reject_non_fqdn_recipient, reject_unlisted_recipient, > check_policy_service inet:127.0.0.1:777

Re: force startssl/tls/ssl on sasl login

On 2013.11.07 08:38:36 +0100, nik600 wrote: > reading your answer i've understand that the service on 465 is already > configured to force encryption, but i can't to that on port 25 because this > port is used also for standard delivery from other mailserver which is not > encrypted. '-o smtpd_tls

Re: Postfix+pflogsumm+clamav = email blocked

On 2013.11.05 00:29:41 +0100, Benny Pedersen wrote: > Manuel Bieling skrev den 2013-11-05 00:22: > > >What the others said. That shouldn't happen. It's a problem with > >clamav. > > incorrect, clamsmpt is at fault here, mails should not block on > localhos

Re: Postfix+pflogsumm+clamav = email blocked

On 2013.11.04 11:42:51 -0800, inteq wrote: > Nov 4 21:36:52 ns4 postfix/smtp[9383]: 338E14303B: to=, > relay=127.0.0.1[127.0.0.1]:10025, delay=0.14, delays=0.06/0/0.05/0.03, > dsn=2.0.0, status=sent (250 Virus Detected; Discarded Email) > Nov 4 21:36:52 ns4 clamsmtpd: 100013: from=r...@ns4.exampl

Re: postfix access map for sasl authenticated users

On 2013.10.28 21:54:00 +0100, Rudy Gevaert wrote: > Quoting wie...@porcupine.org (Wietse Venema), Fri, 25 Oct 2013: > >Adding check_sasl_sender_access support would not be difficult. > >It just hasn't been done yet. Not explicit, but ... > Disabling the account is indeed a possibility, which we d

Re: Blocking LinkedIn 'Intro' mail hijacking?

On 2013.10.25 14:21:11 -0500, Noel Jones wrote: > > Apparently it is not a hoax, so the question remains, for those of > > us who do not have the enterprise tools to lock down iPhones and > > iPads, what is the best/most reliable way to simply block LinkedIn > > from being able to successfully conn

Re: secure email server

On 2013.10.23 08:44:10 +0200, BONNET, Frank wrote: > Hello > > I have to setup a "secured" email server > > - encrypted filesystem > - SSL or TLS only for SMTP and IMAPS > - Talking only to some known other same-secured servers > > Any info/links welcome ! http://www.postfix.org/TLS_README.

Re: Temporarily block domain.tld from sending?

On 2013.10.08 09:16:11 +0200, li...@rhsoft.net wrote: > i never allowed any webserver in the past 10 years to > use the sendmail binary for a lot of reasons like header > injections and so on Good, but possibly would not have helped. For me it looks obvious like 'Stealrat' which opens a socket t

Re: Google rejecting IPv6 mails

On 2013.10.07 13:23:59 +0200, Andreas Herrmann wrote: > Hi there, > > On 10/01/13 07:22, Dominik George wrote: > > Yes, I also face that issue and have forced IPv4 on known Google domains. > > I also have those problems. > > Is there an easy way in postfix the transport to some doamins just over

Re: Does my configuration reflect the current best practices?

ou are now. Security is a process. Manuel Bieling (layman)

Re: Disabling SMTP Auth per user

On 10/02/2013 07:12 PM, Viktor Dukhovni wrote: However, now that we see that the OP is using POP before SMTP Aha I see, interesting relict Manuel Bieling

Re: Disabling SMTP Auth per user

nt_restrictions' is not want you want. You don't want client side authentication. You want authentication for sending mails, I think. Finally authenticated users via 'permit_sasl_authenticated' can avoid 'spam checking', 'policy, gray listing' as early as it is checked. But that is only relevant for 'smtpd_relay_restrictions' http://www.postfix.org/SMTPD_ACCESS_README.html Manuel Bieling

Re: FW: Authentication issues

fix.org/postconf.5.html#smtpd_tls_auth_only -- GPG Key: B0CD87E2 (1C46 4291 FD7A A695 795F 537C BAD0 8AEB B0CD 87E2) --Manuel Bieling

Re: authenticated open relay postfix-mysql

On 08/21/2013 01:08 PM, Lang Alex wrote: Hi there, -debian 7, postfix 2.9.6 -no local domain, no mailboxes (root also aliased out of machine) -only open relay with authorized people, mysql db backend -no long way: postfix -dovecot sasl - pam - mysql conect -only direct: postfix - local mysql