[pfx] Re: virtual mailbox vs real mailbox

Wietse Venema via Postfix-users: Marcus Park via Postfix-users: Hello postifx, I am getting trouble in the unwanted email delivery. Say my hostname is "foo.com" (what 'hostname' command shows). And I do have the same domain name "foo.com" setup in /etc/postf

[pfx] virtual mailbox vs real mailbox

Hello postifx, I am getting trouble in the unwanted email delivery. Say my hostname is "foo.com" (what 'hostname' command shows). And I do have the same domain name "foo.com" setup in /etc/postfix/virtual_mailbox_domain. When the OS generate a mail for error stuff (for example, crontab error

[pfx] Re: transport question

by sender domains. So I was asking the info here. Can you give further help? Thanks. September 13, 2024 at 9:04 AM, "Viktor Dukhovni via Postfix-users" wrote: > > On Fri, Sep 13, 2024 at 12:11:43AM +, Marcus Park via Postfix-users wrote: > > > > >

[pfx] transport question

Hello I have two domains in my system, say they are a.com and b.com I want the sender (sasl user) in a.com to use postfix-a as outgoing mta. and b.com uses postfix-b as outgoing server. How can I implement this? you could kindly give a hint, for which I can research by myself. Thanks. _

Re: Prevent Backscatter

Maybe I'm blind, but I don't see any recipient restrictions at all On January 20, 2017 5:41:29 PM EST, Postfix User wrote: >My test procedure follows >telnet domain.com 25 >ehlo me >mail from: >rcpt to: >At this point I get "Ok" message, and I can continue writing the body >of t

Re: Is this sane submission setup?

On 4/29/2016 9:51 AM, Alice Wonder wrote: > What I'm trying to have it do is define the blog hosts (there are three > or four of them, with about 20 different domain names on each host) can > connect over 587 with authentication but that even with the right uname > / password, connection is ref

Re: Is this sane submission setup?

On 4/29/2016 3:02 AM, Alice Wonder wrote: > submission inet n - n - - smtpd >-o syslog_name=postfix/submission >-o smtpd_tls_security_level=encrypt >-o smtpd_sasl_auth_enable=yes >-o smtpd_reject_unlisted_recipient=no >-o smtpd_client_restrictions=

Re: BURL

On 4/18/2016 11:46 AM, wie...@porcupine.org (Wietse Venema) wrote: > Charles Marcus: >> I would s love to be able to uncheck the 'Save copy to Sent folder' >> for my postfix+dovecot accounts. > What client would do this? Also, just noticed that there is apparent

Re: BURL

On 4/18/2016 11:46 AM, wie...@porcupine.org (Wietse Venema) wrote: > Charles Marcus: >> I would s love to be able to uncheck the 'Save copy to Sent folder' >> for my postfix+dovecot accounts. > What client would do this? Thunderbird (alluded to this in my O

Re: BURL

On 4/18/2016 9:42 AM, Charles Marcus wrote: > I also found this email from Mike Abbot in April 2010 announcing > Apple's contribution of a patch for both postfix and dovecot for BURL > support, and for CATENATE and URLAUTH support for dovecot too, so I'm > confused about t

Re: BURL

On 3/31/2014 7:22 AM, wie...@porcupine.org (Wietse Venema) wrote: > Viktor Dukhovni: >> On Sun, Mar 30, 2014 at 09:13:19PM -0400, Wietse Venema wrote: >> >>> Viktor Dukhovni: Postfix does not yet support Apple's BURL SMTP extension. With Apple as the only MUA that supports BURL, it prob

Postfix SMTP pass-thru to Office365

Hi all, I've googled on this, but the problem I'm not sure what exactly I'm looking for. I have an existing postfix server that is authoritative for example.com, and relays all outbound mail through an outsourced anti-spam service. We are transitioning this server to Office365 (decision is out o

Re: port 25 465 and 587 confusion.

On 4/6/2015 5:31 AM, Sebastian Nielsen wrote: > IMHO I find it better to only allow submission from trusted nets. So, you prefer to cripple your users by not allowing them to send email when outside the office? > Better to disable authentication completely, and completely disable mail > submiss

Re: Blacklisting external domains

On 2/6/2015 8:52 AM, li...@rhsoft.net wrote: > it's simple > > * if there is any permit in front - well > * if you are using specific "submission_client_restrictions" >and have placed the access table in front of any permit it >works > > in that context postfix is dead-simple > > the f

Re: Blacklisting external domains

On 2/6/2015 8:58 AM, li...@rhsoft.net wrote: > and BTW one reason more to make a transport > it is not affected by other restrictions > > it just comes at the end of the chain when postfix now would accept the > message even by a explicit OK in any restriction table > > http://www.postfix.org/tra

Re: Blacklisting external domains

On 2/6/2015 8:26 AM, wie...@porcupine.org (Wietse Venema) wrote: > Charles Marcus: >>>user@domain >>> Matches the specified mail address. >>>domain.tld >>> Matches domain.tld as the domain part of a

Re: Blacklisting external domains

On 2/5/2015 5:06 PM, wie...@porcupine.org (Wietse Venema) wrote: > Charles Marcus: >> Ok... but... this sounds like you are saying that it is expected that my >> simple postmap -q test would fail, but that someone attempting to relay > I am saying that you should RTFM the acc

Re: Blacklisting external domains

On 2/5/2015 4:35 PM, wie...@porcupine.org (Wietse Venema) wrote: > Charles Marcus: >> Ok, Can't seem to figure this out... >> >> I want to block sending to certain domains - in this case, a domain that >> is typod... >> >> Googling suggests this

Blacklisting external domains

Ok, Can't seem to figure this out... I want to block sending to certain domains - in this case, a domain that is typod... Googling suggests this should work: smtpd_relay_restrictions = check_recipient_access ${hash}/blacklisted_domains, permit_sasl_authenticated, permit_mynetworks, reject black

Re: Working around recalcitrant ISP wrt rDNS

erse delegation set up on your ISP, creating your own PTR record is ineffective. To this end, most hosting ISPs (certainly all of mine do) provide a facility to configure reverse DNS entries in their name servers. Marcus signature.asc Description: Message signed with OpenPGP using GPGMail

Re: Change sender in php

tfix and it worked with and without, so it may have been fixed. I don't think significant spaces in getopt are that unusual - I know the -p option to mysql does not allow a following space. Marcus signature.asc Description: Message signed with OpenPGP using GPGMail

Re: Change sender in php

t you're better off using SMTP to localhost than calling sendmail anyway. Marcus signature.asc Description: Message signed with OpenPGP using GPGMail

Re: Why does SPF fail sometimes?

On 12/17/2014 1:18 AM, Peter wrote: > It appears that google has gone down the path of blocking mail that > doesn't pass these stringent tests and I now cannot see my own > postings to lists such as this one or certain others who post. Sorry, this has nothing whatsoever to do with SPF or DMARC or

Re: queue message when lmtp link to remote server is down

On 10/26/2014 11:56 PM, ferriswheel wrote: > yes, that was the problem. maximal_queue_lifetime and > bounce_queue_lifetime were set to '0' regards john So, maybe you should post postconf -n output and see if there any other obviously massive fails in your config?

Re: Ubuntu: Postfix Admin, Roundcuble setup at mailserver

On 10/20/2014 7:43 AM, Austin Einter wrote: > Can somebody guide me how can I setup postfix admin interface and > roundcube at my mail server. Follow the directions for those packages, and if you encounter any problems, ask for help on *their* support lists? This is a list for support for *postf

Re: Bare HELO/EHLO

On 10/14/2014 6:36 PM, Benny Pedersen wrote: > But post atleast postconf -n on pastebin please don't... Many people will not click on links to unknown things, and it breaks historical references (the links may/will not work forever). Always paste these things inline...

Re: Postfix SASL auth - client alway sent e-mail even password change until I run again client app

On 10/8/2014 7:54 AM, Tomasz Kopczyński wrote: > I have the same problem with imap (dovecot). Even if I change password > for user I can read email in thunderbird until I close it. You didn't say, but since you mentioned dovecot, are you using dovecot sasl? If so, maybe: http://wiki2.dovecot.o

Re: header_checks is checked before sender_access

On 10/2/2014 4:37 AM, Alberto Lepe wrote: > On Thu, Oct 2, 2014 at 5:27 PM, Alberto Lepe > wrote: > > There is a customer that is sending mails from excel using a > banned client in the server "header_checks" restrictions (client > can not be changed due to tech

Re: Add --version option to postfix

On 9/29/2014 9:02 AM, Eray Aslan wrote: > On Mon, Sep 29, 2014 at 08:13:38AM -0400, Charles Marcus wrote: >> On 9/28/2014 3:01 PM, LuKreme wrote: >>> Yes, it’s (postfinger) a separate package. >> Yeah, and unavailable in gentoo repo... :( > It is a shell script. Yo

Re: Add --version option to postfix

On 9/28/2014 3:01 PM, LuKreme wrote: > Yes, it’s (postfinger) a separate package. Yeah, and unavailable in gentoo repo... :(

Re: Add --version option to postfix

On 9/28/2014 10:57 AM, LuKreme wrote: > On 27 Sep 2014, at 09:19 , Charles Marcus wrote: >> > On 9/27/2014 11:07 AM, wie...@porcupine.org (Wietse Venema) >> > wrote: >>> >> Would an updated postfinger command help? Wietse >> > >> > We

Re: Add --version option to postfix

On 9/27/2014 11:07 AM, wie...@porcupine.org (Wietse Venema) wrote: Would an updated postfinger command help? Wietse Well... if it could provide the output I described, then certainly. The suggestion for a new command was just to illustrate I was saying it didn't have to be a postconf command

Re: Add --version option to postfix

On 9/27/2014 7:48 AM, wie...@porcupine.org (Wietse Venema) wrote: Use "postconf -d", not "postconf -n". -n is for settings in the configuration file, -d is for the built-in settings which include the version, release date, and so on. Thanks Wietse... Please understand that what follows is jus

Re: Add --version option to postfix

I asked a long time ago if the postfix version could be added to the postconf -n output (like dovecot does), but was told it wasn't possible for some technical reason I didn't understand... On 9/26/2014 9:42 PM, Karl-Philipp wrote: Hi together, In order to figure out the version of a program

Re: Sending root's mail out?

On 9/24/2014 3:21 PM, leam hall wrote: Am I the only person who has ever worked in a place that won't let you post logs on a publicly archived internet site? Probably, since there is absolutely no sane reason for such a thing. Thank you for wasting everyone's time.

Re: 'aliasing' one domain to another?

On 7/31/2014 7:21 AM, li...@sbt.net.au wrote: On Thu, July 31, 2014 8:55 pm, Charles Marcus wrote: You have to have a 1-1 mapping for each valid user. Postfixadmin (sql based administrative tool for managing email user accounts for postfix) supports domain aliases out of the box (does the 1

Re: 'aliasing' one domain to another?

On 7/31/2014 5:59 AM, li...@sbt.net.au wrote: I have Postfix 2.11.0 with virtual domains in mysql/postfixadmin, all working well, as per setup below user of the mydom.tld.au has also registered mydom.tld (to prevent cybersquating) sometimes they make mistakes and attempt to send emails to a_u.

Re: How to block offering SASL auth to clients based on RBL

On 6/10/2014 1:24 PM, Kai Krakow wrote: > And those silly autodetection of older MUAs sticks to port 25 unencrypted. So even new customers who redo > their installations on their own silently go back to port 25. So... why on earth are you allowing UNENCRYPTED AUTH at ALL, let alone on port 2

Re: Troubleshooting a delivery failure

On 5/30/2014 3:52 PM, Tony Nelson wrote: And for completeness, the full bounce is at the end of this message. Try again. Your report won't be complete until you show the full logs for this event. The bounce notification, while not totally useless, is not necessary. Best regards, Charles

Re: recipient dependent maps

Noel Jones: > On 5/1/2014 10:57 AM, Marcus wrote: >> Noel Jones: >>> Or maybe a PCRE map that replies to both "*" and not-local domains, >>> leaving only the local domains for the slow map. >> >> Can PCRE reply be non-static or pseudo-random (if y

Re: recipient dependent maps

Noel Jones: > Or maybe a PCRE map that replies to both "*" and not-local domains, > leaving only the local domains for the slow map. Can PCRE reply be non-static or pseudo-random (if you will)? I'm after something that works as following... Sometimes 'example.com' is sent down 'foo' and other time

Re: recipient dependent maps

Wietse: > AS DOCUMENTED you can query transport_maps with the RECIPIENT ADDRESS. I surely can, but the same setting will also query several times "*" and sender addresses As oposed to query ONLY recipient address ONCE.

Re: recipient dependent maps

> Wietse: >> Marcus: >>> Wietse: >>> You need to use a more efficient implementation. Why do you need a >>> UNIX-domain server in the first place? >> >> Because that's the only way I could think of that would work given that >> the solut

Re: recipient dependent maps

Wietse: >> Marcus: >> So I tried transport_maps. And it works, but ... > [...] > You need to use a more efficient implementation. Why do you need a > UNIX-domain server in the first place? Because that's the only way I could think of that would work given that the solu

recipient dependent maps

es (anti-virus and secret-biz-sauce) and that means transport_maps is queried a several times for every message and as result the time spent on lookups became a problem. What would be the best (or most efficient) place to plug a recipient dependent transport map? Thanks Marcus

Re: Changing SSL certificates - switching from self-signed to RapidSSL

e-read the postfix docs a few times afterwards, I may actually gain a reasonable if not rudimentary understanding of how these pieces fit together. Hope you're having a great holiday weekend! Charles On 4/19/2014 12:36 PM, Viktor Dukhovni wrote: On Sat, Apr 19, 2014 at 07:06:31AM -0400,

Re: Changing SSL certificates - switching from self-signed to RapidSSL

On 4/19/2014 6:32 AM, Charles Marcus wrote: Would you mind a quick check of both our smtp. and mail. (I'm guessing that I would need to do the same thing for dovecot's cert too)? Hi Victor, I hate to keep imposing on you, but since I don't have the postfinger tool, and h

SOLVED - Re: Changing SSL certificates - switching from self-signed to RapidSSL

On 4/18/2014 6:52 PM, li...@rhsoft.net wrote: cat whatever-filename.crt your-private.key intermediate-a.crt > your.pem you are done, use that for*whatever* sevrer-software (httpd, postfix, ATS, dovecot) as key and or certificate file Apparently not, if the certs you get are from RapidSS

Re: Changing SSL certificates - switching from self-signed to RapidSSL

On 4/19/2014 6:32 AM, Charles Marcus wrote: Thanks again Victor, without the support on this list many of us wanna-be admins would be in way over our heads... One other question... Would I be correct that the following error I'm now seeing since changing the certs could be caused by

Re: Changing SSL certificates - switching from self-signed to RapidSSL

On 4/18/2014 5:14 PM, Viktor Dukhovni wrote: Though many/most client implementations may not mind, the certificate chain is not quite in the right order: $ posttls-finger -cC -Lsummary smtp.media-brokers.com:587 | openssl crl2pkcs7 -nocrl -certfile /dev/stdin | openssl

Re: Changing SSL certificates - switching from self-signed to RapidSSL

On 4/18/2014 3:50 PM, Viktor Dukhovni wrote: In the sample command, "server_cert.pem" is a plausible name for a file that holds just the leaf server certificate. While "intermediate_CA.pem" is a plausible name for a file that hold one or more intermediate CA issuer certificates (in the right or

Re: Changing SSL certificates - switching from self-signed to RapidSSL

On 4/18/2014 3:06 PM, Viktor Dukhovni wrote: On Fri, Apr 18, 2014 at 02:35:45PM -0400, Charles Marcus wrote: No. The correct approach is at: http://www.postfix.org/TLS_README.html#server_cert_key With legacy public CA trust verification, you can omit the root certificate from

Re: Changing SSL certificates - switching from self-signed to RapidSSL

Thanks for the response Victor... On 4/18/2014 2:20 PM, Viktor Dukhovni wrote: On Fri, Apr 18, 2014 at 02:06:20PM -0400, Charles Marcus wrote: Ok, been wanting to do this for a while, and I after the Heartbleed fiasco, the boss finally agreed to let me buy some real certs... Until now

Changing SSL certificates - switching from self-signed to RapidSSL

Hi all, Ok, been wanting to do this for a while, and I after the Heartbleed fiasco, the boss finally agreed to let me buy some real certs... Until now, we've been using self-signed certs with the following postfix settings: smtpd_tls_cert_file = /etc/ssl/ourCerts/smtp_crt.pem smtpd_tls_key_

Re: Asking about heartbleed

On 4/10/2014 7:57 PM, postfix-us...@tja-server.de wrote: Wietse Venema wrote: OpenSSL versions prior to 1.0.1 don't have the hearbeat feature and have never been affected by this bug. ii openssl 0.9.8o-4squeeze14 Secure Socket Layer (SSL) binary and relat

Re: Does it work on an air gapped intranet?

Viktor Dukhovni: > To disable DNS in Postfix 2.11.0 or later: > > smtp_dns_support_level = none Using "none" will throw a fatal error because the value is invalid. The correct value to disable DNS lookups in Postfix 2.11+ is "disabled" i.e. smtp_dns_support_level = disabled and if lmtp

Re: socketmap -vs- tcp_table

Wietse: >> Marcus: >> What are the benefits of socketmap (postfix 2.10+) vs tcp_table? > > tcp_table is Postfix-only. socketmap also works with Sendmail, > and is a better protocol. Out of curiosity... when you say "better", are you talking about performance and

socketmap -vs- tcp_table

What are the benefits of socketmap (postfix 2.10+) vs tcp_table? And can I use socketmap with sender_dependent_default_transport_maps ? i.e. sender_dependent_default_transport_maps = socketmap:inet:127.0.0.1: I'm struggling to understand the what the documentation of socketmap refers to "name"

Re: DNSSEC

On 2/25/2014 10:32 AM, Viktor Dukhovni wrote: My domains are (or will be when the transfer completes) signed with NSEC3. RFC 5155 (NSEC3) was published in 2008. The root zone was signed around 2010. DNSSEC is up and running. Well, I sent them the two responses I got here (from rob0 and Victor

Re: DNSSEC, was Re: TLS client logging PATCH

On 2/24/2014 3:52 PM, /dev/rob0 wrote: On Mon, Feb 24, 2014 at 01:16:39AM +0100, Dirk Stöcker wrote: On Sun, 23 Feb 2014, Viktor Dukhovni wrote: If you want scalable security for SMTP, become an early adopter of DANE TLS, available in Postfix 2.11. Today, you'll be able to opportunistically a

Re: Address Rewriting vs Aliasing - I need all recipients to see each other

Thanks for the reply Dominik, but... On 2014-02-02 9:17 AM, Dominik George wrote: Currently, if I set up the alias, each recipient only sees themselves as the recipient, but I need all recipients to see each other, so each knows the other received it. I do not quite understand that. Normally

Address Rewriting vs Aliasing - I need all recipients to see each other

Hi all, I'm under the gun, and reading furiously, but I'm hoping someone will help point me in the right direction... I want to set up an email alias for my domain, ie: facilit...@example.com That sends the email to two (or more) external addresses: us...@example2.com us...@example2.com Cu

Re: canonical maps

On 2014-01-08 3:18 PM, R. Berger wrote: In sendmail, when I use "@domain.nl %1...@otherdomain.nl" domain.nl wil automatically have 29 users also. If there is a mail send to n...@domain.nl and n...@otherdomain.nl does not exist, it will be rejected. In postfixadmin this will be a domain alia

Re: Question re: postconf -M output

On 2014-01-05 10:42 AM, Charles Marcus wrote: That output above was the result of postconf -Mf Sorry, in my original email I did say -M, but I meant -Mf

Re: Question re: postconf -M output

On 2014-01-05 10:17 AM, wie...@porcupine.org (Wietse Venema) wrote: Charles Marcus: I just noticed this and wanted to make sure this is the way it is supposed to show. When I do postconf -M, the output shows: submission inet n - n - - smtpd -o syslog_name

Question re: postconf -M output

Hello, I just noticed this and wanted to make sure this is the way it is supposed to show. When I do postconf -M, the output shows: submission inet n - n - - smtpd -o syslog_name=postfix-587 -o smtpd_tls_security_level=encrypt -o smtpd_tls_auth_only=yes -

Re: New server using old server config, alert unknown ca error

On 2013-12-28 3:11 PM, Viktor Dukhovni wrote: On Sat, Dec 28, 2013 at 02:49:01PM -0500, Charles Marcus wrote: If TLS_allowed insists on authentication, then having it on by default is rather unwise. You may be able to unset this, but better yet, use local submission rather than SMTP for

Re: New server using old server config, alert unknown ca error

On 2013-12-28 1:31 PM, Viktor Dukhovni wrote: On Sat, Dec 28, 2013 at 01:10:55PM -0500, Charles Marcus wrote: vacation.pl is, obviously, a perl script, so is using perl's Mail::Sender module. I think vacation.pl should be using sendmail(1) rather than SMTP to inject auto-response mes

Re: New server using old server config, alert unknown ca error

On 2013-12-28 12:41 PM, Viktor Dukhovni wrote: On Sat, Dec 28, 2013 at 11:57:23AM -0500, Charles Marcus wrote: I use PostfixAdmin, and its vacation.pl script for managing vacation messages, and it is the sending of the vacation message that fails with the subject error: error:14094418:SSL

New server using old server config, alert unknown ca error

Hello all, I'm setting up a new mail server to replace our 9 year old one, and everything works - sending using submission+STARTTLS, receiving, mailman lists, etc - with one exception... I use PostfixAdmin, and its vacation.pl script for managing vacation messages, and it is the sending of t

Re: OT: Large corporate email systems - Exchange vs open source *nix based

On 2013-12-10 10:42 AM, Ken D'Ambrosio wrote: But, alas, I don't believe there are any full-fledged, viable, open-source solutions that supply Outlook-compliant mail *and* calendaring. SOGo is just that... supposedly (we haven't used it yet). According to the SOGo people, Outlook thinks it i

Re: OT: Large corporate email systems - Exchange vs open source *nix based

On 2013-12-10 10:28 AM, Giles Coochey wrote: Personally, it seems to me that if company A (that is an all Microsoft/Exchange shop) wants to buy company B, that is not using Exchange (say, uses SOGo, with clients being able to choose between Outlook or Thunderbird for their desktop client), whe

Re: OT: Large corporate email systems - Exchange vs open source *nix based

On 2013-12-10 10:02 AM, Edward Rudd wrote: You have been lucky where you work then:) The "political" nature comes in when some Executive @ the company gets it stuck in his head that we *HAVE* to switch to Exchange but does the dog and pony show of letting the IT department trial several alter

Re: OT: Large corporate email systems - Exchange vs open source *nix based

On 2013-12-10 9:23 AM, DTNX Postmaster wrote: Do your own comparison based on the TCO of what you have, vs. what you will need for Exchange Server. Focus on the needs of the company over a five-year time period. Include the higher hardware requirements, licensing, extra staff, third party so

OT: Large corporate email systems - Exchange vs open source *nix based

Hello, There has been some whispers about considering migrating our mail systems to Exchange Server, and I want to try to nip this in the bud if possible. I would like to ask for some help with providing some kind of comparison of mid to large(r) commercial companies use of email systems...

OT: Large corporate email systems - Exchange vs open source *nix based

Hello, There has been some whispers about considering migrating our mail systems to Exchange Server. I want to try to nip this in the bud. I would like to ask for some help with providing some kind of comparison of large(r) commercial companies use of email systems... specifically, those usi

Re: reject_unknown_client

On 2013-12-05 7:50 AM, Andreas Kasenides wrote: smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated reject_unknown_client permit Obviously this rejects any requests where the DNS (forward or reverse) fails. I am under increasing pressure to change this ap

Re: Catch-all virtual alias

On 2013-11-11 2:30 PM, Viktor Dukhovni wrote: It is not entirely unreasonable to expect address validation to handle 1-to-1 aliasing of @example.org with @example.net. Postfixadmin, an excellent tool for managing userdbs in mysql/postgresql, has had 1-to-1 domain aliasing for a long time, and

Re: postfix 2.7.1 debian - does not query DNS

On 2013-11-07 6:39 AM, Simon Loewenthal wrote: Chroot was not turned on Look again... # == # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # =

OT - Blocking ALL non-user clients - WAS Re: Blocking LinkedIn 'Intro' mail hijacking?

On 2013-10-27 1:13 PM, Charles Marcus wrote: Based on Noel's suggestion above I currently have: # submission_clients_banned linkedin.com REJECT Intro hijacker not welcome here rapportive.com REJECT Intro hijacker not welcome here Just added blackberry.net and rim.net, but I'm

Re: Blocking LinkedIn 'Intro' mail hijacking?

On 2013-10-27 3:58 PM, Noel Jones wrote: (disclaimer - no BB users left here, so this is based on past behavior. They could have changed, but I doubt it.) Yes, BB would fetch all IMAP messages from the company server, then push them to the client. Outbound would originate from BB's SMTP server

Re: Blocking LinkedIn 'Intro' mail hijacking?

On 2013-10-27 1:13 PM, Charles Marcus wrote: Ok, first attempt isn't working properly... Sorry - started that email before I fixed the 'bad address pattern' error... Current hashed version seems to be working... -- Best regards, */Charles/***

Re: Blocking LinkedIn 'Intro' mail hijacking?

Ok, first attempt isn't working properly... On 2013-10-25 3:21 PM, Noel Jones wrote: # banned_clients linkedin.com REJECT mail from LinkedIn not welcome here I have (changed cidr to hash for obvious - after I got the 'bad address pattern' error on first try with the cidr map - reasons):

Re: Tiny/minor discrepancy with postconf -n reporting of used vs unused parameters

On 2013-10-27 12:35 PM, Viktor Dukhovni wrote: Parameters understood by Postfix are reported on stdout in a normalized form with all runs of whitespace characters replaced by a single space. Parameters not understood by Postfix are reported as warnings on stderr largely verbatim, the only chang

Tiny/minor discrepancy with postconf -n reporting of used vs unused parameters

Hello, While adding the new client restriction class to block the new Intro App accessing our mail server, I noticed a tiny/minor discrepancy in postconf -n output of used vs unused parameters/arguments. Not even sure it is worth mentioning, but decided to do so anyway... The first thing I d

Re: Blocking LinkedIn 'Intro' mail hijacking?

On 2013-10-25 4:51 PM, Noel Jones wrote: Blackberry has done pretty much this same thing for years, and not too many people have been bent out of shape about it. Or maybe the different business model of BB convinced folks their email wasn't being mined. Mostly a moot point now... Are you sure

Re: Blocking LinkedIn 'Intro' mail hijacking?

On 2013-10-25 4:28 PM, Harald Koch wrote: On 25 October 2013 14:42, Charles Marcus <mailto:cmar...@media-brokers.com>> wrote: Whether it is iOS specific or not (apparently it is, at least for the time being, iOS specific), it also applies to the smtp connection to my

Re: Blocking LinkedIn 'Intro' mail hijacking?

On 2013-10-25 4:17 PM, Viktor Dukhovni wrote: You've been on this list long enough to know that verbatim restriction definitions don't belong in master.cf: master.cf: submission inet n ... smtpd -o smtpd_client_restrictions=$submission_client_restrictions main.cf:

Re: Blocking LinkedIn 'Intro' mail hijacking?

On 2013-10-25 3:41 PM, Viktor Dukhovni wrote: On Fri, Oct 25, 2013 at 02:21:11PM -0500, Noel Jones wrote: 1. block all *.linkedin.com clients BEFORE any permit_sasl_authenticated statement. This will also have the effect of blocking all incoming linkedin mail. That may be a little too strict

Re: Blocking LinkedIn 'Intro' mail hijacking?

On 2013-10-25 1:29 PM, Titanus Eramius wrote: Well, if the app is not installed, it might solve the problem. Other than that, I think this is a bit off-topic for Postfix, since it only applys to Apples hand-held devices. Whether it is iOS specific or not (apparently it is, at least for the ti

Blocking LinkedIn 'Intro' mail hijacking?

Hello, I'm really hoping this is either a hoax or I'm seriously misunderstanding something... If it is true, how can they legally do this? And more importantly, how can SASL_AUTH attempts be blocked? Maybe block all SASL attempts from LinkedIn networks? Anyway, article here: http://www.bi

Re: What is causing this mail forwarding loop bounce?

On 2013-10-15 10:01 AM, sendu wrote: Here's another delivery attempt, this time with all verbose logging turned off: http://pastebin.com/TtyDXKBX Please post such things inline in the email body, many people will not click on links to unknown destinations... It bounces; I don't know why.

Re: local_recipient_maps set up, yet postfix continues to send bounce messages

On 2013-10-14 4:00 PM, Chad Elliott wrote: virtual_alias_maps = hash:/etc/postfix/virtual virtual_mailbox_base = /var/spool/mail virtual_mailbox_domains = hash:/etc/postfix/mydomains There are no wildcards in virtual_alias_maps or alias_maps Tests against your maps? What do postmap -q myse

Re: local_recipient_maps set up, yet postfix continues to send bounce messages

On 2013-10-14 4:54 PM, Charles Marcus wrote: On 2013-10-14 4:00 PM, Chad Elliott wrote: Sorry if this question gets asked too often, but I followed the instructions to stop backscatter email from my server, and On 2013-10-14 4:41 PM, Chad Elliott wrote: - what is being bounced? mail sent

Re: local_recipient_maps set up, yet postfix continues to send bounce messages

On 2013-10-14 4:00 PM, Chad Elliott wrote: Sorry if this question gets asked too often, but I followed the instructions to stop backscatter email from my server, and On 2013-10-14 4:41 PM, Chad Elliott wrote: - what is being bounced? mail sent to non-existent aliases/users (not in virtual_a

Re: local_recipient_maps set up, yet postfix continues to send bounce messages

On 2013-10-14 4:41 PM, Chad Elliott wrote: - what is being bounced? mail sent to non-existent aliases/users (not in virtual_alias_maps) This is the DESIRED result... what is the problem? -- Best regards, */Charles /*

Re: local_recipient_maps set up, yet postfix continues to send bounce messages

nks, Chad. -- Best regards, */Charles Marcus/* I.T. Director Media Brokers International, Inc. *678.514.6224 | 678.514.6299 fax*

Re: restricting few users from sending mails outside domain (mymailsystem.com)

On 2013-10-08 6:27 AM, virtualpostfix wrote: [root@posttestbox postfix]# postconf -d mail_version mail_version = 2.6.6 ? 2.6 is NOT >= 2.10 -- Best regards, */Charles/*

Re: Do not forward spam

On 2013-09-20 1:31 PM, azurIt wrote: I don't believe in rejecting e-mails based on spam checks Then don't allow blanket forwarders, or just accept it when someone blocks you for good cause because of your silly decisions. - there are and always be false positives. For CONTENT filter base

Antispam using *only* postfix/postcreen settings...

Hi all, On 2013-09-01 6:09 AM, Grant wrote: Thanks James. This is all very cool. A blacklist (zen.spamhaus.org), a whitelist (list.dnswl.org), and a "greylist". 2.11 looks to be a fantastic release for easily-configured anti-spam measures. I'm just not getting spam anymore and I don't think

  1   2   3   4   5   6   7   8   >