en as you have rspamd, is that correct?
> Jonathan
Hi Jonathan, thank you.
It helped me to eliminate some fake senders and spams, but I see your point.
Yes, I'm not using postscreen as I have rspamd.
Is there any further suggestion you might have?
Many thanks,
Mark.
___
Many thanks in advance,
Regards
Mark
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
lay2 postfix/smtpd[95962]: maps_find: canonical_maps:
@dohd.org: not found
So I don't see any action being taken for sender canonical mapping.
Does anyone have a slight hint what logging I should be looking for, or even
better: what I'm doing wrong?
Kind regards,
Mark
--
Ah, women
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_rbl_client zen.spamhaus.org=127.0.0.[2..11],
check_policy_service unix:private/spf-policy,
permit
I think this is a better approach, if I did it correctly? Could you confirm
please?
Much regards,
Mark.
Ma
uld you explain further please
where I made a mistake?
Regards.
Matus UHLAR - fantomas via Postfix-users , 5 Şub
2024 Pzt, 15:15 tarihinde şunu yazdı:
> On 04.02.24 22:06, Mark via Postfix-users wrote:
> >->"Best practice is to require submission users sending outbound mail do
> s
rules are happening in main.cf, which is listed here;
https://pastebin.mozilla.org/i5tMtPAk
I've learned a lot from your replies, much grateful!
Thank you,
Mark.
Viktor Dukhovni via Postfix-users , 4 Şub 2024
Paz, 19:14 tarihinde şunu yazdı:
> On Sun, Feb 04, 2024 at 01:22:45PM +020
ell?
I'm trying to be as restrictive as possible, against haux&pseudo
hostnames/helo attempts, spammers and attackers.
Many thanks,
Much regards.
Mark.
2 Şubat 2024 Cuma tarihinde Viktor Dukhovni via Postfix-users <
postfix-users@postfix.org> yazdı:
> On Fri, Feb 02, 2024 at 08:
Best,
Mark.
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
with this config file...
https://github.com/markc/sh/blob/main/etc/_etc_opendkim.conf
and with this added to /etc/postfix/main.cf...
smtpd_milters = inet:127.0.0.1:8891,inet:127.0.0.1:54321
--
Cheers, Mark Constable :: +61 0419 530 037
___
Postfix
1-out:
* smtp2-out:
If possible then what is the exact config entry for a "wildcard" in this
situation?
--
Cheers, Mark Constable :: +61 0419 530 037
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an e
anyone have any suggestions on how best to debug?
Regards,
Mark
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
sr/sbin/ss -p -n -t | grep "smtp" | awk -F'[=
,]*' '{print $8}'
* Finalist = intersection between child_pids and Process_connections
(This gives the connections for that pid)
This may well be a bit convoluted but as I
:
default_destination_concurrency_limit = 50
We did a postfix reload and a postconf and we are seeing the correct config -
however - connections are still restricted to 20?
Any suggestions on what we are missing?
Thanks,
Mark
___
Postfix-users mailing list -- postfix-users@postfix.org
On 22/2/21 00:26, Wietse Venema wrote:
If I connect to port 25 the connect host in the logs is my FQDN...
If I try the same via port 465 then I always get "unknown"...
What is the output from:
# postconf -F '*/inet/chroot'
If they are different, then you have a broken chroot setup.
~ postco
If I connect to port 25 the connect host in the logs is my FQDN...
telnet 12.34.56.78 25
ehlo mail.my.fqdn
connect from mail.my.fqdn[78.56.34.12]
If I try the same via port 465 then I always get "unknown"...
openssl s_client -crlf -quiet -connect 12.34.56.78:465
ehlo mail.my.fqdn
connect from u
On 12/2/21 3:14 pm, Viktor Dukhovni wrote:
Hi, I have a fairly typical postfix install with port 465 requiring
authentication. I'd like to allow one sender (email address or IP) to
inject email on port 465 without providing login/password authentication.
The port number and TLS encryption are i
Hi, I have a fairly typical postfix install with port 465 requiring
authentication. I'd like to allow one sender (email address or IP) to
inject email on port 465 without providing login/password authentication.
Is this somehow possible?
A company named "Internet Hosting Ltd" does exist and is in fact
registered to this address but it's only existed since June 2019. It has
a single company officer named Elliot Carey who is the sole shareholder.
Details here: <https://beta.companieshouse.gov.uk/company/12051036>
All for what it's worth.
--
Mark Rousell
ueued, but not in queue
On Mon, Dec 23, 2019 at 10:16:06PM +0000, Mark ADAMS wrote:
> Yeah that sounds like me, but there's nothing showing up in the logs.
I don't call the below "nothing".
> 250 2.0.0 Ok: queued as B03444A4201
> Dec 23 15:07:08 shuttle postfix/cl
23, 2019 1:12 PM
To: postfix-users@postfix.org
Subject: Re: Mail shows being queued, but not in queue
On Mon, Dec 23, 2019 at 07:40:01PM +, Mark ADAMS wrote:
> I forgot a couple of things:
> Distro: Linux shuttle 5.4.2-desktop-1.mga7 #1 SMP Thu Dec 5 17:40:00 UTC 2019
> x86_64
ot support mailing list.
If this is a dovecot issue and someone can point me in a helpful direction for
support, I'd appreciate it.
Thanks.
From: owner-postfix-us...@postfix.org on
behalf of Mark ADAMS
Sent: Monday, December 23, 2019 12:23 PM
To
ix
Dec 23 12:20:45 shuttle postfix[9561]: Starting postfix: [ OK ]
Dec 23 12:20:45 shuttle systemd[1]: Started LSB: Starts the postfix daemons.
Can anyone see what I'm missing?
Thanks in advance.
Mark
Thanks Victor, a few great tips, which I will investigate and report back on.
On 13 October 2019 20:20:05 BST, Viktor Dukhovni
wrote:
>On Sun, Oct 13, 2019 at 10:44:05AM -0700, mbridgett wrote:
>
>> I have a problem at the moment, specifically with Epic Games - who
>are
>> claiming that they are
On 11/08/17 05:20, Michael Fox wrote:
# cat /usr/lib/systemd/system/postfix.service
Hmm. My Ubuntu system has no such file.
On *buntu/deb machines it's...
/lib/systemd/system/postfix.service
dpkg -L postfix | grep service
On 08/01/2017 03:32 PM, Viktor Dukhovni wrote:
On Tue, Aug 01, 2017 at 02:41:52PM -0700, mark burdett wrote:
Hi, I was curious if there are any plans for postfix to eventually support
SMTP connection reuse with STARTTLS.
This requires a complex outbound TLS proxy to cache the connections
in
an be time sensitive: for example, advocacy organizations ask
subscribers to tweet or call their elected representative that morning.)
--mark B.
signature.asc
Description: OpenPGP digital signature
On 2017-07-09T19:15:29 -0400
wie...@porcupine.org (Wietse Venema) wrote:
> This is how three years ago I solved IPv6 problems for all domains
> that have Google as an MX host.
Thanks for this. Personally, I don't expect to hear back from Google,
so I'll be implementing this one myself.
M
pgphP
On 2017-07-08T23:27:31 -0400
Scott Talbert wrote:
>
> Unfortunately Google has stopped accepting mail from my server via IPv6
> and I haven't been able to figure out why or resolve the problem.
Hello.
Are you by any chance seeing this message?
Jul 9 08:43:06 mail postfix/smtp[18059]: C95E4849
On 04/07/17 14:08, Bill Cole wrote:
I have a global alias @example.com pointing to ad...@example.com,
which works fine, but when I add a real user, like m...@example.com,
the global alias overrides the real entry in virtual_mailbox_maps
(mysql).
See the VIRTUAL_README and ADDRESS_CLASS_README
I have a global alias @example.com pointing to ad...@example.com, which
works fine, but when I add a real user, like m...@example.com, the global
alias overrides the real entry in virtual_mailbox_maps (mysql). If I
remove the @exmaple.com global alias from virtual_alias_maps then the
"real" mailbo
On 2017-07-01T22:33:16 +
Viktor Dukhovni wrote:
> > Perhaps this is because "bounce"
> > is running in a chroot?
>
> That's the most likely cause.
Thanks, all. The chroot was the issue. I've no idea why it has suddenly
become a problem, but I can live without running bounce chrooted.
M
Hello.
I'm using a fresh install of Postfix 3.2.2 and am seeing strange
warning messages in the log when mail bounces:
Jul 1 19:15:16 mail postfix/bounce[88353]: warning:
midna_domain_to_utf8_create: Problem translating domain "mail.io7m.com" to UTF8
form: U_FILE_ACCESS_ERROR
Jul 1 19:15:16 m
> -Original Message-
> From: Marek Kozlowski [mailto:m.kozlow...@mini.pw.edu.pl]
> Sent: Sunday, June 4, 2017 8:04
> To: Mark Scholten; postfix-users@postfix.org
> Subject: Re: Changing "mail from"
>
> :-)
>
> On 06/04/2017 07:58 AM, Mark Scholte
is is done (but this is
Sendmail and difficult to maintain, so we want to switch to Postfix but
keeping this behavior).
Is it possible with Postfix to do this or do I need to look for a milter or
something else to do this?
Regards, Mark
On 5/7/17 9:58 PM, pbw wrote:
...the simplest lightweight solution (for me) is postscreen, SPF/
DKIM and Spamprobe via dovecot/sieve filters.
Your approach seems applicable to me. I have set up postscreen from
the postfix docs. What is the best documentation for the remainder of
your setup?
T
On 29/4/17 5:26 am, Linda Pagillo wrote:
Hi everyone. I was wondering which anti-spam and anti-virus programs
do you all use with Postifx? Any advice on which programs work best?
I'm not sure about the absolute best spam filtering system but the
simplest lightweight solution (for me) is postscr
On 24/03/17 00:30, Viktor Dukhovni wrote:
That answer was for the port 25 inbound MX relay host, which can be
changed by updating MX records without any interaction with the
users.
[...]
You are conflating MX hosts with MSAs. Users don't configure their
MUAs to talk to MX hosts.
Not quite. In
On 23/03/17 23:06, Viktor Dukhovni wrote:
is it possible to setup separate SSL certificates for an each virtual
domain ?
The Postfix smtpd(8) service does not support SNI-based certificate
selection. And this is not needed. Just point all the virtual domains
at a common MX host with a single c
On 05/02/17 16:04, Dominic Raferd wrote:
In contrast a "full service" mailcow install requires 800Mb at the
very least and 1Gb with some usage. Clamav is the real ram killer.
At the risk of going off-topic, is it worth using clamav? I run it
(via amavis) but it last picked up something 'real' 7
On 04/02/17 21:35, A. Schulze wrote:
if i will run Debian, Postfix + Dovecot on a VPS Machine what i
need about memeory that this application can run without any
Problem, 256Mb are not enough?
works as long you avoid antivirus snakeoil and perl based spam
filtering.
Totally agree with this, t
This is new to me so any advise about what I’m doing wrong and how to stop this
is very welcome.
Have a nice weekend,
Mark
- - quote - - - -
root@mail:/home/sympa/spool/msg# more
oceandocscommunity-ow...@sympa.iode.org.1484660591.438
X-Sympa-To: oceandocscommunity-ow...@symp
I want to supply separate Letsencrypt certificates for each virtual domain
and seeing that SNI does not work I need to allocate separate IPs. Could
anyone give some pointers, or keywords to search for, on...
a) how to make postfix listen for different domains on different IPs?
b) how to configur
gt meddelande-
Från: owner-postfix-us...@postfix.org
[mailto:owner-postfix-us...@postfix.org] För Mark Holmes
Skickat: den 18 oktober 2016 21:46
Till: 'postfix-users@postfix.org'
Ämne: Restriction question
Hi list,
I'd like to configure Postfix such that I can prevent certain
networks can only send to internal recipients, with the exception of
these IP's which can also send to external recipients'
I've done some Googling but can't quite figure the best way to achieve this.
Grateful for any pointers!
Many thanks,
Mark
This e-mail message
add the content_filter there. In fact I don't need two
IP addresses for the smtp delivered mail :)
On 09/10/2015 06:12 PM, Mark Clarke wrote:
> Hi there,
>
> We have a transport map setup so that mail destined for the local
> domain or from some subdomain email servers is not ro
Hi there,
We have a transport map setup so that mail destined for the local domain
or from some subdomain email servers is not routed to our relay gateway.
These entries have a null gateway set. Mail destined for all other
domains is routed via our relay.
e.g
serve...@server01.abc.co.za :
a
question, but I'm hoping that all
the Postfix-Gods in here might share an opinion or advice.
Mark
uot;addr is not a string" test to use SvPOKp() before 5.18
Mark
differently.
See:
http://marc.info/?l=spamassassin-users&m=141461245312708
one possible workaround:
http://marc.info/?l=spamassassin-users&m=141467352930918
See the whole thread there for details.
Mark
0 SMTPUTF8
quit
Apparently also a commercial mailer Momentum supports it.
Mark
mavis as described above.
Do, I have that right?
Yes. There is likely and advantage in amavis regarding meeting
the configured deadlines.
Mark
eduled incident which required the
documentation to be consulted :-)
Mark
--
http://www.markgoodge.uk
...
L. Mark Stone - General Manager, Managed and Private/Hybrid Cloud Services
"Uptime. All the time." ® www.reliablenetworks.com
Eleven Years In Business 2003 - 2014
477 Congress Street, Suite 812 | Portland, ME 04101 | (207) 772-5678
private/hybrid cloud hosting | Zimbra
Back from travelling...
> On 12 Jan 2015, at 12:00 pm, Wietse Venema wrote:
>
> Mark Nottingham:
>> Hi,
>>
>> I?d like to insert SMTP headers and/or body content (e.g., using alterMIME)
>> in outgoing e-mails *if* the SMTP connection to the recipient is no
> On 11 Jan 2015, at 8:00 pm, Wietse Venema wrote:
>
> Mark Nottingham:
>> Hi,
>>
>> I?d like to insert SMTP headers and/or body content (e.g., using alterMIME)
>> in outgoing e-mails *if* the SMTP connection to the recipient is not
>> protected by
Hi,
I’d like to insert SMTP headers and/or body content (e.g., using alterMIME) in
outgoing e-mails *if* the SMTP connection to the recipient is not protected by
TLS.
Is this possible in postfix today, or would it require a change to source?
Thanks,
--
Mark Nottingham https://www.mnot.net/
o add their own signature.
Mark
address should be enclosed in brackets to avoid ambiguity.
No big deal, just commenting...
Mark
z.co.uk/domain-tools/
http://www.intodns.com/
http://www.dnsqueries.com/en/
I have not implemented spf or dkim.
There you go!
Consider also publishing a DMARC record, not necessarily restrictive.
Mark
; / "~"
http://tools.ietf.org/html/rfc4291
http://tools.ietf.org/html/rfc3493
http://tools.ietf.org/html/rfc4007
Mark
avisd/amavisd-new-2.10.0.tar.xz
Mark
t;host".
I like the above two changes. The defaults often are confusing for
people new to postfix.
- mynetworks-style (default: subnet). This should be "host".
Yes, definitely.
Some more archaisms that can be changed to:
biff = no
swap_bangpath = no
allow_percent_hack = no
Mark
Wietse wrote:
Mark Martinec:
Btw, amavisd since 2.10.0 converts ACE domain names to UTF-8
for presentation purposes (logging, JSON structured report,
DNS and admin notfications), and encodes non-ASCII UTF-8 domains
in sender and recipient addresses into ACE if the next hop MTA
(e.g. back-end
www.ietf.org/mailman/listinfo/ima
Mark
ch string is already assembled
elsewhere in postfix.
Thanks to the current documentation the change would not risk breaking
backward compatibility :)
Mark
es) if the
UTF8SMTPS?A? set would be included in the XFORWARD PROTO field.
Mark
rform this step.
Using postfix-2.12-20140923 .
Mark
truct sockaddr_storage
(RFC 3493).
Seems like elsewhere this is handled correctly
( like in inet_listen.c/inet_accept() ).
Mark
Any chance there is a UTM device in the email stream?
We see lots of these errors when our SonicWalls do an RBL lookup, don't like
the data in the email stream etc. The SonicWalls then just drop the connection
and Postfix logs the drop.
Hope that helps,
Mark
#x27;t have problems with it.
Thanks for reading and thank you for your reply.
Regards, Mark
as u...@virtualdomain.com?
The 'From' address is set by the mail client, not the MTA. Check your
SquirrelMail configuration.
Mark
--
My blog: http://mark.goodge.co.uk
Robert Sander wrote:
I remember that Mark Martinec mentioned a license change in Berkeley DB
version 6 to the Affero GPL that forces Amavis to switch to LMDB. The
additional provision requires that the complete source code be made
available to any network user of the AGPL-licensed work
https
xp:/etc/postfix/mime_header_checks
Mark
--
My blog: http://mark.goodge.co.uk
than 99%
that it's spam. And if it isn't, someone sending mail out that's so
badly configured doesn't deserve to have it delivered.
Mark
--
My blog: http://mark.goodge.co.uk
ide of the curly brackets the problem disappeared.
That were 3 hours I'll never get back. Ok, I'll be honest, I didn't
*immediately* turn quota off..
So: if you want to add comments to a maildrop filter, be sure to never
do it in the way above.
I just had to share it. After all, who knows, someone else might run
into this same issue. :)
Mark
ve recipient addresses. Annoying,
especially for domains that have a wildcard.
Normally I wouldn't do blocking this way, but in this case it just
prevents later tests, simply rejecting delivery on sight of the domain
name. It's a small setup, mostly for myself so I don't think it can hurt.
Mark
rican
Express" from unknown[83.217.119.xx];
from= to= proto=ESMTP
helo=<[83.217.119.xx]>: 5.7.1 aexp is a spamdomain.
Shouldn't the 5.7.1 be prefixed by a 550? Or, does postfix do this and
it is not logged?
Thank you,
Mark.
On 11/12/2013 9:03 PM, Viktor Dukhovni wrote:
On Wed, Dec 11, 2013 at 08:42:29PM +1100, Mark Jamsek wrote:
And, the glaringly obvious absence of SMTP auth mechanisms:
220 mail.bsdbox.co ESMTP Postfix
ehlo bsdbox.co
250-mail.bsdbox.co
250-STARTTLS
Only when not using TLS.
I'm not s
On 11/12/2013 8:31 PM, Viktor Dukhovni wrote:
On Wed, Dec 11, 2013 at 06:17:08PM +1100, Mark Jamsek wrote:
However, I cannot get SMTP authentication working, no matter what I
try.
Still need those glasses...
And, the glaringly obvious absence of SMTP auth mechanisms:
220 mail.bsdbox.co
On 11/12/2013 8:31 PM, Viktor Dukhovni wrote:
On Wed, Dec 11, 2013 at 06:17:08PM +1100, Mark Jamsek wrote:
However, I cannot get SMTP authentication working, no matter what I
try.
Still need those glasses...
And, the glaringly obvious absence of SMTP auth mechanisms:
220 mail.bsdbox.co
Thanks to another subscriber, I have resolved my TLS problem. However, I
cannot get SMTP authentication working, no matter what I try. My client
"sends" mail without any errors; however, /var/log/maillog reports
connection refused errors and recipients are not receiving my emails.
This is due t
On 11/12/2013 5:50 AM, Viktor Dukhovni wrote:
On Tue, Dec 10, 2013 at 11:57:56PM +1100, Mark Jamsek wrote:
|Dec 10 11:36:03 mail postfix/smtpd[57120]: warning:
[highlight]cannot get RSA certificate from file
/etc/ssl/cert/dovecot.pem:
disabling TLS support
New spectacle
Trying to send mail results in this error from Thunderbird client:
Sending of message failed.
An error occurred sending mail: Unable to establish a secure link
with SMTP server mail.bsdbox.co using STARTTLS since it doesn't
advertise that feature. Switch off STARTTLS for that server o
ile
}
}
In particular, LMDB as of postfix-2.11-20131122 no longer restarts
a daemon and picks up changes immediately. With cdb and hash, the
changes are detected at the start of a new SMTP session and then
smtpd(8) restarts.
Thanks. I'll have a play with that later.
Mark
--
My blog: http://mark.goodge.co.uk
imple text file that can be updated
regularly without needing to restart Postfix.
Mark
--
My blog: http://mark.goodge.co.uk
unavailable -
try again later
Is this generally just because of low reputation or is there something special
that needs to be configured for AOL?
Anyone have any experience?
I've applied for their FBL service - I'm not sure if that will help.
Cheers
Mark.
x27;m not sure if this is something that's completely internal to courier (in
which case sorry to bother you all) or something in the postfix config that
bothering courier.
Could someone tell me what this means, and what I need to do about it if
anything?
Cheers
Mark.
-o smtpd_restriction_classes=
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o smtpd_client_connection_count_limit=0
-o smtpd_client_connection_rate_limit=0
-o
receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters
-o local_header_rewrite_clients=
Any thought greatly received.
Please ask if I need to send more files.
Thanks
Mark.
d a bounce - that's the Microsoft Exchange way accepting and
then send bounces "user unknown", but this is unacceptable behavior
Just because one server routinely gets it wrong doesn't mean that all
servers which correctly bounce instead of drop are getting it wrong.
Mark
--
My blog: http://mark.goodge.co.uk
ing an outbound edge relay
between your internal servers and the public Internet.
Mark
--
My blog: http://mark.goodge.co.uk
removed
Happy to send more logs and files. please tell me what's relevant?
Mark.
eflect the most common real life usage.
If you want to feed that back to the Ubuntu documentation maintainer,
then feel free.
Mark
--
My blog: http://mark.goodge.co.uk
indeed, return the outcome that he gave us. So
it's almost certainly a Postfix configuration error, not a DNS
configuration error.
As others have said, we need postconf -n
Indeed.
Mark
--
My blog: http://mark.goodge.co.uk
#x27; entry may be superfluous, or
alternatively you may need to add other subdomains of your domain, but
you can tweak that later if necessary).
Once you've set that correctly, reload Postfix and you should find it
accepts mail correctly from the Internet. If it doesn't
matches if is one of the MX hosts for a domain
name.
MX = "mx" [ ":" domain-spec ] [ dual-cidr-length ]
check_host() first performs an MX lookup on the . Then
it performs an address lookup on each MX name returned. The is
compared to each returned IP address. [...]
dual-cidr-length = [ ip4-cidr-length ] [ "/" ip6-cidr-length ]
Mark
On 18 October 2013 16:20, Wietse Venema wrote:
> Viktor Dukhovni:
> > On Fri, Oct 18, 2013 at 03:15:49PM +0100, Mark Berry wrote:
> >
> > > However at other times they can take 30 minutes or more to all go.
> >
> > Slow cleanup(8) processing or disk I/O conte
On 18 October 2013 15:26, Viktor Dukhovni wrote:
> On Fri, Oct 18, 2013 at 03:15:49PM +0100, Mark Berry wrote:
>
> > However at other times they can take 30 minutes or more to all go.
>
> Slow cleanup(8) processing or disk I/O contention. Another
> possibility is a syslog da
instead of working on workarounds, people's efforts would be better spent
on setting up their DKIM and/or SPF, reverse DNS mapping, and making sure that
postfix only binds to an intentionally configured IPv6 address (not on SLAAC
or 'privacy extensions' random address).
Mark
as this is driving me mad having to reboot the
server every morning
Thanks
Mark
On 03/10/2013 12:56, Wietse Venema wrote:
Mark Goodge:
If the value for mynetworks is contained in a file rather than hardcoded
into main.cf, as per this example from the documentation...
mynetworks = $config_directory/mynetworks
... is it necessary to reload Postfix when the contents of that
1 - 100 of 496 matches
Mail list logo
