On 9/16/21 12:15, Wietse Venema wrote:
Matt Corallo:
Can you describe in more detail what line_length_limit does? I
You are confusing two different parameters
- smtp_line_length_limit. This applies to SMTP.
- line_length_limit. Does not apply to SMTP.
Postfix will happily deliver mail
Can you describe in more detail what line_length_limit does? I guess part of my
question here is I don’t understand it’s purpose and thus why it
doesn’t/couldn’t apply here.
> On Sep 16, 2021, at 05:06, Wietse Venema wrote:
>
> Matt Corallo:
>> When debugging a DKIM signa
When debugging a DKIM signature failure, I found that:
* Thunderbird doesn't care at all about the SMTP line length limit, happily sending longer lines
when you quote a 1000-charachter line,
* Postfix happily accepts the too-long-line, passing it as-is to opendkim
* opendkim is unmaintained
> On Aug 26, 2021, at 13:29, Viktor Dukhovni wrote:
>
> On Thu, Aug 26, 2021 at 01:16:25PM -0700, Matt Corallo wrote:
>
>> I’m not particularly worried about congestion on this server, but maybe
>> delay is the wrong warning to focus on - I’d like postmaster no
> On Aug 26, 2021, at 13:09, Viktor Dukhovni wrote:
>
>
>> On 26 Aug 2021, at 4:02 pm, Matt Corallo wrote:
>> I’d like to set an aggressive warning delay but only warn postmaster, not
>> the sender. It appears delay_warning_time is used for both sender-warnings
I’d like to set an aggressive warning delay but only warn postmaster, not the
sender. It appears delay_warning_time is used for both sender-warnings and
notify_classes, so there doesn’t appear to be a way to do this.
On 8/24/21 19:23, Viktor Dukhovni wrote:
On 24 Aug 2021, at 7:58 pm, Matt Corallo wrote:
May be worth mentioning here that, sadly, Postfix does not support MTA-STS
currently.
The one implementation at https://github.com/Snawoot/postfix-mta-sts-resolver/
will reduce security rather than
On 8/18/21 21:44, raf wrote:
They are into MTA-STS instead, as a way to prevent
downgrade attacks against mail servers.
SMTP MTA Strict Transport Security (MTA-STS)
https://tools.ietf.org/html/rfc8461 (Proposed Standard)
But that's all it does (assuming other mail servers are
paying atte
On 8/12/21 14:41, Gerard E. Seibert wrote:
Have you made any attempt to get your IP 'whitelisted' with Microsoft?
Several attempts. If you know of a decent contact I can pursue it further, but even after fighting with their usual
ticket people and getting "mitigation" turned on for the sendin
On 8/12/21 09:37, Wietse Venema wrote:
Matt Corallo:
I tried variations of this but never could get it to work - as far as I could
tell the nexthop is fully resolved by the
time we get to the smtp daemon, so there aren't any relevant settings to
override or otherwise set the default o
ietse Venema wrote:
Matt Corallo:
On 8/11/21 16:52, Wietse Venema wrote:
> If the sender address can override the routing, even if the recipient
> would otherwise be delivered locally, then that would be a recipe
> for mailer loops with the potential for mail explosions. This is
On 8/11/21 16:52, Wietse Venema wrote:
> If the sender address can override the routing, even if the recipient
> would otherwise be delivered locally, then that would be a recipe
> for mailer loops with the potential for mail explosions. This is
> why we have sender_dependent overrides for defa
On 8/11/21 13:54, Viktor Dukhovni wrote:
On 11 Aug 2021, at 11:00 am, Matt Corallo wrote:
Hmm, well I suppose consider this a feature request for
sender_dependent_relay_transport_maps or sender_dependent_transport_maps :)
No such feature fits into a single-key lookup design.
You&#x
Hmm, well I suppose consider this a feature request for
sender_dependent_relay_transport_maps or sender_dependent_transport_maps :)
Matt
> On Aug 10, 2021, at 23:01, Viktor Dukhovni wrote:
>
> On Tue, Aug 10, 2021 at 10:34:52PM -0400, Matt Corallo wrote:
>
>> I have
Oh, and if its possible, is it also possible to specify the original domains as "any domain with an MX of $REGEX"
instead of only "any recipient domain of $REGEX"?
Thanks,
Matt
On 8/10/21 22:34, Matt Corallo wrote:
I have a need to map some destination domains to a specif
I have a need to map some destination domains to a specific smtp nexthop, but need to override that nexthop on a
sender_dependent basis. I've tried a few things and all with no luck:
* transport_maps specifying the nexthop can't be overridden at all, it seems (and doesn't support sender_dependen
Yep, I set it to prefer v6 to test and was only noting that, at least GMail,
doesn't appear to apply stricter policies
around delivery any more (likely modulo your IP's existing reputation).
On 7/21/20 8:06 PM, Viktor Dukhovni wrote:
> On Tue, Jul 21, 2020 at 07:54:55PM -0400, Matt
I believe this is somewhat out of date. Google did, in my understanding,
originally require DKIM and not assign IP
reputation to v6 addresses, but that appears to no longer by the case. I turned
on v6-outbound on my postfix server and
it has had no problems with Gmail (or any other) reachability.
a-sts-resolver, sadly, is
somewhat impractical given restrictions on the
DNS library that is in use.
Matt
On 7/4/20 7:18 PM, Viktor Dukhovni wrote:
> On Sat, Jul 04, 2020 at 05:45:18PM -0400, Viktor Dukhovni wrote:
>
>> On Sat, Jul 04, 2020 at 04:35:01PM -0400, Matt Corallo wrote
eventually :)
Matt
On 7/4/20 4:31 PM, Viktor Dukhovni wrote:
> On Sat, Jul 04, 2020 at 01:20:59PM -0700, Matt Corallo wrote:
>
>> Oh wow, thanks for the numbers. Where did you get those, btw?
>
> https://stats.dnssec-tools.org/
> https://stats.dnssec-tools.org/abou
today it’ll be 2021 at
least (thanks Debian, Redhat, et al).
Matt
> On Jul 4, 2020, at 12:21, Viktor Dukhovni wrote:
>
> On Sat, Jul 04, 2020 at 02:34:15PM -0400, Matt Corallo wrote:
>
>> Thanks for the response, will see if it makes sense to at least disable
>> MTA-STS
Thanks for the response, will see if it makes sense to at least disable MTA-STS
for DANE-enabled domains at
https://github.com/Snawoot/postfix-mta-sts-resolver/issues/67.
On 7/4/20 2:10 PM, Viktor Dukhovni wrote:
> On Sat, Jul 04, 2020 at 01:54:14PM -0400, Matt Corallo wrote:
>
>&
The only reference google appears to find on this list to MTA-STS indicates
that folks should use an external MTA-STS
resolver as a part of smtp_tls_policy_maps (the one by Snawoot on GitHub
appears to be good). Sadly, I don't believe its
possible to properly capture the DANE/MTA-STS interaction
23 matches
Mail list logo
