Peter,
Take a peek inside the CA and cert files using openssl x509 -inform pem -in
[file] -noout -text and use openssl rsa with the same arguments to peek in
the private key, and make sure they contain what you expect they should
contain.
Let us know if you see anything peculiar inside or not.
G
How about a DNS daemon to be used as a blacklist, which is backed by a SQL
DB instead of by zone files? Such as PowerDNS with a SQL backend. Then add
and remove BL entries based on the times you have in mind.
On Thu, Mar 28, 2013 at 1:19 PM, Stan Hoeppner wrote:
> I don't have the thread archived (it's been 8 years or so), so I'm
> guessing here, but IIRC it took at least a half dozen or more emails
> back-forth before I understood this lack or inheritance. Once I did,
> and realized how much I'd have
On Wed, Mar 27, 2013 at 7:20 PM, Noel Jones wrote:
> On 3/27/2013 7:18 PM, Matthew Hall wrote:
>> I altered the restrictions according to the new advice:
>>
>> relay_restrictions - removed
>
> there's no reason to remove the safety net.
I altered the restrictions according to the new advice:
relay_restrictions - removed
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
rejec
On Wed, Mar 27, 2013 at 3:56 PM, Stan Hoeppner wrote:
> It seems pretty clear you need to convert to putting everything under
> smtpd_recipient_restrictions. Makes things a lot easier. I give an
> example of this in the instructions as well. Doing so gives you precise
> control of restriction e
Hello,
I ran into a bit of an issue trying out fqrdns.pcre as recommended
here in this thread. The header in the file recommended adding it into
smtpd_client_restrictions. However if I place it there, I end up
rejecting mail even from SASL authenticated client devices, if they
also match a rule in
Hi Viktor,
On Tue, Mar 19, 2013 at 3:37 PM, Viktor Dukhovni
wrote:
> Fine, but you often don't want reject_unknown_recipient_domain in
> any restrictions. It is not needed for inbound MX hosts, and
> interacts poorly with MUA clients on outbound MSAs. It is only
> useful on outbound relays that
Hello,
I am trying to update my configuration in light of the new
smtpd_relay_restrictions in Postfix 2.10. I did read some threads and
documentation, but I am a bit confused about which reject_* should be in
each rulechain.
I am hoping someone could quickly check my work, and let me know if I'm
