On 19.05.24 18:06, Kim Sindalsen via Postfix-users wrote:
Can't open log file /var/log/dovecot/error.log: Permission denied )
Isn't this a filepermission-issue (ie. does the dovecot-user have permission
to write to the logfile)?
What is the permissions and user/group on the logfile - what user
Am 19.05.24 um 14:06 schrieb John Fawcett via Postfix-users:
Hi Richard
though probably not relevant to your current issue, one thing to watch out for
with the approach you are using is the value of postfix parameter postfix
mailbox_size_limit. This value applies to all files written by the
Am 18.05.24 um 17:55 schrieb Wietse Venema:
Richard Rosner via Postfix-users:
I have a mailing server setup based on Debian Stable that uses
postfix for IMAP and SMTP and dovecot for internel mail handling,
You mean, Postfix for SMTP, Dovecot for IMAP.
Possible.
like filtering, sorting
to where postfix
will log to (I'm not the one that set up the server, I'm just maintaining it).
Does anyone here know enough about how postfix and dovecot work together to
figure out what the actual issue is and how to stop it from happening?
Best
Richard
_
Should I take out thee always_bcc in main.cf? Would this solution also
allow everything else to be BCC'd? Allsoo what would the line be if
"lists" were not in the domain name. I'm not familliar with the syntax.
Excuse. my ignorance,
Richard
On 3/21/24 8:54 AM, Wietse Vene
x27;T
bcc anything from this particular domain? BTW, the other machine uses
our mail server as a relay, which might make a difference.
Pardon my ignorance,
Richard Raether
Louisiana State University
___
Postfix-users mailing list -- postfix-users@post
In addition, the boss just asked is there a way to restrict the group of
users that can send from that second domain? We are using ldap for
authentication. Please forgive any ignorance on my part.
On 12/19/23 10:22 AM, Noel Jones via Postfix-users wrote:
On 12/19/2023 9:41 AM, Richard Raether
dress
show up as that. Is there a way to do this in postfix?
Any advice would be appreciated.
Richard Raether
Sysadmin
Center for Computation and Technology
Louisiana State University
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubs
but some clearing up of that would
be nice... And, now that I think of it could this be a way to prove which
is guilty of letting the spammers in?
---
I MUST get Dovecot's use of the ports 587 / 993 working again to allow my
outside users to get email again, but HOW THE HELL DO I
about psmtp and how it works, and does anyone know
how I can get these emails properly delivered?
Any advice is welcome.
Thanks,
Richard Raether
Sysadmin
Center for Computation and Technology
Louisiana State University
> Date: Thursday, May 26, 2022 16:14:53 +0200
> From: Maurizio Caloro
>
>> Then why are you asking a non-Postfix question?
>
> Because here I get a useful little possible hint quickly
>
It's not clear whether you are referring to "phpwebadmin", as
referenced in your subject line (a product th
Op 12-04-22 om 14:20 schreef Jaroslaw Rafa:
Dnia 12.04.2022 o godz. 14:07:13 Richard Rasker pisze:
But according to the information supplied, I should also be able to
use smtp.xs4all.nl as a relay host, see
https://www.xs4all.nl/eigenmailserver/ (in Dutch -- and I already
took care of the
Op 11-04-22 om 18:34 schreef Paul van der Vlis:
Hi Richard,
...
Eventually you could use my mailserver as a relayhost.
That is a very friendly offer, but if I do, that would of course only
be temporary, so that I can send e-mail again, and I'd contact you in
advance.
You n
took time to reply,
Best regards,
Richard
Hello Matus, and others,
Op 11-04-22 om 16:17 schreef Matus UHLAR - fantomas:
On 11.04.22 15:38, Richard Rasker wrote:
I've been using Postfix for many years without significant problems.
However, due to a forced change in ISP, I can no longer have a
correct PTR record pointi
nts to the ISP's generic name
77-172-184-9.fixed.kpn.net
Could I solve this by setting smtp_helo_name in main.cf to
77-172-184-9.fixed.kpn.net ? Or is this a bad idea?
Thanks for any suggestions,
Best regards,
Richard
> Date: Thursday, January 13, 2022 11:00:45 +0800
> From: Yamadaえりな
>
> I have got a DSL from the ISP, having a static IP.
> Can I run postfix with this IP for accepting email for my own
> domain?
>
The quick answer is that it depends on whether your ISP has port 25
open (both in an outbound
> Date: Tuesday, January 11, 2022 19:38:05 +0100
> From: "Claus R. Wickinghoff"
>
>> Today I find only a directory listing at www.postfix.org or
>> www.postfix.com
> With http it's working.
>
> With https I get a certificate warning (issued for
> archive.science.uu.nl) and a directory listing.
d-code the number into the
> jq script:
[..]
I did hardcode the number of days in the script. If ever I want to
change the number of days (probably never): it's a oneliner :-)
Thnx!
--
richard lucassen
http://contact.xaq.nl/
t;hold" and .arrival_time <
> > | $too_old) .queue_id
> > | select(test("^\\w+$")) # permit only valid queue-id
> > | syntax
> > ' |
> > postsuper -d - hold
Viktor,
I have run the jq script for a week or so ($days = 5) and it works like
a charm :-)
R.
--
richard lucassen
http://contact.xaq.nl/
s shell script already put me on the jq path, as
I did not know the "-j" JSON output either. The jq-only is the way to
handle this IMHO.
Thnx everyone here!
R.
--
richard lucassen
http://contact.xaq.nl/
On Thu, 28 Oct 2021 12:01:35 +0100
Dominic Raferd wrote:
> I attach a script that can do it.
Thnx, but I did not ask to write one, I'm just too lazy to reinvent the
wheel :)
I will put it to the test anyway :)
--
richard lucassen
http://contact.xaq.nl/
as just wondering if anybody
had written such a script.
--
richard lucassen
http://contact.xaq.nl/
Hello list,
Anyone here who wrote a shell script that deletes messages older than X
days from the hold queue?
R.
--
richard lucassen
http://contact.xaq.nl/
On 25/10/2021 4:11 pm, Thomas Anderson wrote:
The IP it came from was outside my network.
I think it's just a spoofing email. I had not actually seen on, so
that raised my alarm, but I think it's ok. I need to go through and
make sure my SFP and DMARC are sound. I just checked my DKIM couple
> Date: Wednesday, July 07, 2021 16:54:42 -0400
> From: post...@ptld.com
>
> I did read the manual which says:
> "Reject the request when the HELO or EHLO hostname has no DNS A or
> MX record."
>
> Best to my knowledge "DNS A" means IP so the manual does mention IP
> addresses, but then it does
On 2/07/2021 3:54 pm, Maurizio Caloro wrote:
Hello
Searching any Service that offer free any possible MX Backup?
Why do you need a backup MX? Usually MSAs will queue for a while (4 days
seems a common default due to language in the smtp RFCs) or the senders
will get a bounce notice. If you
t instead, but enforcing this
breaks some workflows.
Unless you really want to prohibit that activity, you can't do it at the
server level.
--
Richard Damon
that it
allows other tests to means something.
--
Richard Damon
> Date: Thursday, April 22, 2021 19:26:57 +0200
> From: Claus Assmann
>
> On Thu, Apr 22, 2021, John Levine wrote:
>> Nope, vanilla install on MacOS.
> Not sure what your "vanilla install" is...
>
> Firefox 88.0 on MacOS:
> www.postfix.org
> and
> http://www.postfix.org/
> show the web page ju
ure".
Sorry for the noise...
R.
--
richard lucassen
http://contact.xaq.nl/
On Tue, 13 Apr 2021 20:36:45 +1200
Peter wrote:
> > Yes, but why 1 minute ok, 1 minute errors, 1 minute ok, etc etc?
>
> What's the TTL on the dkim TXT DNS record?
As I said: 3600 sec...
--
richard lucassen
http://contact.xaq.nl/
On Tue, 13 Apr 2021 00:16:42 -0400
Viktor Dukhovni wrote:
> On Mon, Apr 12, 2021 at 07:23:50PM +0200, richard lucassen wrote:
>
> > mail.info: Apr 12 18:01:16 opendkim[13977]: 828FE7F581: s=202103
> > d=example.com SSL error:0407008A:rsa
> > routines:RSA_padding_ch
Or maybe some cache somewhere? DNS is ok, TTL of
DKIM record is 3600. Haystack, needle, but I need to find the haystack
first.
Anyone a hint?
R.
--
richard lucassen
http://contact.xaq.nl/
On Monday, 29 March 2021 9:34:13 AM AEDT Wietse Venema wrote:
...
> Third, look with mtr at the latency pattern. If part of your traffic
> goes over a satellite, of if it is tunneled to some far-away country,
> then you will see a big jump. Unfortunately, mtr does not support
> tcp so you can't do
'crashes' than
the next connection will do some cleanup. Even a fairly short busy wait
should handle these cases most of the time.
--
Richard Damon
> Date: Wednesday, January 27, 2021 19:17:48 -0300
> From: Daniel Armando Rodriguez
>
> Hi
>
> Suddenly I'm facing tons of this messages
>
> ... bayes: cannot open bayes databases
> /home/spamd/.spamassassin/bayes_* R/W: lock failed: File exists
>
> A 'solution' found on the web says disable
> Date: Sunday, January 24, 2021 15:57:18 -0600
> From: "P. Ik."
>
>> On Sun, Jan 24, 2021 at 9:05 AM Matus UHLAR - fantomas
>> wrote:
>>
>>
>> example could explain much.
>>
>> > postconf -n returns:
>>
>> > mynetworks_style = subnet
>>
>> > smtpd_relay_restrictions = permit_mynetworks,
>
> Date: Thursday, January 21, 2021 15:24:10 +0100
> From: "Herbert J. Skuhra"
>
> On Thu, Jan 21, 2021 at 03:15:24PM +0100, Jeff Abrahamson wrote:
>> I've been seeing this error for this one host. My first reaction
>> was that the host was incorrectly configured, but the IP
>> (92.103.176.37)
michael Schumacher wrote:
Joe,
Due to some recent malware (in attachments, obvious stuff) wanted to add AV scanning. I
gather "Amavis-new" is the hot ticket these days,
I deal with Sophos products and would like to use their linux product to do the
scanning. Seems to be precious little on
inting to the list submission address, that way if
someone is using a MUA that doesn't support the 'Reply-To-List' function
and does a Reply-All, it is likely that it will redirect the reply to
the list. (More broken MUAs might still send you a copy, if the ignore
or mishandle Reply-All.)
--
Richard Damon
a
'Reply-to-List' opiton, because of the lack of list headers, but
'Reply-All' will still work.
It just becomes a bit harder to reply back JUST to the list. Your need
Reply-All and then editing the list of recipients.
--
Richard Damon
ing messages without a Message-ID.
>>
> Maybe on smtp, but not on submission. FOr me policy there is completeley
> different
I thought one strategy to handle this was that submission would detect
lack of the message-id header and add one with a proper message-id.
--
Richard Damon
Phil Stracchino wrote:
On 11/13/20 1:22 PM, John Fawcett wrote:
On 13/11/2020 07:38, li...@lazygranch.com wrote:
My server bounced a message. Here is the server log (sanitized).
-
Nov 13 02:07:52 myserver postfix/smtpd[27706]: NOQUEUE: reject: RCPT
from sonic302-23.c
> Date: Wednesday, October 21, 2020 05:26:38 +
> From: Jason Long
>
> For configuration Postfix, is changing "hostname" to something like
> "Mail.example.net" mandatory? For example, my server running Apache
> and I don't like to change its name.
No, but the forward and reverse DNS records
> Date: Sunday, October 18, 2020 16:07:24 -0400
> From: Joey J
>
> Hello all,
>
> I'm trying to understand why this is telling me host not found.
> On that same server if I nslookup the ip it does resolve.
>
> Oct 18 16:00:51 mgw postfix/smtpd[24119]: NOQUEUE: reject: RCPT from
> unknown[199.
> Date: Friday, October 16, 2020 08:02:30 +
> From: Jason Long
>> On Friday, October 16, 2020, 01:13:45 AM GMT+3:30, Richard
>> wrote:
>>
>>
>>> Date: Thursday, October 15, 2020 18:57:29 +
>>> From: Jason Long
>>>
&g
> Date: Thursday, October 15, 2020 18:57:29 +
> From: Jason Long
>
> If the DNS administrator give me an A record then can I sending and
> receiving emails from the Internet by the current configuration?
>
Assuming no MX, if an A-record is set up to point to a machine
(properly configure
> Date: Tuesday, October 13, 2020 15:52:41 +
> From: Jason Long
>
> I can't have MX record because the DNS server have another MX
> record for other mail server. I'm thankful if anyone tell me how
> can I solve my problem without MX record. Is t possible with A
> record?
Either you misstat
> Date: Tuesday, October 13, 2020 12:09:28 +
> From: Jason Long
>
> Hello,
> Can I use Postfix without MX record? I installed Postfix
> and Dovecot via "https://wiki.centos.org/HowTos/postfix"; tutorial
> and I want to know can I use it without MX record?
Yes. Some mail sites, incorrectly,
On Saturday, 10 October 2020 1:59:33 PM AEDT Demi M. Obenour wrote:
> On 10/9/20 9:48 PM, Viktor Dukhovni wrote:
> >> What are the semantics of a From: header with multiple addresses?
> >
> > The message purports to be the work of multiple authors. Such a message
> > is required to have a "Sender
27;null client'
See
http://www.postfix.org/STANDARD_CONFIGURATION_README.html#null_client
for details.
Regards,
Richard
On Fri, 2020-09-25 at 16:37 +0200, Erik Thuning wrote:> Hi!> > I've inherited a server environment where all the servers have local > postfix agents ins
On 30/07/2020 12:47 am, Wietse Venema wrote:
Henry Miller:
Asking user to type in ?_submission._tcp? seems like a poor
workaround. This being Autodiscovery it?d be logical for Postfix
to automagically derive SRV lookup address based on relayhost
setting.
?relayhost = example.com? is an obvious
On 4/26/20 11:47 PM, Peter wrote:
> On 27/04/20 2:02 am, Richard Damon wrote:
>> On 4/26/20 8:15 AM, Peter wrote:
>>> On 27/04/20 12:00 am, Richard Damon wrote:
>>>> Except that if the sender is sending from a domain with an email
>>>> policy
>>>&
ypass the spam filter, no more
problems with the messages in the spam filter. At the same time you can
put the message into a tag, to keep things organized.
--
Richard Damon
On 4/26/20 6:41 PM, Jaroslaw Rafa wrote:
> Dnia 26.04.2020 o godz. 17:00:31 Richard Damon pisze:
>> I have never had GMail ask me to setup DMARC, they will ask you to setup
>> SPF or DKIM as a first step for delivery problems, as letting them
> Did you read https://support.goog
On 4/26/20 3:23 PM, Jaroslaw Rafa wrote:
> Dnia 26.04.2020 o godz. 08:00:56 Richard Damon pisze:
>> This is exactly what DMARC is intended to indicate. Configuring a domain
>> with DMARC says that it is intended that message only be accepted if
>> they come directly fr
On 4/26/20 8:15 AM, Peter wrote:
> On 27/04/20 12:00 am, Richard Damon wrote:
>> Except that if the sender is sending from a domain with an email policy
>> that effectively says, "This domain is intended to send sensitive
>> information, please do not accept messages
designed for things like
Banks to be able to send out messages that the recipients can trust came
from them and not a scammer. (A scammer could fake this out with a
'look-alike' domain, but that leaves a strong back trail to the scammer,
who tend to want to hid in the darkness of the web.
--
Richard Damon
On 23/03/2020 8:55 am, Viktor Dukhovni wrote:
It is best to not modify the message headers at all, which iseffectively what
the Postfix list does (it adds a Sender: header which should not be covered by
the upstream DKIM signature).
I know the Sender header has traditionally been used by mail
t, when you are using a mailing list, the list owner has the right to
decide what gets sent on THEIR mailing list.
--
Richard Damon
Op 29-12-19 om 16:29 schreef Wietse Venema:
Richard Rasker:
So here is a striking difference between the old and the new machine
that I don't understand. Is there a way to figure out which process is
actually dumping the mail in /var/spool/mail? Because if it is still
maildrop, it isn'
Hello,
Op 29-12-19 om 05:18 schreef @lbutlr:
On 28 Dec 2019, at 14:54, Richard Rasker wrote:
Everything went very smooth, and everything works (sending mail, receiving
mail, authentication, certificates, IMAP folders showing in the mail client
(Thunderbird)) -- except for the very last
Hello Wietse,
Op 28-12-19 om 23:54 schreef Wietse Venema:
Richard Rasker:
Yes, I have specified the use of Maildir in main.cf:
home_mailbox = Maildir/
That Postfix setting has no effect on /usr/bin/maildrop, because
/usr/bin/maildrop is NOT part of Postfix.
I figured that much already
/oldstable,now 4.17.2+0.76.3-5+deb9u1 all [installed]
# apt list amavisd-new
Listing... Done
amavisd-new/oldstable,now 1:2.10.1-4 all [installed]
And yes, I want to have the mail for user richard delivered to
/home/richard/Maildir , and for user mary to /home/mary/Maildir and so
forth. It should NOT go
ilbox = Maildir/"
But that doesn't work either.
But thank you for your input, I shall take another good look at the
documentation.
Best regards,
Richard Rasker
ssions, and there's no difference
there either.
Does anyone have a clue? I could provide all configuration files
(main.cf, master.cf), but I'm not sure which ones may be relevant, so I
won't dump it all here right away.
Thanks already for any clues,
Richard
torry not to try
>
SPF does NOT break from a properly configured mailinglist, as SPF
doesn't check just from, but can also use sender/envelope-from, which a
proper mailing-list should set to itself, so SPF will pass.
DMARC/SPF, which only validates to the From: header will break.
--
Richard Damon
the message comes from
doesn't match the From of the message, but with DMARC if EITHER SPF or
DKIM pass, the message is to be considered to pass.
A Domain with strict DMARC, and which doesn't DKIM sign messages, will
fail with any form of remailer, so would fail for this application.
--
Richard Damon
need to be reminded about operating instructions. (This list's
subject matter is fairly technical, so not apt to draw less technically
adept subscribers).
--
Richard Damon
OL (without
informing their users of the consequences), and then them telling
mailing list operators that the mailing lists had to deal with the
damage, as they needed to adopt this for 'reasons'.
--
Richard Damon
leave Yahoo, but unlikely enough to really
matter to them, and might drive more traffic to Yahoo Groups (which at
the time was making them money, and got around the problem because it
was part of Yahoo).
--
Richard Damon
at declared 20% of your legitimate email as spam and
just discarded it. This is not a bad equivalent to the providers using a
method that declares mailinglist using the traditional methods that have
been used for decades as 'forgers'.
--
Richard Damon
ages in a way to break DKIM, so messages
that were DKIM signed to the From: Domain will still pass DMARC DKIM, so
will pass DMARC (unless the domain doesn't DKIM sign messages, which
would be very unusual for highly restricted DMARC).
--
Richard Damon
tions along the way done by the relays does not invalidate who
the author is, so the From should be retain.
Basically, this means that those domains that use DMARC, especially at
the higher levels, should not use those types of relays, which makes
some sense for the original intent of DMARC.
--
Richard Damon
vectors, that they couldn't keep up
with other measures to try and block it. The adoption of DMARC for a
general email provider is basically an acknowledgement that they have
problems maintaining a safe and secure email system. IF they advertise
it as a feature, and explain what it means you can't do, then maybe it
isn't, but if they don't inform you that they are not suitable for many
mailing lists and the like, then likely THEY are the one with a problem.
--
Richard Damon
On 11/21/19 11:47 PM, Wesley Peng wrote:
> Richard Damon wrote:
>> That is a question to ask them. Basically the strict DMARC policy is
>> designed for transactional email, where spoofing is a real danger. The
>> side effect of it is that addresses on such a domain really sh
On 11/21/19 11:21 PM, Wesley Peng wrote:
> Richard Damon wrote:
>> The typical options for the mailing list are
>>
>> 1) Just not allow people from such domains to post to the list (the
>> reject option you mention)
>>
>> 2) Rewrite the from address from peop
sociated
with the sender. It can also make it harder to reply just to the sender.
3) Rewrite the message by wrapping it as an attachment, with the outer
message being from the list. This has the problem that many clients
won't handle the message in a useful manner.
--
Richard Damon
am
> box. Rejecting mail is an extreme measure, see RFC 5321 (7.9):
> "considerable care should be taken and balance maintained if a site
> decides to be selective about the traffic it will accept and process."
>
> Gregory
--
Richard Damon
On Thursday, 7 November 2019 4:23:20 AM AEDT Dominic Raferd wrote:
> ...
> The main problem with DMARC is that some mailing lists (not this one,
> I believe) mess it up, so I would suggest not to use it with
> p=quarantine or p=reject on any domain where users are likely to post
> to mailing lists.
ybe 10-20%)
of ordinary messages that look to be plain text, are base64 encoded, so
reject them if you are willing to lose that much legitimate email. (And
those messages are full according to the RFCs)
--
Richard Damon
blocks 587 or 465 unless they
don't allow you to run servers and just block most server ports.
--
Richard Damon
s likely being the most common)
--
Richard Damon
On Monday, 17 June 2019 7:48:05 PM AEST Chris Pollock wrote:
> Apologies if the subject is vague however I'll attempt to explain
> further. I run a cron job once a day that updates my Spamassassin
> rules. Up until a couple of weeks ago I would get the output of that
> cron job mailed to me. For so
r wrote:
> Thank you so much for your input, Richard. Appreciate.
>
> Hmm.. Right, this is the way I understand it too. However, my first
> rule that matches the header (from field) is skipped for some reason.
> Then the second rule that matches the header (subject field) is
>
t is
> replaced.
>
> man header_checks:
>
> DESCRIPTION
>
> Each message header or message body line is compared against a
> list of
> patterns. When a match is found the corresponding action is
> executed,
> and the matching process is repeated for the next message
> header or
> message body line.
>
> Thus, it stops at the first match. If the Subject line matches first,
> then that rule determines the result.
>
> Wietse
--
Richard Damon
On Tuesday, 28 May 2019 9:19:09 PM AEST an...@ursc.gov.in wrote:
> Dear List,
>
> Lot of SPAM mails are being received where from and to address is
> myself and the mail has contents which are dirty/bad.
>
> The original sender id will be different.
>
> How to handle such mails.
The best way is
On 4/20/19 8:08 AM, Reto wrote:
> On Sat, Apr 20, 2019 at 07:31:06AM -0400, Richard Damon wrote:
>> Where the issue comes is with DMARC, which restricts the DKIM protocol
>> to be aligned with the From line of the message, and thus the MLM can't
>> make the message pass
On 4/19/19 11:22 PM, Bill Cole wrote:
> On 19 Apr 2019, at 22:50, Richard Damon wrote:
>
>> Note also, these RFCs are just Standards Track, which says that they are
>> not yet 'full standards' but still evolving, and I believe that one of
>> the issues that needs
27; but still evolving, and I believe that one of
the issues that needs to be worked out is to figure out how to improve
their interoperability for general emails with traditional mailing lists.
--
Richard Damon
s on mass mailings
that REQUIRE instructions on how to unsubscribe be included in the message)
--
Richard Damon
thorized to send email for that domain. (If they also signed
the message with DKIM, it likely would make it through).
The solution is that when you forward email from domains you don't
control to a domain you don't control, you need to at least re-write the
from address to something you control, otherwise it looks too much like
possible scamming.
--
Richard Damon
would have support for a given number of years, and others have more
limited support (like for only a limited time after any subsequent
release). Make only 1 LTS per year, and then you have 3 years from 3 LTS
releases + 1 most current release.
--
Richard Damon
And what is special about your phone that postfix should use to allow
it, but not other IPs?
--
Richard Damon
iscussed already.
The RBL issue is ISP, not postfix, related (i.e., upgrading your
postfix version wouldn't have changed that).
Regarding no incoming mail ... are you on a static or dynamic IP
assignment?
Have you tried to telnet to port 25 on your server *from outside your
network* to see if/how it responds?
- Richard
s
much more than you need, but once you need things beyond that it shows
its abilities.
--
Richard Damon
On 11/24/18 10:24 AM, André Rodier wrote:
> On 2018-11-24 15:16, Richard Damon wrote:
>> On 11/24/18 9:41 AM, André Rodier wrote:
>>> Hello,
>>>
>>> I have a program (SOGo), installed on my mail server, that send emails
>>> using the
you need any header to enable this support,
just a compliant MUA.
--
Richard Damon
On Friday, 26 October 2018 12:53:48 AM AEDT Scott Kitterman wrote:
> On October 25, 2018 10:56:53 PM UTC, Richard James Salts
wrote:
> >Hi all,
> >
> >This is offtopic in regards to postfix but I bring it up because of the
> >last
> >few emails I've sent to
1 - 100 of 297 matches
Mail list logo
