[pfx] Re: Incoming OpenDKIM signature verification failing

On May 10, 2025 5:57:34 PM UTC, Dan Mahoney via Postfix-users wrote: >Mime-version was listed as a signed header but was absent. > >I suspect his header checks cleaned that out. > >Note that having a header listed in the H equals list, but having that header >be absent is legal, but I don’t kn

[pfx] Debian Postfix Maintainer Update

For those of you who care about Debian (and to some extent its derivatives), I'm passing maintainership of the Debian Postfix package to Michael Tokarev. He's been a long term participant in both Debian and the Postfix community. Scott K signature.asc Description: This is a digitally signed me

[pfx] Re: From/Reply-To munging (was Postfix in containers/kubernetes)

On October 18, 2024 3:17:04 PM UTC, Marvin Renich via Postfix-users wrote: >* Wietse Venema via Postfix-users [241018 10:51]: >> The From/Reply-To munging are the result of standard Mailman >> workarounds for DMARC (i.e. to satisfy DKIM and SPF). > >"From:", yes (for SPF, not DKIM I believe).

[pfx] Re: Postfix on Debian 12 (vs exim4)

On October 1, 2024 3:19:42 AM UTC, Crazy Developer via Postfix-users wrote: >Hello > >Long time ago I used Postfix to send automated emails to customers >(Slackware, 10+ years ago), then moved to another job and I stopped using >it. Now I'm working on a local network and just configured a loca

[pfx] Re: New Installation, Old User, Questions

On September 30, 2024 4:00:32 AM UTC, Peter via Postfix-users wrote: >On 30/09/24 10:38, Steve Matzura via Postfix-users wrote: >> 2024-09-29T21:31:27.402601+00:00 tgv24 postfix/error[1775]: B9E5510584F: >> to=, orig_to=, relay=none, >> delay=48744, delays=48594/150/0/0.01, dsn=4.4.1, status

[pfx] Re: email header questions

On August 4, 2024 11:02:30 PM UTC, Corey H via Postfix-users wrote: >Authentication-Results: mxi-2.vivaldi.net; > dkim=pass (2048-bit key; unprotected) header.d=xx.eu.org > header.i=@xx.eu.org header.a=rsa-sha256 header.s=xx header.b=doqA0zf0; > dkim-atps=neutral > >for the DKIM h

[pfx] Re: Postfix and reproducible builds

On Monday, July 22, 2024 12:51:33 PM EDT Wietse Venema via Postfix-users wrote: > Scott Kitterman via Postfix-users: > > On a possibly related note, recent versions of man now produce a stack of > > warnings for postconf.f (this is the first one, there are 244, one for > > eac

[pfx] Re: Postfix and reproducible builds

On Sunday, July 21, 2024 1:21:47 PM EDT Wietse Venema via Postfix-users wrote: > Scott Kitterman via Postfix-users: > > Unfortunately, I got distracted from reporting back on this again. > > Sorting > > AUXLIBS is also needed to make things reproducible: > >

[pfx] Re: Postfix and reproducible builds

' | sed 's/^/# /' | sort echo "# shared=$shared" echo "# dynamicmaps=$dynamicmaps" echo "# pie=$pie" It would be great if you could apply this in a future release. Thanks, Scott K On Tuesday, January 30, 2024 9:14:09 AM EDT Wietse Venema via Postfix-users w

[pfx] Re: Cyrus SASL summary

On Friday, July 5, 2024 4:00:59 AM EDT Viktor Dukhovni via Postfix-users wrote: > On Thu, Jul 04, 2024 at 05:01:41PM -, John Levine via Postfix-users > wrote: > > > OK, I'll invent a user. Perhaps if we can get Scott to undo the control > > file move he can add a sasl user at the same time.

[pfx] Re: spf and Permerror

x-users pisze: >> >> natan via Postfix-users escribió el 27/06/2024 a las 15:48: >>> W dniu 27.06.2024 o 15:39, Scott Kitterman via Postfix-users pisze: >>> Hi Scott >>> Jun 27 15:39:06 MX policyd-spf[3729]: prepend Received-SPF: Permerror >>>

[pfx] Re: Cyrus SASL summary

On July 5, 2024 3:03:58 PM UTC, Viktor Dukhovni via Postfix-users wrote: >On Fri, Jul 05, 2024 at 08:45:49AM -0400, Scott Kitterman via Postfix-users >wrote: > >> > Note, "undo" isn't quite what I'm suggesting, rather I hope Debian will >> >

[pfx] Re: Cyrus SASL summary

On Friday, July 5, 2024 4:00:59 AM EDT Viktor Dukhovni via Postfix-users wrote: > On Thu, Jul 04, 2024 at 05:01:41PM -, John Levine via Postfix-users > wrote: > > > OK, I'll invent a user. Perhaps if we can get Scott to undo the control > > file move he can add a sasl user at the same time.

[pfx] Re: spf and Permerror

On June 27, 2024 1:30:37 PM UTC, natan via Postfix-users wrote: >Hi >I have a strange problem with SPF and I honestly don't know what to pay >attention to > >What is a Permerror in SPF >In log i get: > >Jun 27 15:09:11 MX policyd-spf[57158]: prepend Received-SPF: Permerror >(mailfrom) identit

[pfx] Re: SPF format question

On June 9, 2024 12:17:38 PM UTC, Jeff Peng via Postfix-users wrote: >Hello > >If I have a mx server: mx.host.com whose ip is 1.2.3.4. > >The domain.com who use this mx server may have the following SPF. > >v=spf1 mx ~all >v=spf1 ip4:1.2.3.4 ~all >v=spf1 a:mx.host.com ~all >v=spf1 mx:domain.com

[pfx] Re: dmarc domain question

On June 2, 2024 3:05:58 PM UTC, Jaroslaw Rafa via Postfix-users wrote: >Dnia 2.06.2024 o godz. 07:19:38 Jeff P via Postfix-users pisze: >> >> I am using a subdomain xxx.eu.org for sending email. >> Though I have not set a dmarc for xxx.eu.org, but gmail says DMARC pass. >> So i checked that

[pfx] Re: long header folding and DKIM fails

On April 29, 2024 9:27:20 PM UTC, Steffen Nurpmeso via Postfix-users wrote: >Tim Coote via Postfix-users wrote in > : > |Thanks very much for the detailed response. My original issue was why \ > |dkim signatures were failing on some emails from email lists when arriving \ > |at my Postfix based

[pfx] Re: Postfix stable release 3.9.0

On Thursday, March 7, 2024 12:09:51 PM EDT Wietse Venema via Postfix-users wrote: > Postfix stable release 3.9.0 is available. Postfix 3.5 - 3.8 were > updated earlier this week; after that, Postfix 3.5 will no longer > be updated. > > The main changes are below. See the RELEASE_NOTES file for fu

[pfx] Re: Milter multiline header formatting

in a CRLF as real whitespace. >The email i just sent was accepted by Google, this one should also >wrap, and we see what this software does (rspamd is it i think). > >So it seems to me, without having looked what OpenDKIM does, and >maybe i should explicitly Cc: Scott Kitterman for

[pfx] Re: problem to add, alias failed

On Tuesday, January 30, 2024 1:57:18 PM EST Maurizio Caloro via Postfix-users wrote: > if adding a new user with postfixadmin 3.3.8 or with cli this will run > without problem. > > > > GRANT ALL PRIVILEGES ON mailserver.* TO markus@'domain.com > ' IDENTIFIED BY > '**

[pfx] Re: Postfix and reproducible builds

I expected the same, but our CI test for reproducibility passed without it. I was surprised. Hopefully I'm about to learn something. Scott K On January 30, 2024 4:00:59 PM UTC, Matus UHLAR - fantomas via Postfix-users wrote: >On 30.01.24 10:12, Scott Kitterman via Postfix-users wrot

[pfx] Re: Postfix and reproducible builds

It looks to me like it does fix it. Thanks, Scott K On Tuesday, January 30, 2024 9:14:09 AM EST Wietse Venema via Postfix-users wrote: > Scott Kitterman via Postfix-users: > > In case anyone is unfamiliar, you can read about reproducible builds here: > > reproducible-builds.

[pfx] Postfix and reproducible builds

In case anyone is unfamiliar, you can read about reproducible builds here: reproducible-builds.org It looks like Postfix as shipped is very close to being reproducible. We got positive results on reproducibility with the patch below added. Is this something you could include in a future relea

[pfx] Re: postfix repo

On January 16, 2024 3:11:37 AM UTC, Peter via Postfix-users wrote: >On 12/01/24 04:08, Wietse Venema via Postfix-users wrote: >> Viktor Dukhovni via Postfix-users: >>> On Thu, Jan 11, 2024 at 03:53:35PM +0100, natan via Postfix-users wrote: Hi Wietse Have you thought about postfix repo fo

[pfx] Re: postfix repo

On January 11, 2024 2:53:35 PM UTC, natan via Postfix-users wrote: >Hi Wietse Have you thought about postfix repo for Debian, just like dovecot >has for his relase ? > >I'm asking by the way Current postfix updates for supported Debian releases are available through Debian: https://lists.d

[pfx] Re: SMTP Smuggling, workarounds and fix

On December 30, 2023 3:17:52 PM UTC, "Håkon Alstadheim via Postfix-users" wrote: >Just FYI, I got postfix 3.7.9-0+deb12u1 from bookworm-updates (i.e. Debian) >today. > For those still using Debian Bullseye (oldstable), postfix 3.5.23-0+deb11u1 is also available from bullseye-updates. Both of

[pfx] Re: sasl_passwd hash

Cyrus SASL mailing lists can be found here: https://cyrus.topicbox.com/groups Scott K On December 17, 2023 1:45:02 PM UTC, "saunders.nicholas--- via Postfix-users" wrote: >Would you be able to point me to anyone there, or a contact? > >I'm not seeing any contact information. > >thanks, > >Nick

[pfx] Re: Milter own Postfix-prepended Received

On December 10, 2023 3:54:13 PM UTC, Carlos Velasco via Postfix-users wrote: > >Wietse Venema via Postfix-users escribió el 10/12/2023 a las 15:53: >> Carlos Velasco via Postfix-users: >>> 2. Duplicated SMTP Access Policy Delegation >>> This issue is related to headers too. >>> I'm using pypoli

[pfx] Re: Recommendation for dkim signing

On November 6, 2023 12:39:35 PM UTC, Scott Kitterman via Postfix-users wrote: > > >On November 6, 2023 10:51:06 AM UTC, Patrick Ben Koetter via Postfix-users > wrote: >>* Jens Hoffrichter via Postfix-users : >>> Hi! >>> >>> We are looking

[pfx] Re: Recommendation for dkim signing

On November 6, 2023 10:51:06 AM UTC, Patrick Ben Koetter via Postfix-users wrote: >* Jens Hoffrichter via Postfix-users : >> Hi! >> >> We are looking into implementing DKIM signing for one of our services, >> and there are multiple ways to implement that. >> >> So far I have found that you ca

[pfx] Re: Recommendation for dkim signing

On November 2, 2023 10:18:38 AM UTC, Jaroslaw Rafa via Postfix-users wrote: >Dnia 2.11.2023 o godz. 09:42:01 Matus UHLAR - fantomas via Postfix-users >pisze: >> (once more: DKIM applies on header From:, SPF on envelope from:). > >And DMARC requires that both be identical (actually, from the

[pfx] Re: Recommendation for dkim signing

the former is > IIRC no longer actively maintained. Note, though have similar > configuration formats, they're not quite identical. Where the > OpenDKIM signers file wants: > > domain keyname > > the opendkimpy-milter wants: > > *@domainkeyname >

[pfx] Re: Typo in man postconf ("Postix")

On July 3, 2023 10:04:05 PM UTC, Viktor Dukhovni via Postfix-users wrote: >On Mon, Jul 03, 2023 at 09:52:28PM +0000, Scott Kitterman via Postfix-users >wrote: > >> >Should I ask WTF BTS? >> >> Bug Tracking System. No. > >I see... The Postfix project does

[pfx] Re: Typo in man postconf ("Postix")

On July 3, 2023 9:43:39 PM UTC, Viktor Dukhovni via Postfix-users wrote: >On Tue, Jul 04, 2023 at 06:19:26AM +1000, Trent W. Buck via Postfix-users >wrote: > >> master:postfix/proto/postconf.proto:6450: This feature is available in >> Postix 2.10 and later. >> master:postfix/proto/stop:1185

[pfx] Re: Is it possible in postfix spf policy to utilize multiple action=prepend to add multiple headers?

On June 19, 2023 9:44:59 PM UTC, Viktor Dukhovni via Postfix-users wrote: >On Mon, Jun 19, 2023 at 09:12:29PM +, Anton Hvornum via Postfix-users >wrote: > >> Yea found libmilter, appears to have some python bindings too. > >You don't need to go that far down the stack. Try the "Milter" p

[pfx] Re: [pfx]: DKIM and DMARC

On May 16, 2023 1:20:53 PM UTC, Ralf Hildebrandt via Postfix-users wrote: >* Scott Kitterman via Postfix-users : > >> DKIM has no policy mechanism associated with it, so there's no basis in any >> standardized mechanism to determine if a DKIM failure should be caus

[pfx] Re: DKIM and DMARC

On May 16, 2023 12:16:21 PM UTC, Tom Reed via Postfix-users wrote: >Hello list, > >Should we reject failed message on DKIM validation stage, or DMARC >validation stage, or both? No and it depends. DKIM has no policy mechanism associated with it, so there's no basis in any standardized mecha

[pfx] Re: DKIM questions

On Tuesday, April 25, 2023 2:12:23 PM EDT Ken Peng via Postfix-users wrote: > Hello > > Can the domain certificates sign its sub domain? > For example, mail.a.com was signed by certs of a.com. > If so, does this make sense to DMRC of mail.a.com? Yes. If I understand the second question correctly

[pfx] Re: SPF: HELO does not publish an SPF Record

On April 12, 2023 2:00:01 PM UTC, Steffen Nurpmeso via Postfix-users wrote: >Matus UHLAR - fantomas wrote in > : > |On 12.04.23 12:41, Fourhundred Thecat via Postfix-users wrote: > ... > |>Does it mean that I should either: > |> > |> 1) create SPF record for mail.mydomain.com > ... > |I would

[pfx] Re: Question to reject_rbl_client zen.spamhaus.org

On April 10, 2023 4:52:04 AM UTC, tom--- via Postfix-users wrote: >On 2023-04-10 12:39, Peter via Postfix-users wrote: >> On 10/04/23 14:21, tom--- via Postfix-users wrote: >>> I have resolved the issue by: >>> >>> 1. install unbound as dns resolver locally >> >> This is good. >> >>> 2. chan

[pfx] Re: simple content filter for outgoing message

On April 6, 2023 11:39:10 AM UTC, Corey Hickman via Postfix-users wrote: >Hello buddies, > >I just want to make some simple filters for outgoing messages. >for example, the message content has some keywords (like "VPN sale") included, >it will be rejected by the system. > >I know there are th

[pfx] Re: [P-U] Re: New List Host and Reply-to Header

On March 24, 2023 10:50:35 PM UTC, raf via Postfix-users wrote: >On Fri, Mar 10, 2023 at 09:11:58AM +1300, Peter via Postfix-users > wrote: > >> * Don't add a Reply-To:. I actually question if this is really needed as we >> likely want replies to go to the list the vast majority of time anyw

[pfx] Re: MySQL error from not all the receiver

On Sunday, March 12, 2023 7:02:41 PM EDT Gerald Galster via Postfix-users wrote: > > unfortunately I don't know this topic, but I'm really willing to study. > > Please do you have any documentation on this? > Sorry, I can't recommend an up to date howto. Perhaps other list members can > help. > >

[pfx] Re: milter: could it splice (, somehow)?

On March 11, 2023 6:05:52 PM UTC, Steffen Nurpmeso via Postfix-users wrote: >postfix-users@postfix.org wrote in > : > |On Sat, Mar 11, 2023 at 01:54:01AM +0100, Steffen Nurpmeso via Postfix-u\ > |sers wrote: > | > |> - sign the entire message as for now, > | > |You're confusing the message and

[pfx] Re: [P-U] Re: New List Host and Reply-to Header

On Friday, March 10, 2023 7:04:30 AM EST Patrick Ben Koetter via Postfix-users wrote: > * Gerald Galster via Postfix-users : > > > >>> This list uses Mailman configuration settings, not handcrafted code. > > >>> If people believe that it is worthwhile to change the Mailman > > >>> implementation

[pfx] Re: [P-U] Re: Postfix lists are migrating to a new list server

On Wednesday, March 8, 2023 1:52:47 AM EST Patrick Ben Koetter via Postfix- users wrote: > * Scott Kitterman via Postfix-users : > > ... > > > > For Debian, if someone can find/test patches, I can get them into Debian's > > package. I assume other distributors a

[P-U] Re: Postfix lists are migrating to a new list server

On March 7, 2023 11:37:53 PM UTC, Phil Stracchino via Postfix-users wrote: >On 3/7/23 15:28, John Stoffel via Postfix-users wrote: >>> "mailmary---" == mailmary--- via Postfix-users >>> writes: >> >>> Unfortunately I've seen this crash as well, its actually quite >>> frequent in my

Re: Postfix with opendkim generates "ssl error"

On February 11, 2023 3:41:06 PM UTC, nj140...@yahoo.com wrote: >Trying to send an email from n...@complete-web-solutions.com on the >host sv9.complete-web-solutions.com results in the following messages >in mail.log: >... >But opendkim seems correctly configured because the command: >opendkim-t

Re: SPF fail and domain fail, why?

On January 17, 2023 2:25:34 AM UTC, raf wrote: >On Mon, Jan 16, 2023 at 08:01:10PM +0100, Maurizio Caloro >wrote: > >> Hello >> >> Please one more thing about Opendmarc, if send any email to any where >> i see in log SPF fail, domain.ch fail ? >> >> Jan 16 19:43:39 nmail opendkim[16490]: B6

Re: postfix/pickup question

On January 16, 2023 2:13:42 PM UTC, Wietse Venema wrote: >Maurizio Caloro: >> The option that was cause: >> -failurereports >> -failureReportssendby emailaddress > >DO NOT run milters as the 'postfix' user. Only Postfix programs >should use that userid. FYI, Since this appears to be a Deb

Re: after update - postfix turble with %i

Sending again with the right address. Scott K On January 11, 2023 7:02:58 PM UTC, Scott Kitterman wrote: >This is related to Debian specific packaging scripts, not upstream Postfix. >Please file a bug in the Debian Bug Tracking System (BTS) and we'll work on it >there. > &

Re: warning: disabling connection caching

On December 20, 2022 11:40:02 AM UTC, Fourhundred Thecat <400the...@gmx.ch> wrote: >> On 2022-12-20 12:13, Wietse Venema wrote: >> Fourhundred Thecat: >> >>> Also, if I wanted to test scache, how can I trigger it? >>> >>> If I send one email to multiple email addresses on same domain, will >>

Re: Is it possible to rewrite the envelop from address for all mail that's being relayed?

On December 5, 2022 4:19:21 PM UTC, Sean Hennessey wrote: >I'm curios if it's possible to set up postfix to rewrite the envelop from >address for all email the instance is relaying? I'm doing some research and >want to force the envelop from to be a known value that I know will pass spf >ch

Re: How do check DKIM and SPF on incoming email?

On November 20, 2022 11:47:02 PM UTC, raf wrote: >On Sun, Nov 20, 2022 at 03:29:33PM +0100, Matus UHLAR - fantomas > wrote: > >> > On 16/11/2022 11:45, Matus UHLAR - fantomas wrote: >> > > I use: >> > > spf-milter (the same source as policyd-spf-python) >> > > opendkim >> > > openarc >> > > op

Re: SPF questions

On November 18, 2022 3:04:44 AM UTC, linux...@gmx.net wrote: >Dear List, > >I have enabled policyd-spf in postfix: > >smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, >reject_unauth_destination, check_policy_service unix:private/policyd-spf > > >but can you help that

Re: Issue routing mail

On Sunday, November 13, 2022 7:26:25 PM EST David wrote: > Folks > I'm noticing that two installations of Postfix: > version 3.4.13-0ubuntu1.2) on Ubuntu 20.04.5 > version 3.6.4-1ubuntu1 on Ubuntu 22.04.1 > are both failing to use the MX value for outgoing > mail. Specifically, sending mail to

Re: policyd-spf error

On October 31, 2022 8:12:08 AM UTC, Forums wrote: >Hello, > >Since this morning I can receive email, whitout doing something on my server. > >In maillog I can see the following errors: > > >2022-10-31 08:59:37 >postfix/smtpd[6632]: NOQUEUE: reject: RCPT from fr-srvcomm[192.168.1.170]: 451 >4.3

Re: Postfix+SASL chrooted - out of ideas (SASL_README tweak)

On June 3, 2022 3:20:31 PM UTC, Viktor Dukhovni wrote: >On Fri, Jun 03, 2022 at 09:27:15AM -0400, Viktor Dukhovni wrote: >> On Fri, Jun 03, 2022 at 11:09:08AM +0200, Matus UHLAR - fantomas wrote: >> >> > >Also can you "apt-get source postfix", and post a link to the tarball? >> > >> > this w

Re: Postfix+SASL chrooted - out of ideas (SASL_README tweak)

On June 1, 2022 10:38:55 PM UTC, raf wrote: >On Wed, Jun 01, 2022 at 03:56:02PM +1200, Peter wrote: > >> On 30/05/22 2:48 pm, raf wrote: >> > > If set >> > > +empty (the default value) the search path is the one compiled into the >> > > +Cyrus SASL library. >> > >> > I don't think that's en

Re: postfix-policyd-spf-python

On May 13, 2022 12:14:38 PM UTC, Alex wrote: >> >> Not sure if this is the right place to post the question concerning >> >> postfix-policyd-spf-python but I can't seem to find any working links >> >> for the openspf project. >> >> >> > >> >You should start here, >> > >> > https://launchpad.ne

Re: postfix-policyd-spf-python

On May 12, 2022 9:12:44 PM UTC, Michael Orlitzky wrote: >On Thu, 2022-05-12 at 21:03 +, Dino Edwards wrote: >> Hi, >> >> Not sure if this is the right place to post the question concerning >> postfix-policyd-spf-python but I can't seem to find any working links >> for the openspf project.

Re: postfix-policyd-spf-python

On May 12, 2022 9:03:32 PM UTC, Dino Edwards wrote: >Hi, > >Not sure if this is the right place to post the question concerning >postfix-policyd-spf-python but I can't seem to find any working links for the >openspf project. > >Our postfix-policyd-spf-python server recently rejected an e-mai

Re: PATCH: Postfix throws fatal errors when milter is not found

On Wednesday, April 6, 2022 3:09:52 AM EDT Christian Degenkolb wrote: > Hi, > > On 2022-04-04 21:11, Wietse Venema wrote: > > christ...@degenkolb.net: > >> How high is the possibility this will, on success, land in a future > >> release of postfix so I one day I can stop the "build postfix in a >

Re: SPF and policyd

On Sunday, February 20, 2022 10:26:56 AM EST Alex wrote: > Hi, I'm using the SPF policyd service recommended here some time ago. > I hoped I could ask some questions about how it works since it doesn't > appear to have any other direct support avenues available. > > I'm trying to understand the fo

Re: Received-SPF: Temperror

On Sunday, February 6, 2022 7:28:22 AM EST Matus UHLAR - fantomas wrote: > >The spf.py script seems to take the first nameserver only, and whet it > >gets no response generates the Tempfail error. > > That's bad SW design. If one nameserver returns fail, you should try > another one. It's an iss

Re: Received-SPF: Temperror

On Saturday, February 5, 2022 11:36:40 AM EST Fourhundred Thecat wrote: > > On 2022-02-05 16:00, Scott Kitterman wrote: > > On Saturday, February 5, 2022 8:48:22 AM EST Fourhundred Thecat wrote: > >> policyd-spf: prepend Received-SPF: Temperror (mailfrom) > >>

Re: Received-SPF: Temperror

On Saturday, February 5, 2022 8:48:22 AM EST Fourhundred Thecat wrote: > Hello, > > I am using python3-spf and I am getting following error from one host > trying to deliver email: > >policyd-spf: prepend Received-SPF: Temperror (mailfrom) > identity=mailfrom; client-ip=77.75.76.210; helo=mxd

Re: Multi-instance and outbound fails SPF

On Friday, February 4, 2022 3:14:29 PM EST Wietse Venema wrote: > Alex: > > Hi, > > I have a multi-instance postfix config and am trying to figure out why > > Microsoft 365 is marking my email from the outbound instance as SPF > > softfail. > > > > I am trying to send mail from my gmail account to

Re: Postfix "fatal: daemon initialization failure"

On January 26, 2022 4:57:09 PM UTC, Laura Smith wrote: >Good news, I found the cause of of the problem. > >I was using interface aliases to permit different postfix instances. > >However these were configured in the traditional/legacy manner using >/etc/network/interfaces. > >It seems that al

Re: How to filter email (DKIM) without keeping the message in memory and without writing it to disc twice?

On Saturday, January 15, 2022 8:08:51 PM EST Robert Siemer wrote: > > > Conceptually DKIM needs to go over the email twice: once to calculate > > > and sign the checksum and once to write it out with the result of the > > > previous step in the headers.¹ > > > > Prepending a header does not requir

Re: Received-SPF: Softfail

On Monday, January 10, 2022 11:00:43 PM EST Fourhundred Thecat wrote: > Hello, > > is it safe to ban senders that generate SPF Softfail ? > >policyd-spf: prepend Received-SPF: Softfail > > I have pasted full header here: https://ctxt.io/2/AABg5vIYEw > > What I am asking is, are there situat

Use of CIDR with mynetworks tables

Last one on my postfix bug triage pile for today: A Debian user complained that using CIDR notation in hash tables for mynetworks doesn't work. Of course it doesn't. I found discussions about this going back a long time [1], which suggests to me that the documentation might be improved to mak

Re: Possible issue when user has single space as comment

On Monday, January 3, 2022 10:24:07 AM EST Wietse Venema wrote: > Scott Kitterman: > > I have been remiss in forwarding this bug report, thinking I would get > > time to build a concise test case. It keeps not happening, so here you > > go. > > > > A Debian

Possible issue when user has single space as comment

I have been remiss in forwarding this bug report, thinking I would get time to build a concise test case. It keeps not happening, so here you go. A Debian user reported [1] a problem where their cleanup process was killed by signal 11 during local mail injection: Aug 06 16:57:30 amilcar postfi

Re: message_size_limit documentation

On Thursday, December 23, 2021 3:51:57 PM EST Wietse Venema wrote: > Scott Kitterman: > > Currently, postconf.5 has this to say about message_size_limit: > > > > message_size_limit (default: 1024) > > > > The maximal size in bytes of a message, inclu

message_size_limit documentation

Currently, postconf.5 has this to say about message_size_limit: message_size_limit (default: 1024) The maximal size in bytes of a message, including envelope information. Note: be careful when making changes. Excessively small values will result in the loss of non-delivery notificat

Re: postconf outputs 2 bounce_notice_recipient lines

On Wednesday, December 22, 2021 11:00:12 AM EST Wietse Venema wrote: > Scott Kitterman: > > > > Any chance of the glibc-2.34 fix being in there too? We haven't > > > > switched, so not a rush directly for Debian, but some of our > > > >

Re: postconf outputs 2 bounce_notice_recipient lines

On Wednesday, December 22, 2021 9:35:20 AM EST Wietse Venema wrote: > Scott Kitterman: > > >> I was just reviewing the 3.7 development changelog and didn't see > > >> 2025 > > >> listed. Is this fix still planned? > > > > > >The f

Re: postconf outputs 2 bounce_notice_recipient lines

On December 22, 2021 2:34:22 AM UTC, Wietse Venema wrote: >Scott Kitterman: >> On Monday, November 15, 2021 9:03:32 AM EST wrote: >> > Vincent Lefevre: >> > > Under Debian, after the postfix upgrade from 3.5.6 to 3.5.13, >> > > postconf now outpu

Re: postconf outputs 2 bounce_notice_recipient lines

On Monday, November 15, 2021 9:03:32 AM EST wrote: > Vincent Lefevre: > > Under Debian, after the postfix upgrade from 3.5.6 to 3.5.13, > > postconf now outputs duplicate bounce_notice_recipient lines: > > > > zira:~> postconf | grep '^bounce_notice_recipient' > > bounce_notice_recipient = postma

Re: what's best guess record for SPF

On December 10, 2021 4:32:50 AM UTC, raf wrote: >On Tue, Dec 07, 2021 at 07:55:54PM +0800, Piper H wrote: > >> I sent an email from my t-online.de account to gmail. >> Gmail shows SPF pass by best guessing: >> >> Received-SPF: pass (google.com: best guess record for domain of >> x...@t-online

Re: Newbie question - main.cf.proto

On December 6, 2021 8:18:11 PM UTC, Herndon Elliott wrote: >I am just getting started with trying to install postifx and get it running >on a single Ubuntu 18.04 server. The documentation talks at length about >changes to be made in "/etc/postfix/main.cf" file, but there is no such >file in m

Re: mail-to-script messages id and from lines

On Tuesday, November 23, 2021 6:16:43 PM EST Wietse Venema wrote: > J?rgen Weber: > > From webe...@host.my.tld Sun Nov 21 19:11:19 2021 > > Return-Path: > > X-Original-To: maild@my.virtual > > Delivered-To: ma...@host.my.tld > > Received: by host.my.tld (Postfix, from userid 1001) > > id D3DFD783

Re: PCRE2 Support

On November 21, 2021 10:50:24 PM UTC, Wietse Venema wrote: >Wietse Venema: >> Scott Kitterman: >> > The original PCRE library that Postfix uses is no longer maintained: >> > >> > https://pcre.org/ >> > >> > It's been repla

PCRE2 Support

The original PCRE library that Postfix uses is no longer maintained: https://pcre.org/ It's been replaced by PCRE2, which has a notably different API, so Postfix PCRE support would need porting. I've looked and it's beyond my limited skills. Is there any chance of getting this updated for Pos

Re: heads up: dkimpy-milter signing breaks w/ python 3.10 (e.g., @ fedora 45 -> 35 upgrade)

On November 2, 2021 8:18:54 PM UTC, PGNet Dev wrote: > >i've reported the bug here, > > python 3.10 incompat, exec FAILs @ "SystemError: PY_SSIZE_T_CLEAN macro must > be defined for '#' formats" > https://bugs.launchpad.net/dkimpy-milter/+bug/1949520 > >fwiw, python 3.9 still works as expec

Re: will this break DMARC?

On August 13, 2021 12:05:44 PM UTC, post...@ptld.com wrote: >Raf, >Im confused by this, i thought as long as either dkim or spf passes then >dmarc passes. But i still see dmarc fails. > > Envelope-From: dovecot-boun...@dovecot.org > Header From: some...@netcourrier.com > > DKIM: bad signa

Re: postfix error shown in mail.log

On July 28, 2021 2:58:21 PM UTC, Viktor Dukhovni wrote: >If the postfix-files file does not reflect the content delivered by >the package, you would typically see errors running "postfix check". >Either the package should deliver all the files expected upstream, >or the "postfix-files" file sh

Re: postfix error shown in mail.log

On July 26, 2021 8:59:00 AM UTC, Vincent Lefevre wrote: >On 2021-07-24 09:29:04 +1000, raf wrote: >> On Fri, Jul 23, 2021 at 04:13:00PM +0200, Jean-François Bachelet >> wrote: >> >> > Hello ^^) >> > >> > I found that error in mail.log, at each start postfix issue that error : >> > >> > 'Ju

Re: Postfix - Check SPF for outgoing email

On Monday, February 1, 2021 4:32:21 AM EST Jonathan Sélea wrote: > Hi everyone, > > We currently have a webhosting-environment with many websites. Those > websites is capable of sending email (obviously) via the local SMTP > function. > But sometimes, some of the websites is compromised and used t

Re: lmd support -- available as an 'add on', or just 'compiled in'?

On July 6, 2020 6:01:28 PM UTC, Viktor Dukhovni wrote: >On Mon, Jul 06, 2020 at 10:13:11AM -0700, PGNet Dev wrote: > >> I build/use Postfix with LMDB. Works great. >> >> Looking at distro packages, don't alway find LMDB support compiled >in. >> >> I can certainly rebuild my own, but wanted

Re: setup issue -- debian /ubuntu 16.04.1 "bad string length 0 < 1: setgid_group ="

On Wednesday, June 17, 2020 12:39:06 AM EDT Bob Proulx wrote: > It resulted in this configuration entry. > > root@turmoil:~# postconf relayhost > relayhost = smtp.proulx.com:587 > > And so it is possible to use that Debian specific installation > option. Any more details here should be o

Re: setup issue -- debian /ubuntu 16.04.1 "bad string length 0 < 1: setgid_group ="

On Tuesday, June 16, 2020 11:36:27 PM EDT Gary Aitken wrote: > It is using default mail port, 25; I need port 465 or 587 because it's my > understanding google blocks everything on port 25. > During the setup, I was not (I don't think) given the option of specifying > smtps or the port. There's no

Re: The historical roots of our computer terms

On Sunday, June 7, 2020 2:03:18 PM EDT vi...@vheuser.com wrote: > Why not take it off this list and contact the developers? > Users can't make small changes. > Enough already. This list is the appropriate place for users to contact Postfix developers. You may not have noticed but the creator of

Re: setup issue -- debian /ubuntu 16.04.1 "bad string length 0 < 1: setgid_group ="

On Sunday, May 31, 2020 4:31:23 PM EDT Gary Aitken wrote: > On 5/31/20 11:34 AM, Matus UHLAR - fantomas wrote: > >> I'm new to postfix and trying to administer a debian > >> google-compute box, also new to me (coming from fbsd). So lots of > >> opportunities for learning... > >> > >> I modified /

Re: Uninstalling postgrey

On Monday, May 25, 2020 10:26:56 PM EDT Ian Evans wrote: > On Mon, May 25, 2020 at 3:35 PM Ian Evans wrote: > > On Mon, May 25, 2020 at 4:09 AM Matus UHLAR - fantomas > > > > wrote: > >> On 24.05.20 21:04, Ian Evans wrote: > >> >Based on another thread here, I want to move to using > >> > >> po

Re: "SSL_Shutdown:shutdown while in init" while sending and receiving

On Thursday, May 14, 2020 1:40:38 AM EDT Viktor Dukhovni wrote: > On Wed, May 13, 2020 at 10:01:24PM -0700, Alexander Vasarab wrote: > > May 13 21:56:38 vasaconsulting postfix/smtpd[25599]: tls_bio: > > hsfunc=(nil), rfunc=0x7f310ef36dd0, wfunc=(nil), SSL_get_error(36) = 0 > > May 13 21:56:38 vasac

Re: why DMARC PASS even SPF got failed

On Tuesday, April 28, 2020 8:17:54 AM EDT Matus UHLAR - fantomas wrote: > >>Scott Kitterman wrote: > >>> Yes. If either passes and the relevant identifier is aligned, DMARC > >>> passes. > > > >On April 28, 2020 9:29:59 AM UTC, Philip wrote: > >

Re: why DMARC PASS even SPF got failed

On April 28, 2020 9:29:59 AM UTC, Philip wrote: >Scott Kitterman wrote: >> Yes. If either passes and the relevant identifier is aligned, DMARC >passes. > >Scott, I have another question. >Given the case there is no DKIM signed in original message, when >forwarding MT

Re: why DMARC PASS even SPF got failed

On April 28, 2020 9:20:01 AM UTC, Philip wrote: >Scott Kitterman wrote: >> I predict you won't find this a satisfying answer, but the rest of >RFC 7489. >> >> Instead of quoting bits of various web sites and how-to's back and >forth, l think it makes sens

  1   2   3   4   >