* Peter via Postfix-users [2023-05-03 07:45]:
> On 28/04/23 03:59, Sebastian Wiesinger via Postfix-users wrote:
> > Hi everyone,
> >
> > I'm not sure if I'm missing something but I can't find out why my
> > body_checks doesn't catch all the
* Sebastian Wiesinger [2023-04-27 17:59]:
> root@alita:/etc/postfix# postmap -q - regexp:/etc/postfix/body_checks.pcre
> Message-ID:
> reject SPAM backscatter with forged domain name in Message-ID header
And of course I ran into my own filter when I got the mail back
Hi everyone,
I'm not sure if I'm missing something but I can't find out why my
body_checks doesn't catch all the backscatter I'm getting right now.
I've it configured like this:
root@alita:/etc/postfix# postconf -n body_checks
body_checks = pcre:$config_directory/body_checks.pcre
root@alita:/e
* Matus UHLAR - fantomas [2020-12-04 15:08]:
> > El vie, 4 dic 2020 a las 2:15, Viktor Dukhovni
> > () escribió:
> > > Is there a compelling reason to run a stripped-down (and typically not
> > > adequately standards-conformant) DNS resolvers on a mail server?
>
> On 04.12.20 08:41, Sergio Belkin
* Sebastian Wiesinger [2017-03-08 15:53]:
> * Robert Schetterer [2017-03-05 21:00]:
> > Microsofts info mail ( arrived fast today )
> > said that my hetzner Ip will whitelisted , but only for small
> > amount of mail until it has a "good" score and it is not a ge
* Robert Schetterer [2017-03-05 21:00]:
> Microsofts info mail ( arrived fast today )
> said that my hetzner Ip will whitelisted , but only for small
> amount of mail until it has a "good" score and it is not a general
> antispam whitelisting.
>
> They recommend to get part of
> Junk E-Mail Repor
* Sebastian Wiesinger [2015-09-25 12:55]:
> * Wietse Venema [2015-09-18 15:51]:
> > Majordomo uses the following: Reply-To: (most preferred), From:,
> > and Apparently-From: (least preferred). It does not use Sender:.
> > The list manager runs on someone elses system. I woul
* Wietse Venema [2015-09-10 15:00]:
> Sebastian Wiesinger:
> > Hello,
> >
> > a while ago I changed my mail configuration for mailinglists. I have
> > individual mail addresses for every mailing list and the configuration
> > now looks like this:
> >
&g
Hello,
a while ago I changed my mail configuration for mailinglists. I have
individual mail addresses for every mailing list and the configuration
now looks like this:
From: Sebastian Wiesinger
Sender: postfix-us...@ml.karotte.org
This has the advantage that off-list answers go to my main
* joh...@fastmail.com [2015-09-09 03:03]:
> Ken
>
> On Tue, Sep 8, 2015, at 05:49 PM, Ken Peng wrote:
> > How about Spamassassin? we have been using it for a long time.
>
> And how are you integrating it into Postfix. That was my question
> not whether to use Spamassassin. I kindof decided on
* Noel Jones [2014-10-24 00:36]:
> > I tried to implement this by using a check_recipient_access pcre_table
> > like this:
> >
> > /etc/postfix# cat recipient_access.pcre
> > /^postfix-reject-address@.+$/ REJECT
> >
>
> This must match the recipient address as sent by the client and
> logged
* Sebastian Wiesinger [2014-10-23 21:54]:
> Hello,
>
> I have a few users that insist on using catch-all domains. Not
> surprising they get spam to some address. Now they're asking if they
> can reject mail for *some* of the addresses of the catch-all domain.
>
&g
Hello,
I have a few users that insist on using catch-all domains. Not
surprising they get spam to some address. Now they're asking if they
can reject mail for *some* of the addresses of the catch-all domain.
They can create aliases themselves via postfixadmin and they want to
do this the same way
Hello,
the documentation states:
The milter_header_checks mechanism could also be used for
whitelisting. For example it could be used to skip heavy content
inspection for DKIM-signed mail from known friendly domains.
I want to do that for mail that passes DMARC checks (with 2.11.2 DMARC
became
* Wietse Venema [2014-10-01 19:03]:
> Sebastian Wiesinger:
> > Hello,
> >
> > as I see/understand it, a check_client_access lookup that returns
> > PERMIT will skip over the rest of smtpd_client_restrictions but WILL
> > still run the checks in the other sm
Hello,
as I see/understand it, a check_client_access lookup that returns
PERMIT will skip over the rest of smtpd_client_restrictions but WILL
still run the checks in the other smtpd_*_restrictions classes, right?
I can't find that information in the SMTPD_ACCESS_README or other
documents. (I can'
* Wietse Venema [2014-07-15 19:33]:
> Proudly presenting Postfix SMTPUTF8 support! Below is text from
> the RELEASE_NOTES file for postfix-2.12-20140715, to be uploaded
> later today.
Aaand Google has announced that it will support this for GMail:
http://googleblog.blogspot.com/2014/08/a-first-s
* Wietse Venema [2014-05-08 23:36]:
> Sebastian Wiesinger:
> > Hello,
> >
> > I have some users that forward their mail to GMAIL. This is
> > implemented with virtual alias maps. So postfix forwards:
> >
> > u...@example.com -> example.u...@gmail.com
&
Hello,
I have some users that forward their mail to GMAIL. This is
implemented with virtual alias maps. So postfix forwards:
u...@example.com -> example.u...@gmail.com
The problem is when SPAM mails get through all the postfix defences
and get forwarded to GMAIL. GMAIL does some body checks and
* Viktor Dukhovni [2014-05-08 02:09]:
> On Thu, May 08, 2014 at 01:14:09AM +0200, Sebastian Wiesinger wrote:
>
> > I published TLS DANE Records for my mailserver and now I am wondering
> > if there is a way to verify that these records are okay/matching the
> > cert. Is t
Hello,
I published TLS DANE Records for my mailserver and now I am wondering
if there is a way to verify that these records are okay/matching the
cert. Is there a tool/site where I can test this? I suppose it would
be possible with the right openssl s_client commands but I can't
figure them out. T
* Robert Schetterer [2014-01-16 12:42]:
> Am 16.01.2014 12:13, schrieb Sebastian Wiesinger:
> > Hello,
> >
> > currently I'm running the distributed postfix version under Debian
> > Stable (currently 2.9.6-2). I would like to switch to the current 2.11
> >
Hello,
currently I'm running the distributed postfix version under Debian
Stable (currently 2.9.6-2). I would like to switch to the current 2.11
version to try out DANE and other new features.
Has anyone got the current version packaged for Debian Stable (I was
unable to find one online) or does
* BONNET, Frank [2013-10-24 17:54]:
> Hello
>
> Continuing on my "secured" email server graal I would like to test SMTP +
> TLS exchange of emails
>
> the volume will be very low for testing purpose only and I will be the only
> user when I will suceeded to setup my server :-)
>
> My eternal gr
* Viktor Dukhovni [2013-08-24 05:27]:
>
> > I just did, here is the PCAP:
> >
> > http://www.karotte.org/smtp-gmx.pcap
>
> The client sends an "internal error" alert. It is not clear what
> problem it is encountering. The server elects:
>
> Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_
* Viktor Dukhovni [2013-08-20 16:51]:
> > I found the problem... In addition to my normal certificate, I had an
> > EC certificate.
> >
> > smtpd_tls_eccert_file=/etc/postfix/certs/cacert-karotte-ec.crt
>
> Though I think OpenSSL will generally detect attempts to configure
> a public key (certif
* DTNX Postmaster [2013-08-20 12:57]:
> Self-signed, 2048 bits certificate from our own root. Picks the same cipher
> and TLS version as in Heiko's example, it seems. Perhaps it's your
> certificate, perhaps your Postfix settings? No odd overrides for the defaults
> anywhere, forced cipher suit
* Heiko Wundram [2013-08-20 12:09]:
> Still delivers fine for me (and my mail-server) running Postfix 2.10.1:
>
> Received: from mout.web.de (mout.web.de [212.227.15.3])
> (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA (128/128 bits))
> (No client certificate requested)
> by ma
Hello,
GMX and web.de started an initiative for secure E-Mail made in
Germany... they turned TLS on.
But in addition to that bold move the did something else that causes
the following errors when they try to send mail to my postfix:
postfix/smtpd[28706]: connect from mout.web.de[212.227.15.14]
p
* Wietse Venema [2013-05-31 22:57]:
> After the confusion that Postfix 2.10 is not Postfix 2.1, maybe it
> is time to change the release numbering scheme.
Okay, perhaps this is a European view, but I never confused Postfix
2.1 with 2.10. Perhaps because here it would be 2,1 and 2,10 if they
were
* tobi [2012-08-07 18:46]:
> Hi list,
Sorry list, hi Tobi:
I wanted to tell you that your DNSSEC for brain-force.ch is broken so
resolvers which validate DNSSEC will not be able to resolve your
domain (and so I can't send you mails directly). You might want to fix
this.
http://dnsviz.net/d/bra
* Stan Hoeppner [2012-07-30 14:35]:
> On 7/29/2012 6:57 PM, Engin qwert wrote:
>
> > Actually it is not router. It is only BPL modem. After Static IP hiring the
> > ISP send me an email how to configure the server with this IP addresses
> > information. The 10.138.9.201 internal IP address sele
* Wietse Venema [2012-04-04 01:22]:
> To soft-reject unknown recipients in selected domains, in mail from
> clients outside the local network, request defer_if_reject at the end
> of smtpd_recipient_restrictions:
>
> /etc/postfix/main.cf:
> smtpd_recipient_restrictions =
> permit_mynetw
Hello,
I have a setup with handles a few virtual domains. For one domain only
I want mails not to be rejected with an 5xx error code but be deferred
with a 4xx error code. Is that possible?
Regards
Sebastian
--
GPG Key: 0x93A0B9CE (F4F6 B1A3 866B 26E9 450A 9D82 58A2 D94A 93A0 B9CE)
'Are you D
* /dev/rob0 [2011-12-14 17:58]:
> I use "postfix-587" (and "postfix-465") because it's shorter and
> contains the "postfix" string which helps to isolate Postfix logging
> from other mail facility logs. "grep postfix maillog", et c. More
> correct, and still meeting that need, would be "postfix
* Wietse Venema [2011-12-14 17:34]:
> Sebastian Wiesinger:
> > Hi,
> >
> > is there a way (in the logs) to see which port a client connects to? I
> > can't find that information at the moment.
>
> Give each SMTP server its own syslog_name optio
Hi,
is there a way (in the logs) to see which port a client connects to? I
can't find that information at the moment.
I'm interested to know if a client is using the smtp, ssmtp or
submission port to connect.
Thanks
Sebastian
--
New GPG Key: 0x93A0B9CE (F4F6 B1A3 866B 26E9 450A 9D82 58A2 D94
* Wietse Venema [2011-12-09 13:47]:
> A quick search shows that trivial-rewrite server has no "fatal"
> errors - it reports all errors that it can detect to the client (in
> this case smtpd(8)).
>
> However there is one low-level library module (match_ops) that
> exits the program with a "fatal"
* Wietse Venema [2011-12-09 01:01]:
> > And that is where I disagree. IMHO a mailsystem should respond with a
> > temporary error if it is experiencing a temporary error (like a lookup
> > table not being availabe) not simply hang there and do.. nothing.
>
> We know that. What are you going to do
* lst_ho...@kwsoft.de [2011-12-08 14:46]:
> >And I had hoped that perhaps this would be an improvement to postfix.
> >Sadly it seems it was some kind of blasphemy to question the way
> >postfix does handle this stuff.
>
> No, it means until now no one needs this so important to step up
> with cod
* Wietse Venema [2011-12-08 13:09]:
> Sebastian Wiesinger:
> > I really would like to know if it is not possible to have a temporary
> > error when trivial-rewrite fails to access the MySQL database. I don't
> > see any apparent reason for it. If there is one I would l
* Wietse Venema [2011-12-07 17:20]:
> Yes it was. I point the attention to the RIGHT problem, which is
> fixing the suboptimal configuration that does domain queries from
> SQL.
Hi,
with all due respect but for me the important thing at the moment
would be to understand why it works the way it w
* Sahil Tandon [2011-12-06 01:54]:
> > that's not really an option for me, I need these lists in MySQL. It
> > seems I have to live with it and make MySQL as stable as possible.
>
> Is your list of virtual mailbox domains that large or dynamic that it
> must be only in SQL? Note that you can sti
* Sahil Tandon [2011-12-05 03:24]:
> > I'm using Postfix with MySQL via proxy:mysql maps. The documentation
> > states that mails should get deferred if no mysql server is reachable.
> >
> > However when I shut down MySQL, SMTP transaction freeze after I enter
> > the "MAIL FROM:<...>" statement.
Hi,
I'm using Postfix with MySQL via proxy:mysql maps. The documentation
states that mails should get deferred if no mysql server is reachable.
However when I shut down MySQL, SMTP transaction freeze after I enter
the "MAIL FROM:<...>" statement.
Any ideas how I can change that? There seems to b
45 matches
Mail list logo