[pfx] Re: 25 years today

2023-12-14 Thread Voytek Eymont via Postfix-users
Thank you Wietse, Viktor and others on Postfix team for your work and support offered! Thanks, Rodney, for telling me about Postfix all those years ago! Thank you to all on this ml for putting up with my often (usually?) ignorant queries! Hope to be around for at least some part of next 25 yea

Re: relay home postfix on dynamic ip to postfix server?

2011-05-10 Thread Voytek Eymont
On Tue, May 10, 2011 10:56 pm, lst_ho...@kwsoft.de wrote: > Zitat von Voytek Eymont : > Unfortunately you excluded the only recommended solution. Either use > Postfix client side authentication if you like it more complex use > certificate based relaying or don't use Postfix at

multiple servers head office/branch office

2011-05-10 Thread Voytek Eymont
can someone suggest some good docs/howtos on setting up 'multiple' (two) Postfix servers for single domain. scenario: company has office in AUS and Asia; mail server is hosted in AUS, all interoffice Asia mail goes via AUS server, would like a local LAN mail server in Asia office for interoffice

relay home postfix on dynamic ip to postfix server?

2011-05-10 Thread Voytek Eymont
I have Postfix 2.3.3 on a Centos behind NAT on home ADSL, ISP blocks outbound 25, this is just for occasional casual use, I set it up to ISP SMTP with 'relayhost = [mail.bigpond.com]' I also have a Postfix server on internet what's the best way to relay from home ADSL NAT server through my own Po

Re: rejecting long subject strings with pcre header checks

2011-04-28 Thread Voytek Eymont
On Fri, April 29, 2011 4:15 pm, Voytek Eymont wrote: > #grep "{40}/" header_checks > /^Subject: +[^[:space:]]{40}/ REJECT no spaces in subject > > > but I'm having a couple issues: and I'm still getting some, is this that they

rejecting long subject strings with pcre header checks

2011-04-28 Thread Voytek Eymont
I've followed the recent advice as I'm also getting a lot of these_long_subjects_emails_with_crap_in_them: -- * Noel Jones wrote : > On 4/27/2011 6:17 AM, Troy Piggins wrote: > >Hi there. I'm noticing lately most of the spam that gets through my > >postgrey/postfix/amavis/spamassas

anonymous TLS query

2011-04-09 Thread Voytek Eymont
I'm trying to setup smtp auth with Dovecot's sasl, I'm getting this in the log: what does 'Anonymous TLS connection' mean: is it as connection is set up prior to user authentication, is that what it is ? (or do I have a problem...?) also, the 'certificate verification failed': is it as I do no

Re: Rev DNS not match SMTP Banner, will it bite me ?

2011-04-09 Thread Voytek Eymont
On Sat, April 9, 2011 10:58 pm, Wietse Venema wrote: >> is that going to cause me problems in the future ? Wietse, thanks > Assuming that the Postfix machine is behind a NAT of some kind: NO, the machine is main mail server with public IP > myhostname: use the name of the internal IP addres

Rev DNS not match SMTP Banner, will it bite me ?

2011-04-08 Thread Voytek Eymont
I'm setting up a mail server on a virtual server smtp banner is set to myhost.mydomain reverse dns resolves to the data centre IP address is that going to cause me problems in the future ? - mxtoolbox: OK - 111.111.222.333 resolves to server.domain.tld Warning - Reverse DNS does n

mysql lookup on another host performance q?

2011-04-08 Thread Voytek Eymont
I have a small*1 Postfix server with virtual users/domains in MySQL on same host service is now being transferred to a new machine, with postfix on one host, mysql on another host I've set it up like so with 'proxy:mysql'*2 to the mysql machine : seems to work OK, but I'm concerned about possibl

Re: SASL generic failure, recreating smtp.postfix ?

2011-04-06 Thread Voytek Eymont
On Wed, April 6, 2011 11:14 pm, Jerry wrote: > Output from "postconf -n". Please do not send your main.cf file, or > 500+ lines of postconf output. Jerry, thanks: http://sbt.net.au/db/postfinger.txt http://sbt.net.au/db/saslfinger_c.txt http://sbt.net.au/db/saslfinger_s.txt http://sbt.net.au/d

Re: SASL generic failure, recreating smtp.postfix ?

2011-04-06 Thread Voytek Eymont
On Wed, April 6, 2011 10:48 pm, Reinaldo de Carvalho wrote: > On Wed, Apr 6, 2011 at 9:41 AM, Voytek Eymont wrote: > Postix can't connect to saslauthd socket. If smtpd is in the jail the > default path is /var/spool/postfix/var/run/saslauthd/mux. Saslauthd daemon > must be s

SASL generic failure, recreating smtp.postfix ?

2011-04-06 Thread Voytek Eymont
ahem, I inadvertently (but successfully) deleted /etc/pam.d/smtp.postfix, and, I'm trying to recreate it: I'm getting 'generic failure' as below how can I troubleshoot what am I missing ? pam.d]# cat smtp.postfix auth required pam_mysql.so user=postfix passwd=xxx host=127.0.0.1 db=postfix table

Re: migrating postfix setup to new server ?

2011-03-31 Thread Voytek Eymont
On Thu, March 31, 2011 12:35 am, Wietse Venema wrote: >> what the proper (easiest?) way to migrate current setup to the new >> server ? > > 1) Study the RELEASE_NOTES file and look for any incompatible > changes that may affect your configuration. Wietse, thanks this seems a slightly different

migrating postfix setup to new server ?

2011-03-30 Thread Voytek Eymont
I have a mail server on Centos with Postfix 2.4.5 mysql smtp-auth amavisd-new policyd postfixadmin 2.1 courier-imap, runs pretty well since install I need to transfer the mail server service to a new server running Ubuntu, it came with Postfix 2.7.0 what the proper (easiest?) way to migrate curre

Re: removed virtual domain, still get local delivery

2011-03-17 Thread Voytek Eymont
On Thu, March 17, 2011 4:14 pm, Bjørn Ruberg wrote: > Your own initial post should give you a hint: > "I have postfix 2.4.5 with several virtual domains in mysql/postfixadmin" Bjørn, thanks hmmm, I thought disabling domain in postfixadmin should, well, disable it apparently, it didn't, or perh

Re: removed virtual domain, still get local delivery

2011-03-16 Thread Voytek Eymont
On Thu, March 17, 2011 12:28 am, Nikolaos Milas wrote: > On 16/3/2011 3:22 μμ, Voytek Eymont wrote: >> I have postfix 2.4.5 with several virtual domains in mysql/postfixadmin >> one of the hosted virtual domains moved off the mail server >> > If you have virtual alias

removed virtual domain, still get local delivery

2011-03-16 Thread Voytek Eymont
I have postfix 2.4.5 with several virtual domains in mysql/postfixadmin one of the hosted virtual domains moved off the mail server I've deleted domain and users in postfixadmin, but, when I try to email an address at the 'removed' domain it still is trying to do local lookup/delivery: -

Re: [OT] Proftpd trojaned source download

2010-12-02 Thread Voytek Eymont
On Thu, December 2, 2010 7:20 am, lst_ho...@kwsoft.de wrote: > They have corrected it, the "infected" source for download is > replaced, but no warning at all for the ones who already downloaded and now > using the trojaned version... > > Not very encouraging to use Proftpd. Andreas, fwiw, I go

Re: [OFF-TOPIC] Does 2.7 RPM Work on RHEL 6?

2010-11-11 Thread Voytek Eymont
On Fri, November 12, 2010 6:16 am, Carlos Mennens wrote: > On Thu, Nov 11, 2010 at 2:07 PM, Victor Duchovni > wrote: > This would be no problem except I've never attempted this before and > just did some searching on the web for tutorials I can follow since I don't > have any experience and hone

Re: ot: iphone setup for smtp-auth self certified

2010-11-09 Thread Voytek Eymont
On Tue, November 9, 2010 11:35 am, Larry Stone wrote: > On 11/8/10 5:07 PM, Voytek Eymont at li...@sbt.net.au wrote: > There are plenty of instructions out there; try searching for "iphone > install certificate". But in short, e-mail the certificate to your iphone > and

Re: ot: iphone setup for smtp-auth self certified

2010-11-08 Thread Voytek Eymont
On Tue, November 9, 2010 11:35 am, Larry Stone wrote: > There are plenty of instructions out there; try searching for "iphone > install certificate". But in short, e-mail the certificate to your iphone > and then double-"click" it just like opening any other attachment. The > iPhone will then ope

ot: iphone setup for smtp-auth self certified

2010-11-08 Thread Voytek Eymont
I was asked 'how to setup iphone with our postix smtp-auth self-issued certificate server' does anyone have any instructions for iphone that they would share ? I don't have an iphone to explore, I borrowed an iphone, tried it myself, it appears to be self-configuring, as after 2 or three tries, I

Re: log analyzing: is target host attempting to verify sender

2010-04-14 Thread Voytek Eymont
On Wed, April 14, 2010 12:19 am, lst_ho...@kwsoft.de wrote: > Zitat von Voytek Eymont : > Sending mail with a invalid envelope from address is not a option > (anymore). Everyone how cares about reliable delivery must use a valid > mail-from, anything other is crap and will be tre

Re: lost connection with yahoo servers

2010-04-14 Thread Voytek Eymont
On Wed, April 14, 2010 9:00 am, mouss wrote: > Voytek Eymont a écrit : >> Apr 13 20:35:27 postfix/qmgr[3973]: 777DAB446E8: >> from=, size=7709303, nrcpt=13 (queue active) > > so you're sending mail to yahoo with a google sender address? you must be > very optimisti

lost connection with yahoo servers

2010-04-13 Thread Voytek Eymont
I seem to be having problems delivering emails to yahoo, how can I troubleshoot this ? mailq: ... 777DAB446E8 7709303 Fri Apr 9 12:15:32 a...@googlemail.com (lost connection with e.mx.mail.yahoo.com[67.195.168.230] while sending end of data -- message may be sent more than once)

log analyzing: is target host attempting to verify sender

2010-04-13 Thread Voytek Eymont
I just see a number of these entries: Apr 13 20:45:37 postfix/smtp[31121]: D1F8DB4491F: to=, relay=mail4.barnet.com.au[202.83.178.125]:25, delay=54911, delays=54902/0.04/5.4/3.9, dsn=4.1.7, status=deferred (host mail4.barnet.com.au[202.83.178.125] said: 450 4.1.7 : Sender address rejected: unverif

ot: spf bounce on forwarded email

2010-04-05 Thread Voytek Eymont
I have a virtual mail domain that as of recently started using their parent organization email addresses, not on this server, rather than the addresses on domain on this server. I've set up a number of aliases to redirect emails to the desired new addresses on a remote server, that seemed to work

Re: Client host rejected: sender address does not match client hostname

2010-04-05 Thread Voytek Eymont
On Tue, April 6, 2010 4:22 am, Noel Jones wrote: >>> Apr 5 11:03:31 postfix/smtpd[31021]: NOQUEUE: reject: RCPT from >>> fep06.mfe.bur.connect.com.au[203.63.86.26]: 554 5.7.1 >>> : Client host rejected: >>> sender address does not match client hostname; from= >>> to= proto=ESMTP >>> helo= >

Client host rejected: sender address does not match client hostname

2010-04-05 Thread Voytek Eymont
I just noticed this in the logs, which might be from a valid sender to a valid user on this server: Apr 5 11:03:31 postfix/smtpd[31021]: NOQUEUE: reject: RCPT from fep06.mfe.bur.connect.com.au[203.63.86.26]: 554 5.7.1 : Client host rejected: sender address does not match client hostname; from= t

Re: message_size_limit vs virtual_mailbox_limit

2010-03-31 Thread Voytek Eymont
On Thu, April 1, 2010 1:31 am, Noel Jones wrote: > On 3/31/2010 6:37 AM, Voytek Eymont wrote: > "no limit" is usually a bad choice; unexpected things can happen. > Better choices include > - set virtual_mailbox_limit to some large value you don't ever > expect t

message_size_limit vs virtual_mailbox_limit

2010-03-31 Thread Voytek Eymont
I currently have in main.cf like: message_size_limit = 1024 and virtual_mailbox_limit = 1024 so, if I want to increase it, I need also increase virtual_mailbox_limit to at least same as message_size_limit can I just use message_size_limit = value, and, don't worry about virtual_mailbox_l

Re: Directing SPAM mail to a Junk Folder

2010-03-26 Thread Voytek Eymont
On Fri, March 26, 2010 9:51 am, /dev/rob0 wrote: > On Fri, Mar 26, 2010 at 08:26:33AM +1100, Voytek Eymont wrote: > >> so, if I was to create a mail user 'voytek+spam' in the database, >> '+spam' mail would end up in voytek+spam mail user maildir ? >

Re: Directing SPAM mail to a Junk Folder

2010-03-25 Thread Voytek Eymont
On Fri, March 26, 2010 2:29 am, /dev/rob0 wrote: Rob0, > Amavisd-new can also use a recipient_delimiter and change the > localpart "user" to "user+spam". See amavisd-new documentation to learn how > to activate this feature. > Postfix virtual(8) can handle this differently by using a different >

Re: TLS Parameter Confusion

2010-03-23 Thread Voytek Eymont
On Wed, March 24, 2010 5:32 am, Victor Duchovni wrote: > Disable SASL authentication for un-encrypted connections. > Don't confuse SASL authentication (username/password typicall to verify > submission access rights) with session encryption (prevent passive wiretap > of session). > SASL and SSL a

Re: overriding bl rejections: recipient_no_checks ?

2010-03-21 Thread Voytek Eymont
> alternatively, use dnswl.org (see www.dnswl.org on how to use it with > postfix) just before DNSBL checks. mouss, thanks smtpd_recipient_restrictions = ... check_sender_access hash:/etc/postfix/freemail_access, check_recipient_access pcre:/etc/postfix/recipient_checks.pcre, check_helo_

overriding bl rejections: recipient_no_checks ?

2010-03-20 Thread Voytek Eymont
I have a user getting rejects from several valid senders based on ix.dnsbl.manitu.net blacklist, like: NOQUEUE: reject: RCPT from smtpout6.poczta.onet.pl[213.180.147.166]: 554 5.7.1 Service unavailable; Client host [213.180.147.166] blocked using ix.dnsbl.manitu.net; Spam sent to the mailhost rela

ot: opinions about NiX Spam

2010-03-20 Thread Voytek Eymont
one of the blacklist I use it is ix.dnsbl.manitu.net to my knowledge, it has been OK since I've set it up, with no known complaints what is the user's opinions on it's usefulness ? just in the last two days one user had several valid emails rejected based on NiX Spam bl by the time I looked at

ot: Postconf's spamrep_byuser for logs older than yesterday

2010-03-18 Thread Voytek Eymont
I use Postconf's spamrep_byuser to generate daily, well, spam reports by user, that works very well, (thank you folks at Postconf) however, I just got asked for spam rep 'how far back can you go?' so, basically, I'd like to process all maillogs, around one month worth, for a particular user. is

Re: deleting particular msgs

2010-03-09 Thread Voytek Eymont
On Wed, March 10, 2010 5:12 am, Jay G. Scott wrote: > i see the postqueue command, but i also have stuff that looks inside the > message for particular things i must stop going out. postqueue won't show > me that stuff. so, is there a way to pillage the queued files? look for pfqueue, it migh

Re: SMTP AUTH not subjected to unnecessary check?

2010-03-04 Thread Voytek Eymont
On Fri, March 5, 2010 11:29 am, mouss wrote: > Voytek Eymont a écrit : > > there is no evidence in your config that auth'ed mail gets a different > ticket than other mail. > > the recommended way is to enable "submission" (port 587) and configure > clients to

SMTP AUTH not subjected to unnecessary check?

2010-03-04 Thread Voytek Eymont
I have Postfix with SMTP AUTH with self issued certificate, it all works well (as long as I don't touch it..) I have now "allowed" some users to use SMTP AUTH, but, some of their mail then gets evaluated as 'spam' by amavisd/spamassasin scores, amongst these, 'dynamic ip' type scores am I correc

SMTP AUTH not subjected to unnecessary check?

2010-03-03 Thread Voytek Eymont
I have Postfix with SMTP AUTH with self issued certificate, it all works well (as long as I don't touch it..) I have now "allowed" some users to use SMTP AUTH, but, some of their mail then gets evaluated as 'spam' by amavisd/spamassasin scores, amongst these, 'dynamic ip' type scores am I correct

ot: providing a copy of private certificate to mail clients ?

2010-03-03 Thread Voytek Eymont
I have Postfix with SMTP AUTH with self issued certificate, all works well when a remote Outlook or Thunderbird attempts to use it, it get's a dialogue like; 'security certificate can not be verified' what file(s) do I need to provide to remote mail clients to suppress the warning ? do I simply

Re: Block messages from *.mydomain.dom

2009-08-26 Thread Voytek Eymont
On Wed, August 26, 2009 5:49 am, ghe wrote: > I've done this by declaring my own internal domain names: slsware.dmz > and .lan in the 192.168 1918 IP block and adding them to mynetworks. Then I > just reject all mail from my .com domain by putting "check_helo_access > hash:/etc/postfix/helo_check

RE: Postfix-2.6.0 RPM

2009-05-18 Thread Voytek Eymont
On Tue, May 19, 2009 6:41 am, Dan Horne wrote: >> >> I'll see if I can make some time to build some 2.6 rpms, but am likely >> to respond more if there are people who show an interest in these rpms I >> build. >> > [DH] +1 for interest. I have begun building mail servers on multiple > VPS's usin

Re: header check for '.com' blocks non-exec with url in file name

2009-02-25 Thread Voytek Eymont
On Thu, February 26, 2009 10:31 am, LuKreme wrote: > First off, i think you want mime_header_checks > main.cf: > mime_header_checks = pcre:$config_directory/mime_headers.pcre LuKreme, thanks. ahem, what else might be worthwile to put into mime header check ? single rule mime header check seem

header check for '.com' blocks non-exec with url in file name

2009-02-25 Thread Voytek Eymont
I have a header check meant to discard '.com' executables as follows [1]: however, undesired operation was just reported[2]: is there a way to 'improve' the expression to only block file names ending in .com, how ? or is there a better solution ? [1]# grep hc2 * header_checks:/^Content-(Disposi

Re: Blocking Phishing emails

2009-01-25 Thread Voytek Eymont
On Sat, January 24, 2009 1:39 am, Noel Jones wrote: > reject_unknown_reverse_client_hostname reject_rbl_client zen.spamhaus.org > {a greylisting policy service} Noel, is that a good place to add reject_unknown_reverse_client_hostname ? smtpd_recipient_restrictions = permit_sasl_authenticated

Re: Updated RBL's & spam fighting

2008-10-03 Thread Voytek Eymont
On Sat, October 4, 2008 1:03 am, Ralf Hildebrandt wrote: > That's STILL smtp rejection - he was thinking of using it from e.g. > SpamAssassin. But I personally think that dsn.rfc-ignorant.org is safe > for smtp rejection :) thanks, Ralf (after all, it was your suggestion from http://www.rfc-ig

Re: Updated RBL's & spam fighting

2008-10-03 Thread Voytek Eymont
On Fri, October 3, 2008 11:36 pm, mouss wrote: > Voytek Eymont wrote: > rfci is not safe for smtp rejection. It is not intended for such use. mouss, thanks so, should be like this ? smtpd_sender_restrictions = reject_rhsbl_sender dsn.rfc-ignorant.org >> blocked using dul.dns

Re: Updated RBL's & spam fighting

2008-10-03 Thread Voytek Eymont
On Fri, October 3, 2008 11:07 pm, Udo Rader wrote: > Joey schrieb: > >> I use in this order the following: we use these: blocked using bl.spamcop.net (total: 491) blocked using combined.njabl.org (total: 77) blocked using dsn.rfc-ignorant.org (total: 368) blocked using dul.dnsbl

transferring one vdomain away, aliases Q

2008-09-29 Thread Voytek Eymont
I currently have several virtual mail domains with various users/aliases; some mail addresses are aliased like: [EMAIL PROTECTED] > [EMAIL PROTECTED] that all works fine, BUT, mail server for domainAAA.tld is going to be transferred away from here to msexchange server at users' own location, and,

Re: mail stuck in mailq q

2008-08-13 Thread Voytek Eymont
On Mon, August 11, 2008 11:50 am, Sahil Tandon wrote: >> name=meriden.nsw.edu.au type=MX: Host not found, try again) > > Figure out why there was/is a name service error for that hostname. Sahil, thanks again: the data centre *used* to run the target dns, but, no longer do, *and*, havent' remov

Selinux Postfix rpm problems

2008-08-13 Thread Voytek Eymont
I have installed a new Centos 5.2 server, with Centos's Postfix as a default MTA; I then built and installed a Postfix rpm using Simon Mudd's srpm as: postfix-2.5.2-1.pcre.mysql.sasl2.rhel5.i386.rpm but, I get these Selinux issues as per log entries below: what's the best way of setting this up?

Re: mail stuck in mailq q

2008-08-12 Thread Voytek Eymont
On Mon, August 11, 2008 11:50 am, Sahil Tandon wrote: >> # mailq >> -Queue ID- --Size-- Arrival Time -Sender/Recipient--- >> 119B8B44871 2035 Tue Aug 5 12:56:53 [EMAIL PROTECTED] >> (Host or domain name not found. Name service error for >> name=meriden.nsw.edu.au type=MX: Host n

migrating main.cf to a new server Q

2008-08-12 Thread Voytek Eymont
I currently have Postfix 2.4.5 running; I'm setting up a new machine that is meant to eventually replace the current system on Centos 5 with Postfix 2.5.2 what the best way to 'migrate' current server settings main.cf and possibly master.cf from the working 2.4.5 server to the new 2.5.2 server ?

Re: srpm mysql devel dependencies Q

2008-08-12 Thread Voytek Eymont
On Tue, August 12, 2008 11:49 pm, Pintér Tibor wrote: >> what am I doing wrong, do I need to 'export POSTFIX_MYSQL_REDHAT=1' >> instead ? > > mysql != MySQL (centos/redhat/fedora version vs mysql.com version) > try with --nodeps thanks, I've tried again with: export POSTFIX_MYSQL=0 export POSTF

srpm mysql devel dependencies Q

2008-08-12 Thread Voytek Eymont
I'm trying to build an RPM from Simon Mudd's postfix-2.5.2-1.src.rpm on Centos 5 with: $ export POSTFIX_MYSQL=1 $ export POSTFIX_PCRE=1 $ export POSTFIX_RBL_MAPS=1 $ export POSTFIX_SASL=2 $ export POSTFIX_TLS=1 it stops with: $ rpmbuild -ba postfix.spec error: Failed build dependencies:

mail stuck in mailq q

2008-08-10 Thread Voytek Eymont
I have this stuck in the queue, it's from sender on a vdomain hosted here, shouldn't this have bounced back to [EMAIL PROTECTED] on this server ? # mailq -Queue ID- --Size-- Arrival Time -Sender/Recipient--- 119B8B44871 2035 Tue Aug 5 12:56:53 [EMAIL PROTECTED] (Host or domain n

ot: individual sender email verification on inbound ?

2008-07-29 Thread Voytek Eymont
I have some web generated emails being sent as 'apache@' [as the default web user] now, an isp appears to be doing a user lookup as below and bounces emails, claiming this server is mis-configured: is there any requirement on me having an 'apache@' address if I'm sending emails as such ? TIA, -