First time I've tried the inline map type. And, I think the spaces may have
been what was hosing my earlier attempts. Appreciate the pointer very much.
Will give this a go.
--
Sent from: http://postfix.1071664.n5.nabble.com/Postfix-Users-f2.html
Just what I was hoping for, the easy button. Thank you.
What about the one (valid) sender I want to prevent? I've got a IMAP
account setup for spam reporting, I want to be sure no one who has access to
it sends anything from that account.
--
Sent from: http://postfix.1071664.n5.nabble.com/
Postfix 3.2.2, Centos7. All functioning as configured. I have a few local
accounts, several virtual addresses delivered to those accounts, and some
domains relayed, the latter do not submit mail through this box.
All local accounts send via TLS authentication on 587. Currently I don't think
Instead of trying to decipher one with a problem, can someone check my laymen
descriptions of this single good message flow for me? I've tried to do my
homework and get them right. I think I have it, but would be grateful for
confirmation.
I have commented the steps of the full message flow with
Bastian: I know this is getting off list-subject. I appreciate the pointer.
That option is not in my amavisd.conf. I'm looking to see how to get it
set. The examples I see discussing aren't very clear (to me).
Once I understand what's going on at the postfix level I'll have a better
idea hope
Sorry about the formatting. Damn Outlook client I guess. Hopefully below is
not messed up format wise.
Thanks for the pointer to Viktor's script. It appears to just have the
postfix entries, not the handoffs back and forth. Seems to pickup 6 of the
20+ realted lines. I get that it's just doin
I'm trying to post: a question, a copy of 20 lines or so of a maillog, and
the output of postconf -n .
The list does not seem to be accepting it. Maybe because the log has some
IP's and and address of a spammer? What should I do to sanitize it so it
will post? Not sure what's triggering the blo
I'm converting to use postscreen. I have a question about dnsbl's in
postscreen vs smtpd_recipient_restrictions
Following threads here and a git by Steve Jenkins I was going to start with
this for postscreen:
postscreen_dnsbl_sites =
zen.spamhaus.org*3
bl.mailspike.net*2
Thanks Peter, appreciate the nudge. What the hell, I'm in . I'll try
it on my test server. It would be nice for me to stay in the yum update
world.
--
View this message in context:
http://postfix.1071664.n5.nabble.com/upgrade-compile-options-tp91241p91262.html
Sent from the Postfix Users ma
Hi Peter:
> Why are you trying to upgrade from old to slightly less old? The
> current stable of postfix is 3.2.2.
Valid question. It wasn't because of EOL concerns. I was looking to add
the feature available in 2.11+:
postscreen_dnsbl_whitelist_threshold
Beyond that, I was just chicken of
I removed the one Cyrus SASL path Victor pointed out.
For anyone else who may come on this searching... Google "Steve Jenkins
Building Postfix on RHEL / CentOS from Source" for detailed steps. Except
for me I wanted TLS, Dovecot SASL (no Cyrus), the rest as normal for the
distribution.
On a stoc
Wietse:
>If I correct your command for word-wrap breakage and spurious spaces,
>but otherwise leave all the unnecessary stuff in place, it produces
>a working build with Postfix 3.3 on Fedora Core 24.
The reference I started with was one by Steve Jenkins for a Centos 7 system
(and others). I'
I have a functioning install of 2.10 from rpm's on Centos7. I'm trying to
upgrade the postfix to 2.11.
I don't use LDAP and I'm using Dovecot for SASL. I use TLS. Following the
postfix docs and other's directions, I've tried to pick the correct compile
options. Unfortunately for me RedHat/Cent
> http://www.postfix.org/POSTSCREEN_README.html#white_veto
Noel. I had read that section of the manual but it didn't sink in. Now I
get it perfectly. Thanks again, much appreciated.
--
View this message in context:
http://postfix.1071664.n5.nabble.com/postscreen-delay-inprovement-multpl
re "IP addresses, published in DNS as different IP addresses for the same MX
hostname or for different MX
hostnames. This avoids mail delivery delays with clients that reconnect
immediately from the same IP address. "
I understand now this had nothing to do with improving systems that
(re)connect
Thank you for the expert input. I will heed your advise.
Scott
--
View this message in context:
http://postfix.1071664.n5.nabble.com/postscreen-with-postgrey-can-they-cause-a-double-reject-tp91176p91183.html
Sent from the Postfix Users mailing list archive at Nabble.com.
Thanks guys, I understand now. Much appreciated.
--
View this message in context:
http://postfix.1071664.n5.nabble.com/postscreen-delay-inprovement-multple-IP-addresses-tp91174p91182.html
Sent from the Postfix Users mailing list archive at Nabble.com.
- postscreen with postgrey - can they cause a double reject?
I searched for answers regarding using both postscreen and greylisting. I
saw some differing opinions. But I did not see this point covered.
Assuming a clients first connection to me to deliver and
Assuming that postscreen is configur
I'm working on converting to using postscreen. Studying the details. I
have a question from the docs related to the delays due to the effective
greylisting caused by "Tests after the 220 SMTP server greeting". I believe
my server would qualify as a small site receiving mail for just a few
hundre
>The last "master.cf" should be "main.cf".
Check.
> specify mua_client_restrictions, mua_helo_restrictions, and
mua_sender_restrictions in master.cf.
Done.
And I finally got a message to pass via submission from Outlook.
What are good/reasonable restrictions to add for the submission service?
>Otherwise, the absense of "AUTH" in the EHLO reply might be a configuration
>issue with dovecot, or is rather mysterious.
Well, at least no AUTH was something to go on, thanks, I missed that detail.
Checked the socket path setting and the file permissions, all looked good
there.
I Found what I h
The problem is occurring with MS Outlook 2007. Can't get it to work on 465
or 587.
For the 587/submission port I changed it to the settings from Patrick
Koetter's guide
(http://postfix.state-of-mind.de/patrick.koetter/smtpauth/postfix_tls_suppor
t.html)
## TLS
# Transport Layer Security
smtpd
>Don't waste our time posting configuration data from the wrong machine.
I won't. I didn't. The posted configs are from the box I'm working on now.
Was just mentioning the other one to explain the commented line. Thank you
for the advice on that line in any case.
>If you have mail clients that
>> #port 465
>> # my inbound mail comes here
>> smtpsinet n - n - - smtpd -v
>> # next line below so I don't filter the mail I send in via 465 # -o
>> content_filter= # -o
>> smtpd_recipient_restrictions=permit_sasl_authenticated,reject
>> # -o smtpd_sasl_auth_ena
>> test tunneled TLS connections to port 465
>> openssl s_client -connect tn2.myserver.com:465 Appears to work
>> -
>> From remote server
>> test STARTTLS connections on port 25 or 587 with:
>> openssl s_client -connect tn2.myserver.com:587 -starttls smtp
>appears
>> to work, shows a
I'm building a new server to replace an old one in production. I've never
had trouble in the past, but it's been a while and it is not going smoothly
this time. I've spent a week trying and not getting it going. I gave up
getting Cyrus-sasl to work, moved to Dovecot. Got farther but stuck now.
>You are NOT 'rejecting', you are ACCEPTING, then BOUNCING, which you
>should never do if you can possibly help it. Reject it at smtp time.
>
>Why waste system resources scanning messages you will later bounce?
I understand your point. Thank you for correcting my syntax. FWIW, this
will only ha
Noel:
Thank you.
>The envelope sender where delivery problems are reported can
>be different from the From: header displayed in most email
>clients, which can also be different from the Reply-To: header
>where most mail clients will send if you hit the "Reply" button.
>
>You mustn't block the
>So, lemme get this straight. You changed the list address, but instead
>of just sending an email to the list addresses telling all users of the
>list address change, you just decided to, in essence, inform
>them via an
>NDR when they send mail to the list? There have got to be at
>least 1000
>
> You have:
>check_client_access hash:/etc/postfix/access
>which is wrong for matching email addresses:
Thanks, that fixed my error.
>check_recipient_access hash:/etc/postfix/access
>BTW, if you are trying to block all access to this email address, why
>not just remove it from your list(s) of val
x.org] On Behalf Of techlist06
>Sent: Tuesday, November 24, 2009 8:14 AM
>To: postfix-users@postfix.org
>Subject: Bounce a particular recipient address with specified
>reject message
>
>Greetings:
>
>I have what I expect is a simple question for you guys.
>Thanks to Ral
Sahil, et.al:
>Use an access(5) or transport(5) map:
It appears that using an access map would best meet my need. I do not
currently use an access map. Can you/anyone assist me with the proper
placement of
check_client_access hash:/etc/postfix/access
in my setup? I don't want to screw up my
Greetings:
I have what I expect is a simple question for you guys. Thanks to Ralphs
book and the help here I have a many-year stable postfix configuration, love
it, don't mess with it.
I have a very small hobby-based mailing list I maintain manually in Outlook.
Although all maillist messages I s
33 matches
Mail list logo
