Tuesday, August 6, 2024, 10:08:33 PM, Marek Podmaka via Postfix-users wrote:
> On Tue, 30 Jul 2024 at 09:51, Phil Biggs via Postfix-users
> wrote:
>> I only use list.dnswl.org (for good ones) and zen.spamhaus.org (bad) in
>> postscreen. Very effective but I did, ju
On Tue, 30 Jul 2024 at 09:51, Phil Biggs via Postfix-users
wrote:
> I only use list.dnswl.org (for good ones) and zen.spamhaus.org (bad) in
> postscreen. Very effective but I did, just once, see an IP simultaneously
> listed in both.
DNSWL is not for the good ones. It is for w
Tuesday, July 30, 2024, 5:24:53 PM, Gary R. Schmidt via Postfix-users wrote:
> You need to look into what ban-lists your host subscribes to, blocking a
> fairly well-known e-mail source but letting a TPG residential IP address
> (that's me!) through is a bit whiffy.
I was
Thanks again guys excellent work.
Welcome to the "Postfix-users" mailing list!
To post to this list, send your message to:
postfix-users@postfix.org
You can unsubscribe or make adjustments to your options via email by
sending a message to:
postfix-users-requ...@postfix.org
Yay thanks to all who helped, i just got a confirmation in my inbox
Cheers Phil
On 30/7/24 17:26, Ralf Hildebrandt via Postfix-users wrote:
* Philthy Steel via Postfix-users :
Thanks Ralf
I run f2b - ill put something on the ignore list and try again.
I'm able to connect now. The
* Philthy Steel via Postfix-users :
>
> Thanks Ralf
>
> I run f2b - ill put something on the ignore list and try again.
I'm able to connect now. The mail should have been delivered.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netz | Netzwerk-Administration
Invali
On 30/07/2024 17:18, Philthy Steel via Postfix-users wrote:
Thanks Ralf
I run f2b - ill put something on the ignore list and try again.
You need to look into what ban-lists your host subscribes to, blocking a
fairly well-known e-mail source but letting a TPG residential IP address
(that&#
Thanks Ralf
I run f2b - ill put something on the ignore list and try again.
Cheers Phil
On 30/7/24 15:31, Ralf Hildebrandt via Postfix-users wrote:
* Ralf Hildebrandt via Postfix-users :
however i dont get a message from the mail list and checking syslog shows
there was no contact to the
* Gary R. Schmidt via Postfix-users :
> Hmm, I was able to probe it using smtp2go, so I thought I'd see what telnet
> does for me here in Oz...
So was I (from charite.de), but not from list.sys4.de
There must be some selective blocking in place!
--
Ralf Hildebrandt
Geschäft
On 30/07/2024 15:31, Ralf Hildebrandt via Postfix-users wrote:
* Ralf Hildebrandt via Postfix-users :
however i dont get a message from the mail list and checking syslog shows
there was no contact to the server ?
4WY0w161l3z1018 1994 Tue Jul 30 05:24:49 postfix-users-boun...@postfix.org
* Ralf Hildebrandt via Postfix-users :
> > however i dont get a message from the mail list and checking syslog shows
> > there was no contact to the server ?
>
> 4WY0w161l3z1018 1994 Tue Jul 30 05:24:49
> postfix-users-boun...@postfix.org
>(connect
> however i dont get a message from the mail list and checking syslog shows
> there was no contact to the server ?
4WY0w161l3z1018 1994 Tue Jul 30 05:24:49 postfix-users-boun...@postfix.org
(connect to mail.philfixit.com.au[203.45.14.55]:25: Connection r
On 30/07/24 15:29, Phil Steel-Wilson via Postfix-users wrote:
I was subscribed fro many years under p...@philfixit.info but now i want
to use p...@philfixit.com.au which i dutifully entered into the form at
https://list.sys4.de/postorius/lists/postfix-users.postfix.org/
however i dont get a
shows there was no contact to the server ?
Im unsure where the problem is as i can send and receive gmail hotmail
etc etc but not the postfix mail list . . .
Cheers Phil
On 30/07/2024 1:23 pm, Viktor Dukhovni via Postfix-users wrote:
On Tue, Jul 30, 2024 at 01:14:15PM +1000, Phil Steel
On Tue, Jul 30, 2024 at 01:14:15PM +1000, Phil Steel-Wilson via Postfix-users
wrote:
> Copy and paste from the email gave top...@philfixit.info however the email
> address is actually p...@philfixit.info and i can send and receive mail to
> google . . . Cheers Phil
Eliding essenti
Copy and paste from the email gave top...@philfixit.info however the
email address is actually p...@philfixit.info and i can send and receive
mail to google . . . Cheers Phil
On 30/07/2024 12:53 pm, Viktor Dukhovni via Postfix-users wrote:
On Tue, Jul 30, 2024 at 12:23:43PM +1000, Phil
On Tue, Jul 30, 2024 at 12:23:43PM +1000, Phil Steel-Wilson via Postfix-users
wrote:
> because it has received a number of bounces indicating that there may
> be a problem delivering messages top...@philfixit.info.
Trying "sendmail -bv top...@philfixit.info" to verifying you
Hi All,
As per subject, when i moved to a new box with ubuntu 2004 on it i got this
Your subscription for Postfix-users mailing list has been disabled
Your subscription has been disabled on thepostfix-us...@postfix.org mailing
list
because it has received a number of bounces indicating that
Iker SAENZ via Postfix-users skrev den 2024-04-16 14:14:
postfix-users suscribe
you are already
but incase you like to have one more email address subscribed follow
links below here
List-Id: "For discussions about using Postfix: questions, problem
reports,
or feature requests.
postfix-users suscribe
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
Daniel Azuelos wrote:
> Are you still using procmail?
Yes. I am still using procmail. It is powerful, mature, and stable.
But more importantly you said YOU were using procmail.
> I just found an email incorrectly filtered by my .procmailrc,
> because the To: wasn't postfix-use
[ Rédigé dans le sens de lecture normal.
Written in the usual reading direction. ]
Le (on) 09/04/2022, Bob Proulx a écrit (wrote):
[...]
| For mailing lists using List-Id is the recommended method.
|
| :0
| * ^List-Id: .*
| * ^list-Id: .*
Daniel Azuelos wrote:
> I just found an email incorrectly filtered by my .procmailrc,
> because the To: wasn't postfix-users@postfix.org:
...
> To: postfix-us...@cloud9.net
Instead of filtering on the To the better idea is to use the standard
mail headers that the mailing li
On Wed, 06 Apr 2022 11:53:21 +0200, Daniel Azuelos wrote:
>
> I just found an email incorrectly filtered by my .procmailrc,
> because the To: wasn't postfix-users@postfix.org:
You should filter for List-Id: header.
> Is the list postfix-us...@cloud9.net a list which forward t
Daniel Azuelos:
> I just found an email incorrectly filtered by my .procmailrc,
> because the To: wasn't postfix-users@postfix.org:
>
> Date: Wed, 6 Apr 20
I just found an email incorrectly filtered by my .procmailrc,
because the To: wasn't postfix-users@postfix.org:
Date: Wed, 6 Apr 2022 08:34:38 +0200
>From owner-po
>
>
> Is there any security benefits to creating this smart host as a separate
> SMTP server? Are there any "best practices" for this kind of situation?
>
It depends on your network structure and how much do you trust your new
clients.
If your client resides directly at your local network (eithe
We have two Postfix servers. Currently, none of them allow relaying.
We accept incoming email only from authenticated users and from
mail servers sending mail to any domain where we are the final
destination.
We are considering setting up an SMTP smart host server for a few
entities that would be
On Mon, 31 Aug 2020, Noel Jones wrote:
Staring at postconf (or somewhat easier, postconf -n) output is unlikely to
fix this without clues in the log of what the problem is.
Start here:
http://www.postfix.org/DEBUG_README.html#logging
If you need more help from us:
http://www.postfix.org/DEBUG
On 8/31/2020 12:12 PM, Doug Denault wrote:
I was not clear. The system receives email just fine. It will not
send. There are no log entries. The above output is from sockstat.
Don't waste your time looking at listening sockets/ports for
outgoing connections that are never made.
If there a
On 31 Aug 2020, at 13:12, Doug Denault wrote:
On Mon, 31 Aug 2020, Bill Cole wrote:
On 30 Aug 2020, at 20:24, Doug Denault wrote:
working system:
lighthouse:~> sockstat | egrep "postfix|master" | egrep ":[2\5]+"
postfix smtpd 98709 6 tcp4 *:25 *:*
postfix
On Mon, 31 Aug 2020, Bill Cole wrote:
On 30 Aug 2020, at 20:24, Doug Denault wrote:
working system:
lighthouse:~> sockstat | egrep "postfix|master" | egrep ":[2\5]+"
postfix smtpd 98709 6 tcp4 *:25 *:*
postfix smtpd 98656 6 tcp4 *:25
On Mon, 8 Apr 2019 at 18:31, Ntek, SIA Janis wrote:
> Thank you for quick responses!
>
> Dominic Raferd's reply was the most helpful and a good how-to :)
>
> Just to summarize, how many From sender spoofing methods are there?
> 1) envelope-sender (What Viktor said)
> 2) Addres in Header From (Wh
> On Apr 8, 2019, at 1:30 PM, Ntek, SIA Janis wrote:
>
> I used
> root@othermail:~# mail -s test1 -a "From: us...@mydomain.tld"
> us...@mydomain.tld < /dev/null
>
> Which, judging by man mail, spoofs Header From,
True, but irrelevant, the actually relevant detail is that it also
sets the
On 08/04/19, Viktor Dukhovni wrote:
>
> It forges the header sender (RFC2822.From header). Note that your
> own post to this list will be Cc'd to your mailbox from outside,
> bearing your email address as the message author. (It will have
> the list as "RFC2822.Sender"). So you generally should
Thank you for quick responses!
Dominic Raferd's reply was the most helpful and a good how-to :)
Just to summarize, how many From sender spoofing methods are there?
1) envelope-sender (What Viktor said)
2) Header From sender (What Dominic said)
3) Privileged domain in text sender (What Dominic
On 4/8/19 9:02 AM, Janis wrote:
> Postfix users receive spam pretending to be sent from their accounts.
I received one of these this morning allegedly from loopback, 127.0.0.1.
I think I may have dealt with it by dropping, in iptables, any email
from localhost and moving the 'ac
On Mon, 8 Apr 2019 at 16:22, Ralph Seichter wrote:
> * Janis:
>
> > Should I install amavis? It seems so trivial to block spam which
> > pretend to be sent as a spoofed message from oneself but yet I can't
> > block it.
>
> Postfix's check_sender_access suffices to block forged envelope (!)
> sen
* Janis:
> Should I install amavis? It seems so trivial to block spam which
> pretend to be sent as a spoofed message from oneself but yet I can't
> block it.
Postfix's check_sender_access suffices to block forged envelope (!)
sender addresses:
# pcre:/etc/postfix/sender_access
/\bi(yourdoma
On Mon, Apr 08, 2019 at 08:02:41AM -0700, Janis wrote:
> in main.cf I have put:
> smtpd_sender_login_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf,
> mysql:/etc/postfix/mysql_virtual_alias_maps.cf
>
> smtpd_sender_restrictions = permit_mynetworks,
> permi
Postfix users receive spam pretending to be sent from their accounts.
in main.cf I have put:
smtpd_sender_login_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf,
mysql:/etc/postfix/mysql_virtual_alias_maps.cf
smtpd_sender_restrictions = permit_mynetworks
On 11.02.18 20:26, Harald Koch wrote:
Is this change in long-standing opinion of the IETF only because existing
implementations so often ignore STARTTLS, or is there actually a security
issue with STARTTLS (instead of implicit TLS)?
I guess it's about firewalls - you can run service without TLS
> On Feb 11, 2018, at 8:26 PM, Harald Koch wrote:
>
> Is this change in long-standing opinion of the IETF only because existing
> implementations so often ignore STARTTLS, or is there actually a security
> issue with STARTTLS (instead of implicit TLS)?
There is no issue with STARTTLS when it
Is this change in long-standing opinion of the IETF only because existing
implementations so often ignore STARTTLS, or is there actually a security
issue with STARTTLS (instead of implicit TLS)?
--
Harald
https://tools.ietf.org/html/rfc8314#section-3.3
The STARTTLS mechanism on port 587 is relatively widely deployed due
to the situation with port 465 (discussed in Section 7.3). This
differs from IMAP and POP services where Implicit TLS is more widely
deployed on servers than STARTT
On 2017-04-13 04:27:09 (+0200), Benny Pedersen wrote:
body only contained € chars
only me that was maked millionare ? :=)
I get surprisingly little spam from Postfix mailing lists.
Philip
--
Philip Paeps
Senior Reality Engineer
Ministry of Information
body only contained € chars
only me that was maked millionare ? :=)
wie...@porcupine.org skrev den 2017-02-12 20:59:
DKIM works just fine across multiple hops of forwarding as long as
one does not modify the message in transit (someone said that DKIM
is hop-by-hop; they don't understand what DKIM does). If anyone's
DKIM verifier fails on this posting, let me kno
Josh Good:
> Old-style forwarding is when the forwarding MTA forwards the message
> re-using the original Return-Path in the SMTP envelope, instead of using
> its own address in the Return-Path. Because if the forwarding MTA uses
> its own address in the Return-Path while forwarding the email, SPF
On 2017 Feb 12, 18:32, Dominic Raferd wrote:
> On 12 February 2017 at 12:54, Josh Good wrote:
>
> > Well, yes, SPF breaks old-style forwarding. This is well known and
> > undisputed.
> >
> > Many old-style SMTP "customs" no longer apply, like open relays, etc.
> >
> > Old-style forwarding is nowad
rpose,
I admit.
>
>> Secondly, IMO mailing lists should stop faking sender addresses and
>> instead should send either from the mailing list address or at least
>> from the mailing list domain e.g.
>> postfix-users-from-sender-at-domain@postfix.org. That way the email
Josh Good wrote:
> On 2017 Feb 12, 16:17, Michael Ströder wrote:
>> Josh Good wrote:
>>> On 2017 Feb 11, 19:18, li...@lazygranch.com wrote:
So technically integrity is assured from server to server, but not between
clients
and server.
>>>
>>> That is correct. DKIM is for MTA-to-MTA
On 2017 Feb 12, 16:17, Michael Ströder wrote:
> Josh Good wrote:
> > On 2017 Feb 11, 19:18, li...@lazygranch.com wrote:
> >> So technically integrity is assured from server to server, but not between
> >> clients
> >> and server.
> >
> > That is correct. DKIM is for MTA-to-MTA integrity.
>
> The
Josh Good wrote:
> On 2017 Feb 11, 19:18, li...@lazygranch.com wrote:
>> So technically integrity is assured from server to server, but not between
>> clients
>> and server.
>
> That is correct. DKIM is for MTA-to-MTA integrity.
There are no widely used MUA implementations making use of DKIM but
On 12.02.2017 08:39, Kiss Gabor (Bitman) wrote:
> Maybe DKIM verification should ignore list tags in the subject
> if the first attempt was unsuccesful.
> I.e. I could imagine a smarter canonicalization.
There can be no "interpretation" of what the signing party distributes.
I deliberately use DK
On 2017 Feb 12, 08:14, John Allen wrote:
> Josh Good - your DKIM signaturesare showing up as invalid.
I don't see how that is possible, given that I currently do not do DKIM
signing of my posts to this list.
Perhaps did you mean to say that my posts to the list are getting a
DMARC result of fail
the mailing list address or at least
from the mailing list domain e.g.
postfix-users-from-sender-at-domain@postfix.org. That way the emails
could be fully DMARC-compliant and avoid problems even for original
senders with p=reject policy (for instance, yahoo users).
If I understand you correctly
ver been massively spoofed in global,
distributed, resilient spamming campaigns. I like SPF because it has
saved my bacon more than once.
> Secondly, IMO mailing lists should stop faking sender addresses and
> instead should send either from the mailing list address or at least
On 2017 Feb 12, 08:39, Kiss Gabor (Bitman) wrote:
> > > Further, how does DKIM prove the message wasn't altered? To my knowledge,
> > > SPF proves the message came from a qualified server and DKIM proves the
> > > FQDN
> > > is a match.
> >
> > DKIM signs a hash of the canonicalized message body
On 12.02.2017 03:13, Sebastian Nielsen wrote:
> Theres no relay between me and postfix. And this is the report:
>
> Feedback-Type: auth-failure
> Version: 1
> User-Agent: OpenDMARC-Filter/1.3.2
> Auth-Failure: dmarc
> Authentication-Results: mx01.nausch.org; dmarc=fail header.from=sebbe.eu
> Orig
on passing SPF.
Secondly, IMO mailing lists should stop faking sender addresses and
instead should send either from the mailing list address or at least
from the mailing list domain e.g.
postfix-users-from-sender-at-domain@postfix.org. That way the emails
could be fully DMARC-compliant and avoid pr
> > Further, how does DKIM prove the message wasn't altered? To my knowledge,
> > SPF proves the message came from a qualified server and DKIM proves the FQDN
> > is a match.
>
> DKIM signs a hash of the canonicalized message body and the set of headers
> specified in the signature. Modify the bo
OK, so I sent a message to the list which was rejected, I got a NDR like
this:
This message was sent by a program, not by a human person.
Your submission to the postfix-users mailing list was blocked because
your address is not subscribed, or because the
On 2017 Feb 11, 19:18, li...@lazygranch.com wrote:
> So technically integrity is assured from server to server, but not between
> clients and server.
That is correct. DKIM is for MTA-to-MTA integrity.
I you want end-to-end (in-the-flesh sender to in-the-flesh recipient)
integrity, you need to u
So technically integrity is assured from server to server, but not between
clients and server.
Original Message
From: Bill Cole
Sent: Saturday, February 11, 2017 7:08 PM
To: Postfix users
Reply To: Postfix users
Subject: Re: Why no List-ID header in the postfix-users posts?
On 11 Feb
On 2017 Feb 11, 18:53, li...@lazygranch.com wrote:
>
>How would a get a print out of email uses that fail DKIM, SPF, or
>both?
>
>A few months ago there was chatter about how to rewrite the subject
>header to indicate the SPF and DKIM status. Unfortunately nothing
>further.
>
On 11 Feb 2017, at 21:53, li...@lazygranch.com wrote:
Further, how does DKIM prove the message wasn't altered? To my
knowledge, SPF proves the message came from a qualified server and
DKIM proves the FQDN is a match.
DKIM signs a hash of the canonicalized message body and the set of
headers
On Sun, 2017-02-12 at 01:53 +0100, Josh Good wrote:
> Hello.
>
> I'm trying to set up a new procmail recipe to automatically file this
> mailing list's traffic into its own folder - because my old procmail
> recipe (filtering by TO: postfix-users@postfix.org) has proven t
Sebastian Nielsen skrev den 2017-02-12 03:13:
Theres no relay between me and postfix. And this is the report:
spf strict
https://dmarcian-eu.com/dmarc-inspector/sebbe.eu
why ?
note you get dkim pass ?
From: Sebastian NielsenSent: Saturday, February 11, 2017 5:56 PMTo: postfix-users@postfix.orgSubject: Re: Why no List-ID header in the postfix-users posts?I agree about the DKIM signing.
t; dkim=pass (1024-bit key) header.d=sebbe.eu header.i=@sebbe.eu
> header.b="AnBtXcH6"
> Authentication-Results: mx01.nausch.org; spf=none
> smtp.mailfrom= smtp.helo=camomile.cloud9.net
> Received: by camomile.cloud9.net (Postfix)
> id 7474A336498; Sat, 11 Feb
On Sun, Feb 12, 2017 at 02:40:09AM +0100, Josh Good wrote:
> And I don't mean to be an annoyance, but why no subject [tags]?
This list carefully avoids modifying the message headers and body.
Therefore, this list requires no ugly DMARC work-around hacks. I
am sure that we should keep it that way
On 12/02/2017 00:53, Josh Good wrote:
Hello.
I'm trying to set up a new procmail recipe to automatically file this
mailing list's traffic into its own folder - because my old procmail
recipe (filtering by TO: postfix-users@postfix.org) has proven to be
not 100% effective (somehow, som
h.org; spf=none
smtp.mailfrom= smtp.helo=camomile.cloud9.net
Received: by camomile.cloud9.net (Postfix)
id 7474A336498; Sat, 11 Feb 2017 20:55:58 -0500 (EST)
Delivered-To: postfix-users-outgo...@cloud9.net
Received: from localhost (localhost [127.0.0.1])
by camomile.cloud9.net (Pos
On 2017 Feb 12, 03:00, Benny Pedersen wrote:
> >In the post-Snowden era, cryptographically signing ALL is the way to
> >go.
> >Remember, NSA not only "spies", it also "impersonates" when it needs to
> >do so (if it can do it). So yes, it makes sense for a mailing list to
> >DKIM sign the posts it
Sebastian Nielsen skrev den 2017-02-12 02:55:
I agree about the DKIM signing. I get regularly authentication
failures (forensic reports) when posting to this list. Propably
because my domain is set to require mandatory DKIM signing and postfix
list server isn't.
in that case you have mailrelays
Josh Good skrev den 2017-02-12 02:51:
It would break the original sender's DKIM, if any. But then the mailing
list host could DKIM sign all messages just before sending them to the
list subscribers.
how should dkim handle this ?, how should dmarc handle it ?, how should
arc handle it ?
how
I agree about the DKIM signing. I get regularly authentication failures
(forensic reports) when posting to this list. Propably because my domain is set
to require mandatory DKIM signing and postfix list server isn't.
However, I don't think there should be any subject tags.
smime.p7s
Description
On 2017 Feb 12, 02:33, Benny Pedersen wrote:
> Josh Good skrev den 2017-02-12 01:53:
>
> >2. Why this mailing list has never used subject tags, and very early
> >in its infancy it even stopped injecting a footer into the posts? It's
> >obvious that was not done to accommodate for DMARC, so why was
han having a footer that sometimes comes out as garbage.
>
> Thanks a lot Wietse for your answers.
>
> And yes, your post did have a List-ID:
>
> List-Id: Postfix users
>
> That's great! Thank you.
>
> And I don't mean to be an annoyance, but why no subject
Josh Good skrev den 2017-02-12 02:40:
And I don't mean to be an annoyance, but why no subject [tags]?
this would break dkim
for your answers.
And yes, your post did have a List-ID:
List-Id: Postfix users
That's great! Thank you.
And I don't mean to be an annoyance, but why no subject [tags]?
Regards,
--
Josh Good
Josh Good skrev den 2017-02-12 01:53:
1. Why the mailing list software is not configured to add a List-Id
header?
good question :)
2. Why this mailing list has never used subject tags, and very early
in its infancy it even stopped injecting a footer into the posts? It's
obvious that was not
Josh Good:
> 1. Why the mailing list software is not configured to add a List-Id
> header?
Perhaps that's because the configuration was last updated in 2005,
at a time that List-Id was not as widely used. Let's see if this
message will have a List-Id header.
There are no footers, because to do th
Hello.
I'm trying to set up a new procmail recipe to automatically file this
mailing list's traffic into its own folder - because my old procmail
recipe (filtering by TO: postfix-users@postfix.org) has proven to be
not 100% effective (somehow, some posts to the mailing list are
ad
> should be depreciated, is already being deprecated, etc. But while upgrading,
> it would be convenient to continue supporting those devices (mostly scanners
> and printers) that cannot do TLSv1.2,
> Any hints or help appreciated.
> It looks like I'll have to recompile from source.
Are these s
> > Is there any way to know what username was used in these attempts.
> > (An existing one every time or they are choosen from a dictionary?)
> saslauthd is likely logging failure via LOG_AUTH facility, see
> /var/log/auth.log or /var/log/secure.
Bingo! :-)
Names came from dictionary.
Thanks.
> > workaround is to establish SSH port forwarding asynchronously, and that
> > is a fragile setup that I would like to replace by something synchronous
> You need to make smtp(8) talk to a TCP port (or UNIX-domain port),
> an arrange for a little daemon that listens on that port, and that
> invok
> I have a multi-instance setup.
> By doing "ps -ef", as expected, I see a lot of "master" processes.
> Is there a way to see which master is related to which instance at a glance?
Fuser or lsof says which process listens on a specific port.
Pstree or ps shows the parent of it.
(At least on Linux.
> I'd like ask a dumb question: I see there are many things in Postfix which
> named as pipe(8), smtp(5), lmtp(8). So what is number 5 or 8 mean? Version
> number?
http://unix.stackexchange.com/questions/3586/what-do-the-numbers-in-a-man-page-mean
Gabor
> > mynetworks = 192.168.97.0/28, 127.0.0.0/8, [::1]/128, [fe80::]/64,
> > [fec0::]/64
>
> Just delete [fe80::]/64 and [fec0::]/64.
> No client will use link local and site local address of your server
> therefore listening on these is absolute unnecessary.
^
Eeeer... _filter
> mynetworks = 192.168.97.0/28, 127.0.0.0/8, [::1]/128, [fe80::]/64, [fec0::]/64
Just delete [fe80::]/64 and [fec0::]/64.
No client will use link local and site local address of your server
therefore listening on these is absolute unnecessary.
Gabor
> The exchange servers have some groups of consecutive IPs on their allow list,
> some cover 5 or 6 IPs, others 100.
> Is there a way to provide the same list .i.e.
> 192.168.0.2-12OK
>
> without:
>
> Listing them all individually
> i.e.
> 192.168.0.2 OK
> 192.168.0.3 OK
> Etc...
>
On 26/08/2016 03:51 μμ, Alex JOST wrote:
This should work:
smtpd_helo_restrictions = permit_mynetworks,
check_client_access hash:/etc/postfix/maps/whitelisted_clients,
reject_invalid_helo_hostname,
reject_unknown_helo_hostname
You were right...It worked indeed. :)
On 26/08/2016 03:51 μμ, Alex JOST wrote:
This should work:
smtpd_helo_restrictions = permit_mynetworks,
check_client_access hash:/etc/postfix/maps/whitelisted_clients,
reject_invalid_helo_hostname,
reject_unknown_helo_hostname
Will try it and see ...
Am 26.08.2016 um 14:09 schrieb Aggelos:
On 26/08/2016 02:53 μμ, Kiss Gabor (Bitman) wrote:
smtpd_helo_restrictions = permit_mynetworks,
reject_invalid_helo_hostname,
reject_unknown_helo_hostname
Yet, in the logs I still get these reports (sample on one line):
Aug 26 03:37:52 postfi
On 26/08/2016 02:53 μμ, Kiss Gabor (Bitman) wrote:
smtpd_helo_restrictions = permit_mynetworks,
reject_invalid_helo_hostname,
reject_unknown_helo_hostname
Yet, in the logs I still get these reports (sample on one line):
Aug 26 03:37:52 postfix/smtpd[27675]: NOQUEUE: reject: RCPT fro
> smtpd_helo_restrictions = permit_mynetworks,
> reject_invalid_helo_hostname,
> reject_unknown_helo_hostname
> Yet, in the logs I still get these reports (sample on one line):
>
> Aug 26 03:37:52 postfix/smtpd[27675]: NOQUEUE: reject: RCPT from
> spam1.vodafone.gr[213.249.16.2]: 450 4.
On 09/06/2015 02:47 PM, Steve Jenkins wrote:
> On Sat, Sep 5, 2015 at 5:59 PM, Viktor Dukhovni
> That's fine. I wasn't trying to pick a fight, or even be contrary. My
> question was sincere as I'm always interested in learning. If there are
> valid reasons why one should completely avoid building P
On Sat, Sep 5, 2015 at 5:59 PM, Viktor Dukhovni
wrote:
> On Sat, Sep 05, 2015 at 04:50:42PM -0700, Steve Jenkins wrote:
>
> > On Sat, Sep 5, 2015 at 11:43 AM, John R. Dennison
> wrote:
> >
> > > Building from source on RHEL or respins is _never_ the correct answer.
> >
> > ...because ?
>
> W
1 - 100 of 158 matches
Mail list logo
