On Wed, Jan 19, 2022 at 08:38:07AM -0500, Ruben Safir
wrote:
> On Tue, Jan 18, 2022 at 11:14:58AM -0500, Ruben Safir wrote:
> > On Tue, Jan 18, 2022 at 04:50:11PM +0100, Matus UHLAR - fantomas wrote:
> > > On 18.01.22 10:32, Ruben Safir wrote:
> > > >I am sorry, that is wrong. I am getting main
On Tue, Jan 18, 2022 at 11:14:58AM -0500, Ruben Safir wrote:
> On Tue, Jan 18, 2022 at 04:50:11PM +0100, Matus UHLAR - fantomas wrote:
> > On 18.01.22 10:32, Ruben Safir wrote:
> > >I am sorry, that is wrong. I am getting main and master confused.
> > [...]
How do I know that dovecot is being qu
On Tue, Jan 18, 2022 at 04:50:11PM +0100, Matus UHLAR - fantomas wrote:
don't use grep for master.cf, there are usuallu options on next lines
# postconf -M smtps submission
submission inet n - y - - smtpd -o
syslog_name=postfix/submission -o smtpd_tls_security_l
On Tue, Jan 18, 2022 at 04:50:11PM +0100, Matus UHLAR - fantomas wrote:
> On 18.01.22 10:32, Ruben Safir wrote:
> >I am sorry, that is wrong. I am getting main and master confused.
> [...]
>
> >THIS is in Master
> >www2:/etc/postfix # grep "smtpd" master.cf|grep -v "#"
>
> don't use grep for ma
On Tue, Jan 18, 2022 at 10:47:05AM -0500, Wietse Venema wrote:
> Ruben Safir:
> > UNDER main.cf I have this:
> >
> > smtpd_data_restrictions = reject_unauth_pipelining, permit
> >
> >
> > # SASL stuff
> > ###
Wietse Venema:
> Ruben Safir:
> > UNDER main.cf I have this:
> >
> > smtpd_data_restrictions = reject_unauth_pipelining, permit
> >
> >
> > # SASL stuff
> >
> ...
> > smtpd_sa
Ruben Safir:
> > -o milter_macro_daemon_name=ORIGINATING
>
> I don't need the milter I assume?
You can comment it out and leave it as a reminder. If you ever want
to add a signing milter, then this may be needed.
Wietse
On 18.01.22 10:32, Ruben Safir wrote:
I am sorry, that is wrong. I am getting main and master confused.
[...]
THIS is in Master
www2:/etc/postfix # grep "smtpd" master.cf|grep -v "#"
don't use grep for master.cf, there are usuallu options on next lines
smtp inet n - n
On Tue, Jan 18, 2022 at 10:36:34AM -0500, Ruben Safir wrote:
> > -o milter_macro_daemon_name=ORIGINATING
> >
>
> I don't need the milter I assume?
>
I have this line as well, which I think might be wrong
smtp inet n - n - - smtpd <<==
As for specifying p
Ruben Safir:
> UNDER main.cf I have this:
>
> smtpd_data_restrictions = reject_unauth_pipelining, permit
>
>
> # SASL stuff
>
...
> smtpd_sasl_auth_enable = yes
Note, SASL is
> -o milter_macro_daemon_name=ORIGINATING
>
I don't need the milter I assume?
> Wietse
--
So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998
http://www.mrbrklyn.com
DRM is THEFT
I am sorry, that is wrong. I am getting main and master confused.
This is in main
www2:/etc/postfix # grep "^smtpd" main.cf
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, reject_invalid_hostname,
regexp:/etc/postfix/helo.regexp, permit
smtpd_sender_restrictions = hash:/e
On Wed, Jan 12, 2022 at 10:43:11AM -0500, Wietse Venema wrote:
> Wietse:
> > I think it is a mistake to enforce Spamhaus for clients that connect
> > to port 578. Clients on port 25 must authenticate.
>
> Ruben Safir:
> > I agree, but I don't know how to control rules for 587?
> > How do I tell it
Ruben Safir:
> On Wed, Jan 12, 2022 at 10:44:18AM -0500, Wietse Venema wrote:
> > Wietse Venema:
> > > Wietse:
> > > > I think it is a mistake to enforce Spamhaus for clients that connect
> > > > to port 578. Clients on port 25 must authenticate.
> >
> > Sorry, 25 should have been 578.
>
> how t
On Wed, Jan 12, 2022 at 10:44:18AM -0500, Wietse Venema wrote:
> Wietse Venema:
> > Wietse:
> > > I think it is a mistake to enforce Spamhaus for clients that connect
> > > to port 578. Clients on port 25 must authenticate.
>
> Sorry, 25 should have been 578.
how to control rules for 587? Is th
On 2022-01-11 at 22:41:55 UTC-0500 (Tue, 11 Jan 2022 22:41:55 -0500)
Bill Cole
is rumored to have said:
So you need to fix your Postfix's port 587 service. Override whatever
smtpd_*_restrictions list you have using whichever Spamhaus list your
client IP is on with a list suited to initial subm
On 2022-01-12 at 10:44:18 UTC-0500 (Wed, 12 Jan 2022 10:44:18 -0500 (EST))
Wietse Venema
is rumored to have said:
> Wietse Venema:
>> Wietse:
>>> I think it is a mistake to enforce Spamhaus for clients that connect
>>> to port 578. Clients on port 25 must authenticate.
>
> Sorry, 25 should have
Wietse Venema:
> Wietse:
> > I think it is a mistake to enforce Spamhaus for clients that connect
> > to port 578. Clients on port 25 must authenticate.
Sorry, 25 should have been 578.
> Ruben Safir:
> > I agree, but I don't know how to control rules for 587?
> > How do I tell it to do somethin
Wietse:
> I think it is a mistake to enforce Spamhaus for clients that connect
> to port 578. Clients on port 25 must authenticate.
Ruben Safir:
> I agree, but I don't know how to control rules for 587?
> How do I tell it to do something only on port 587?
In the stock master.cf file:
#submissio
On Wed, Jan 12, 2022 at 08:47:04AM -0500, Wietse Venema wrote:
> Ruben Safir:
> > >
> > > I hope that makes some sense. But I still don't
> > > understand your statement that "It is hitting on port
> > > 587" I'm not sure what you mean by "It".
> >
> >
> > It means that thunderbird, outside the
Ruben Safir:
> >
> > I hope that makes some sense. But I still don't
> > understand your statement that "It is hitting on port
> > 587" I'm not sure what you mean by "It".
>
>
> It means that thunderbird, outside the network, is reaching across the
> internet and tickling port 587 on postfix an
On Tue, Jan 11, 2022 at 10:41:55PM -0500, Bill Cole wrote:
> On 2022-01-11 at 19:58:09 UTC-0500 (Tue, 11 Jan 2022 19:58:09 -0500)
> Ruben Safir
> is rumored to have said:
>
> >>
> >>I hope that makes some sense. But I still don't
> >>understand your statement that "It is hitting on port
> >>587"
On 2022-01-11 at 19:58:09 UTC-0500 (Tue, 11 Jan 2022 19:58:09 -0500)
Ruben Safir
is rumored to have said:
I hope that makes some sense. But I still don't
understand your statement that "It is hitting on port
587" I'm not sure what you mean by "It".
It means that thunderbird, outside the net
>
> I hope that makes some sense. But I still don't
> understand your statement that "It is hitting on port
> 587" I'm not sure what you mean by "It".
It means that thunderbird, outside the network, is reaching across the
internet and tickling port 587 on postfix and it doesn't care... it
still
On Wed, Jan 12, 2022 at 11:14:34AM +1100, raf wrote:
> On Tue, Jan 11, 2022 at 01:20:49PM -0500, Ruben Safir
> wrote:
>
> > On Thu, Jan 06, 2022 at 02:09:45PM +1100, raf wrote:
> > > On Wed, Jan 05, 2022 at 04:10:26AM -0500, Ruben Safir
> > > wrote:
> > >
> > > > > > > /etc/postfix/main.cf:
On Tue, Jan 11, 2022 at 01:20:49PM -0500, Ruben Safir
wrote:
> On Thu, Jan 06, 2022 at 02:09:45PM +1100, raf wrote:
> > On Wed, Jan 05, 2022 at 04:10:26AM -0500, Ruben Safir
> > wrote:
> >
> > > > > > /etc/postfix/main.cf:
> > > > > > smtpd_sasl_type = dovecot
> > > > > > smtpd_sasl_pat
On Thu, Jan 06, 2022 at 02:09:45PM +1100, raf wrote:
> On Wed, Jan 05, 2022 at 04:10:26AM -0500, Ruben Safir
> wrote:
>
> > > > >
> > > > > /etc/postfix/main.cf:
> > > > > smtpd_sasl_type = dovecot
> > > > > smtpd_sasl_path = private/auth
> > > >
> > > > Can't this be done with tls witho
On Fri, Jan 07, 2022 at 12:23:16PM +1100, raf wrote:
> > I don't think that requiring client certs is a best practice. It
> > precludes concurrent use of alternative authentication methods. Just
> > asking is generally enough
>
> Thanks. But even so, it should probably still only be
> a -o overr
On Wed, Jan 05, 2022 at 11:09:56PM -0500, Viktor Dukhovni
wrote:
> On Thu, Jan 06, 2022 at 02:09:45PM +1100, raf wrote:
>
> > > is on - so it is asking for client certificates?
> > > But that is really not authetication, if I understand things.
> >
> > It's asking for them (from all clients, e
On Thu, Jan 06, 2022 at 02:09:45PM +1100, raf wrote:
> > is on - so it is asking for client certificates?
> > But that is really not authetication, if I understand things.
>
> It's asking for them (from all clients, even for remote
> mail servers sending you mail which isn't helpful), but
> it's
On Wed, Jan 05, 2022 at 04:10:26AM -0500, Ruben Safir
wrote:
> > > >
> > > > /etc/postfix/main.cf:
> > > > smtpd_sasl_type = dovecot
> > > > smtpd_sasl_path = private/auth
> > >
> > > Can't this be done with tls withouth dovecot or sasl?
> >
> > Authentication is needed by Dovecot for I
On Wed, Jan 05, 2022 at 04:10:26AM -0500, Ruben Safir wrote:
> queue_directory = /var/spool/postfix
> smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
> smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
This is a mistake, these files don't belong there
> > >
> > > /etc/postfix/main.cf:
> > > smtpd_sasl_type = dovecot
> > > smtpd_sasl_path = private/auth
> >
> > Can't this be done with tls withouth dovecot or sasl?
>
> Authentication is needed by Dovecot for IMAP access
> to read email. So it should be available for use by
> Postfix as we
On Mon, Jan 03, 2022 at 01:29:59PM -0500, Ruben Safir
wrote:
> On Thu, Dec 23, 2021 at 11:20:09AM +1100, raf wrote:
> > On Wed, Dec 22, 2021 at 12:20:31AM -0500, Ruben Safir
> > wrote:
> >
> > > On Wed, Dec 22, 2021 at 02:19:49PM +1100, raf wrote:
> > > > On Tue, Dec 21, 2021 at 06:52:23AM -0
On Thu, Dec 23, 2021 at 11:20:09AM +1100, raf wrote:
> On Wed, Dec 22, 2021 at 12:20:31AM -0500, Ruben Safir
> wrote:
>
> > On Wed, Dec 22, 2021 at 02:19:49PM +1100, raf wrote:
> > > On Tue, Dec 21, 2021 at 06:52:23AM -0500, Ruben Safir
> > > wrote:
> > >
> > > > I want to add a domain for th
On Wed, Dec 22, 2021 at 12:20:31AM -0500, Ruben Safir
wrote:
> On Wed, Dec 22, 2021 at 02:19:49PM +1100, raf wrote:
> > On Tue, Dec 21, 2021 at 06:52:23AM -0500, Ruben Safir
> > wrote:
> >
> > > I want to add a domain for the office in addition to my current domain.
> > >
> > > I've done thi
On Wed, Dec 22, 2021 at 02:19:49PM +1100, raf wrote:
> On Tue, Dec 21, 2021 at 06:52:23AM -0500, Ruben Safir
> wrote:
>
> > I want to add a domain for the office in addition to my current domain.
> >
> > I've done this before, following the outline in:
> > http://www.postfix.org/VIRTUAL_README.
On Tue, Dec 21, 2021 at 06:52:23AM -0500, Ruben Safir
wrote:
> I want to add a domain for the office in addition to my current domain.
>
> I've done this before, following the outline in:
> http://www.postfix.org/VIRTUAL_README.html#canonical
>
> using
>
> [ruben@www2 ~]$ cat /etc/postfix/mai
38 matches
Mail list logo
