Am 10.01.2012 21:32, schrieb Benny Pedersen:
> On Tue, 10 Jan 2012 09:34:09 +0100, Reindl Harald wrote:
>
>> but you have this for your mails rejected outside not
>> for incoming
>
> poor manns srs is .forward
who cares poor man in context of professional servers?
virtual_alias_maps = proxy:my
On Tue, 10 Jan 2012 09:34:09 +0100, Reindl Harald wrote:
but you have this for your mails rejected outside not
for incoming
poor manns srs is .forward
badly brokken spf checks is not something that postfix can change
checking From: header is not correct way of checking spf, srs will not
cha
Am 10.01.2012 08:37, schrieb Bastian Blank:
> On Tue, Jan 10, 2012 at 01:36:42AM +0100, Reindl Harald wrote:
>> Am 09.01.2012 22:07, schrieb Noel Jones:
>>> On 1/9/2012 1:24 PM, Jeroen Geilman wrote:
Many people (me and most of this list included) reject impersonation
of the sender addr
On Tue, Jan 10, 2012 at 01:36:42AM +0100, Reindl Harald wrote:
> Am 09.01.2012 22:07, schrieb Noel Jones:
> > On 1/9/2012 1:24 PM, Jeroen Geilman wrote:
> >> Many people (me and most of this list included) reject impersonation
> >> of the sender address unless it is on an encrypted submission port;
Am 10.01.2012 04:32, schrieb Noel Jones:
>> in this case this is NOT legit mail, sites implementing this
>> way have to be rejected - a "greeting ecard" where you can
>> enter a e-mail-address which will be used as ENVELOPE sender
>> is badly broken
>
>> any web-application using a foreign ENVEL
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 1/9/2012 6:36 PM, Reindl Harald wrote:
>
>
> Am 09.01.2012 22:07, schrieb Noel Jones:
>> On 1/9/2012 1:24 PM, Jeroen Geilman wrote:
>>> Many people (me and most of this list included) reject
>>> impersonation of the sender address unless it is on
Am 09.01.2012 22:07, schrieb Noel Jones:
> On 1/9/2012 1:24 PM, Jeroen Geilman wrote:
>> Many people (me and most of this list included) reject impersonation
>> of the sender address unless it is on an encrypted submission port;
>> this is the norm rather than the exception nowadays.
>
> Be awar
On 1/9/2012 1:24 PM, Jeroen Geilman wrote:
> Many people (me and most of this list included) reject impersonation
> of the sender address unless it is on an encrypted submission port;
> this is the norm rather than the exception nowadays.
Be aware this may reject some legit mail. Feel free to do
de of your systems but will have your From:
address.
If you block this, you won't see your own postings to the list.
This is an excerpt from the headers in your e-mail:
From: Benny Pedersen
To:
Subject: Re: Ok. I'm finding a small issue on my server.
This is a common misc
ng on that header no
matter where its recieved
This is an excerpt from the headers in your e-mail:
From: Benny Pedersen
To:
Subject: Re: Ok. I'm finding a small issue on my server.
good then fix it :-)
space lost before
From: address.
If you block this, you won't see your own postings to the list.
This is an excerpt from the headers in your e-mail:
From: Benny Pedersen
To:
Subject: Re: Ok. I'm finding a small issue on my server.
This is a common misconception. The envelope sender is not the same as
t
from outside of your systems but will have your From: address.
> If you block this, you won't see your own postings to the list.
>
> This is an excerpt from the headers in your e-mail:
>
> From: Benny Pedersen
> To:
> Subject: Re: Ok. I'm finding a small issue on m
o the list.
This is an excerpt from the headers in your e-mail:
From: Benny Pedersen
To:
Subject: Re: Ok. I'm finding a small issue on my server.
--
Bjørn
On 1/7/2012 8:33 PM, Benny Pedersen wrote:
> On Tue, 27 Dec 2011 14:07:22 +0100, Jeroen Geilman wrote:
>
>> smtpd_tls_auth_only = yes
>>
>> to main.cf; otherwise, all authentication communication is sent "in
>> the clear".
>
> this will only break starttls clients, that means connection must be
>
On Tue, 27 Dec 2011 14:07:22 +0100, Jeroen Geilman wrote:
smtpd_tls_auth_only = yes
to main.cf; otherwise, all authentication communication is sent "in
the clear".
this will only break starttls clients, that means connection must be
tls before connection, it will not make plain passwords mor
On Tue, 27 Dec 2011 08:22:47 +0100, Bjørn Ruberg wrote:
Be advised that if you plan to reject
*sender addresses* claiming to originate from your own domain, you
might break legitimate mails.
how ?
On Tuesday 27 December 2011 07:07:22 Jeroen Geilman wrote:
> On 2011-12-27 06:45, Glenn Sieb wrote:
> > While I have SASL set up on port 587, I recently found that
> > foreign IPs can connect, pretend to be, say, me, and send mail
> > to my users. SPF can catch this, but I think it's something that
On 2011-12-27 06:45, Glenn Sieb wrote:
Dear list,
While I have SASL set up on port 587, I recently found that foreign
IPs can connect, pretend to be, say, me, and send mail to my users.
SPF can catch this, but I think it's something that should/can be
caught by Postfix, no? So I conclude I have
On 12/27/2011 06:45 AM, Glenn Sieb wrote:
Dear list,
While I have SASL set up on port 587, I recently found that foreign
IPs can connect, pretend to be, say, me, and send mail to my users.
SPF can catch this, but I think it's something that should/can be
caught by Postfix, no?
Can, yes. But no
Make sure the submission daemon in master.cf is configured with the
following option:
-o smtpd_sasl_auth_enable=yes
Then ensure that you have SASL properly configured.
Also, ensure that your trusted networks is configured properly to ensure
you do not inadvertently have an open relay.
On 1
20 matches
Mail list logo