Re: Reject client from domains without MX records

Just in case someone is interested, finally i disabled sasl auth globally and fixed the previous error by adding/modifying the following lines at master.cf smtp inet n - - - - smtpd -o smtpd_sasl_auth_enable=yes As you can see i forgot to enable

Re: Reject client from domains without MX records

Thanks a lot! -- Sent from my Android mobile, excuse the brevity. On Mar 29, 2014 12:55 AM, "li...@rhsoft.net" wrote: > > > Am 29.03.2014 00:43, schrieb Pau Peris: > > I don't think that's about reading but about experise. Which takes time > after reading > > no, it's a matter of read, try and tr

Re: Reject client from domains without MX records

Am 29.03.2014 00:43, schrieb Pau Peris: > I don't think that's about reading but about experise. Which takes time after > reading no, it's a matter of read, try and try again, been there done that > I will reenable sasl globally again while i try to understand it all > I'm unsure if login send

Re: Reject client from domains without MX records

I don't think that's about reading but about experise. Which takes time after reading. I will reenable sasl globally again while i try to understand it all. I'm unsure if login sender mismatch can have any side effect for incoming email once global sasl auth is activated. Could you please explain

Re: Reject client from domains without MX records

sorry, you need to read manuals and try some things at your own if you can't handle it why do you remove auth globally? in general don't change defaults for no good reason Am 29.03.2014 00:21, schrieb Pau Peris: > Could you be more explicit or place an example on how should main.cf >

Re: Reject client from domains without MX records

Could you be more explicit or place an example on how should main.cf should stay after removing the sasl params and how should master.cf look please? Thank u so much!! Sent from my Android mobile, excuse the brevity. On Mar 28, 2014 10:21 PM, "li...@rhsoft.net" wrote: > > Am 28.03.2014 20:33, s

Re: Reject client from domains without MX records

Am 28.03.2014 20:33, schrieb Pau Peris: > I think everything was working fine but after update main.cf > file i'm seeing the following warning > for emails incoming outside the box, postfix/smtpd[15455]: warning: > restriction > `reject_authenticated_sender_login_mismatch' ignor

Re: Reject client from domains without MX records

I think everything was working fine but after update main.cf file i'm seeing the following warning for emails incoming outside the box, postfix/smtpd[15455]: warning: restriction `reject_authenticated_sender_login_mismatch' ignored: no SASL support The previous warning is show when i send an email

Re: Reject client from domains without MX records

Finally, removing warn_if_rejected did the trick. Oh mine, stupid mistake, easy fix! Thanks a lot rhsoft!! On Thu, Mar 27, 2014 at 11:48 PM, Pau Peris wrote: > > Excuse me, i'll try to follow your rules. The HTML thing was due to the reader, i think it took web URL and emails into HTML tags. E

Re: Reject client from domains without MX records

Excuse me, i'll try to follow your rules. The HTML thing was due to the reader, i think it took web URL and emails into HTML tags. Excuses. Respect the exceptions list, you talk about cron emails using sendmail but it is using aliases table specified in main.cf also uses an email rewriter table sp

Re: Reject client from domains without MX records

PLEASE LEARN TO USE YOUR MAIL-CLIENT AND HOW TO QUOTE * do not top post * do not post HTML * do not reply only to your own questions while you refer to answers * if you continue that way of posting i just ignore you this is a completly unreadable thread in the meanwhile that below is hardly a res

Re: Reject client from domains without MX records

Hi, i understand now the mistake. I'm reviewing the whole restrictions lot to fix permit_mynetworks where it is needed. I'm looking at Postfix site - http://postfix.org/postconf.5.html - for a way to create exceptions as i would like some users like root to be able to spoof their from address but

Re: Reject client from domains without MX records

can you please stop top-posting and using HTML on lists? what is bad with HTML? look at the quote below after convert you message to plain Am 27.03.2014 19:53, schrieb Pau Peris: > i didn't configure mynetworks because i mynetworks_style is set to host. I > thought > it was right thing to do to

Re: Reject client from domains without MX records

Hi, i didn't configure mynetworks because i mynetworks_style is set to host. I thought it was right thing to do to fit my needs which obviously looks like not. Could you please exaplain me why is it wrong? I think i'm not fully understanding why permit_mynetworks is wrong there. Robert, i'm using

Re: Reject client from domains without MX records

Am 27.03.2014 18:52, schrieb Pau Peris: > If i try to spoof email/sender address through Mozilla Thunderbird i get > the same error message as the one when relaying >: Sender address rejected: not owned by user > us...@example.com ; So it looks li

Re: Reject client from domains without MX records

Am 27.03.2014 18:52, schrieb Pau Peris: > If i try to spoof email/sender address through Mozilla Thunderbird i get the > same error message as the one when > relaying mailto:u...@example.com>>: Sender address > rejected: not owned by user us...@example.com > ; So it loo

Re: Reject client from domains without MX records

After doing another try and looking carefully at the mail.log file i realize that after the first attempt to reject the email i finally gets delivered. https://gist.github.com/sibok/82f84dcc71bfa75deeeb Hope someone can help. Thanks! On Thu, Mar 27, 2014 at 6:52 PM, Pau Peris wrote: > If i try

Re: Reject client from domains without MX records

If i try to spoof email/sender address through Mozilla Thunderbird i get the same error message as the one when relaying : Sender address rejected: not owned by user us...@example.com; So it looks like the issue only exists when working locally like through the webmail solution. On Thu, Mar 27, 2

Re: Reject client from domains without MX records

Hi, i'm really getting nuts trying to get is running. The current behavior is: * An authenticated user can login as user f...@example.com and then send an email using from/sender address b...@example2.com * When another server i have, also running a Postfix 2.11, which relays emails on the main s

Re: Reject client from domains without MX records

Hello again, i read carefully the explanation given by rhsoft and also went to postconf doc page - http://www.postfix.org/postconf.5.html -to be able to understand each one of the statements i was setting up. It really looks pretty easy but i think i'm bypassing something because i'm not able to

Re: Reject client from domains without MX records

Hundred thanks!! Really great help, tomorrow gonna put it all together and solve the issue. Good night! On Mon, Mar 24, 2014 at 9:06 PM, li...@rhsoft.net wrote: > > > Am 24.03.2014 20:54, schrieb Pau Peris: > > I'm wondering why are you setting the following policies under recipient > restrict

Re: Reject client from domains without MX records

Am 24.03.2014 20:54, schrieb Pau Peris: > I'm wondering why are you setting the following policies under recipient > restrictions > and not under sender restrictions? Maybe it's more efficient? > > reject_non_fqdn_sender > reject_unlisted_sender > reject_authenticated_sender_login_mismatch bec

Re: Reject client from domains without MX records

I'm wondering why are you setting the following policies under recipient restrictions and not under sender restrictions? Maybe it's more efficient? reject_non_fqdn_sender reject_unlisted_sender reject_authenticated_sender_login_mismatch Last, what do you think about reject_unverified_sender? I

Re: Reject client from domains without MX records

Thank you everyone. Your advises has been very useful to resolve this issue. On Sat, Mar 22, 2014 at 2:17 PM, Wietse Venema wrote: > Pau Peris: > > Thanks for the explanation but i think i'm not understanding you. I > > understand MX records are not mandatory but i'm wondering what am i > > sup

Re: Reject client from domains without MX records

Pau Peris: > Thanks for the explanation but i think i'm not understanding you. I > understand MX records are not mandatory but i'm wondering what am i > supposed to do when someone tries to send an email and the from address is > not valid but an A or CNAME RR exists? This is described in RFC 532

Re: Reject client from domains without MX records

please avoid top-posting Am 22.03.2014 12:04, schrieb Pau Peris: > Thanks for the explanation but i think i'm not understanding you. I > understand MX records are not mandatory but i'm > wondering what am i supposed to do when someone tries to send an email and > the from address is not valid bu

Re: Reject client from domains without MX records

Just a last note, i would like to make sure domains/subdomains user as sender/from addresses have a MX RR accepting email for such domains/subdomains. I mean, if from address is host.mydomain.com while it can be reachable as long as it has an A or CNAME RR email delivered to host.mydomain.com may n

Re: Reject client from domains without MX records

Thanks for the explanation but i think i'm not understanding you. I understand MX records are not mandatory but i'm wondering what am i supposed to do when someone tries to send an email and the from address is not valid but an A or CNAME RR exists? By not valid i mean replying to the from address

Re: Reject client from domains without MX records

Am 22.03.2014 10:29, schrieb Pau Peris: > The issue here is mail.domain.com is responsible of > sending email for domain.com > but not *.domain.com so the latter > are not DKIM signed and obviously are > not valid recipient addres