Le 30/09/2024 à 20:34, Wietse Venema via Postfix-users a écrit :
Workaround: specify "smtpd_sasl_auth_enable = yes". That means
Postfix needs some of the Dovecot machinery even if most of it will
remain unused.
That was fast! That works perfectly, many thanks.
_
Wietse Venema via Postfix-users:
> > $ telnet wzv smtp
> > Trying 168.100.3.7...
> > Connected to wzv.
> > Escape character is '^]'.
> > 220 wzv.porcupine.org ESMTP Postfix
> > XCLIENT LOGIN=whatever
> > 2
Wietse Venema via Postfix-users:
> Antonin VERRIER via Postfix-users:
> > Hello,
> >
> > I'm a bit confused about whether Postfix considers a client
> > authenticated using XCLIENT to be SASL-authenticated or not.
>
> If XCLIENT receives a SASL login
Antonin VERRIER via Postfix-users:
> Hello,
>
> I'm a bit confused about whether Postfix considers a client
> authenticated using XCLIENT to be SASL-authenticated or not.
If XCLIENT receives a SASL login name, Postfix assumes that client
is authenticat
27;t work since the IP address that gets evaluated against
"mynetworks" is the one Dovecot supplied using XCLIENT (so outside of
mynetworks), and not localhost that Dovecot is connecting from.
___
Postfix-users mailing list -- postfix-users@pos
Dnia 30.09.2024 o godz. 18:53:29 Antonin VERRIER via Postfix-users pisze:
> For context, I'm using Dovecot submission service, which handles
> connections from SMTP client and, if authentication is successful,
> proxies them to a dedicated Postfix port and provides client data
&
Hello,
I'm a bit confused about whether Postfix considers a client
authenticated using XCLIENT to be SASL-authenticated or not.
Apparently "permit_sasl_authenticated" says no but
"reject_sender_login_mismatch" says yes.
For context, I'm using Dovecot sub
Hi,
On 04.06.21 19:13, Wietse Venema wrote:
Looks like you still need "smtpd_sasl_auth_enable = yes", even
if the login happens before Postfix.
Wietse
Okay, thanks. I'll use smtpd_sasl_exceptions_networks then to restrict
login to only my submissiond host and use a local dovecot auth
> I looked into the source code a bit, and it says in smtpd.c where
> XCLIENT LOGIN is applied "This can be used even if SASL authentication
> is turned off in main.cf. We can't make it easier than that.", so I was
> under the impression that it should be possib
XCLIENT LOGIN is applied "This can be used even if SASL authentication
is turned off in main.cf. We can't make it easier than that.", so I was
under the impression that it should be possible to use XCLIENT LOGIN
without configuring SASL. Is that possible?
Best regards,
Mika Pflüger
On Fri, Oct 23, 2020 at 3:26 PM Demi M. Obenour wrote:
> >> "p=quarantine" might be a better choice, but I do consider lack of
> >> DMARC to be a security hole. I certainly don't want someone to be
> >> able to forge mail that claims to be from me. There are all sorts of
> >> nasty social engin
On Fri, Oct 23, 2020 at 11:55:20AM -0400, Demi M. Obenour wrote:
> On 10/22/20 12:47 PM, Aki Tuomi wrote:
> > I stumbled upon a possible bug with postfix. I am using postfix 3.4.14, and
> > when I use XCLIENT command over smtps (not starttls), the session gets
> > stuc
On 10/22/20 12:47 PM, Aki Tuomi wrote:
> Hi!
>
> I stumbled upon a possible bug with postfix. I am using postfix 3.4.14, and
> when I use XCLIENT command over smtps (not starttls), the session gets stuck
> until further input, which causes it to abort the connection due to
&
On 23/10/2020 09:27, Nick Tait wrote:
On 22/10/20 6:13 am, PGNet Dev wrote:
Before I take this up as an opendmarc question (my config &/or bug),
& do more thorough digging re: intuit's published records,
(1) Is there anything obviously wrong/missing in that^ XCLIENT usage
gen
On 23/10/20 2:26 pm, Bob Proulx wrote:
The tragicomical thing is that Gmail does follow policy and when the
policy of the sending site is strict DMARC and the mailing list does
not rewrite then Gmail subscribers to mailing lists will get
automatically unsubscribed when/if the bounce ratio exceeds
On 22/10/20 6:13 am, PGNet Dev wrote:
Before I take this up as an opendmarc question (my config &/or bug), &
do more thorough digging re: intuit's published records,
(1) Is there anything obviously wrong/missing in that^ XCLIENT usage
generally, or in the specific intuit.com cas
et of message
headers in this ordering, From: Reply-To: Resent-From: To: Cc:
Mail-Followup-To: Subject: Date:)
Date: Thu, 22 Oct 2020 19:17:35 -0400 (EDT)
From: Wietse Venema
To: Postfix users
Subject: Re: sanity-check postfix XCLIENT usage ?
Reply-To: Postfix users
:-)
> W
On 22 Oct 2020, at 17:17, Wietse Venema wrote:=
>
> Demi M. Obenour:
>> That's because MUAs display the From: header, not the envelope address.
>> DMARC is aimed at preventing spoofing. If someone sends a message
>> that claims to be from me, but is not, that could damage my reputation
>> or wor
Demi M. Obenour:
> That's because MUAs display the From: header, not the envelope address.
> DMARC is aimed at preventing spoofing. If someone sends a message
> that claims to be from me, but is not, that could damage my reputation
> or worse. If GMail had p=reject, such a message would be droppe
On 10/22/20 3:35 PM, Bob Proulx wrote:
> Demi M. Obenour wrote:
>> Viktor Dukhovni wrote:
Demi M. Obenour wrote:
This is really a security hole in gmail. Given the popularity of
gmail, however, I seriously suggest somehow treating gmail as if it
had p=reject, as it should.
>>>
Aki Tuomi:
> Hi!
>
> I stumbled upon a possible bug with postfix. I am using postfix
> 3.4.14, and when I use XCLIENT command over smtps (not starttls),
> the session gets stuck until further input, which causes it to
> abort the connection due to unexpected SSL packet.
The ser
Demi M. Obenour wrote:
> Viktor Dukhovni wrote:
> >> Demi M. Obenour wrote:
> >> This is really a security hole in gmail. Given the popularity of
> >> gmail, however, I seriously suggest somehow treating gmail as if it
> >> had p=reject, as it should.
> > No it should not have "p=reject" that's o
On 10/22/20 12:25 PM, Viktor Dukhovni wrote:
>> On Oct 22, 2020, at 2:11 PM, Demi M. Obenour wrote:
>>
>> I know :(
>>
>> This is really a security hole in gmail. Given the popularity of
>> gmail, however, I seriously suggest somehow treating gmail as if it
>> had p=reject, as it should.
> No it
Hi!
I stumbled upon a possible bug with postfix. I am using postfix 3.4.14, and
when I use XCLIENT command over smtps (not starttls), the session gets stuck
until further input, which causes it to abort the connection due to unexpected
SSL packet.
--
Aki Tuomi
## postconf -nf
alias_database
> On Oct 22, 2020, at 2:11 PM, Demi M. Obenour wrote:
>
> I know :(
>
> This is really a security hole in gmail. Given the popularity of
> gmail, however, I seriously suggest somehow treating gmail as if it
> had p=reject, as it should.
No it should not have "p=reject" that's only for sites th
On 10/22/20 3:23 AM, Bastian Blank wrote:
> Hi name less
>
> On Wed, Oct 21, 2020 at 10:13:54AM -0700, PGNet Dev wrote:
>> I've online-checked SPF/DMARC records for 'intuit.com'; all _seems_ to be ok.
>> I've cranked up opendmarc logging level to
>> MilterDebug 5
>> with that, on failed attem
;none" policy:
| _dmarc.gmail.com. IN TXT "v=DMARC1; p=none; sp=quarantine; […]"
> using data pulled from postfix logs for a SUCCESSFUL fr...@gmail.com delivery,
> @ an opened 'openssl s_client' session to my postfix external IP, injecting
>
> XCLIENT N
On 22/10/2020 00:39, PGNet Dev wrote:
On 10/21/20 4:31 PM, Wietse Venema wrote:
PGNet Dev:
Two questions:
clear.
i'll focus just on just the dmarc bits.
both debugging opendmarc, and replacing it with another option to see
if behavior changes.
xclient's extremely helpful in any case.
On 10/21/20 4:31 PM, Wietse Venema wrote:
PGNet Dev:
Two questions:
clear.
i'll focus just on just the dmarc bits.
both debugging opendmarc, and replacing it with another option to see if
behavior changes.
xclient's extremely helpful in any case.
icy is evaluated.
> Initially, I see no difference. At least not with the XCLIENT
> injection tests.
>
> For milter use, in postfix, is there any preference/requirement
> for the milters to exec in forked vs. un-forked mode?
Postfix does not care. If forked versus non-forked would c
On 10/21/20 11:13 AM, Wietse Venema wrote:
If your XCLIENT arguments match Postfix logging, including the name
and IP address info
they do
and you used HELO or EHLO depending on Postfix's proto= logging
proto=ESMTP, so I used EHLO
then I think that the Postfix SMTP daemon c
If your XCLIENT arguments match Postfix logging, including the name
and IP address info and you used HELO or EHLO depending on Postfix's
proto= logging, then I think that the Postfix SMTP daemon cannot
distinguish between a real intuit.com connection and one made with
XCLIENT.
That leave
I'm using Postfix's XCLIENT to synthesize/inject a test email into my
postfix->filter/milter->delivery chain.
I'd like to verify that my XCLIENT usage isn't the cause of the delivery
failure I see below ...
@ this postfix instance, mail flows as
-> p
Paul:
> Hi
>
> Can? a postfix smtp client be made to? send xclient data to a xclient
> enabled local smtpd service ?
This is not documented, therefore not supported.
Also:
$ postconf -H | grep 'smtp_.*xclient'
produces no output, whereas
$ postconf -H | grep &
Hi
Can a postfix smtp client be made to send xclient data to a xclient
enabled local smtpd service ?
Regards Paul
Wietse Venema:
> Melvin Vermeeren:
> > In conclusion I believe "var_smtpd_sasl_enable" can be removed from
> > src/smtpd/ smtpd_check.c completely, together with the "if
> > (var_smtpd_sasl_enable)" conditionals. Could you post your thoughts on
> > this?
>
> You can try that. But your argument has
Melvin Vermeeren:
> In conclusion I believe "var_smtpd_sasl_enable" can be removed from src/smtpd/
> smtpd_check.c completely, together with the "if (var_smtpd_sasl_enable)"
> conditionals. Could you post your thoughts on this?
You can try that. But your argument has holes because there is code
l
Wietse Venema:
> Wietse Venema:
> > Melvin Vermeeren:
> > > To be specific the problem is that it appears impossible to enable SASL
> > > without configuring a real, working, authentication back-end, which is
> > > not
> > > needed if only XCLIENT-styl
Wietse Venema:
> Melvin Vermeeren:
> > To be specific the problem is that it appears impossible to enable SASL
> > without configuring a real, working, authentication back-end, which is not
> > needed if only XCLIENT-style SASL is used I believe.
>
&
Melvin Vermeeren:
> To be specific the problem is that it appears impossible to enable SASL
> without configuring a real, working, authentication back-end, which is not
> needed if only XCLIENT-style SASL is used I believe.
By default, Postfix has
smtpd_sasl_type = cyrus
Why
continues after this observation and
"smtpd_sasl_auth_enable" is set to "yes". Only after that change does the real
problem come to light, which is what the initial mail really is about.
To be specific the problem is that it appears impossible to enable SASL
without configur
Melvin Vermeeren:
> > connect from localhost[127.0.0.1]
> > warning: restriction `reject_authenticated_sender_login_mismatch' ignored:
> > no SASL support
This means that Postfix is built without any SASL support,
or that you have "smtpd_sasl_enable=no".
Wietse
Code sample:
#ifdef USE_S
dress.
Dovecot's MSA is still very primitive, so this is to be handled in postfix.
This at first sight seems simple. Use XCLIENT so postfix gets full client
details, including SASL username. Then use the standard sender restrictions
and sender login maps. I add to main.cf:
> smtpd_authorized_
John Jetmore:
> On Mon, Oct 30, 2017 at 3:34 PM, Noel Jones wrote:
>
> > On 10/30/2017 1:43 PM, John Jetmore wrote:
> > > 2. Is it correct that STARTTLS must always precede XCLIENT? It
> > > appears that postfix owns the XCLIENT extension, is there any
> > &g
On Mon, Oct 30, 2017 at 3:34 PM, Noel Jones wrote:
> On 10/30/2017 1:43 PM, John Jetmore wrote:
> > 2. Is it correct that STARTTLS must always precede XCLIENT? It
> > appears that postfix owns the XCLIENT extension, is there any
> > non-postfix implementor for whom the ord
swaks SMTP tool. A user
> pointed out to me recently that swaks, postfix, xclient, and
> starttls don't play well together.
>
> If a user requests both STARTTLS and XCLIENT, swaks attempts XCLIENT
> first. This result (for the swaks user) in:
>
> 530 5.7.0 Must issue
(Apologies if this is a duplicate post. I sent the first one before I
confirmed my list membership and I don't see it in the online archives so I
am assuming it wasn't sent)
Hi postfix-users. I am the author of the swaks SMTP tool. A user pointed
out to me recently that swaks, postfi
> On 10 Mar 2017, at 16:02, Noel Jones wrote:
>
> You can add an override on a specific smtpd listener IP:port in
> master.cf.
>
> Something like:
>
> # master.cf
> 192.168.1.50:2525 inet n - n - - smtpd
> -o smtpd_tls_auth_only=no
Thanks Noel - I’d forgotten completely about maste
> On 10 Mar 2017, at 16:02, Noel Jones wrote:
>
> You can add an override on a specific smtpd listener IP:port in
> master.cf.
>
> Something like:
>
> # master.cf
> 192.168.1.50:2525 inet n - n - - smtpd
> -o smtpd_tls_auth_only=no
Thanks Noel - I’d forgotten completely about master
On 3/9/2017 5:23 PM, Marty Lee wrote:
> Unless anyone has any other bright ideas that would let me set options
> for smtpd_tls_auth_only on a per interface/port basis?
You can add an override on a specific smtpd listener IP:port in
master.cf.
Something like:
# master.cf
192.168.1.50:2525 inet
t; Postfix on the mail server seems to be ignoring the XCLIENT ’LOGIN’ passed
> to it via Nginx, and Postfix on the mail server thinks I’m trying to
> relay email, and blocks it.
>
> If I point a mail client at Postfix on the mail server directly, it
> authenticates and then acc
nt to send email,
and I think there is a high chance I’ve missed some important configuration
command, or maybe just misunderstood what’s going on - hence this email.
Quick summary:
Postfix on the mail server seems to be ignoring the XCLIENT ’LOGIN’ passed
to it via Nginx, and Postfix on the mail s
On Mon, May 25, 2015 at 12:21:18AM +, Viktor Dukhovni wrote:
> On Mon, May 25, 2015 at 01:28:09AM +0200, furio ercolessi wrote:
>
> > Now, I would like to add the XCLIENT facility to do some
> > antispam testing on B, using the original IPs that
> > connected to A.
On Mon, May 25, 2015 at 01:28:09AM +0200, furio ercolessi wrote:
> Now, I would like to add the XCLIENT facility to do some
> antispam testing on B, using the original IPs that
> connected to A. So I put A's IP address in
> smtpd_authorized_xclient_hosts in the B's config,
like to add the XCLIENT facility to do some
antispam testing on B, using the original IPs that
connected to A. So I put A's IP address in
smtpd_authorized_xclient_hosts in the B's config,
and verified that B advertises XCLIENT to A:
250-B.example.com
250-PIPELINING
250-SIZE 1024
25
r.
> The content filter supports both XFORWARD and XCLIENT.
> Like postfix the content filter uses XFORWARD only for logging.
> If i send the client information within a XCLIENT command
> i'm able to defined restrictions/whitelistings based on the
> (virtual) client address in the co
D and XCLIENT.
Like postfix the content filter uses XFORWARD only for logging.
If i send the client information within a XCLIENT command
i'm able to defined restrictions/whitelistings based on the
(virtual) client address in the content filter.
But postfix is only able to send XFORWARD.
Is there a
Am Donnerstag, den 23.10.2014, 09:42 -0400 schrieb Wietse Venema:
> Markus Benning:
> > Hello,
> >
> > i'm using a lot of automated tests to test my postfix configuration.
> > The XCLIENT command is very handy for such checks.
> > I thought about adding a
Markus Benning:
> Hello,
>
> i'm using a lot of automated tests to test my postfix configuration.
> The XCLIENT command is very handy for such checks.
> I thought about adding a STRESS parameter to the command to be
> able to also write test plans to test under-stress-be
Hello,
i'm using a lot of automated tests to test my postfix configuration.
The XCLIENT command is very handy for such checks.
I thought about adding a STRESS parameter to the command to be
able to also write test plans to test under-stress-behavior.
It was easy to add the parameters t
Den 2012-04-16 05:21, Benny Pedersen skrev:
my own defence on this is to
http://www.postfix.org/postconf.5.html#smtp_discard_ehlo_keywords
http://www.postfix.org/postconf.5.html#smtpd_discard_ehlo_keywords ups
Den 2012-04-09 02:15, Daniel L. Miller skrev:
Apr 8 17:02:35 bubba assp/smtpd[7414]: warning:
unknown[110.53.26.206]: SASL LOGIN authentication failed:
UGFzc3dvcmQ6
This is much better. My remaining question is - is there a way I can
get even that first connection line to reference the remot
I have a proxy filter in front of Postfix. Postfix is listening on
the localhost. The filter is sending EHLO and XCLIENT to Postfix. The
reason I am trying xclient is to get more information in Postfix's logs.
I'm now getting a significant quantity of brute-force and formerly
hacke
Wietse Venema:
> jeff geng:
> > Wietse:
> >
> > Happy new year :)
> >
> > We use niginx's smtp function to redirect mail to postfix server. But in
> > postfix, XCLIENT command can't support the LOGIN paremeter.
> > Severial months ago,
jeff geng:
> Wietse:
>
> Happy new year :)
>
> We use niginx's smtp function to redirect mail to postfix server. But in
> postfix, XCLIENT command can't support the LOGIN paremeter.
> Severial months ago, I write a patch for postfix-2.5.3. Now nginx official
&g
Patrick Ben Koetter:
> I understand a server announcing XFORWARD is ready to accept session META data
> acquired from another client, but I don't understand where XCLIENT fits in.
XFORWARD is for LOGGING - it does not change POSTFIX access policy.
XCLIENT is for IMPERSONATION - it
I understand a server announcing XFORWARD is ready to accept session META data
acquired from another client, but I don't understand where XCLIENT fits in.
>From my understanding a typical XFORWARD situation would be data (IP, hostname
etc.) from client that talked to Postfix is passed by
JC Putter:
> can someone you me an example of how to enable this ? basicly a
> smtp servers forward my mail to my postfix server, i want to enable
> xclient to filter the sender information.
Wietse:
> See: http://www.postfix.org/postconf.5.html#smtpd_authorized_xclient_hosts
JC Put
great thanks wietse
On Sun, Jun 6, 2010 at 2:34 PM, Wietse Venema wrote:t
> JC Putter:
> > hi i want to enable xclient extentions for my postfix server, i looked
> at
> > http://www.postfix.org/XCLIENT_README.html
> >
> > can someone you me an example of how t
JC Putter:
> hi i want to enable xclient extentions for my postfix server, i looked at
> http://www.postfix.org/XCLIENT_README.html
>
> can someone you me an example of how to enable this ? basicly a smtp servers
> forward my mail to my postfix server, i want to enable xclien
hi i want to enable xclient extentions for my postfix server, i looked at
http://www.postfix.org/XCLIENT_README.html
can someone you me an example of how to enable this ? basicly a smtp servers
forward my mail to my postfix server, i want to enable xclient to filter the
sender information
UPDATE_STR(state->sasl_username, attr_value);
> > > > > + printable(state->sasl_username, '?');
> > > > > + UPDATE_STR(state->sasl_method, "xclient");
> > > > >
> > > > > Why not use the real authentication me
ema:
> > > > + UPDATE_STR(state->sasl_username, attr_value);
> > > > + printable(state->sasl_username, '?');
> > > > + UPDATE_STR(state->sasl_method, "xclient");
> > > >
> > > > Why not
Wietse Venema:
> > > + UPDATE_STR(state->sasl_username, attr_value);
> > > + printable(state->sasl_username, '?');
> > > + UPDATE_STR(state->sasl_method, "xclient");
> > >
> > > Why not u
jeff geng:
> Wietse:
> Please see my reply marked as blue.
> :)
>
> jeff geng
>
> 2010/1/5 Wietse Venema
>
> > jeff geng:
> > > Wietse:
> > >
> > > Happy new year :)
> > >
> > > We use niginx's smtp function
Wietse:
Please see my reply marked as blue.
:)
jeff geng
2010/1/5 Wietse Venema
> jeff geng:
> > Wietse:
> >
> > Happy new year :)
> >
> > We use niginx's smtp function to redirect mail to postfix server. But in
> > postfix, XCLIENT command can
jeff geng:
> Wietse:
>
> Happy new year :)
>
> We use niginx's smtp function to redirect mail to postfix server. But in
> postfix, XCLIENT command can't support the LOGIN paremeter.
> Severial months ago, I write a patch for postfix-2.5.3. Now nginx official
&g
Wietse:
Happy new year :)
We use niginx's smtp function to redirect mail to postfix server. But in
postfix, XCLIENT command can't support the LOGIN paremeter.
Severial months ago, I write a patch for postfix-2.5.3. Now nginx official
website also supply a patch for this situation a
On Wed, Dec 16, 2009 at 12:34:39PM -0500, Ben Winslow wrote:
> This is only peripherally related to Postfix, but I'm wondering if
> anyone knows of a very simple SMTP proxy with XCLIENT support. We are
> transitioning some customers to a new mail server from one that used to
>
This is only peripherally related to Postfix, but I'm wondering if
anyone knows of a very simple SMTP proxy with XCLIENT support. We are
transitioning some customers to a new mail server from one that used to
serve (outbound) SMTP and POP3 on the same IP address; however, I would
prefer n
Victor Duchovni:
> On Sun, Feb 01, 2009 at 05:16:18PM -0500, Wietse Venema wrote:
>
> > Bokhan Artem:
> > > In the next example postfix does not pass HELO from XCLIENT line to the
> > > milter if "EHLO spike.porcupine.org" is ommited.
> > &
Wietse Venema пишет:
Bokhan Artem:
In the next example postfix does not pass HELO from XCLIENT line to the milter if
"EHLO spike.porcupine.org" is ommited.
It looks like bug.
This is not a bug.
The behavior of mail proxy (nginx) is not to send EHLO after XCLIENT. Thank you
On Sun, Feb 01, 2009 at 05:16:18PM -0500, Wietse Venema wrote:
> Bokhan Artem:
> > In the next example postfix does not pass HELO from XCLIENT line to the
> > milter if "EHLO spike.porcupine.org" is ommited.
> > It looks like bug.
>
> This is not a bug.
&
Bokhan Artem:
> In the next example postfix does not pass HELO from XCLIENT line to the
> milter if "EHLO spike.porcupine.org" is ommited.
> It looks like bug.
This is not a bug.
After XCLIENT, Postfix must reset the Milter session and start from
scratch with the new cl
In the next example postfix does not pass HELO from XCLIENT line to the milter if
"EHLO spike.porcupine.org" is ommited.
It looks like bug.
220 server.example.com ESMTP Postfix
EHLO client.example.com
250-server.example.com
250-PIPELINING
250-SIZE 1024
250-VRFY
250-ETRN
250-XC
Geert Hendrickx a écrit :
> On Thu, Jan 29, 2009 at 12:22:13PM +0100, mouss wrote:
>> Jan 29 00:38:17 imlil postmx/smtpd[26222]: NOQUEUE: reject: RCPT from
>> unknown[147.203.208.166]: 550 5.7.1 Client host rejected: cannot find
>> your hostname, [147.203.208.166];
>> from=<3ff.4.69709687-17084...@
Geert Hendrickx:
> On Thu, Jan 29, 2009 at 12:22:13PM +0100, mouss wrote:
> > Jan 29 00:38:17 imlil postmx/smtpd[26222]: NOQUEUE: reject: RCPT from
> > unknown[147.203.208.166]: 550 5.7.1 Client host rejected: cannot find
> > your hostname, [147.203.208.166];
> > from=<3ff.4.69709687-17084...@cherr
On Thu, Jan 29, 2009 at 12:22:13PM +0100, mouss wrote:
> Jan 29 00:38:17 imlil postmx/smtpd[26222]: NOQUEUE: reject: RCPT from
> unknown[147.203.208.166]: 550 5.7.1 Client host rejected: cannot find
> your hostname, [147.203.208.166];
> from=<3ff.4.69709687-17084...@cherryimprovise.com> to=
> proto
Artem Bokhan a écrit :
> Ok, let's start with beginning...
>
> What is the difference between NAME and REVERSE_NAME from postfix's view?
> What is the difference between "SMTP client hostname" and "PTR record
> value"?
>
NAME is "verified". REVERSE_NAME is not. so you have 3 cases:
- NAME=REVER
prets NAME and REVERSE_NAME?
I want to understand, how not to break, for example, "reject_unknown_client_hostname" and
"reject_unknown_reverse_client_hostname" behavior, when passing names via XCLIENT but not
via postfix resolver.
Wietse Venema ?:
Artem Bokhan:
Bokhan Artem:
> So how postfix interprets NAME and REVERSE_NAME?
> I want to understand, how not to break, for example,
> "reject_unknown_client_hostname" and "reject_unknown_reverse_client_hostname"
> behavior, when passing names via XCLIENT but not via post
So how postfix interprets NAME and REVERSE_NAME?
I want to understand, how not to break, for example, "reject_unknown_client_hostname" and
"reject_unknown_reverse_client_hostname" behavior, when passing names via XCLIENT but not
via postfix resolver.
Wietse Venema
Artem Bokhan:
> >XCLIENT NAME ADDR PROTO HELO REVERSE_NAME
>
> Do NAME and REVERSE_NAME from XCLIENT agree with this description from
> smtpd_peer.c ?
NAME agrees with the XCLIENT documentation - it is meant to be
something that other MTAs can implement too so it must not de
>XCLIENT NAME ADDR PROTO HELO REVERSE_NAME
Do NAME and REVERSE_NAME from XCLIENT agree with this description from
smtpd_peer.c ?
/* .IP name
/* The verified client hostname. This name is represented by
/* the string "unknown" when 1) the address->name lookup failed
94 matches
Mail list logo
