Hello,
I was asking myself about the kind of connection used by a MTA to
contact another one.
For exemple, I know that we can setup in a MUA an SSL (or TLS)
connection when configuring the SMTP connection. So the connection
between the MUA and the MTA is encrypted.
But can we configure postf
Encrypting emails would be simplier ( gpg or pgp )
Le 25/02/2011 09:02, Nicolas Michel a écrit :
Hello,
I was asking myself about the kind of connection used by a MTA to
contact another one.
For exemple, I know that we can setup in a MUA an SSL (or TLS)
connection when configuring the SMTP con
On Fri, Feb 25, 2011 at 09:11:11AM +0100, Frank Bonnet wrote:
> Encrypting emails would be simplier ( gpg or pgp )
No, it would not.
>> I know we can't guarantee that the entire flow will be encrypted because
>> we only have control on our MTA.
>>
>> But is it possible?
http://www.postfix.
On 02/25/2011 09:02 AM, Nicolas Michel wrote:
> Hello,
>
> I was asking myself about the kind of connection used by a MTA to
> contact another one.
> For exemple, I know that we can setup in a MUA an SSL (or TLS)
> connection when configuring the SMTP connection. So the connection
> between the MU
On Fri, Feb 25, 2011 at 09:27:36AM +0100, martijn.list wrote:
> > But is it possible?
>
> If the other MTAs are not under your control, you cannot enforce TLS
> between the other MTAs. You can only enforce TLS between the MTA you
> control and first MTA it connects to. After that you are no longe
Hello,
we are trying to solve a mail problem on the New Zealand Red Cross
mail server, which is sending confirmation messages for earthquake
donations from an invalid address, e.g.
postfix/smtp[26060]: 44B9C100CA13: to=,
relay=b.mx.madduck.net[213.203.238.82]:25, delay=10,
delays=0.01/0/6.8
On Fri, Feb 25, 2011 at 09:35:20AM +0100, martin f krafft wrote:
> we are trying to solve a mail problem on the New Zealand Red Cross
> mail server, which is sending confirmation messages for earthquake
> donations from an invalid address, e.g.
>
> postfix/smtp[26060]: 44B9C100CA13: to=,
> re
also sprach martin f krafft [2011.02.25.0935 +0100]:
> root@redxprdww02:/etc/postfix# cat sender_rewrite
> www-d...@redxprdww02.netspace.net.nz www-d...@redcross.org.nz
> www-d...@netspace.net.nz www-d...@redcross.org.nz
(yes, I did run postmap)
--
martin | http://madduck.net/ | http://tw
also sprach martin f krafft [2011.02.25.0935 +0100]:
> root@redxprdww02:/etc/postfix# cat sender_rewrite
> www-d...@redxprdww02.netspace.net.nz www-d...@redcross.org.nz
Thanks to freenode staffer Tabmow: there was an 'r' missing after
the '@' symbol.
Sorry for the noise.
--
martin | http:/
also sprach Victor Duchovni
[2011.02.25.0944 +0100]:
> > I wanted to approach this using a canonical rewriting map:
>
> Why not just set "myorigin" correctly?
I did not want to make such potentially far-reaching modifications
to a server that I did not set up nor control. I was only an
emergen
Zitat von Victor Duchovni :
On Fri, Feb 25, 2011 at 12:58:22AM +0100, Christian Roessner wrote:
I am currently preparing an upstart script for Ubuntu. I tried several
ways do use /usr/sbin/postfix, but I never would get the master PID. So
I looked at the postfix.c code.
There is a no single
This problem exist in the 2.7 and 2.8 branch:
In file included from attr_clnt.c:77:
/usr/include/unistd.h:329: error: conflicting types for 'closefrom'
./sys_defs.h:1399: error: previous declaration of 'closefrom' was here
*** Error code 1
Stop in /home/src/postfix-2.7.2/src/util.
*** Er
This gave me an idea:
what do people think about an ESMTP extension that enforces TLS?
MTA1 --> MTA2 -> MTA3
TLS TLS
with the idea of having an X-header that basically says "do not forward if no
TLS available"
so MTA1 sends to MTA2 encrypted. MTA2 reads that header and says
Hi,
> The "problem" is more of that distribution like Ubuntu and Redhat are
> moving to "upstart" for boot and starting services/daemons. The main
> difference for the started services is that upstart need the program
> to *not* daemonize or terminate itself because status is checked
> di
Zitat von Bernhard Rohrer :
This gave me an idea:
what do people think about an ESMTP extension that enforces TLS?
MTA1 --> MTA2 -> MTA3
TLS TLS
with the idea of having an X-header that basically says "do not
forward if no TLS available"
so MTA1 sends to MTA2 encrypted.
Am 25.02.2011 10:50, schrieb kristof.vans...@telenet.be:
> This problem exist in the 2.7 and 2.8 branch:
>
>
> In file included from attr_clnt.c:77:
> /usr/include/unistd.h:329: error: conflicting types for 'closefrom'
> ./sys_defs.h:1399: error: previous declaration of 'closefrom' was here
> ***
lst_ho...@kwsoft.de:
> The "problem" is more of that distribution like Ubuntu and Redhat are
> moving to "upstart" for boot and starting services/daemons. The main
> difference for the started services is that upstart need the program
> to *not* daemonize or terminate itself because status is
Zitat von Wietse Venema :
lst_ho...@kwsoft.de:
The "problem" is more of that distribution like Ubuntu and Redhat are
moving to "upstart" for boot and starting services/daemons. The main
difference for the started services is that upstart need the program
to *not* daemonize or terminate itself b
Hi,
> That's why i said it may be useful to have a simple
> "dispatcher/wrapper" which only is started to call "postfix start" and
> keeps running to keep upstart happy and calls "postfix stop/restart"
> when advised to do so by upstart. With this the supported way of
> starting/stopping i
lst_ho...@kwsoft.de:
> Zitat von Wietse Venema :
>
> > lst_ho...@kwsoft.de:
> >> The "problem" is more of that distribution like Ubuntu and Redhat are
> >> moving to "upstart" for boot and starting services/daemons. The main
> >> difference for the started services is that upstart need the program
Wietse Venema:
> lst_ho...@kwsoft.de:
> > Zitat von Wietse Venema :
> >
> > > lst_ho...@kwsoft.de:
> > >> The "problem" is more of that distribution like Ubuntu and Redhat are
> > >> moving to "upstart" for boot and starting services/daemons. The main
> > >> difference for the started services is
Zitat von Wietse Venema :
Wietse Venema:
lst_ho...@kwsoft.de:
> Zitat von Wietse Venema :
>
> > lst_ho...@kwsoft.de:
> >> The "problem" is more of that distribution like Ubuntu and Redhat are
> >> moving to "upstart" for boot and starting services/daemons. The main
> >> difference for the start
On Fri, Feb 25, 2011 at 03:08:51PM +0100, lst_ho...@kwsoft.de wrote:
[...]
> >Is there any reason they can't do this:
> >
> >Postfix "job" script:
> >
> > pre-start exec postfix start
> > post-stop exec postfix stop
> >
> >With this, the system will do the work for them, and everythin
On 2/25/2011 8:16 AM, Wietse Venema wrote:
The problem with this approach is that Postfix is not one program,
like named, apache, etc., and that simply starting one master daemon
is insufficient as it skips all the start-up repair and sanity checks.
That's why i said it may be useful to have a s
Hello,
Le 24 févr. 2011 à 23:18, Luis Esteves a écrit :
>
> Hi everybody,
>
> In our organisation we have 4 postfix servers.
> Each time i need to add a new configuration to the transport file (for a new
> domain), i need to update the transport file on each server.
> This is cumbersome. Co
lst_ho...@kwsoft.de:
> Zitat von Wietse Venema :
>
> > Wietse Venema:
> >> lst_ho...@kwsoft.de:
> >> > Zitat von Wietse Venema :
> >> >
> >> > > lst_ho...@kwsoft.de:
> >> > >> The "problem" is more of that distribution like Ubuntu and Redhat are
> >> > >> moving to "upstart" for boot and starting
On 24/02/2011 17:54, Victor Duchovni wrote:
On Thu, Feb 24, 2011 at 09:52:30AM +0200, Etienne Pretorius wrote:
I have a email address say staff@domain that maps perfectly to all its
intended recipients,
but on the same machine I have user1@domain that is suppose to map to
user1@domain,user2@dom
On Thu, Feb 24, 2011 at 02:18:07PM -0800, Luis Esteves wrote:
> In our organisation we have 4 postfix servers.
> Each time i need to add a new configuration to the transport
> file (for a new domain), i need to update the transport file on
> each server. This is cumbersome. Connect on each server
Hi,
> > > Postfix "job" script:
> > >
> > > pre-start exec postfix start
> > > post-stop exec postfix stop
> > >
> > > With this, the system will do the work for them, and everything
> > > uses stable documented interfaces.
sorry Wietse, if it really would have been so easy, I nev
Christian Roessner:
> Hi,
>
> > > > Postfix "job" script:
> > > >
> > > > pre-start exec postfix start
> > > > post-stop exec postfix stop
> > > >
> > > > With this, the system will do the work for them, and everything
> > > > uses stable documented interfaces.
>
> sorry Wietse, i
> On Fri, Feb 25, 2011 at 01:17:08AM -0500, Dennis Clarke wrote:
>
>> >> $ ls -l /dev/urandom
>> >> lrwxrwxrwx 1 root root 34 Feb 19 2008 /dev/urandom ->
>> >> ../devices/pseudo/random@0:urandom
>> >
>> > Which version of SunOS first introduced unconditional support for
>> > /dev/u
Dennis Clarke:
>
> > On Fri, Feb 25, 2011 at 01:17:08AM -0500, Dennis Clarke wrote:
> >
> >> >> $ ls -l /dev/urandom
> >> >> lrwxrwxrwx 1 root root 34 Feb 19 2008 /dev/urandom ->
> >> >> ../devices/pseudo/random@0:urandom
> >> >
> >> > Which version of SunOS first introduced uncond
On Fri, Feb 25, 2011 at 04:34:56PM +0200, Etienne Pretorius wrote:
>> Address mappings are tested via "postmap -q".
>>
>>> MAIN.CF
>>> virtual_alias_maps = mysql:/etc/postfix/mysql.virtualaliases.cf
>>
>> [usually best to put "proxy:" in front of "mysql:"]
>>
>> Report the output of:
>>
>> po
On Fri, Feb 25, 2011 at 10:07:18AM +0100, martin f krafft wrote:
> > > root@redxprdww02:/etc/postfix# grep sender_rewrite main.cf
> > > sender_canonical_maps = hash:/etc/postfix/sender_rewrite
> >
> > Don't waste time with sender_canonical_maps, use either canonical_maps
> > or smtp_generic_m
Yesterday I mentioned the possibility of having postscreen listen
on both primary and backup MX address *on the same machine*.
> In addition, one can also introduce new mechanisms into postscreen.
> For example, disabling dynamic whitelisting for connections to
> backup MX addresses.
I have run t
> Dennis Clarke:
>>
>> > On Fri, Feb 25, 2011 at 01:17:08AM -0500, Dennis Clarke wrote:
>> >
>> >> >> $ ls -l /dev/urandom
>> >> >> lrwxrwxrwx 1 root root 34 Feb 19 2008 /dev/urandom
>> ->
>> >> >> ../devices/pseudo/random@0:urandom
>> >> >
>> >> > Which version of SunOS first intr
On 02/23/2011 03:02 PM, Christian Roessner wrote:
Hi,
Postfix stable release 2.8.1 is available. This release fixes one
"signal 11" bug with SMTP server debug logging, and cleans up some
code and documentation.
Ubuntu packages done.
https://launchpad.net/~christian-roessner-net/+arc
Jeroen Geilman:
> I upgraded to these packages, thanks for that.
>
> However, I was hoping the fixes mentioned by Wietse would also get rid
> of the incessant "postfix/postscreen[25978]: warning: getpeername:
> Transport endpoint is not connected -- dropping this connection"
> messages in my lo
On 02/25/2011 08:58 PM, Wietse Venema wrote:
Jeroen Geilman:
I upgraded to these packages, thanks for that.
However, I was hoping the fixes mentioned by Wietse would also get rid
of the incessant "postfix/postscreen[25978]: warning: getpeername:
Transport endpoint is not connected -- droppi
Zitat von Wietse Venema :
lst_ho...@kwsoft.de:
Zitat von Wietse Venema :
> Wietse Venema:
>> lst_ho...@kwsoft.de:
>> > Zitat von Wietse Venema :
>> >
>> > > lst_ho...@kwsoft.de:
>> > >> The "problem" is more of that distribution like Ubuntu and
Redhat are
>> > >> moving to "upstart" for boo
Dennis Clarke:
> > In fact, the makedefs script enables /dev/urandom access by default
> > for Solaris 9 and onwards.
> >
> > My Solaris 8 test machine didn't have /dev/urandom, so I guess I
> > am in the category of "no one, ever" :-)
> >
> > Wietse
>
> You're totally in the category of ""..
On 02/24/2011 01:29 AM, Linda Pagillo wrote:
Thank you Mouss. Yes, you are correct. I did indeed mean postmaster@[ip].
I'm not having any mail rejected. I was just wondering if Postfix accepts
mail to literals by default. I'm getting ready to install Postfix and I
wanted to be sure that I had thi
Thank you!
Linda Pagillo - Owner
LPDynamix
931-284-9291
li...@lpdynamix.com
-Original Message-
From: owner-postfix-us...@postfix.org
[mailto:owner-postfix-us...@postfix.org] On Behalf Of Jeroen Geilman
Sent: Friday, February 25, 2011 2:45 PM
To: postfix-users@postfix.org
Subject: Re: How
Hi,
> That was the construct i tried to explain. A wrapper/pacifier whatever
> is needed which does not terminate but does nothing until a "stop" or
> some other event arrives.
>
> > They should not start and stop the master directly. Among other
> > things, that does not work with multi-in
Christian Roessner:
> This is, what I learned. So now my question: what do you have in mind
> Wietse, if you say, you may provide something? Do not get me wrong
I have written a "postfix upstart" command as described below.
This can automatically respawn Postfix in single instance mode
(even if I
Zitat von Wietse Venema :
Christian Roessner:
This is, what I learned. So now my question: what do you have in mind
Wietse, if you say, you may provide something? Do not get me wrong
I have written a "postfix upstart" command as described below.
This can automatically respawn Postfix in sing
* lst_ho...@kwsoft.de :
> Zitat von Wietse Venema :
> >This is now running on an Ubuntu virtual machine.
>
> Cool...
> And BTW i also have never seen Postfix die. It is one of the most
> stable non-trivial software systems i have seen until now.
Postfix is frustrating. At first tt's fun because i
On Feb 23, 2011, at 8:25 PM, Victor Duchovni wrote:
> On Wed, Feb 23, 2011 at 02:19:28PM -0800, Robert Goodyear wrote:
>
>> I'm sorry... I was speaking lazily there. I meant a 4.X.X response
>> that would cause the message to requeue and follow a retry/backoff
>> rate algorithm.
>
> Mere 4XX re
On Fri, Feb 25, 2011 at 02:38:16PM -0800, Robert Goodyear wrote:
> > Have you seen problem relays in your upstream relay mix? What real
> > symptoms do they exhibit and what is the observed impact on the upstream
> > Postfix SMTP client?
>
> I'm going to run some analytics on my last 12 months' w
On 2/25/2011 4:38 PM, Robert Goodyear wrote:
I'm going to run some analytics on my last 12 months' worth of outbound
messages to get more scientific with my gut instincts here. It's about 270
million messages, and my observation is that when we have a spike of 4 or 5
million that need to del
On Feb 25, 2011, at 2:58 PM, Victor Duchovni wrote:
> On Fri, Feb 25, 2011 at 02:38:16PM -0800, Robert Goodyear wrote:
>
>>> Have you seen problem relays in your upstream relay mix? What real
>>> symptoms do they exhibit and what is the observed impact on the upstream
>>> Postfix SMTP client?
>>
On Fri, 2011-02-25 at 10:50:45 +0100, kristof.vans...@telenet.be wrote:
> This problem exist in the 2.7 and 2.8 branch:
>
> In file included from attr_clnt.c:77:
> /usr/include/unistd.h:329: error: conflicting types for 'closefrom'
> ./sys_defs.h:1399: error: previous declaration of 'closefrom
the quantity of deferred is yahoo response : this as that that is this
Le vendredi 25 février 2011 à 15:29 -0800, Robert Goodyear a écrit :
> On Feb 25, 2011, at 2:58 PM, Victor Duchovni wrote:
>
> > On Fri, Feb 25, 2011 at 02:38:16PM -0800, Robert Goodyear wrote:
> >
> >>> Have you seen problem
Just curious, the GPL and the IPL are not license compatible. Anyone know
how RHEL and other sites deal with this when trying to provide a postfix
with mysql tables as an option?
I see that postfix on RHEL6 clearly links against mysql:
cd /usr/sbin
[build@zre-rhel6-64 sbin]$ ldd postfix
On 2/25/11 6:45 AM, Christian Roessner at
c+postfix_org...@roessner-network-solutions.com wrote:
> That postfix must not be started directly by calling master should also
> be documented in the master man page, as people like me (and my idea was
> based on Apple's practise, like they DO START post
Larry Stone:
> On 2/25/11 6:45 AM, Christian Roessner at
> c+postfix_org...@roessner-network-solutions.com wrote:
>
> > That postfix must not be started directly by calling master should also
> > be documented in the master man page, as people like me (and my idea was
> > based on Apple's practise
The operative words are desktop computer, the problem it would seem to
me, is that Upstart is being used in an environment for which it has not
been designed and is trying to solve problems that do not occur on a server.
Perhaps we need to point this out to the good folks at Ubuntu etc.
jut my
On Fri, Feb 25, 2011 at 04:39:25PM -0800, Quanah Gibson-Mount wrote:
> Just curious, the GPL and the IPL are not license compatible. Anyone know
> how RHEL and other sites deal with this when trying to provide a postfix
> with mysql tables as an option?
[IANAL]
The MySQL client libraries may
--On Saturday, February 26, 2011 1:41 AM -0500 Victor Duchovni
wrote:
On Fri, Feb 25, 2011 at 04:39:25PM -0800, Quanah Gibson-Mount wrote:
Just curious, the GPL and the IPL are not license compatible. Anyone
know how RHEL and other sites deal with this when trying to provide a
postfix wit
Yes, relay_domains, sender_access, and more.
Maybe the easier solution is to use the ssh/keys, but is it not dangerous to
store private keys on a DMZ ?
Luis
/dev/rob0 wrote:
>
> On Thu, Feb 24, 2011 at 02:18:07PM -0800, Luis Esteves wrote:
>> In our organisation we have 4 postfix servers
Hi,
> This got my attention because I run the Apple provided Postfix (2.5.5) on
> Mac OS X client (10.6.6 specifically). What do you know - when I look at the
> launchctl plist Apple provides to start Postfix, it does so by running
> master directly. Thanks Apple!
Calling /usr/libexec/postfix/mas
61 matches
Mail list logo
