Hi,
I wonder how postfix decides on what IP address to bind to / initiation
IP connections from, in terms of sending outgoing mail?
I have a server with 5 IP addresses, where the IP address I'm using for
receiving mail is the main IP address for the machine. I've set the
following in main.cf to e
On Tue, 2011-03-08 at 12:36 +0100, Ákos Maróy wrote:
> Hi,
>
> I wonder how postfix decides on what IP address to bind to / initiation
> IP connections from, in terms of sending outgoing mail?
>
> I have a server with 5 IP addresses, where the IP address I'm using for
> receiving mail is the mai
On 08/03/11 12:57, Bas Mevissen wrote:
> If I'm not mistaken, the setting of inet_interfaces is for the
> _listening_ port only and not for the outgoing one.
I see.. is there no way to force the outgoing IP address?
> It depends on the the routing table which interface is used for outgoing
> mail
* Bas Mevissen :
> On Tue, 2011-03-08 at 12:36 +0100, Ákos Maróy wrote:
> > Hi,
> >
> > I wonder how postfix decides on what IP address to bind to / initiation
> > IP connections from, in terms of sending outgoing mail?
> >
> > I have a server with 5 IP addresses, where the IP address I'm using
On 08/03/11 13:05, Patrick Ben Koetter wrote:
> $ man 5 postconf | less +/^smtp_bind_address
thanks, this does the trick!
Hi guys.
I would like to implement server-to-server TLS encryption between two
postfix instances I manage. One of the servers already has
TLS-capabilities but they are only used for SASL-AUTH clients.
Where do I start to have the entire stream between the servers to be
encrypted?
Thanks.
-RV
On Tue, Mar 08, 2011 at 01:38:28PM +0100, Raven wrote:
> I would like to implement server-to-server TLS encryption between two
> postfix instances I manage. One of the servers already has
> TLS-capabilities but they are only used for SASL-AUTH clients.
>
> Where do I start to have the entire stre
Hi list
I understand perfectly that postfix has nothing to do with tmda, but I'm
so use it to transport, as follows, but so the tmda returns code 99 [2].
Well, what I am now is much the same set up as a transport:
In the master.cf file:
# TMDA
tmdaunix- n n - -
On Tue, Mar 08, 2011 at 10:38:09AM -0300, M?rcio Luciano Donada wrote:
> I understand perfectly that postfix has nothing to do with tmda, but I'm
> so use it to transport, as follows, but so the tmda returns code 99 [2].
> Well, what I am now is much the same set up as a transport:
You can't use
Wietse Venema put forth on 3/7/2011 2:08 PM:
> CERT/CC announces a flaw today in multiple STARTTLS implementations.
> This problem was silently fixed in Postfix 2.8 and 2.9. Updates
> for Postfix 2.[4-7] are made available via the usual channels.
Nice catch Wietse! Normally I'd follow that with "
Em 8/3/2011 10:54, Victor Duchovni escreveu:
> The exit status of "99" is I believe designed with qmail in mind. Also
> this message did not get routed to the transport you configured, it got
> handled by "local(8)", the command "tmda-filter" is not what you
> show above. You appear to be rather co
On Mar 7, 2011, at 5:47 PM, Reindl Harald wrote:
> Hi Wietse
>
> I would like to say THANK YOU for postfix because i know
> developers are hearing this words not often enough as long
> their "baby" is running well and nobody takes notice about
>
> Especially for the great documentation and craz
Erik de Castro Lopo put forth on 3/7/2011 4:50 PM:
> Given the above data, I think I am justified in using the following
> pcre rule:
>
> /^Received-SPF:.*helo=[a-z0-9.-]+\.mail\\.yahoo\.com;
> envelope-from=[^@]+@att.net/i REJECT
This is possibly less complex, totally effective, and p
Victor Duchovni:
> On Tue, Mar 08, 2011 at 12:59:15PM +1100, Brad Hards wrote:
>
> > On Tue, 8 Mar 2011 07:08:09 am Wietse Venema wrote:
> > > This is a writeup about a flaw that I found recently, and that
> > > existed in multiple implementations of SMTP (Simple Mail Transfer
> > > Protocol) over
Hajo Locke:
[ Charset ISO-8859-1 unsupported, converting... ]
> Hello,
>
> >> smtpd_sasl_path = inet:localhost:1434
> >>
> >> seems to work but it is not documented.
> >
> > As documented:
> >
> > smtpd_sasl_path (default: smtpd)
> > Implementation-specific information that the Postfix SMTP
If I change the bounce_template_file, is a "postfix reload" for the
change to take (immediate) effect needed?
Looking at http://www.postfix.org/bounce.8.html I'm seeing
max_idle (100s)
max_use (100)
which are implying that after 100 bounces or 100s of no usage, Postfix
will let bounce die an
mouss put forth on 3/7/2011 5:45 PM:
> Le 07/03/2011 15:13, Stan Hoeppner a écrit :
>> Ok, so if I'm doing what I've heard called a "fully qualified regular
>> expression", WRT FQrDNS matching, should I use the anchors or not?
>> postmap -q says these all work (the actuals with action and text tha
Stan Hoeppner:
> So, the question is, which form of expression processes the "does not
> match" case faster? The fully qualified expression, or the simple
> expression? Noel mentioned that the fully qualified expressions will
> tend to process faster. Is this true? Is it true for both the
> "ma
Hi all.. Please forgive me as I'm a postfix newbie.. I'm currently running
version 2.6.5 on an Ubuntu server. I have a codeignitor app that sends
outbound mail only. no inbound mail is processed/advertised.
I recently moved my production server from Rackspace to AWS and Amazon is
now having a PBL
when is it the official rpm.
Simon Mudd
the new rpms are still not present
Le lundi 07 mars 2011 à 15:18 -0500, Wietse Venema a écrit :
> [An on-line version of this announcement will be available at
> http://www.postfix.org/announcements/postfix-2.7.3.html]
>
> Postfix legacy releases 2.7.3,
On Tue, Mar 08, 2011 at 12:25:32PM -0500, Steve Angelo wrote:
> Hi all.. Please forgive me as I'm a postfix newbie.. I'm currently running
> version 2.6.5 on an Ubuntu server. I have a codeignitor app that sends
> outbound mail only. no inbound mail is processed/advertised.
>
> I recently moved my
Hi there!
How severe this bug is?
I'm running few Zimbra servers and seems like it's there:
% telnet 0 25
220 myzimbra ESMTP Postfix
starttls
220 2.0.0 Ready to start TLS
% telnet 0 587
220 myzimbra ESMTP Postfix
starttls
220 2.0.0 Ready to start TLS
Should I disable it for now - is t
Walter Smith:
> Hi there!
> ?
> How severe this bug is?
Please read the announcement, section "overview and impact".
http://www.postfix.org/CVE-2011-0411.html
"This is not as big a problem as it may appear to be. The reason
is that many SMTP client applications don't verify server TLS
certificate
On Tue, Mar 08, 2011 at 04:27:20PM +0100, Ralf Hildebrandt wrote:
> If I change the bounce_template_file, is a "postfix reload" for the
> change to take (immediate) effect needed?
Yes, if you want the effect to be "immediate".
> Looking at http://www.postfix.org/bounce.8.html I'm seeing
>
> m
* Victor Duchovni :
> On Tue, Mar 08, 2011 at 04:27:20PM +0100, Ralf Hildebrandt wrote:
>
> > If I change the bounce_template_file, is a "postfix reload" for the
> > change to take (immediate) effect needed?
>
> Yes, if you want the effect to be "immediate".
>
> > Looking at http://www.postfix.o
> > So I was thinking.. Since my old server at rackspace is still up and
> > running, would it be possible to have configure my AWS postfix server to
> > send all outbound mail to the Rackspace postfix server and have that
> server
> > send out the email? The originating IP would have to be the Rac
This might be a stupid question.
I have a header_check rule that puts certain mails into the HOLD queue
for inspection by senior staff, and when its released into the deferred
queue for delivery, it gets chucked back into the HOLD queue due to
Postfix reapplying the Header_checks.
It does go thr
* Michael :
> This might be a stupid question.
>
> I have a header_check rule that puts certain mails into the HOLD queue
> for inspection by senior staff, and when its released into the deferred
> queue for delivery, it gets chucked back into the HOLD queue due to
> Postfix reapplying the Header_
On Tue, 2011-03-08 at 21:13 +0100, Ralf Hildebrandt wrote:
>
> You seem to have a content_filter setup. Could that be?
Yes, SpamAssassin is in the chain. I did'nt realise this may be the
issue.
* Michael :
> On Tue, 2011-03-08 at 21:13 +0100, Ralf Hildebrandt wrote:
> >
> > You seem to have a content_filter setup. Could that be?
>
> Yes, SpamAssassin is in the chain. I did'nt realise this may be the
> issue.
Please show master.cf
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung
On Tue, 2011-03-08 at 21:18 +0100, Ralf Hildebrandt wrote:
> * Michael :
> > On Tue, 2011-03-08 at 21:13 +0100, Ralf Hildebrandt wrote:
> > >
> > > You seem to have a content_filter setup. Could that be?
> >
> > Yes, SpamAssassin is in the chain. I did'nt realise this may be the
> > issue.
>
>
Wietse Venema put forth on 3/8/2011 10:39 AM:
> Stan Hoeppner:
>> So, the question is, which form of expression processes the "does not
>> match" case faster? The fully qualified expression, or the simple
>> expression? Noel mentioned that the fully qualified expressions will
>> tend to process f
* Michael :
> smtp inet n - n - - smtpd
>-o content_filter=spamassassin
...
> spamassassin unix - n n - - pipe
> user=spamd argv=/usr/bin/spamc -f -e
> /usr/sbin/sendmail -oi -f ${sender} ${recipient}
So the
Steve Angelo put forth on 3/8/2011 11:25 AM:
> I recently moved my production server from Rackspace to AWS and Amazon is
> now having a PBL issue that may take days to resolve and my IP is listed so
> most of the mail is not going out due to PBL from Spamhaus.
You should have asked for advice bef
On Tue, Mar 08, 2011 at 02:29:23PM -0600, Stan Hoeppner wrote:
> So this would mean the simpler expressions would be faster? That makes
> me wonder why Enemies List[1] uses complex expressions, each one
> precisely matching a specific rDNS pattern,
To avoid false positives by matching in the wro
On Tue, Mar 08, 2011 at 02:58:50PM -0500, Steve Angelo wrote:
> > > So I was thinking.. Since my old server at rackspace is still up and
> > > running, would it be possible to have configure my AWS postfix server to
> > > send all outbound mail to the Rackspace postfix server and have that
> > serv
Dennis Guhl put forth on 3/8/2011 11:52 AM:
> If you are blocked because of Spamhaus' PBL you are on an consumer
> dial up (http://www.spamhaus.org/pbl/)
FYI, the PBL isn't limited to dynamic listings. Many corporations add
their unused IP space to the PBL, along with other IPs within their
net
Hi,
I am using an after queue-content filter that signs outgoing emails
(dkimproxy). My problem is that these messages are modified AFTER the
signature was added which breaks the signature. As far as I can see,
"\n" is replaced by "\r\n" and "Content-Transfer-Encoding: 8bit" is
replaced by "Co
Stan Hoeppner wrote:
Dennis Guhl put forth on 3/8/2011 11:52 AM:
If you are blocked because of Spamhaus' PBL you are on an consumer
dial up (http://www.spamhaus.org/pbl/)
FYI, the PBL isn't limited to dynamic listings. Many corporations add
their unused IP space to the PBL, along with other
On Tue, Mar 08, 2011 at 10:55:25PM +0100, Ulrich Mierendorff wrote:
> I am using an after queue-content filter that signs outgoing emails
> (dkimproxy). My problem is that these messages are modified AFTER the
> signature was added which breaks the signature. As far as I can see, "\n"
> is repl
On Sun, Mar 06, 2011 at 02:20:19PM +0100, David Touzeau wrote:
> Thanks Jeroen
>
> Here it is information requested
>
>
> postconf -n
Yikes. I didn't read through all of that, but I'm sure you have gone
way overboard in changing (or perhaps, restating) default settings.
Jeroen would say, if y
Hi Postfix Users,
We are running a couple of postfix servers version 2.3.x which mainly relay
notification messages to our customers.
The various application servers which trigger notifications are not consistent
so we are rewriting the mail field with these two tables:
sender_canonical_maps =
Wietse Venema wrote:
> If you must match a very large numbers of patterns, you need an
> implementation that transforms N patterns into one deterministic
> automaton. This can match 1 pattern in the same time as N patterns.
> Once the automaton is built (which takes some time) it is blindingly
> f
[WARNING: Steven CC'd]
Le 08/03/2011 21:29, Stan Hoeppner a écrit :
> Wietse Venema put forth on 3/8/2011 10:39 AM:
>> Stan Hoeppner:
>>> So, the question is, which form of expression processes the "does not
>>> match" case faster? The fully qualified expression, or the simple
>>> expression? No
Original-Nachricht
> Datum: Wed, 9 Mar 2011 09:49:21 +1100
> Von: Erik de Castro Lopo
> An: postfix-users@postfix.org
> Betreff: Re: regular expressions was: Kernel Oops
> Wietse Venema wrote:
>
> > If you must match a very large numbers of patterns, you need an
> > implemen
On 3/8/2011 4:49 PM, Erik de Castro Lopo wrote:
Wietse Venema wrote:
If you must match a very large numbers of patterns, you need an
implementation that transforms N patterns into one deterministic
automaton. This can match 1 pattern in the same time as N patterns.
Once the automaton is built (
Le 08/03/2011 23:49, Erik de Castro Lopo a écrit :
> Wietse Venema wrote:
>
>> If you must match a very large numbers of patterns, you need an
>> implementation that transforms N patterns into one deterministic
>> automaton. This can match 1 pattern in the same time as N patterns.
>> Once the auto
Steve wrote:
> > If not, it would be possible to convert this (3 only, but could be
> > hundreds or even thousands):
> >
> >/^([0-9]{1,3}\.){4}\.dsl\.dynamic\.eranet\.pl$/
> >/^([0-9]{1,3}\.){4}\.dynamic\.snap\.net\.nz$/
> >/^([0-9]{1,3}\.){4}\.nat\.umts\.dynamic\.eranet\.pl$/
> >
>
mouss:
[ Charset ISO-8859-1 unsupported, converting... ]
> Le 08/03/2011 23:49, Erik de Castro Lopo a ?crit :
> > Wietse Venema wrote:
> >
> >> If you must match a very large numbers of patterns, you need an
> >> implementation that transforms N patterns into one deterministic
> >> automaton. This
Noel Jones wrote:
> The pattern length limit is controlled by the pcre library
> you're using. I think most implementations limit single
> expressions to 64k characters.
Obviously something that needs testing.
> It's unclear to me if a single huge complex expression will
> evaluate faster th
> Especially for the great documentation and crazy online-times
> on the mailing-list :-)
agre 215% with you :=)
subject says it all imho
added lines is exact same as found on postconf -d
why ?
main.cf is just a initial example conf mostly better to start with 100%
empty main.cf and add lines that need to be changed from defaults of
postconf -d
if this changes are really needed, then its okay, but i like
Katzir, Igal:
> Hi Postfix Users,
>
> We are running a couple of postfix servers version 2.3.x which
> mainly relay notification messages to our customers.
> The various application servers which trigger notifications are
> not consistent so we are rewriting the mail field with
> these two tables
Benny Pedersen:
> subject says it all imho
>
> added lines is exact same as found on postconf -d
Postfix always sets the "installation" parameters with the patnames
of commands and directories. This is much more reliable than trying
to be clever and setting only the ones that aren't at the defaul
On Mon, 2011-03-07 at 23:47 +0100, Reindl Harald wrote:
> Hi Wietse
>
> I would like to say THANK YOU for postfix because i know
> developers are hearing this words not often enough as long
> their "baby" is running well and nobody takes notice about
>
> Especially for the great documentation a
On Tue, Mar 08, 2011 at 03:19:53PM -0600, Stan Hoeppner wrote:
> Dennis Guhl put forth on 3/8/2011 11:52 AM:
>
> > If you are blocked because of Spamhaus' PBL you are on an consumer
> > dial up (http://www.spamhaus.org/pbl/)
>
> FYI, the PBL isn't limited to dynamic listings. Many corporations
on Wed, Mar 09, 2011 at 12:03:27AM +0100, mouss wrote:
> [WARNING: Steven CC'd]
:-)
> Le 08/03/2011 21:29, Stan Hoeppner a écrit :
> > That makes me wonder why Enemies List[1] uses complex expressions,
> > each one precisely matching a specific rDNS pattern, given EL
> > matches 65k+ patterns to
On 3/8/2011 6:00 PM, Erik de Castro Lopo wrote:
Noel Jones wrote:
The pattern length limit is controlled by the pcre library
you're using. I think most implementations limit single
expressions to 64k characters.
Obviously something that needs testing.
Many years ago I worked on a system wi
--On March 8, 2011 10:20:21 AM -0800 Walter Smith
wrote:
Hi there!
How severe this bug is?
The CVE gave it 1.39 out of a possible 180 points. Or < 2%.
It will of course be addressed in a later Zimbra release.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--
Noel Jones wrote:
> Many years ago I worked on a system with a 32k limit on pcre
> expressions. Ever since then, everything I've checked has
> been 64k, and then I gave up checking. I expect any
> non-ancient system will support 64k, and some maybe even more.
> (To clarify for others follo
On Tue, Mar 08, 2011 at 06:26:47PM -0800, Quanah Gibson-Mount wrote:
>
>
> --On March 8, 2011 10:20:21 AM -0800 Walter Smith
> wrote:
>
>>
>> Hi there!
>>
>> How severe this bug is?
>
> The CVE gave it 1.39 out of a possible 180 points. Or < 2%.
>
> It will of course be addressed in a later Zim
61 matches
Mail list logo
