* Reindl Harald :
> so NO you can not disable sending mails with telnet except
> force using TLS
And even then one could use s_client or sslwrap/ssltunnel
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenbur
Dear Folks,
I am running postfix 2.3.3 with dovecot 2.1.
I have a child for whom I want to make an email account to which mail
can only be sent from email addresses in a whitelist hash file.
Some googling indicates this may have something to do with the aliases
hash, smtpd_restriction_classes a
Robert Krig:
> I've got a weird issue on one of my postfix installations that I can't
> explain.
>
> My postfix setup uses MySQL as an authentication backend, and the
> accounts are managed via Postfixadmin.
>
> All of our webservers use phpmailer to send out registration notices to
> users who r
I´m testing a server, so I need to unable people[users], to connect via
telnet[smtp.mydomain.com:25] to the mail server.
> 2012/1/10 Leslie León Sinclair :
> > Can anyone point me in the right direction, I´m stucked here and Google
> > is not helping...
>
> define "telnet" here, do you mean: dir
Telnet the protocol in port 25...
> On Tuesday, January 10, 2012, 16:45:25, Leslie León Sinclair wrote:
> > Can anyone point me in the right direction, I´m stucked here and Google
> > is not helping...
>
> TELNET the Protocol or a telnet client?
>
Participe en Universidad 2012, del 13 al 17 de
Wietse Venema:
> We are approaching the end of the Postfix 2.9 development cycle.
>
> In the past weeks I have been cleaning up Postfix database error
> handling without introducing new features (except for changing a
> bunch of "fatal" errors into less dramatic events).
>
> This is a good time t
Sorry my mistake, I´m punishing myself right now, by the way I asked
here in the list, but I was tired dealing with this problem. Reading
yesterday´s mail now... I feel like a barbarian...
It´s not gonna happen again, or at least, I will try.
Good day to all...
>
> Welcome to the postfix-users
Leslie Le?n Sinclair:
> I?m testing a server, so I need to unable people[users], to connect via
> telnet[smtp.mydomain.com:25] to the mail server.
So it is OK if they connect to your server with netcat, "openssl
s_client", any script written in Perl, Python, PHP, Javascript,
with a real email clie
On Wednesday 11 January 2012 07:14:14 Wietse Venema wrote:
> Why do you believe that there is a problem with SASL authentication
> between the PHP application and Postfix?
>
Because the only error that shows up in the log file is this:
##
postfix/smtpd[
[ top-posting fixed, please do not do that here ]
On Wednesday 11 January 2012 07:23:46 Leslie León Sinclair wrote:
> > On Tuesday, January 10, 2012, 16:45:25, Leslie León Sinclair
> > wrote:
> > > Can anyone point me in the right direction, I´m stucked here
> > > and Google is not helping...
> >
First:
I apology bellow about my yesterday´s behavior.
My issue:
I have a postfix[Debian] server, and it´s working nice, but I need to block
people to send mails via telnet[telnet mydomain.com 25], everything is working
nice and shiny, error/warning logs are empty, dovecot logging normal, no err
Just an idea, feel free to correct me. Is there some way within Postfix to
implement a timeout on the SMTP conversation?
Obviously a user typing HELO, MAIL FROM, RCPT TO etc will be a lot slower
than a conversation between two computers.
Of course this could break something else, like I sai
Robert Krig:
> On Wednesday 11 January 2012 07:14:14 Wietse Venema wrote:
>
> > Why do you believe that there is a problem with SASL authentication
> > between the PHP application and Postfix?
>
> Because the only error that shows up in the log file is this:
> ###
On Wednesday 11 January 2012 07:45:46 Robert Krig wrote:
> On Wednesday 11 January 2012 07:14:14 Wietse Venema wrote:
> > Why do you believe that there is a problem with SASL
> > authentication between the PHP application and Postfix?
>
> Because the only error that shows up in the log file is thi
On Wednesday 11 January 2012 08:08:34 I wrote:
> On Wednesday 11 January 2012 07:45:46 Robert Krig wrote:
> > Whats weird is that the problem gets fixed by simply
> > restarting the services.
>
> Try it without restarting Postfix next time, just your
> saslauthd and anything it needs for data (e.g
Confirm fixed in the 20120110 snapshot.
Thanks!
-- Noel Jones
On 1/10/2012 6:05 PM, Wietse Venema wrote:
> Noel Jones:
>> I notice after installing postfix-2.9-20120108 I get thousands of
>> log entries such as (valid username redacted)
>>
>> Jan 10 16:54:09 mgate3 postfix/verify[57527]:
>
On Wednesday 11 January 2012 09:08:03 Wietse Venema wrote:
> Fortunately, the Postfix SMTP server is a short-lived process that
> runs for a few minutes at a time without ever changing the system
> configuration. Every new Postfix SMTP server process is like a
> new-born with a blank memory of its
>> I'm searching for a friend (who has very few money) an open source
>> antivirus scanner for email server that works with Postfix.
>>
>> Any infos/links/advices welcome
>
> One link, Google, would have easily found clamav.
>
> Info/advice: with postscreen(8), sane HELO restrictions, and
Robert Krig:
> On Wednesday 11 January 2012 09:08:03 Wietse Venema wrote:
> > Fortunately, the Postfix SMTP server is a short-lived process that
> > runs for a few minutes at a time without ever changing the system
> > configuration. Every new Postfix SMTP server process is like a
> > new-born wit
Hello list,
I've set up clientside TLS with postfix 2.7.1 as follows:
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_loglevel = 1
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
/etc/postfix/
On 2012-01-11 10:12 AM, email builder wrote:
> So who is using Stan's list? What do people have to say about
> it? What should I consider in regard to possibly implementing it?
I am using it (for a while now)...
This isn't really like a DNSBL, it simply rejects hosts that are
'spammy', meani
On Wednesday, January 11, 2012, 08:58:40, James Day wrote:
> Just an idea, feel free to correct me. Is there some way within
> Postfix to implement a timeout on the SMTP conversation?
there are numerous mumble_timeout parameters.
> Obviously a user typing HELO, MAIL FROM, RCPT TO etc will be
On 1/11/2012 9:12 AM, email builder wrote:
>
>
>>> I'm searching for a friend (who has very few money) an open source
>>> antivirus scanner for email server that works with Postfix.
>>>
>>> Any infos/links/advices welcome
>>
>> One link, Google, would have easily found clamav.
>>
>> Info/advi
On Wednesday 11 January 2012 10:15:19 Wietse Venema wrote:
>
> Some accounts fail persistently, if I recall correctly.
Sorry, I think you misunderstood me. Let me explain again.
Our 4 webservers CONSTANTLY send registration emails to new users via a local
php-mailer on each webserver instance
Robert Krig:
> On Wednesday 11 January 2012 10:15:19 Wietse Venema wrote:
>
> >
> > Some accounts fail persistently, if I recall correctly.
>
> Sorry, I think you misunderstood me. Let me explain again.
You have a problem that starts at some unpredictable moment, and
that causes SOME ACCOUNTs t
On Wed, 11 Jan 2012, Rod Dorman wrote:
The suggested (i.e. SHOULD) SMTP timeouts are given in minutes. No human
typing the commands is going to have any difficulty.
Never underestimate the power (or lack thereof) of a hunt-and-pecker
unfamiliar with coputers tasked with doing this. =)
-Den
On Wed, 11 Jan 2012, Leslie León Sinclair wrote:
I´m testing a server, so I need to unable people[users], to connect via
telnet[smtp.mydomain.com:25] to the mail server.
If you're testing it, your best bet is to either a) bring it up as long as
you need to test it, and then shut it down when
On Wednesday 11 January 2012 11:38:13 Wietse Venema wrote:
> You have a problem that starts at some unpredictable moment, and
> that causes SOME ACCOUNTs to fail PERSISTENTLY after it starts.
>
> This is typical of one PERSISTENT process (like saslauthd or mysqld)
> having some corruption of some
Is it possible to use a global user address to manage the delivery to
final destination. So delivery looks something like
u...@myhost.tld glo...@myhost.tld u...@destination.tld
If this is possible, could such scenario create any holes or overides the
normal control of realy processing. And w
On 1/11/2012 11:02 AM, Andreas Berton wrote:
>
> Is it possible to use a global user address to manage the delivery
> to final destination. So delivery looks something like
>
> u...@myhost.tld glo...@myhost.tld u...@destination.tld
>
> If this is possible, could such scenario create any holes or
On Wed, Jan 11, 2012 at 08:30:44PM +1100, Nick Urbanik wrote:
> Dear Folks,
>
> I am running postfix 2.3.3 with dovecot 2.1.
Do you really use an ancient postfix with an not yet released dovecot,
or is this a typo?
> I have a child for whom I want to make an email account to which mail
> can onl
On Wed, Jan 11, 2012 at 04:15:17PM +0100, Stefan wrote:
> Hello list,
> mail.example.com[aaa.bbb.ccc.ddd]:25: TLSv1 with cipher ADH-CAMELLIA256-SHA
This is an anonymous cipher. With
smtpd_tls_mandatory_exclude_ciphers = aNULL
or
smtpd_tls_exclude_ciphers = aNULL
you can di
Robert Krig:
> On Wednesday 11 January 2012 11:38:13 Wietse Venema wrote:
>
> > You have a problem that starts at some unpredictable moment, and
> > that causes SOME ACCOUNTs to fail PERSISTENTLY after it starts.
> >
> > This is typical of one PERSISTENT process (like saslauthd or mysqld)
> > hav
On Wed, Jan 11, 2012 at 04:15:17PM +0100, Stefan wrote:
> I've set up clientside TLS with postfix 2.7.1 as follows:
>
> smtp_tls_CApath = /etc/ssl/certs
> smtp_tls_loglevel = 1
> smtp_tls_security_level = may
For all destinations, except any listed in policy_maps at a security
level of "verify
On Wed, Jan 11, 2012 at 07:08:30PM +0100, Dennis Guhl wrote:
> On Wed, Jan 11, 2012 at 04:15:17PM +0100, Stefan wrote:
> > Hello list,
>
> > mail.example.com[aaa.bbb.ccc.ddd]:25: TLSv1 with cipher ADH-CAMELLIA256-SHA
>
> This is an anonymous cipher. With
>
> smtpd_tls_mandatory_exclude
On Wed, Jan 11, 2012 at 06:14:35PM +, Viktor Dukhovni wrote:
> On Wed, Jan 11, 2012 at 07:08:30PM +0100, Dennis Guhl wrote:
> > On Wed, Jan 11, 2012 at 04:15:17PM +0100, Stefan wrote:
> > > Hello list,
> >
> > > mail.example.com[aaa.bbb.ccc.ddd]:25: TLSv1 with cipher
> > > ADH-CAMELLIA256-S
On Wed, 11 Jan 2012 10:19:36 -0600, Noel Jones
wrote:
> I would classify it as low risk of false positives, and fairly safe.
> (but not 100% safe; few rules are. YMMV and such.) I've had a
> couple of FP's from idiots that run their business mail servers on a
> cablemodem with a dynamic rDNS na
On Wednesday 11 January 2012 12:52:42 Mark Alan wrote:
> I would also be interesting to be able to use a similar mechanism
> earlier, from the postscreen_access_list (after permit_mynetworks
> but before going outside to fetch the postscreen_dnsbl_* stuff):
>
> postscreen_access_list = permit_myne
> Restarting postfix, saslauthd and authdaemon seems to get it working again,
> at least for a while.
>
Are you using pam_mysql by chance?
Hi,
I'm co-authoring a draft that would add supplementary information to Received
header fields indicating when a message enters some kind of administrative
hold. This would be useful to people looking through trace data to figure out
why a message sat on a machine for some time, if the reason
--On Friday, January 06, 2012 11:05 AM +0200 Eray Aslan
wrote:
There are reports of broken PLAIN and LOGIN mechs with cyrus-sasl
2.1.25. But I can't reproduce it.
If you compile any auxprop plugins (like you have), you will never see it.
It's a bug in the auxprop loader rewrite that is onl
On Wed, 11 Jan 2012 07:12:15 -0800 (PST), email builder wrote:
So who is using Stan's list?
its blowing in the wind
What do people have to say about it?
good
What should I consider in regard to possibly implementing it?
ask for paypal account to pay Stan
--On Wednesday, January 11, 2012 1:13 PM -0800 Quanah Gibson-Mount
wrote:
--On Friday, January 06, 2012 11:05 AM +0200 Eray Aslan
wrote:
There are reports of broken PLAIN and LOGIN mechs with cyrus-sasl
2.1.25. But I can't reproduce it.
If you compile any auxprop plugins (like you have),
>>> http://www.hardwarefreak.com/fqrdns.pcre <-- Stan's big list
>>
>> I've been curious about Stan's list of pcres. It looks massive,
>> and Stan
>> seems to be a regular expert contributer here. But I'm reluctant to
>> start using a text file from a web site with nothing on it and only a
Murray S. Kucherawy:
> Hi,
>
> I'm co-authoring a draft that would add supplementary information
> to Received header fields indicating when a message enters some
> kind of administrative hold. This would be useful to people looking
> through trace data to figure out why a message sat on a machin
> -Original Message-
> From: owner-postfix-us...@postfix.org
> [mailto:owner-postfix-us...@postfix.org] On Behalf Of Wietse Venema
> Sent: Wednesday, January 11, 2012 2:04 PM
> To: Postfix users
> Subject: Re: Including state information in Received fields
>
> Postfix writes the Received:
Wietse:
> Postfix writes the Received: header at message arrival time. The
> decision to add a Received: state field must be made before the
> "250 OK" in response to end-of-data, after the message is frozen (*).
> Once Postfix sends "250 OK" in response to end-of-data, there is no way
> that a Re
> -Original Message-
> From: owner-postfix-us...@postfix.org
> [mailto:owner-postfix-us...@postfix.org] On Behalf Of Wietse Venema
> Sent: Wednesday, January 11, 2012 5:46 PM
> To: Postfix users
> Subject: Re: Including state information in Received fields
>
> > But design issues aside, w
Hi,
For a while we ran Qmail. Qmail would accept all emails regardless,
creating a very serious backscatter problem. Of course, switching to
Postfix with it configured to only accept emails for our recipients
fixed this problem. Still we seem to be losing the war with spam. I
whitelisted
On Thu, Jan 12, 2012 at 12:10 AM, Murray S. Kucherawy
wrote:
>> -Original Message-
>> From: owner-postfix-us...@postfix.org
>> [mailto:owner-postfix-us...@postfix.org] On Behalf Of Wietse Venema
>> Sent: Wednesday, January 11, 2012 5:46 PM
>> To: Postfix users
>> Subject: Re: Including s
> -Original Message-
> From: owner-postfix-us...@postfix.org
> [mailto:owner-postfix-us...@postfix.org] On Behalf Of Peter Blair
> Sent: Wednesday, January 11, 2012 10:21 PM
> To: Postfix users
> Subject: Re: Including state information in Received fields
>
> I've found that people don't
On 1/11/2012 3:56 PM, email builder wrote:
http://www.hardwarefreak.com/fqrdns.pcre <-- Stan's big list
> Noel, thank you for the thorough response. Thanks also to
> all the other responders. I'm definitely convinced. :)
>
> And of course, thanks to Stan!
Of all days for me to be away f
Am 12.01.2012 06:15, schrieb Al Zick:
> Hi,
>
> For a while we ran Qmail. Qmail would accept all emails regardless,
> creating a very serious backscatter problem. Of course, switching to
> Postfix with it configured to only accept emails for our recipients
> fixed this problem. Still we seem to be
On 1/11/2012 11:15 PM, Al Zick wrote:
> Hi,
>
> For a while we ran Qmail. Qmail would accept all emails regardless,
> creating a very serious backscatter problem. Of course, switching to
> Postfix with it configured to only accept emails for our recipients
> fixed this problem. Still we seem to be
54 matches
Mail list logo
