Re: error using certificate server

Hi Victor I understand that only is needed to use smtp_tls_security_level? O not need two options? In main.cf I have: #TLS SMTPD PARAMTERES smtpd_use_tls = yes smtpd_tls_CAfile = /etc/ssl/certs/TERENASSL_PATH.pem smtpd_tls_key_file = /etc/ssl/private/jupiter_mydomain.pem smtpd_tls_cert_file = /e

Re: TLS Library Problem? Postfix 2.9.6

Viktor, thanks for the detailed reply. i checked the crt with openssl rsa -in private.key -text -noout and voila, 512 bit like you said. after generating all things new all is fine now. thanks for help. marko Am 2013-02-12 07:58, schrieb Viktor Dukhovni: On Mon, Feb 11, 2013 at 11:58:07PM

Re: TLS Library Problem? Postfix 2.9.6

sorry for 2nd reply, and no i had openssl 1.0.1c on gentoo i see theres now 1.0.1d-r1 and the 1.0.1d is MASKED now. marko Am 2013-02-12 07:58, schrieb Viktor Dukhovni: On Mon, Feb 11, 2013 at 11:58:07PM +0100, we...@zackbummfertig.de wrote: on my backup relay server i find these lines in

Re: Large hash access lists - performance impact?

Hello Noel, * Noel Jones : > On 2/10/2013 4:37 AM, Stefan Foerster wrote: > > does anyone have experience with very large (about 2k entries) hash > > tables? > > Hash tables scale very well to hundreds of thousands of entries; 2k > entries on an Atom processor with 1G ram won't be an issue. you

Re: Postfix stable release 2.10.0

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Wietse Venema said the following on 12/02/2013 02:02: > [An on-line version of this announcement will be available at > http://www.postfix.org/announcements/postfix-2.10.0.html] Thank you, Wietse! Installed this morning (CET) non my test server. Ev

Re: Postfix stable release 2.10.0

Am 12.02.2013 11:12, schrieb Luigi Rosa: > Wietse Venema said the following on 12/02/2013 02:02: > >> [An on-line version of this announcement will be available at >> http://www.postfix.org/announcements/postfix-2.10.0.html] > > Thank you, Wietse! > > Installed this morning (CET) non my test s

Re: Postfix stable release 2.10.0

Luigi Rosa: > Just one curiosity: the "laptop-friendly configuration" could be useful also > for a virtualized environment because it reduces the I/O on the disk? Only if your server turns off its disk drive. Wietse

Postscreen: bad command startup -- throttling issues

I have re-installed Postfix (using version 2.8.11 on openSUSE 12.2) and simply reconfigured without many changes. I am still failing to determine where postscreen is failing with the following errors: Feb 12 15:29:01 server postfix/master[28061]: warning: process /usr/lib/postfix/postscreen pid

Re: Postscreen: bad command startup -- throttling issues

On 02/12/2013 07:42 AM, LDB wrote: > > > I have re-installed Postfix (using version 2.8.11 on openSUSE 12.2) and simply > reconfigured without many changes. I am still failing to determine where > postscreen is failing with the following errors: > > > Feb 12 15:29:01 server postfix/master[28061

Re: Postscreen: bad command startup -- throttling issues

LDB: > On 02/12/2013 07:42 AM, LDB wrote: > > > > > > I have re-installed Postfix (using version 2.8.11 on openSUSE 12.2) and > > simply > > reconfigured without many changes. I am still failing to determine where > > postscreen is failing with the following errors: > > > > > > Feb 12 15:29:01

Re: HOLDing certain recipients during migration

Hello! Will below be OK for holding messages for recipients? Thanks, Miha On Feb 11, 2013 7:56 PM, "Miha Valencic" wrote: > Hi! > > Just want to double check if I am planning this correctly. We're migrating > users from one system to another, and want to HOLD incoming messages for > certain rec

Re: HOLDing certain recipients during migration

> On Feb 11, 2013 7:56 PM, "Miha Valencic" > wrote: > > Hi! > > Just want to double check if I am planning this correctly. We're > migrating users from one system to another, and want to HOLD > incoming messages for certain recipients during migrat

Re: HOLDing certain recipients during migration

On Tue, Feb 12, 2013 at 4:28 PM, Noel Jones wrote: > > put it under smtpd_sender_restrictions so you don't have to muck > around with your existing smtpd_recipient_restrictions. Noel, just want to make sure: postfix 2.7 evaluates smtpd_sender_restrictions *after* RCPT TO? Couldn't find which ver

Re: HOLDing certain recipients during migration

Am 12.02.2013 17:07, schrieb Miha Valencic: > On Tue, Feb 12, 2013 at 4:28 PM, Noel Jones wrote: >> >> put it under smtpd_sender_restrictions so you don't have to muck >> around with your existing smtpd_recipient_restrictions. > > Noel, > > just want to make sure: postfix 2.7 evaluates > smtpd

Re: HOLDing certain recipients during migration

On 2/12/2013 10:07 AM, Miha Valencic wrote: > On Tue, Feb 12, 2013 at 4:28 PM, Noel Jones wrote: >> >> put it under smtpd_sender_restrictions so you don't have to muck >> around with your existing smtpd_recipient_restrictions. > > Noel, > > just want to make sure: postfix 2.7 evaluates > smtpd_s

Re: Postfix stable release 2.10.0

On Tue, Feb 12, 2013 at 3:02 AM, Reindl Harald wrote: > and i changed some minutes ago the "fifo" to "unix" for "pickup" > and "qmgr", thank you for that! Will doing so on a standard system have any effect (positive or negative)? What is the default master.cf setting on a fresh 2.10 install for

Re: TLS Library Problem? Postfix 2.9.6

On Tue, Feb 12, 2013 at 09:22:55AM +0100, we...@zackbummfertig.de wrote: > I checked the certificate with: > > $ openssl x509 -in cert.pem -text -noout > > and voila, 512 bit like you said. Do you know how you accidentally ended-up with a 512-bit RSA key? [ Did you use the snake-oil key-pa

Re: Postfix stable release 2.10.0

Am 12.02.2013 17:44, schrieb Steve Jenkins: > On Tue, Feb 12, 2013 at 3:02 AM, Reindl Harald > wrote: > > and i changed some minutes ago the "fifo" to "unix" for "pickup" > and "qmgr", thank you for that! > > > Will doing so on a standard system have any

Re: Postfix stable release 2.10.0

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Steve Jenkins said the following on 12/02/2013 17:44: > Will doing so on a standard system have any effect (positive or negative)? > What is the default master.cf setting on a fresh 2.10 > install for pickup and qmgr? - From RELEAS

Re: Exceptions to reject_rbl_client *AND* SASL authentication enforcement

On Mon, Feb 11, 2013 at 10:29:38PM +, Fabii Sangiovanni wrote: > Viktor Dukhovni dukhovni.org> writes: > > > You're working too hard, the suggested settings should work just fine. > > Would you be so kind to point me to some readings on the matter? You don't want to explicitly blacklist RB

Re: Postscreen: bad command startup -- throttling issues

On 02/12/2013 08:35 AM, Wietse Venema wrote: > egrep '(warning|error|fatal|panic):' /some/log/file | more Thank you for the response. I apologize for the delay. The log entries you requested are as follows and since then the postfix service has been restarted many times: Feb 12 03:47:06 key post

Re: Postscreen: bad command startup -- throttling issues

LDB: > On 02/12/2013 08:35 AM, Wietse Venema wrote: > > egrep '(warning|error|fatal|panic):' /some/log/file | more > > Thank you for the response. I apologize for the delay. > > The log entries you requested are as follows and since then the postfix > service > has been restarted many times: Yo

Restrict some users to local recipients only?

I have a customer who would like to configure the Postfix server he uses such that certain users can only send to local users. I'm wondering if there are any built-in facilities for restricting which delivery agents can be used by particular users? (Or some other clever way of achieving the same en

Re: Restrict some users to local recipients only?

Hi Patrick, > I have a customer who would like to configure the Postfix server he uses > such that certain users can only send to local users. I'm wondering if > there are any built-in facilities for restricting which delivery agents can > be used by particular users? (Or some other clever way of

Re: relay_recipient_maps not working

Matthew Ceroni: > I am trying to setup the relay_recipient_maps option. > > I created my LDAP file (/etc/postfix/ldap-relay_recipients.cf) and tested > it using postmap -q. When a valid user is supplied it returns 0 and when > not it returns 1. As documented this is used in the SMTP daemon to rej

Re: relay_recipient_maps not working

I thought that was the issue, but when I try submitting via SMTP (using telnet as my test) it still doesn't work. I supply an invalid email and it still relays it to the relay server. When I run postmap -q to test (with debug turned on) it logs everything in /var/log/maillog. But I don't see that

Re: relay_recipient_maps not working

Well now I am even more confused. So I was doing some further testing and was getting a 454 relay access denied when trying to send mail through postfix to u...@mydomain.com. In my postfix config mydomain was set to mydomain and mydestination was set to $myhostname, localhost.$mydomain and localho