On 2015-09-10 Robert Chalmers wrote:
> I’m currently running postscreen, and am wondering how I would add
> spamassassin to the main.cf configuration, or are they mutually
> exclusive?
I'm not sure if they technically can't be used together, but they
shouldn't be. Spamassassin is rather heavyweigh
Hai,
I thinking why not put them together
Ik run a setup like this
https://wiki.dest-unreachable.net/pages/viewpage.action?pageId=15892484
which uses postscreen spamassassin clamav and this works very wel for me.
And the load is not to much, but depends on the amount of emails your
pro
* Ansgar Wiechers :
> On 2015-09-10 Robert Chalmers wrote:
> > I’m currently running postscreen, and am wondering how I would add
> > spamassassin to the main.cf configuration, or are they mutually
> > exclusive?
>
> I'm not sure if they technically can't be used together, but they
> shouldn't be.
* joh...@fastmail.com [2015-09-09 03:03]:
> Ken
>
> On Tue, Sep 8, 2015, at 05:49 PM, Ken Peng wrote:
> > How about Spamassassin? we have been using it for a long time.
>
> And how are you integrating it into Postfix. That was my question
> not whether to use Spamassassin. I kindof decided on
On 09/10/2015 06:37 PM, Robert Chalmers wrote:
> I’m currently running postscreen, and am wondering how I would add
> spamassassin to the main.cf configuration, or are they mutually
> exclusive?
In spite of what others have said, you can certainly use them together
and many many installations do e
Hello,
a while ago I changed my mail configuration for mailinglists. I have
individual mail addresses for every mailing list and the configuration
now looks like this:
From: Sebastian Wiesinger
Sender: postfix-us...@ml.karotte.org
This has the advantage that off-list answers go to my main
maila
Robert Chalmers:
> I?m currently running postscreen, and am wondering how I would add
> spamassassin to the main.cf configuration, or are they mutually exclusive?
They are meant to coexist. postscreen implements the first layer
in a multi-layer defense, header/body_checks are somewhere in the
mi
Hello there,
First of all, congratulate all folks behind this remarkable, predictable
and reliable software that is postfix, which...at the same time is
well documented (bonus). It is is difficult to find software with some
of these attributes, but postfix have them all.
--== CONTEXT OF THE P
Francis Brosnan Bl?zquez:
> At this point, we are trying to discard based on the destination
> domain and/or the local-part@ (without considering the destination
> domain) by reporting a DISCARD code using delegation protocol (with
> valvula [1]).
As documented, the DISCARD action discards the mes
Sebastian Wiesinger:
> Hello,
>
> a while ago I changed my mail configuration for mailinglists. I have
> individual mail addresses for every mailing list and the configuration
> now looks like this:
>
> From: Sebastian Wiesinger
> Sender: postfix-us...@ml.karotte.org
>
> This has the advantage
Am 10.09.2015 um 08:37 schrieb Robert Chalmers:
> I’m currently running postscreen, and am wondering how I would add
> spamassassin to the main.cf configuration, or are they mutually exclusive?
>
>
no problem works nice , perhaps use it as milter
Best Regards
MfG Robert Schetterer
--
[*] sy
Hi Wietse,
Thanks for your response. Assuming this information, it should discard
as indicated by transport_maps. However, we are not seeing this
behaviour.
This is the course of events:
1) Mail is accepted by postfix. After that, an indication is passed to
valvula on smtpd_data_restrictions:
Am 10.09.2015 um 10:47 schrieb Peter:
> What you don't want to do is run postscreen and postgrey on the same
> system.
you can do it if you use i.e postgrey very selective
but for sure portscreen leaves not very much for postgrey
Best Regards
MfG Robert Schetterer
--
[*] sys4 AG
http://sys4.d
Francis Brosnan Bl?zquez:
> 2) Then, valvula based on its configuration, reports FILTER transp2:
>
> Sep 10 16:49:53 host valvulad[16853]: info: FILTER:
> fran...@aspl.es -> w...@asplhost.com
> (sasl_user=mailing-sasluser), port 3579, rcpt count=1, queue-id
> 11C68F
Hi there,
We have a transport map setup so that mail destined for the local domain
or from some subdomain email servers is not routed to our relay gateway.
These entries have a null gateway set. Mail destined for all other
domains is routed via our relay.
e.g
serve...@server01.abc.co.za :
a
Hi Wietse,
> transport_maps takes effect ONLY AFTER the filter has processed the message.
Ok, so because transport_maps takes effect after filter, do you mean
transport_maps declarations will never take effect because at the time
filter finished, the delivery attempt was already made?
> W
Francis Brosnan Bl?zquez:
> Hi Wietse,
>
> > transport_maps takes effect ONLY AFTER the filter has processed the message.
>
> Ok, so because transport_maps takes effect after filter, do you mean
> transport_maps declarations will never take effect because at the time
> filter finished, the delive
Hi Wietse,
Thanks for your response,
> This is how Postfix content filters work:
>
> postfix1 -> filter -> postfix2
>
> The filter takes precedence in postfix1;
Just to clarify we are talking about the same thing, "filter" is not a
"content filter" taking the mail from postfix and re-inje
On Thu, Sep 10, 2015 at 06:12:44PM +0200, Mark Clarke wrote:
> We need to apply a content_filter to all outgoing mail. To do this we have
> set up two smtp processes in master.cf
>
> 192.168.10.73:smtp inet n - - - - smtpd
> 192.168.10.72:smtp inet n -
On Thu, Sep 10, 2015 at 07:01:59PM +0200, Francis Brosnan Blázquez wrote:
> > This is how Postfix content filters work:
> >
> > postfix1 -> filter -> postfix2
> >
> > The filter takes precedence in postfix1;
>
> Just to clarify we are talking about the same thing, "filter" is not a
> "cont
HI!
Looking at [1] it's not clear to me whether it's possible to require MX RRs of
a recipient domain to be DNSSEC signed. Any other configuration option for that?
Ciao, Michael.
[1] http://www.postfix.org/postconf.5.html#smtp_tls_policy_maps
smime.p7s
Description: S/MIME Cryptographic Signat
Hi Victor,
Thanks for your response,
> If your policy service says "FILTER ..." it is setting a
> content_filter that preempts transport table routing for *all*
> recipients.
Ok, thanks for clarifying this. It was one of questions we did but
wasn't resolved (from my previous mail):
It i
On Thu, Sep 10, 2015 at 07:44:19PM +0200, Michael Ströder wrote:
> Looking at [1] it's not clear to me whether it's possible to require MX RRs of
> a recipient domain to be DNSSEC signed. Any other configuration option for
> that?
Postfix, at present, does not support requiring a DNSSEC-signed M
On Thu, Sep 10, 2015 at 07:52:37PM +0200, Francis Brosnan Blázquez wrote:
> Ok, so Victor, going back to the initial question, assuming that:
>
> 1) We need that "FILTER transp2:", through the delegation protocol, to
> setup different outgoing IP (it seems there's no other way to do this),
By s
Viktor Dukhovni wrote:
> On Thu, Sep 10, 2015 at 07:44:19PM +0200, Michael Ströder wrote:
>
>> Looking at [1] it's not clear to me whether it's possible to require MX RRs
>> of
>> a recipient domain to be DNSSEC signed. Any other configuration option for
>> that?
>
> Postfix, at present, does n
On Thu, Sep 10, 2015 at 08:39:38PM +0200, Michael Ströder wrote:
> Maybe there should be some additional text for 'dane-only' in [1]?
> I'm not sure about the correct wording though.
I think it is fine as-is. The "dane-only" security level requires
that a peer be DANE authenticated, which means
Viktor Dukhovni wrote:
> On Thu, Sep 10, 2015 at 08:39:38PM +0200, Michael Ströder wrote:
>
>> Maybe there should be some additional text for 'dane-only' in [1]?
>> I'm not sure about the correct wording though.
>
> I think it is fine as-is. The "dane-only" security level requires
> that a peer
On Thu, Sep 10, 2015 at 08:57:50PM +0200, Michael Ströder wrote:
> > One might also imagine an alternative interface:
> >
> > example.com secure match=nexthop:dot-nexthop:dnssec-hostname
> >
> > Where "dnssec-hostname" matches the hostname only if securely
> > obtained. This would not requi
Ok, figured it out. Read up more on the postfix architecture and
confirmed that it should work as the content_filter will run on the mail
once it has been received and before it is delivered via smtp to its
destination. The issue was that I am submitting on the submission port
587 and needed to add
Hi,
I'm trialling DMARC to two of my domains. On checking the results when
posting from the secondary domain I receive 'SPF Domain Alignment Result
= FAIL'. I think this is because postfix always says HELO with the
primary domain name, which is obviously different to the secondary. Is
there
Hi Victor,
Thanks for your response. At least, now we know the path we don't have
to follow,
> > 1) We need that "FILTER transp2:", through the delegation protocol, to
> > setup different outgoing IP (it seems there's no other way to do this),
>
> By sender:
>
>
> http://www.postfix.org/p
Mick:
> Hi,
>
> I'm trialling DMARC to two of my domains. On checking the results when
> posting from the secondary domain I receive 'SPF Domain Alignment Result
> = FAIL'. I think this is because postfix always says HELO with the
> primary domain name, which is obviously different to the seco
On Thu, Sep 10, 2015 at 10:06:24PM +0200, Francis Brosnan Blázquez wrote:
> > > 1) We need that "FILTER transp2:", through the delegation protocol, to
> > > setup different outgoing IP (it seems there's no other way to do this),
> >
> > By sender:
> >
> >
> > http://www.postfix.org/postcon
--On September 10, 2015 at 7:37:09 AM +0100 Robert Chalmers
wrote:
I’m currently running postscreen, and am wondering how I would add
spamassassin to the main.cf configuration, or are they mutually exclusive?
After reading all the answers (I confess I was amazed by some of them), I
can ass
On 10/09/2015 21:13, Wietse Venema wrote:
Mick:
Hi,
I'm trialling DMARC to two of my domains. On checking the results when
posting from the secondary domain I receive 'SPF Domain Alignment Result
= FAIL'. I think this is because postfix always says HELO with the
primary domain name, which is o
Hi,
Is there any way to check the name server (name and/or IP) of the Sender
domain against RBL service?
Thank you.
Marius.
smime.p7s
Description: S/MIME cryptographic signature
On Fri, Sep 11, 2015 at 12:25:56AM +0300, Marius Gologan wrote:
> Is there any way to check the name server (name and/or IP) of the Sender
> domain against RBL service?
Only via a policy service that does the relevant DNS lookups.
--
Viktor.
Viktor Dukhovni:
> On Fri, Sep 11, 2015 at 12:25:56AM +0300, Marius Gologan wrote:
>
> > Is there any way to check the name server (name and/or IP) of the Sender
> > domain against RBL service?
>
> Only via a policy service that does the relevant DNS lookups.
I have used check_sender_ns_access t
Am 10. September 2015 23:13:59 MESZ, schrieb Mick :
>On 10/09/2015 21:13, Wietse Venema wrote:
>> Mick:
>>> Hi,
>>>
>>> I'm trialling DMARC to two of my domains. On checking the results
>when
>>> posting from the secondary domain I receive 'SPF Domain Alignment
>Result
>>> = FAIL'. I think this
39 matches
Mail list logo
