Hello,
suppose I have a server "mail.mydomain.com", and I have disabled SASL
authentication on port 25
smtpd_sasl_auth_enable=no
and I only allow authentication on port 465.
Therefore, all emails originating from mydomain.com should be submitted
via 465. There should never be legitimate sende
Put check_sender_access hash:/path/to/file INSTEAD of permit_sasl_authenticated
in global config.
in "/path/to/file", put mydomain.com permit_sasl_authenticated, reject
This will accomplish 2 things:
unauhenticated users can't spoof your domain when sending to you.
Authenticated users cannot spo
Don't forget postmap:ing /path/to/file, else it won't work.
smime.p7s
Description: S/MIME Cryptographic Signature
On 11/17/16 04:47, Sebastian Nielsen wrote:
> Put check_sender_access hash:/path/to/file INSTEAD of
> permit_sasl_authenticated in global config.
>
> in "/path/to/file", put mydomain.com permit_sasl_authenticated, reject
In check_sender_access, in smtpd_sender_restrictions, or does it not
matter
You have your permit_sasl_authenticated inside smtpd_sender_restrictions right?
Replace that with "check_sender_access hash:/path/to/file"
Inside the file /path/to/file, you add the following:
mydomain.com permit_sasl_authenticated, reject
Essentially, you move your "permit_sasl_authenticated" to
> -Original Message-
> An ideal tool for that is MIMEDefang, ...
Thanks. After a very quick look at the project website, this looks like what I
need.
> "groff -T ascii" is your friend (if you befriend berserker vandals...)
... and another great hint. Thanks.
> If you did this with
On 11/17/2016 2:22 AM, Voytek wrote:
> just noticed some email sent from gmail/google bouncing from my server as
> sorbs RBL had that server/host listed;
>
> Nov 17 12:56:47 emu postfix/smtpd[16381]: NOQUEUE: reject: RCPT from
> mail-ua0-f170.google.com[209.85.217.170]: 554 5.7.1 Service unavaila
Thanks everybody.
Marcelo
2016-11-16 12:23 GMT-02:00 Wietse Venema :
> Marcelo Machado:
> > Hi everybody.
> >
> > Is possible with postfix send messages to multiple smart hosts randomly
> > from a single domain?
>
> This requires Postfix 3.0 and later:
>
> /etc/postfix/main.cf:
> default_tra
On 11/17/16 09:16, Sebastian Nielsen wrote:
> You have your permit_sasl_authenticated inside smtpd_sender_restrictions
> right?
> Replace that with "check_sender_access hash:/path/to/file"
...Right, never mind, reading too early in the morning.
> Inside the file /path/to/file, you add the foll
The advantage with using "permit_sasl_authenticated, reject" as
check_sender_access in the global config, is that authenticated senders won't
be able to send with a adress outside of your domain either, thus achieving
both local spoof prevention for unauthenticated users, but also prevents
for
On 11/17/16 11:31, Sebastian Nielsen wrote:
>
> The advantage with using "permit_sasl_authenticated, reject" as
> check_sender_access in the global config, is that authenticated senders won't
> be able to send with a adress outside of your domain either, thus achieving
> both local spoof preven
On 11/17/2016 1:22 AM, Voytek wrote:
> just noticed some email sent from gmail/google bouncing from my server as
> sorbs RBL had that server/host listed;
>
> Nov 17 12:56:47 emu postfix/smtpd[16381]: NOQUEUE: reject: RCPT from
> mail-ua0-f170.google.com[209.85.217.170]: 554 5.7.1 Service unavailab
Awesome Viktor! Thanks for your speedy response.
On 17-11-16 01:17, Viktor Dukhovni wrote:
On Wed, Nov 16, 2016 at 11:15:35PM +0100, Walter Doekes wrote:
this week we stumbled upon an issue where we could not send mail to certain
domains, for instance em...@umcg.nl.
...
It turned out that thi
On Thu, Nov 17, 2016 at 10:18:01PM +0100, Walter Doekes wrote:
> >Postfix will not directly query the remote nameserver, and in indeed
> >with DANE you're supposed to be configured to *only* query the
> >local resolver. What resolver is that? And how is it configured?
> >
> >Once the A records c
14 matches
Mail list logo
