Dear friends,
I have been using Postfix for sometime now for a single domain and it has
been running smoothly with Dovecot. I use milters for Spamassasin, Clamav,
Dkim, Dmarc & SPF. Postgrey has also been configured (although I think it
could be removed in the long run). I have Postscreen enabled.
postfix does not provide pop3 & imap!
have a look at the Dovecot (your pop3 & imap service) SSL configuration
as pointed in the tutorial:
http://wiki2.dovecot.org/SSL/DovecotConfiguration
greetings
Becki
On 11.02.2017 08:25, dan...@msw.it wrote:
Hi friends,
Following the Workaround tutoria
On Sat, Feb 11, 2017 at 01:55:26PM +0530, Nitin N wrote:
> Now, I have to migrate to a new server that is running FreeBSD 11.
> I need to support 4 domains on this single server with each domain
> having its own Trusted CA certified SSL digital certificate.
>
> I can think of three ways to accom
Thank you. I know it's been about three weeks since I asked the
question, but I've been swamped with other projects so haven't had a
chance to try it. I will, and will report back.
On Thu, 19 Jan 2017 15:22:57 -0500 (EST), you wrote:
>Steve Matzura:
>> I'm currently running an implementation of v
Peter:
On Fri, 20 Jan 2017 11:01:25 +1300, you wrote:
>F17 came with postfix 2.9 (the 9 is important here). I would also do
>this to make a new setting in 2.10 compatible to previous versions:
>
>postconf smtpd_relay_restrictions=permit
I must be lucky then, because 'postconf -d|grep mail_versi
Hello.
I'm trying to set up a new procmail recipe to automatically file this
mailing list's traffic into its own folder - because my old procmail
recipe (filtering by TO: postfix-users@postfix.org) has proven to be
not 100% effective (somehow, some posts to the mailing list are
addressed to postfi
Josh Good:
> 1. Why the mailing list software is not configured to add a List-Id
> header?
Perhaps that's because the configuration was last updated in 2005,
at a time that List-Id was not as widely used. Let's see if this
message will have a List-Id header.
There are no footers, because to do th
Josh Good skrev den 2017-02-12 01:53:
1. Why the mailing list software is not configured to add a List-Id
header?
good question :)
2. Why this mailing list has never used subject tags, and very early
in its infancy it even stopped injecting a footer into the posts? It's
obvious that was not
On 2017 Feb 11, 20:27, Wietse Venema wrote:
> Josh Good:
> > 1. Why the mailing list software is not configured to add a List-Id
> > header?
>
> Perhaps that's because the configuration was last updated in 2005,
> at a time that List-Id was not as widely used. Let's see if this
> message will have
Josh Good skrev den 2017-02-12 02:40:
And I don't mean to be an annoyance, but why no subject [tags]?
this would break dkim
On 2017 Feb 12, 02:33, Benny Pedersen wrote:
> Josh Good skrev den 2017-02-12 01:53:
>
> >2. Why this mailing list has never used subject tags, and very early
> >in its infancy it even stopped injecting a footer into the posts? It's
> >obvious that was not done to accommodate for DMARC, so why was
Josh Good:
> On 2017 Feb 11, 20:27, Wietse Venema wrote:
> > Josh Good:
> > > 1. Why the mailing list software is not configured to add a List-Id
> > > header?
> >
> > Perhaps that's because the configuration was last updated in 2005,
> > at a time that List-Id was not as widely used. Let's see if
I agree about the DKIM signing. I get regularly authentication failures
(forensic reports) when posting to this list. Propably because my domain is set
to require mandatory DKIM signing and postfix list server isn't.
However, I don't think there should be any subject tags.
smime.p7s
Description
Josh Good skrev den 2017-02-12 02:51:
It would break the original sender's DKIM, if any. But then the mailing
list host could DKIM sign all messages just before sending them to the
list subscribers.
how should dkim handle this ?, how should dmarc handle it ?, how should
arc handle it ?
how
Sebastian Nielsen skrev den 2017-02-12 02:55:
I agree about the DKIM signing. I get regularly authentication
failures (forensic reports) when posting to this list. Propably
because my domain is set to require mandatory DKIM signing and postfix
list server isn't.
in that case you have mailrelays
On 2017 Feb 12, 03:00, Benny Pedersen wrote:
> >In the post-Snowden era, cryptographically signing ALL is the way to
> >go.
> >Remember, NSA not only "spies", it also "impersonates" when it needs to
> >do so (if it can do it). So yes, it makes sense for a mailing list to
> >DKIM sign the posts it
Theres no relay between me and postfix. And this is the report:
Feedback-Type: auth-failure
Version: 1
User-Agent: OpenDMARC-Filter/1.3.2
Auth-Failure: dmarc
Authentication-Results: mx01.nausch.org; dmarc=fail header.from=sebbe.eu
Original-Envelope-Id: 68ED4C00088
Original-Mail-From: owner-postfix
On 12/02/2017 00:53, Josh Good wrote:
Hello.
I'm trying to set up a new procmail recipe to automatically file this
mailing list's traffic into its own folder - because my old procmail
recipe (filtering by TO: postfix-users@postfix.org) has proven to be
not 100% effective (somehow, some posts to
On Sun, Feb 12, 2017 at 02:40:09AM +0100, Josh Good wrote:
> And I don't mean to be an annoyance, but why no subject [tags]?
This list carefully avoids modifying the message headers and body.
Therefore, this list requires no ugly DMARC work-around hacks. I
am sure that we should keep it that way
On 2017 Feb 12, 03:13, Sebastian Nielsen wrote:
> Theres no relay between me and postfix. And this is the report:
>
> Feedback-Type: auth-failure
> Version: 1
> User-Agent: OpenDMARC-Filter/1.3.2
> Auth-Failure: dmarc
> Authentication-Results: mx01.nausch.org; dmarc=fail header.from=sebbe.eu
> Ori
How would a get a print out of email uses that fail DKIM, SPF, or both?A few months ago there was chatter about how to rewrite the subject header to indicate the SPF and DKIM status. Unfortunately nothing further.
Sebastian Nielsen skrev den 2017-02-12 03:13:
Theres no relay between me and postfix. And this is the report:
spf strict
https://dmarcian-eu.com/dmarc-inspector/sebbe.eu
why ?
note you get dkim pass ?
On Sun, 2017-02-12 at 01:53 +0100, Josh Good wrote:
> Hello.
>
> I'm trying to set up a new procmail recipe to automatically file this
> mailing list's traffic into its own folder - because my old procmail
> recipe (filtering by TO: postfix-users@postfix.org) has proven to be
> not 100% effective
On 11 Feb 2017, at 21:53, li...@lazygranch.com wrote:
Further, how does DKIM prove the message wasn't altered? To my
knowledge, SPF proves the message came from a qualified server and
DKIM proves the FQDN is a match.
DKIM signs a hash of the canonicalized message body and the set of
headers
On 2017 Feb 11, 18:53, li...@lazygranch.com wrote:
>
>How would a get a print out of email uses that fail DKIM, SPF, or
>both?
>
>A few months ago there was chatter about how to rewrite the subject
>header to indicate the SPF and DKIM status. Unfortunately nothing
>further.
>
So technically integrity is assured from server to server, but not between
clients and server.
Original Message
From: Bill Cole
Sent: Saturday, February 11, 2017 7:08 PM
To: Postfix users
Reply To: Postfix users
Subject: Re: Why no List-ID header in the postfix-users posts?
On 11 Feb 2017
On 2017 Feb 11, 19:18, li...@lazygranch.com wrote:
> So technically integrity is assured from server to server, but not between
> clients and server.
That is correct. DKIM is for MTA-to-MTA integrity.
I you want end-to-end (in-the-flesh sender to in-the-flesh recipient)
integrity, you need to u
OK, so I sent a message to the list which was rejected, I got a NDR like
this:
This message was sent by a program, not by a human person.
Your submission to the postfix-users mailing list was blocked because
your address is not subscribed, or because the subm
> > Further, how does DKIM prove the message wasn't altered? To my knowledge,
> > SPF proves the message came from a qualified server and DKIM proves the FQDN
> > is a match.
>
> DKIM signs a hash of the canonicalized message body and the set of headers
> specified in the signature. Modify the bo
On 12/02/2017 02:44, Viktor Dukhovni wrote:
On Sun, Feb 12, 2017 at 02:40:09AM +0100, Josh Good wrote:
And I don't mean to be an annoyance, but why no subject [tags]?
This list carefully avoids modifying the message headers and body.
Therefore, this list requires no ugly DMARC work-around hack
30 matches
Mail list logo
