On 2018-05-25 (21:22 MDT), "Voytek" wrote:
> # grep health.gov.au /var/log/maillog | grep block
> May 21 08:49:16 geko postfix/postscreen[23877]: NOQUEUE: reject: RCPT from
> [152.91.65.145]:57512: 550 5.7.1 Service unavailable; client
> [152.91.65.145] blocked using dnsbl.spfbl.net;
> from=, to=,
@lbutlr:
> On 2018-05-25 (21:22 MDT), "Voytek" wrote:
> > # grep health.gov.au /var/log/maillog | grep block
> > May 21 08:49:16 geko postfix/postscreen[23877]: NOQUEUE: reject: RCPT from
> > [152.91.65.145]:57512: 550 5.7.1 Service unavailable; client
> > [152.91.65.145] blocked using dnsbl.spfbl
On Mon, May 21, 2018 at 5:21 PM, Viktor Dukhovni wrote:
>
>
> > On May 21, 2018, at 5:16 PM, Sean Son
> wrote:
> >
> > lmtp_tls_mandatory_protocols = !SSLv2
> > lmtp_tls_protocols = !SSLv2
> > smtp_tls_mandatory_protocols = !SSLv2
> > smtp_tls_protocols = !SSLv2
> > smtpd_tls_mandatory_protocols
On 26 May 2018, at 06:30, Sean Son wrote:
> postconf -d | egrep '^[^ ]*mtpd?_tls.*_protocols' . but it still shows me
> the old settings
The output of postconf -d will never change.
Man postconf:
-d Print main.cf default parameter settings instead of actual set-
ti
> On May 26, 2018, at 8:30 AM, Sean Son
> wrote:
>
> Also, if I set smtpd_tls_ciphers" and/or "smtp_tls_ciphers" to "high" , won't
> that conflict with opportunistic TLS.
Only for senders that don't support any of the modern ciphersuites.
> You had mentioned that adding those settings wou
On Sat, May 26, 2018 at 06:51:33AM -0600, @lbutlr wrote:
> On 26 May 2018, at 06:30, Sean Son
> wrote:
> > postconf -d | egrep '^[^ ]*mtpd?_tls.*_protocols' . but it still
> > shows me the old settings
>
>
> The output of postconf -d will never change.
>
> Man postconf:
>-d Print
> On May 26, 2018, at 12:59 PM, /dev/rob0 wrote:
>
>> Man postconf:
>> -d Print main.cf default parameter settings instead of
>> actual settings. Specify -df to fold long lines
>> for human readability (Postfix 2.9 and later).
>
> Perhaps this could be rew
On Sat, May 26, 2018 at 01:22:01PM +1000, Voytek wrote:
> I've recently updated Postfix from 2.1, and, enabled postscreen,
> all's working well, though, just picked up a false positive:
>
> several users inbound mail blocked with dnsbl.spfbl.net
>
> I have like:
>
> # grep spfbl.net main.cf
> p
On Sat, May 26, 2018 at 01:11:00PM -0400, Viktor Dukhovni wrote:
> > On May 26, 2018, at 12:59 PM, /dev/rob0 wrote:
> >
> >> Man postconf:
> >> -d Print main.cf default parameter settings instead of
> >> actual settings. Specify -df to fold long lines
> >> fo
On 2018-05-26 (11:22 MDT), /dev/rob0 wrote:
>
> If you're not going to take the advice above, your only other option
> would be to whitelist the IP address[es]. Oh, also, you could talk
> to the DNSBL operator about theit listing criteria, and/or to the
> sending site about getting delisted.
On 2018-05-26 (10:59 MDT), /dev/rob0 wrote:
> Perhaps this could be reworded to be less confusing? Since "-d"
> doesn't look at main.cf, s/main.cf/"Postfix internal"/?
I dunno, I think "Print main.cf default parameter settings instead of actual
settings." is very clear.
--
We will fight for
On Sat, May 26, 2018 at 12:56 PM, Viktor Dukhovni <
postfix-us...@dukhovni.org> wrote:
>
>
> > On May 26, 2018, at 8:30 AM, Sean Son
> wrote:
> >
> > Also, if I set smtpd_tls_ciphers" and/or "smtp_tls_ciphers" to "high" ,
> won't that conflict with opportunistic TLS.
>
> Only for senders that do
/dev/rob0 skrev den 2018-05-26 18:59:
Just a thought. This particular misunderstanding is pretty common.
Of course "instead of actual settings" should be a clue. It might
help if the OP tells us what he was thinking when reading that
passage about "-d". Reading too fast?
postconf -d output
On Sun, May 27, 2018 3:22 am, /dev/rob0 wrote:
> The obvious solution, if dnsbl.spfbl.net is blocking real mail, is to
> stop using that list, or possibly to lower its score below your [unstated]
> threshold score.
Thanks for all replies and comments!
I guess my starting point should be that, lo
14 matches
Mail list logo
