Thanks, I'll check it out.
Am Sa., 8. Sep. 2018 um 19:01 Uhr schrieb Kacper :
> Looks like you would have to recompile postfix with changes to
> smtpd_check.c,
> https://github.com/vdukhovni/postfix/blob/c8e31ae510e006127934ce54413a829933ccae9d/postfix/src/smtpd/smtpd_check.c#L3818
> On Sat, Sep
I like the option smtp_tls_note_starttls_offer = yes
but when a host is logged, it's hard to keep track to which recipient
domain that host belong without doing dns-lookups against all listed in
smtp_tls_policy_maps.
Can this be improved to maybe also list the appropriate recipient domain?
Hi,
is there a way to specify on a per user basis (sasl authenticated user) if
TLS should be none or may or encrypted for a specific recipient domain?
I would like to have the user to decide if his mail to a specific domain
should be TLS encrypted and then maybe bounce back but let other users
ma
Stefan Bauer:
> Hi,
>
> is there a way to specify on a per user basis (sasl authenticated user) if
> TLS should be none or may or encrypted for a specific recipient domain?
There is no "per-recipient map" version for Postfix SMTP client
parameters (or most other parameters). It does not make sens
Stefan Bauer:
> I like the option smtp_tls_note_starttls_offer = yes
> but when a host is logged, it's hard to keep track to which recipient
> domain that host belong without doing dns-lookups against all listed in
> smtp_tls_policy_maps.
>
> Can this be improved to maybe also list the appropriate
Thank you. Before diving deeper into this, you're saying it is possible
with postfix to setup a static routing (with maps / tables) in the form:
mails from Domain-A or specific SASL-user to DOMAIN Z with enforced TLS
mails from Domain-B or specific SASL-user to DOMAIN Z with none TLS
Is that corr
Hi,
delays=422/0.03/0.09/0, dsn=4.7.4, status=deferred (TLS is required, but
was not offered by host
seems to me like a permanent error - postfix sees it as a temporary one. I
would like to have instant bounce message for this case when TLS is not
available.
sending postfix is configured 'encryp
> On Sep 9, 2018, at 12:49 PM, Stefan Bauer wrote:
>
> delays=422/0.03/0.09/0, dsn=4.7.4, status=deferred (TLS is required, but was
> not offered by host
>
> seems to me like a permanent error - postfix sees it as a temporary one. I
> would like to have instant bounce message for this case
On Sun, Sep 09, 2018 at 06:49:07PM +0200, Stefan Bauer wrote:
> Hi,
>
> delays=422/0.03/0.09/0, dsn=4.7.4, status=deferred (TLS is required, but
> was not offered by host
>
> seems to me like a permanent error - postfix sees it as a temporary one. I
> would like to have instant bounce message for
any way to inform my users about TLS fails via bounce without waiting queue
lifetime?
Am So., 9. Sep. 2018 um 18:58 Uhr schrieb Viktor Dukhovni <
postfix-us...@dukhovni.org>:
>
>
> > On Sep 9, 2018, at 12:49 PM, Stefan Bauer
> wrote:
> >
> > delays=422/0.03/0.09/0, dsn=4.7.4, status=deferred (TL
> On Sep 9, 2018, at 9:46 AM, Stefan Bauer wrote:
>
> I like the option smtp_tls_note_starttls_offer = yes
> but when a host is logged, it's hard to keep track to which recipient
> domain that host belong without doing dns-lookups against all listed
> in smtp_tls_policy_maps.
Well, TLS is by
seems to only work when postfix is server. I need this for postfix as
client when remote site is not offering tls.
Am So., 9. Sep. 2018 um 18:59 Uhr schrieb Herbert J. Skuhra <
herb...@gojira.at>:
> On Sun, Sep 09, 2018 at 06:49:07PM +0200, Stefan Bauer wrote:
> > Hi,
> >
> > delays=422/0.03/0.09
That would be great to have this as part of the log string! Thank you for
considering my request.
Am So., 9. Sep. 2018 um 19:03 Uhr schrieb Viktor Dukhovni <
postfix-us...@dukhovni.org>:
>
>
> > On Sep 9, 2018, at 9:46 AM, Stefan Bauer
> wrote:
> >
> > I like the option smtp_tls_note_starttls_of
> On Sep 9, 2018, at 1:01 PM, Stefan Bauer wrote:
>
> any way to inform my users about TLS fails via bounce without waiting queue
> lifetime?
http://www.postfix.org/postconf.5.html#delay_warning_time
In corporate systems I tend to split the mail plant into separate inbound
and outbound syst
our system is only outbound but here when TLS fails so remote sites, we
would be happy to have an option to instantly bounce as this is mostly a
fixed state.
Am So., 9. Sep. 2018 um 19:27 Uhr schrieb Viktor Dukhovni <
postfix-us...@dukhovni.org>:
>
>
> > On Sep 9, 2018, at 1:01 PM, Stefan Bauer
Hello Friends,
I would like to make postfix add a warning message for all external
incoming emails - Something like this at the top of each mail.
WARNING: This email originated outside of our organization. Do not
click any links or open any attachments unless you recognize the
sender and know the
On 9/9/18 1:35 PM, Durga Prasad Malyala wrote:
> Hello Friends,
> I would like to make postfix add a warning message for all external
> incoming emails - Something like this at the top of each mail.
>
> WARNING: This email originated outside of our organization. Do not
> click any links or open any
Am Sonntag, 9. September 2018 schrieb Wietse Venema :
> Instead, you can use transport_maps to choose between different
> Postfix SMTP clients (with different configurations) based on the
> recipient address or domain.
>
> You can use the access map or header/body_checks FILTER action
> ("FILTER na
> On Sep 9, 2018, at 3:39 PM, Stefan Bauer wrote:
>
> I see no way to combine both. I want to enforce tls for sender1 to google.com
> but not for sender2 to google.com.
I assume you don't literally mean "google.com", since they support
TLS, and you can just enforce TLS to "google.com" for bo
* Stefan Bauer :
> Am Sonntag, 9. September 2018 schrieb Wietse Venema :
> > Instead, you can use transport_maps to choose between different
> > Postfix SMTP clients (with different configurations) based on the
> > recipient address or domain.
> >
> > You can use the access map or header/body_check
> On Sep 9, 2018, at 3:51 PM, Viktor Dukhovni
> wrote:
>
> In sender1's instance of the
> smtp(8) transport, the TLS policy will be mandatory for
> "example.com" recipients, while in sender2'd instance of
> the smtp(8) transport it will be opportunistic.
I should mention that this only scale
Durga Prasad Malyala:
> Hello Friends,
> I would like to make postfix add a warning message for all external
> incoming emails - Something like this at the top of each mail.
>
> WARNING: This email originated outside of our organization. Do not
> click any links or open any attachments unless you
> On Sep 9, 2018, at 8:38 PM, Wietse Venema wrote:
>
> smtpd_client_restrictions =
>check_client_access cidr:/etc/postfix/client_access.cidr
>
> /etc/postfix/client_access.cidr
># An "internal" source.
>127.0.0.0/8 dunno
>192.168.0.0/16 dunno
># Everyone else.
>0.0.0.0
On 9 Sep 2018, at 13:35 (-0400), Durga Prasad Malyala wrote:
Hello Friends,
I would like to make postfix add a warning message for all external
incoming emails - Something like this at the top of each mail.
WARNING: This email originated outside of our organization. Do not
click any links or op
On 9 Sep 2018, at 20:38 (-0400), Wietse Venema wrote:
Durga Prasad Malyala:
Hello Friends,
I would like to make postfix add a warning message for all external
incoming emails - Something like this at the top of each mail.
WARNING: This email originated outside of our organization. Do not
click
So each sender's instance is an own smtp-line in master.cf ? If so - does
it work like this?
src_domain1 unix - - n - - smtp
-o smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
-o syslog_name=src_domain1
tls_policy:
domain-that-does-not-support-tls.tld non
Stefan Bauer:
Am Sonntag, 9. September 2018 schrieb Wietse Venema :
Instead, you can use transport_maps to choose between different
Postfix SMTP clients (with different configurations) based on the
recipient address or domain.
You can use the access map or header/body_checks FILTER action
("
27 matches
Mail list logo
