Re: Compiler error on 3.4. Mac Mojave (3.3.2)

1 more error. This error persists across 3.3.1, 3.3.2, and now 3.4. Obviously I’m doing something wrong but cant find what it is about the Berkeley db thing. dict_db.c:768:2: error: "Unsupported Berkeley DB version" #error "Unsupported Berkeley DB version" ^ 1 error generated. make: *** [dict

Re: Installing LetsEncrypt For Postfix and Dovecot

On 27.11.18 10:52, Asai wrote: With Mozilla recently dropping support for all Symantec certs, our security cert now throws errors on Thunderbird clients. We’d like to install certbot on Centos 6, but I’m not sure if it’s going to interfere with Postfix (2.11) or Dovecot (2.2.18). Does anybody h

Re: hostnames in postscreen_access_list

On 27.11.18 21:48, John Fawcett wrote: The reason the ip changes frequently is because it's an xDSL line with a dynamic ip. Some devices on the network need to send emails to my mail server which can go out over this connection. My ISP correctly lists the dynamic ips in PBL. I use zen.spamhaus.or

Re: Installing LetsEncrypt For Postfix and Dovecot

> On 28 November 2018, at 01:03, Matus UHLAR - fantomas > wrote: > > On 27.11.18 10:52, Asai wrote: >> With Mozilla recently dropping support for all Symantec certs, our security >> cert now throws errors on Thunderbird clients. We’d like to install >> certbot on Centos 6, but I’m not sure if i

Compile error on Mojave (Postfix 3.3.2): 'openssl/opensslv.h' file not found

I have installed OpenSSL v1.1.1 via Homebrew. I’m trying to install Postfix 3.3.2 but it always ends with: cc -I. -I../../include -DUSE_TLS -DUSE_SASL_AUTH -DDEF_SERVER_SASL_TYPE=\"dovecot\" -DDEF_COMMAND_DIR=\"/usr/local/sbin\" -DDEF_CONFIG_DIR=\"/usr/local/etc/postfix\" -DDEF_DAEMON_DIR=\"/u

Re: a lot of spam or something?

On 26.11.18 08:11, Poliman - Serwis wrote: I have found some useful commands: mailq postcat -q Using second one I examined one of suspicious messages and what I got: www-d...@allegro.pl sends email with information about some payment a spam probably... and this mail is probably redirected o

Re: Compile error on Mojave (Postfix 3.3.2): 'openssl/opensslv.h' file not found

On Wed, Nov 28, 2018 at 09:55:02PM +1100, James Brown wrote: > I have installed OpenSSL v1.1.1 via Homebrew. I’m trying to install Postfix > 3.3.2 but it always ends with: > > cc -I. -I../../include -DUSE_TLS -DUSE_SASL_AUTH > -DDEF_SERVER_SASL_TYPE=\"dovecot\" -DDEF_COMMAND_DIR=\"/usr/local/sbi

Relay access denied

All goolging has not helped. I hope to find here the solution. Thanks in advance for your help. Wolfgang * Background: Getting error message: Relay access denied The following command works fine: telenet localhost 25 The following command cretes above mentioned error message when entering "rcpt t

Re: Compile error on Mojave (Postfix 3.3.2): 'openssl/opensslv.h' file not found

> On 28 Nov 2018, at 10:38 pm, Herbert J. Skuhra > wrote: > > On Wed, Nov 28, 2018 at 09:55:02PM +1100, James Brown wrote: >> I have installed OpenSSL v1.1.1 via Homebrew. I’m trying to install Postfix >> 3.3.2 but it always ends with: >> >> cc -I. -I../../include -DUS

Re: Compile error on Mojave (Postfix 3.3.2): 'openssl/opensslv.h' file not found

On Wed, Nov 28, 2018 at 11:00:33PM +1100, James Brown wrote: > > On 28 Nov 2018, at 10:38 pm, Herbert J. Skuhra wrote: > > > > On Wed, Nov 28, 2018 at 09:55:02PM +1100, James Brown wrote: > >> I have installed OpenSSL v1.1.1 via Homebrew. I’m trying to install > >> Postfix 3.3.2 but it always end

queue "manipulation"

Hi, I have a little mailserver (MailMan). It works fine, except for yahoo subscribers. While the almost totallity of subscribers receive their messages in less then a hour, in my queue remains (often until expire of queue_lifetime), with this messages: (host mx-eu.mail.am0.yahoodns.net[1

Re: Compile error on Mojave (Postfix 3.3.2): 'openssl/opensslv.h' file not found

@James, this is my Make directive set for 3.3.2, and it builds. I did have to make a couple of patches though first. Added this: Then had to add this define to dict_mysql.c #define MYSQL_OPT_SSL_VERIFY_SERVER_CERT 0 and this patch. This is the DB fix. Do it by prompt after all. sed "s:DB_VE

Re: queue "manipulation"

Barbara M.: > > Hi, > >I have a little mailserver (MailMan). > It works fine, except for yahoo subscribers. > > While the almost totallity of subscribers receive their messages in less > then a hour, in my queue remains (often until expire of queue_lifetime), > with this messages: > > (ho

Re: Installing LetsEncrypt For Postfix and Dovecot

Am 28-Nov-18 um 10:03 schrieb Matus UHLAR - fantomas: On 27.11.18 10:52, Asai wrote: With Mozilla recently dropping support for all Symantec certs, our security cert now throws errors on Thunderbird clients.  We’d like to install certbot on Centos 6, but I’m not sure if it’s going to interfer

Re: Installing LetsEncrypt For Postfix and Dovecot

On Wed, 2018-11-28 at 10:03 +0100, Matus UHLAR - fantomas wrote: > On 27.11.18 10:52, Asai wrote: > > With Mozilla recently dropping support for all Symantec certs, our > > security > > cert now throws errors on Thunderbird clients.  We’d like to install > > certbot on Centos 6, but I’m not sure if

Re: Relay access denied

On 28 Nov 2018, at 6:49, wp.rauchholz wrote: [root@home postfix]# telnet localhost 465 That's abnormal. Port 465 is normally TLS-wrapped, so telnet should not work for testing it. That it seemingly DOES work (at least to connect and try mail...) means that you've done something unusual in ma

Re: Installing LetsEncrypt For Postfix and Dovecot

On 28 Nov 2018, at 4:03, Matus UHLAR - fantomas wrote: On 27.11.18 10:52, Asai wrote: With Mozilla recently dropping support for all Symantec certs, our security cert now throws errors on Thunderbird clients. We’d like to install certbot on Centos 6, but I’m not sure if it’s going to interfer

Re: Compile error on Mojave (Postfix 3.3.2): 'openssl/opensslv.h' file not found

> On Nov 28, 2018, at 5:55 AM, James Brown wrote: > > $ locate opensslv.h > /usr/local/Cellar/openssl/1.0.2p/include/openssl/opensslv.h > /usr/local/Cellar/openssl/1.0.2q/include/openssl/opensslv.h > /usr/local/Cellar/openssl@1.1/1.1.1/include/openssl/opensslv.h > /usr/local/Cellar/openssl@1.1

ClamAV-milter

Trying to configure clamav-milter with postfix-current-3.4.20181105,5 under FreeBSD 11.2-RELEASE, but I’ve missed something since no mail is actually getting processed by ClamAV-milter, including the EICAR test mails which sail through without triggering anything. I’ve tried to provide everythi

Re: Installing LetsEncrypt For Postfix and Dovecot

> On Nov 28, 2018, at 9:49 AM, Jim P. wrote: > > 1) What do you do about restarting services after automatic cert > renewals in the middle of a holiday weekend? (i.e. renew_hook in > /etc/letsencrypt/renewal/*.conf) There is no need to restart or even "reload" Postfix when certificates chang

Re: Installing LetsEncrypt For Postfix and Dovecot

On Wed, 2018-11-28 at 12:25 -0500, Viktor Dukhovni wrote: > > On Nov 28, 2018, at 9:49 AM, Jim P. wrote: > > > > 1) What do you do about restarting services after automatic cert > > renewals in the middle of a holiday weekend?  (i.e. renew_hook in > > /etc/letsencrypt/renewal/*.conf) > > There i

Re: queue "manipulation"

On Wed, 28 Nov 2018, Wietse Venema wrote: . . . Is there a way to say Postfix to resend messages in the queue (for this destination), few recipients at the time (or one by one)? N.B.: tried to play with default_destination_recipient_limit, This is the parameter that limits the number of re

Re: queue "manipulation"

> On Nov 28, 2018, at 1:14 PM, Barbara M. wrote: > > Thanks for replay. > The box is a standard "CentOS Linux release 7.5.1804 (Core)" > Postfix standard (RH): postfix-2.10.1-6.el7.x86_64 > > I inserted in master.cf (last row): > > limitrecip unix - - n - - smt

Re: Relay access denied

Thanks for the taking this up. Concerning hardening TLS settings; can you recommend a read / web page that is suitable for a home email server? Thanks in advance Here the podtconf -Mf output smtp inet n - n - - smtpd amavisfeed unix - - n -

forwarding mail like before queue filtering to remote mta

Hi, is there a way to keep an smtp session open and do before queue filtering AND final delivery to remote mta? do only sent 250 if we have already received 250. if not send temp error. we would like to only accept mails if we can deliver them at the same time. a local queue is not wanted due to

Re: forwarding mail like before queue filtering to remote mta

Stefan Bauer: > Hi, > > is there a way to keep an smtp session open and do before queue filtering > AND final delivery to remote mta? do only sent 250 if we have already > received 250. if not send temp error. How would that work when one message has more than one recipient? In different domains?

RE: looking for any options to better deal with mail looping

Hi, I am still lost with how this all works together, sadly. Do you see obvious errors or am I misunderstanding the limits of what can be done ? I am not sure yet what is relevant My current settings: relay_recipient_maps = mysql:/etc/postfix/files/mysql_pn.cf smtpd_recipient_restrictions = re

Re: Relay access denied

> On Nov 28, 2018, at 3:47 PM, Wolfgang Paul Rauchholz > wrote: > > Thanks for the taking this up. > Concerning hardening TLS settings; can you recommend a read / web page that > is suitable for a home email server? Run with default Postfix settings. They are good enough, worst case exclude a

Re: Relay access denied

On 28 Nov 2018, at 15:47, Wolfgang Paul Rauchholz wrote: Thanks for the taking this up. Concerning hardening TLS settings; can you recommend a read / web page that is suitable for a home email server? The TLS "readme" files in the Postfix distribution (and at http://www.postfix.org/TLS_READ

smtp_fallback_relay TLS with authentication - possible?

Greetings, All! I'm trying to set delivery on a new server, but hit a roadblock. The premise is this: 1. All delivery should be handled directly, but… 2. Some of our clients are rejecting mail using particularly idiotic RBL, however… 3. I have a relay server that usually works ok, although slower

Re: queue "manipulation"

On Wed, 28 Nov 2018, Viktor Dukhovni wrote: Thanks for replay. The box is a standard "CentOS Linux release 7.5.1804 (Core)" Postfix standard (RH): postfix-2.10.1-6.el7.x86_64 I inserted in master.cf (last row): limitrecip unix - - n - - smtp -o default_destinati

Re: smtp_fallback_relay TLS with authentication - possible?

On Thu, Nov 29, 2018 at 02:59:35AM +0300, Andrey Repin wrote: > The premise is this: > 1. All delivery should be handled directly, but... # relayhost = > 2. Some of our clients are rejecting mail using particularly idiotic RBL, >however... Are the rejects 4XX or 5XX? > 3. I have a

Re: queue "manipulation"

On Thu, Nov 29, 2018 at 01:14:55AM +0100, Barbara M. wrote: > > then "postfix reload" to refresh the queue manager. > > > Same result (it tried to deliver all the 7 address of the message > flushed for test). > > # postconf |grep limitrec > limitrecip_destination_recipient_limit = 3 > > What a

Re: forwarding mail like before queue filtering to remote mta

On Wed, Nov 28, 2018 at 09:56:19PM +0100, Stefan Bauer wrote: > Is there a way to keep an smtp session open and do before queue filtering > AND final delivery to remote mta? do only sent 250 if we have already > received 250. if not send temp error. Only if there is a fixed remote MTA (smarthost)

Re: smtp_fallback_relay TLS with authentication - possible?

Greetings, Viktor Dukhovni! > On Thu, Nov 29, 2018 at 02:59:35AM +0300, Andrey Repin wrote: >> The premise is this: >> 1. All delivery should be handled directly, but... > # > relayhost = That's not directly, that's "through relay". >> 2. Some of our clients are rejecting mail using pa

Re: queue "manipulation"

On Wed, 28 Nov 2018, Viktor Dukhovni wrote: then "postfix reload" to refresh the queue manager. Same result (it tried to deliver all the 7 address of the message flushed for test). # postconf |grep limitrec limitrecip_destination_recipient_limit = 3 What are I missing? Thanks for you pa

Re: smtp_fallback_relay TLS with authentication - possible?

On Thu, Nov 29, 2018 at 04:21:44AM +0300, Andrey Repin wrote: > >> 1. All delivery should be handled directly, but... > > > # > > relayhost = > > That's not directly, that's "through relay". By ensuring that "relayhost = " (empty), the initial delivery is direct. > > Are the rejects 4X

Re: queue "manipulation"

On Thu, Nov 29, 2018 at 02:43:46AM +0100, Barbara M. wrote: > >> # postconf |grep limitrec > >> limitrecip_destination_recipient_limit = 3 > > >* Evidence that the nexthop destination domain (not the MX host, but > > the envelope recipient domain) is routed to the "limitrecip" transport.

Re: smtp_fallback_relay TLS with authentication - possible?

Greetings, Viktor Dukhovni! > On Thu, Nov 29, 2018 at 04:21:44AM +0300, Andrey Repin wrote: >> >> 1. All delivery should be handled directly, but... >> >> > # >> > relayhost = >> >> That's not directly, that's "through relay". > By ensuring that "relayhost = " (empty), the initial deli

Re: smtp_fallback_relay TLS with authentication - possible?

> On Nov 28, 2018, at 9:25 PM, Andrey Repin wrote: > >> The "smtp_tls_wrapper_mode" setting in Postfix is per-transport >> (via master.cf overrides), and has no per-destination analogue in >> the TLS policy table. Nor is this inferred from the port number. > >> So yes, you can't have wrapper mo

Re: smtp_fallback_relay TLS with authentication - possible?

Greetings, Viktor Dukhovni! >> On Nov 28, 2018, at 9:25 PM, Andrey Repin wrote: >> >>> The "smtp_tls_wrapper_mode" setting in Postfix is per-transport >>> (via master.cf overrides), and has no per-destination analogue in >>> the TLS policy table. Nor is this inferred from the port number. >> >

Re: Compile error on Mojave (Postfix 3.3.2): 'openssl/opensslv.h' file not found

> On 28 Nov 2018, at 11:20 pm, Herbert J. Skuhra wrote: > > On Wed, Nov 28, 2018 at 11:00:33PM +1100, James Brown wrote: >> >> On Wed, Nov 28, 2018 at 09:55:02PM +1100, James Brown wrote: >>> ... >>> My Make script is: >>> >>> $ make -f Makefile.init makefiles CCARGS='-DUSE_TLS -DUSE_SASL_AU

Re: forwarding mail like before queue filtering to remote mta

The use case is only for mx service so there will be only incoming mail for same domain in same smtp session. I assume that remote mail servers will not combine mail delivery in same smtp session when destination domains differ (even though they have same mx) Stefan Am Mittwoch, 28. November 201

Re: forwarding mail like before queue filtering to remote mta

> On Nov 28, 2018, at 11:43 PM, Stefan Bauer wrote: > > The use case is only for mx service so there will be only incoming mail for > same domain in same smtp session. > > I assume that remote mail servers will not combine mail delivery in same smtp > session when destination domains differ (e