Greetings, All!
I just discovered that mail generated locally (i.e. introduced by pickup
daemon) is not signed.
Digging in documentation, I've found
http://www.postfix.org/postconf.5.html#non_smtpd_milters
But its description made me reluctant to enable it straight away.
And then there's rather
On Mon, Feb 18, 2019 at 02:07:29AM -0500, Viktor Dukhovni wrote:
> Feb 17 22:08:45 mail postfix/tlsproxy[23261]:
> sys1.mmini.de[5.9.100.168]:25: depth=1 verify=0
> subject=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
>
> These callbacks are NOT expected.
diff --git a/sr
>
> What distribution runs Linux 5 kernels? I would like to do a smoke
> test for due diligence (does it build and run).
Arch Linux will have Linux 5 when the kernel comes out.
Bjoern
On Mon, 18 Feb 2019 at 10:51, Andrey Repin wrote:
> I just discovered that mail generated locally (i.e. introduced by pickup
> daemon) is not signed.
>
> Digging in documentation, I've found
> http://www.postfix.org/postconf.5.html#non_smtpd_milters
> But its description made me reluctant to enab
azusa_tar...@yahoo.co.jp:
> Hi,
> I'm trying to implement "Expires" header (Defined by RFC-5536).
> I want Postfix bounce the expired mails.
> At first, I use content filter to check Expires date is valid.
>
> However, content filtering can be done only one time when into the mail queue.
> (It can
On Fri, 2019-02-15 at 20:42 +0100, Christopher R. Gabriel wrote:
> > > > Is the "delay" recorded in a typical Postfix log entry ?
> > > > Stolen from Postfix 2.3.19:
> > > > Postfix logs additional delay information as "delays=a/b/c/d"
> > > > where a=time before queue manager, including message
So I've now configured init mode in foreground with logging properly on
stdout and your patch applied to the last 3.5 snapshot and I got the
same panic, although this time not against my piped spamd process,
rather smtpd, it would appear:
/ # ps
PID USER TIME COMMAND
1 root 0:00 /u
Greetings, All!
I'm looking at the output of today's mail server activity and it does not add
up.
Per-Day Traffic Summary
---
date received delivered deferredbounced rejected
F
On 18 Feb 2019, at 10:30, Andrey Repin wrote:
Greetings, All!
I'm looking at the output of today's mail server activity and it does
not add
up.
Per-Day Traffic Summary
---
date received delivered deferredbounced
rejected
-
* Wietse Venema:
> What distribution runs Linux 5 kernels? I would like to do a smoke
> test for due diligence (does it build and run).
Gentoo Linux makes new kernels available as un-stable (*) flagged
ebuilds as soon as the kernels are officially released.
-Ralph
(*) The mailing list filter wo
Quite right. My mistake. The root cause in this case was musl libc in the
Alpine Linux 3.9 container image, whose syslog call uses dgram only, unlike
glibc, which will attempt stream as well. Thanks for pointing me in the
right direction.
FWIW, the new CHUNKING support (BDAT command) in Postfix
Tam?s G?rczei:
> 1 root 0:00 /usr/libexec/postfix/master -i
>...
> 78 postfix 0:00 smtpd -n smtp -t inet -u -o stress=
>
> Feb 18 09:36:57 mail-postfix-0 postfix/master[1]: panic: master_reap:
> unknown pid: 78*
> > + if (init_mode)
> > + continue; /
Andrey Repin:
> Greetings, All!
>
> I just discovered that mail generated locally (i.e. introduced by pickup
> daemon) is not signed.
>
> Digging in documentation, I've found
> http://www.postfix.org/postconf.5.html#non_smtpd_milters
That's what I use for signing this local submission.
> And t
Viktor Dukhovni:
> On Mon, Feb 18, 2019 at 02:07:29AM -0500, Viktor Dukhovni wrote:
>
> > Feb 17 22:08:45 mail postfix/tlsproxy[23261]:
> > sys1.mmini.de[5.9.100.168]:25: depth=1 verify=0
> > subject=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
> >
> > These callbacks are NOT
Greetings, Bill Cole!
> On 18 Feb 2019, at 10:30, Andrey Repin wrote:
>> Greetings, All!
>>
>> I'm looking at the output of today's mail server activity and it does
>> not add
>> up.
>>
>> Per-Day Traffic Summary
>> ---
>> date received delivered deferredb
Am 18.02.19 um 12:04 schrieb Viktor Dukhovni:
> diff --git a/src/tls/tls_misc.c b/src/tls/tls_misc.c
> diff --git a/src/tlsproxy/tlsproxy.c b/src/tlsproxy/tlsproxy.c
Hello Viktor,
I confirm these modifications fix the delivery failure.
... $ sendmail -f sen...@example.org -bv recipi...@gerve
Greetings, Wietse Venema!
> Andrey Repin:
>> Greetings, All!
>>
>> I just discovered that mail generated locally (i.e. introduced by pickup
>> daemon) is not signed.
>>
>> Digging in documentation, I've found
>> http://www.postfix.org/postconf.5.html#non_smtpd_milters
> That's what I use for s
Indeed, I should have had some rest before applying your patch... I did
create the condition, branching on init mode towards continue as
intended, yet also left the original call there right thereafter :D It
applied and compiled well and I was sure I used the new packages and
image so I was relucta
On Mon, Feb 18, 2019 at 12:05:40PM -0500, Wietse Venema wrote:
> > diff --git a/src/tls/tls_misc.c b/src/tls/tls_misc.c
> > index 01dda8a97..a4a88a392 100644
> > --- a/src/tls/tls_misc.c
> > +++ b/src/tls/tls_misc.c
> > @@ -772,6 +772,8 @@ voidtls_pre_jail_init(TLS_ROLE role)
> > };
> >
On Mon, Feb 18, 2019 at 09:07:36PM +0300, Andrey Repin wrote:
> > Maybe that should have finer granularity: it may be OK to inspect
> > bounces with Milters, but it may not be OK with header/body_checks.
>
> Yes, I see how this can be a problem.
> Is there a way around it? How are the bounces/not
Tam?s G?rczei:
> Indeed, I should have had some rest before applying your patch... I did
> create the condition, branching on init mode towards continue as
> intended, yet also left the original call there right thereafter :D It
You MUST KEEP the original panic call, like this:
if ((proc
Viktor Dukhovni:
> On Mon, Feb 18, 2019 at 12:05:40PM -0500, Wietse Venema wrote:
>
> > > diff --git a/src/tls/tls_misc.c b/src/tls/tls_misc.c
> > > index 01dda8a97..a4a88a392 100644
> > > --- a/src/tls/tls_misc.c
> > > +++ b/src/tls/tls_misc.c
> > > @@ -772,6 +772,8 @@ voidtls_pre_jail_init(T
Sure, I must suck at expressing myself as well. Not only had it been
left intact and moved into the conditional construct, it had still been
there without that in addition, thereby defeating the very purpose of
patching. Like I said, contrary to what I might seem, I'm no moron and
I've realized the
Viktor Dukhovni:
> On Mon, Feb 18, 2019 at 09:07:36PM +0300, Andrey Repin wrote:
>
> > > Maybe that should have finer granularity: it may be OK to inspect
> > > bounces with Milters, but it may not be OK with header/body_checks.
> >
> > Yes, I see how this can be a problem.
> > Is there a way aro
> On Feb 18, 2019, at 2:51 PM, Wietse Venema wrote:
>
> There is no need to sign bounces for email that you don't receive
> but what about non-delivery notifications for mail that is accepted
> and then later found to be undeliverable?
In my multi-instance configurations, delivery failure to int
On Mon, Feb 18, 2019 at 02:48:32PM -0500, Wietse Venema wrote:
> > > Should we remove the those calls and make tls_pre_jail_init() a
> > > mandatory call?
> >
> > I considered making the pre-jail init mandatory, but decided not
> > to mess with posttls-finger, and left them in place.
>
> We shou
Viktor Dukhovni:
> Do you want to do that now in a 3.4.0-RC3? Or save the cleanup
> for 3.5?
I wanted to understand why the code is "organized" as it is, as
kinda sorta parallel worlds, instead of client-server style delegation.
I understand that with the proposed code organization, we can relea
Greetings, Viktor Dukhovni!
>> There is no need to sign bounces for email that you don't receive
>> but what about non-delivery notifications for mail that is accepted
>> and then later found to be undeliverable?
> In my multi-instance configurations, delivery failure to internal
> recipients doe
postfix pam_mysql authentication SHA512/SHA256 on Feb 19, 2019; 10:53am
In our postfix setup, we are using the pam_mysql module for SASL
authentication from the MySQL database.
(http://ryandoyle.net/posts/bringing-postfix-cyrus-sasl-saslauthd-pam_mysql_and_mysql_all_together/)
We are using SHA5
29 matches
Mail list logo
