Hi,
Is it possible to have two different smtpd_discard_ehlo_keywords settings
based on whether the connection is explicitly encrypted? Since the late
drafts on MTA-STS, I'm thinking about setting some TLS-only MXs up. On one
of the setups I'd like to hide as many capabilities as possible, before
> On 05 Mar 2019, at 10:00, Dominic Raferd <
>> Fail2ban is (as you know) a way to tackle it.
LuKreme wrote
> At 1000 connections a day I don’t think fail2ban or sshguard or whatever
> is going to save you anything at all.
On Wed, 6 Mar 2019 at 03:51, Mayhem wrote:
Oh, I was getting a lot
Dominic Raferd wrote
Do you have reason to think your system
is suffering heavy load as a result, or are you concerned that some of
the DNSBLs might block you for reaching commercial-use levels of
lookups?
On 05.03.19 13:50, Mayhem wrote:
No, but the problem seems to be getting worse this past
Hello
We just did a stress test on the posfix server we installed in are test lab= ,
specs: 4 virtual cpu and 4GB ram on a vmware esx environment.
Test os ubuntu 18.04.2 fully patched
Kernel 4.15.0.46
Postfix version is the one from ubuntu repo 3.3
We see when we send 45000 mails form are
About 31000 are in are postfix que and the rest is gone, on are
exchange we= see the confirmation of postfix that he has received the
mail is not in th= e postfix que.
We see a very high I/O on the disk but still writing...
../..
Witch parameter do I have to change to start throttling sow my
De Petter Mattheas:
> We see when we send 45000 mails form are exchange server to the relay smtp =
> (postfix) that postfix loses about 14000 mails.
Your tests are incompetent.
Wietse
Hello
Yes it is a strange business model, but the postfix must run on are vessels.
So they sail over the world and because of the time difference we can't help
them ride away.
Therefore we use a person onboard the vessel to look at the first problems when
mail issen't send from the vessel.
Th
Wietse
Why are this incompetent test?
we don't want to lose no mails. Company policy guess you will understand
that?
All are machines that are onboard a vessel also have snmp sensors and when it
goes wrong onboard the sensor will trigger are snmp server to send critical
mails.
Met vriende
De Petter Mattheas:
> Wietse
>
> Why are this incompetent test?
Because Postfix does not lose email under load.
Wietse
I'm sorry wietse
I can prove different
Start from different servers a powershell script that start a background
processes
Each process send a number of mails let's say
100 processes 450 mails to be send ... =45000 mails that should be in postfix ??
You see them come in exchange 4500
On 3/5/19 8:26 PM, @lbutlr wrote:
On 05 Mar 2019, at 13:50, Mayhem wrote:
I also have nginx/apache and sql running on the same dedicated machine,
There will use much more of your system that all of postfix, including your
dovecot (or whatever), and the DNS lookups are a minuscule portion o
Im Auftrag von De Petter Mattheas
>
>
> We just did a stress test on the posfix server we installed in are test
lab= ,
> specs: 4 virtual cpu and 4GB ram on a vmware esx environment.
>
> Test os ubuntu 18.04.2 fully patched
>
> Kernel 4.15.0.46
>
> Postfix version is the one from ubuntu repo 3
On 2019-03-06 13:10, De Petter Mattheas wrote:
Yes it is a strange business model, but the postfix must run on are
vessels.
So they sail over the world and because of the time difference we
can't help them ride away.
I believe you should clarify or remake your test model, there is
something
On 2019-03-06 De Petter Mattheas wrote:
> I'm sorry wietse
>
> I can prove different
>
>
> Start from different servers a powershell script that start a
> background processes
>
> Each process send a number of mails let's say
>
>
> 100 processes 450 mails to be send ... =45000 mails t
Comments below
Thanks for the help by the way :)
-Original Message-
From: patpro
Sent: 06 March 2019 13:34
To: De Petter Mattheas
Cc: Postfix users ; owner-postfix-us...@postfix.org
Subject: Re: stress tested postfix
On 2019-03-06 13:10, De Petter Mattheas wrote:
> Yes it is a stran
On 2019-03-06 13:49, De Petter Mattheas wrote:
# a single ship can generate up to 60 K in a hour, we have had it in
the past when a ship goes in error or failure or by mistake of the
programmer it send alert mails to HQ
# the test was done in are virtual lab sow there was no SatCom
involved, tha
De Petter Mattheas:
> Start from different servers a powershell script that start a background
> processes
> Each process send a number of mails let's say
Let's say that you need to use a proper SMTP benchmark tool, instead
of a home-grown script that loses email before it reaches Postfix.
:-)
I know the basic postfix operational scheme:
http://www.postfix.org/OVERVIEW.html
I have a generic spamassassin instance that marks messages recognized as
spam, `/etc/postfix/master.cf' :
smtp inet n - n - - smtpd
-o content_filter=spamassassin
spa
On Wed, Mar 6, 2019 at 7:50 AM De Petter Mattheas
wrote:
>
> Comments below
>
> Thanks for the help by the way :)
>
> -Original Message-
> From: patpro
> Sent: 06 March 2019 13:34
> To: De Petter Mattheas
> Cc: Postfix users ; owner-postfix-us...@postfix.org
> Subject: Re: stress tested
Hi, I am curious why no one has recommended using what looks like a built-in
testing [benchmark] tool in Postfix ?
/usr/sbin/smtp-source
I gave the man page a quick look and it seemed it may help, based on the given
specs provided by the OP.
I have versions 2.6.x and 2.10.x and assume it is s
+1
We would need to see exactly how your powershell script detects that
mail was accepted by the target PostFix server. I've written test
equipment software, and one of the biggest thorns in such programming is
to properly report testbed-induced failures.
For example, you could have told your po
> On Mar 6, 2019, at 3:44 AM, Wojtek Sychut wrote:
>
> RFC 3207 states that "A publicly-referenced SMTP server MUST NOT require use
> of the STARTTLS extension in order to deliver mail locally".
Here "locally" means "not outbound" to some other organization.
> It is therefore
> my understanding
> "Ian!" == Ian! D Allen writes:
Ian!> On Sun, Mar 03, 2019 at 03:51:35PM -0500, Wietse Venema wrote:
>> smtp unix - - n - - smtp
>> -o { smtp_generic_maps = inline:{{idal...@idallen.ca = you@college}}}
Ian!> Am I right that since my master.cf already has
On Wed, Mar 06, 2019 at 10:51:04AM +, De Petter Mattheas wrote:
> Test os ubuntu 18.04.2 fully patched
Make sure to configure systemd logging with generous rate limits
to avoid losing log messages under load.
> We see when we send 45000 mails form are exchange server to the relay smtp =
> (p
Hi everybody, i need an help.
I've a mail2fax server.
I define in mydestination a domain like example.com (i don't have a real
domain on my mail server with this name) i do to accept mail from this
account "virtual...@example.com".
Than in transport i do this
virtual...@example.com fax:lo
On Wed, Mar 06, 2019 at 05:59:55PM +0100, Matteo Cazzador wrote:
> I define in mydestination a domain like example.com
>
> Then in transport i do this:
>
> virtual...@example.com fax:localhost
>
> I've a problem when I receive a mail for "t...@example.com"
>
> "User unknown in local reci
Hi yes this is It. Thanks i try to configure like you suggest
Inviato dallo smartphone Xperia™ di Sony
Viktor Dukhovni ha scritto
>On Wed, Mar 06, 2019 at 05:59:55PM +0100, Matteo Cazzador wrote:
>
>> I define in mydestination a domain like example.com
>>
>> Then in transport i do thi
On 06/03/2019 17:03, Viktor Dukhovni wrote:
As to your original question of advertising a minimal set of ESMTP features
before STARTTLS, other than suppressing pre-TLS "AUTH" to prevent accidental
password leakage from misconfigure MUAs, there's really no point. It would
achieve nothing. The
Hi,
I have a postfix server configured as a incoming mail relay for my customers.
One of my customers has several domain names: domain1.com (main), domain2.com,
domain3.com, domain4.com.
My server can receive emails on whatever domain1/2/3/4.com, but can accept
emails for declared email address
On Wed, Mar 06, 2019 at 06:31:20PM +0100, Wojtek Sychut wrote:
> Other than that, with recent SNI support and (would there be) the ability
> to get the requested hostname from the client, one could set a different
> set of capabilities (like SIZE) for different hostnames.
MTA SMTP clients often d
Dominic Raferd wrote
> Have you considered using abuseipdb? It provides mechanisms (including
> via fail2ban) for uploading bad ips as well as for downloading, so you
> might be helping the rest of us too. I download their list 3x per day
> and apply it to incoming mail before any DNSBL lookups. It
On 06/03/2019 18:41, Viktor Dukhovni wrote:
On Wed, Mar 06, 2019 at 06:31:20PM +0100, Wojtek Sychut wrote:
Other than that, with recent SNI support and (would there be) the ability
to get the requested hostname from the client, one could set a different
set of capabilities (like SIZE) for diff
> On Mar 6, 2019, at 8:40 AM, Marek Kozlowski
> wrote:
>
> I'm using dovecot for IMAP/POP. I've read that since dovecot 2.0 I may use
> dovecot
> as an LMTP and implement desired solution by adding sieve/pigeon classifier to
> dovecot LMTP. It perfectly(?) integrates with postfix.
The Dovec
33 matches
Mail list logo
