Re: pishing from ME

I've been getting these types of email lately too. They're spoofing the from header from to make it look like it comes from my domain, but the full email headers show the real source: Received: from mail.promiks.com (unknown [95.130.173.217]) Received: from ([80.38.233.163]) by mail.promik

Re: pishing from ME

On 24 Mar 2019, at 09:32, Michael wrote: > header CUST_DMARC_FAIL Authentication-Results =~ /mydomain\.com; dmarc=fail/ > score CUST_DMARC_FAIL 4.0 Have you checked this against your spam? You're going to have a lot of problems with a score of 4.0, I expect. -- "Some cause happiness wherever

I don't realize why this email was not delivered

To make it simple please take a look at https://serverfault.com/questions/959629/why-this-email-wasnt-delivered-by-postfix-dovecot-procmail Thank you -- Sent from: http://postfix.1071664

$queue_directory/private permissions

Hello, I am running postfix (3.3.0-1ubuntu0.2) confined by Apparmor and I noticed the tlsproxy process is apparently trying to connect to tlsmgr's Unix socket while still running as root. Since tlsmgr's socket is stored under $queue_directory/private that has perms set to 0700 and owned by postfi

Relay Access Denied

Hi folks. I’m on a LAN, with a mail server on OS X Server Mountain Lion. It’s running Postfix as a mail server. My LAN has a 192.168.x.x range. I’m getting that error when an app I’m developing, is trying to send an email out through this email server to the internet. A gmail address speci

reject_unknown_reverse_client_hostname query

I have the follosing restrictions in main.cf: smtpd_client_restrictions = permit_mynetworks, reject_unknown_reverse_client_hostname smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipie

Re: Relay Access Denied

Sorry for top posting. Mobile client here.. Your mynetworks has 192.168.0.0/24 but you say you use 192.168.x.x, i.e. 192.168.0.0/16. In the headers of your mail I see 192.168.1.4, which would thus not be in mynetworks. So you may want to check that.. Cheers. On March 24, 2019 8:35:59 PM UTC,

Re: Relay Access Denied

> On Mar 24, 2019, at 5:20 PM, B. Reino wrote: > > Sorry for top posting. Mobile client here.. No problem. I don’t mind top-posting anywhere. > Your mynetworks has 192.168.0.0/24 but you say you use 192.168.x.x, i.e. > 192.168.0.0/16. > > In the headers of your mail I see 192.168.1.4, whic

Re: $queue_directory/private permissions

Simon Deziel: > I can think of 2 ways to workaround this. One is to tell Apparmor to > grant the tlsproxy process the needed capability and the other is to > have the $queue_directory/private directory perms set to 0710 with the > same owner/group. Sorry, changes to Postfix permissions are not sup

Re: reject_unknown_reverse_client_hostname query

Nick Howitt: > I have the follosing restrictions in main.cf: > > smtpd_client_restrictions = permit_mynetworks, > reject_unknown_reverse_client_hostname What is the output from "postconf mynetworks"? If the client matches that, then "permit_mynetworks" will override reject_unknown_revers

Re: reject_unknown_reverse_client_hostname query

On 24/03/2019 21:53, Wietse Venema wrote: Nick Howitt: I have the follosing restrictions in main.cf: smtpd_client_restrictions = permit_mynetworks, reject_unknown_reverse_client_hostname What is the output from "postconf mynetworks"? If the client matches that, then "permit_mynet

Re: $queue_directory/private permissions

> On Mar 24, 2019, at 4:33 PM, Simon Deziel wrote: > > I am running postfix (3.3.0-1ubuntu0.2) confined by Apparmor and I > noticed the tlsproxy process is apparently trying to connect to tlsmgr's > Unix socket while still running as root. The premise is false. On all the systems I've used, the

Re: I don't realize why this email was not delivered

dstonek: > To make it simple please take a look at > https://serverfault.com/questions/959629/why-this-email-wasnt-delivered-by-postfix-dovecot-procmail > Thank you According to the above link: Mar 22 06:36:21 host postfix/cleanup[12463]: D6D441CA09A0: discard: header x-microsoft-antispam-messa

Re: reject_unknown_reverse_client_hostname query

On Sun, Mar 24, 2019 at 09:00:24PM +, Nick Howitt wrote: [ Please avoid pasting "non-breaking space" characters into your email. It is tedious to have to convert these to ASCII. ] > The header is below (x headers and DKIM removed): > > Return-Path: > Received: from hz.cn (unknow

Re: I don't realize why this email was not delivered

Where can that be configured? I posted Header and Body checks. It is strange because the sender is a regular user the recipient receives emails from. Thanks. Daniel -- Sent from: http://postfix.1071664.n5.nabble.com/Postfix-Users-f2.html

Re: I don't realize why this email was not delivered

dstonek: > Where can that be configured? > I posted Header and Body checks. > It is strange because the sender is a regular user the recipient receives > emails from. You can find header_checks settings with one of the following commands: $ postconf header_checks $ postconf -P | grep header_check

Re: reject_unknown_reverse_client_hostname query

On 24/03/2019 22:13, Viktor Dukhovni wrote: On Sun, Mar 24, 2019 at 09:00:24PM +, Nick Howitt wrote: [ Please avoid pasting "non-breaking space" characters into your email. It is tedious to have to convert these to ASCII. ] The header is below (x headers and DKIM removed): R

Re: Relay Access Denied

On Sun, Mar 24, 2019 at 05:36:56PM -0400, VP Lists wrote: > smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated permit What do you expect this to do? > smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated > reject_unauth_destination > > Same error. Care

Re: Relay Access Denied

> On Mar 24, 2019, at 6:31 PM, Viktor Dukhovni > wrote: > > On Sun, Mar 24, 2019 at 05:36:56PM -0400, VP Lists wrote: > >> smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated >> permit > > What do you expect this to do? At this point I have no clue. I think it was in t

Re: reject_unknown_reverse_client_hostname query

On Sun, Mar 24, 2019 at 10:28:27PM +, Nick Howitt wrote: > >> Received: from hz.cn (unknown [220.191.208.116]) > >> by howitts.co.uk (Postfix) with ESMTP id 6614E401361E > >> for ; Sun, 24 Mar 2019 10:09:30 + > >> (GMT) > > > > The "unknown" means that either: > >

Re: I don't realize why this email was not delivered

On 24 Mar 2019, at 18:15, dstonek wrote: Where can that be configured? I posted Header and Body checks. It is strange because the sender is a regular user the recipient receives emails from. My guess is that your 'header_checks' regex /.icu/ is matching something in the full x-microsoft-ant

Re: reject_unknown_reverse_client_hostname query

Viktor Dukhovni: > On Sun, Mar 24, 2019 at 09:00:24PM +, Nick Howitt wrote: > > [ Please avoid pasting "non-breaking space" characters into > your email. It is tedious to have to convert these to ASCII. ] > > > The header is below (x headers and DKIM removed): > > > > Return-Path: >

Re: $queue_directory/private permissions

On 2019-03-24 6:02 p.m., Viktor Dukhovni wrote: >> On Mar 24, 2019, at 4:33 PM, Simon Deziel wrote: >> >> I am running postfix (3.3.0-1ubuntu0.2) confined by Apparmor and I >> noticed the tlsproxy process is apparently trying to connect to tlsmgr's >> Unix socket while still running as root. > >

Re: $queue_directory/private permissions

On 2019-03-24 5:46 p.m., Wietse Venema wrote: > Simon Deziel: >> I can think of 2 ways to workaround this. One is to tell Apparmor to >> grant the tlsproxy process the needed capability and the other is to >> have the $queue_directory/private directory perms set to 0710 with the >> same owner/group

Re: $queue_directory/private permissions

> On Mar 24, 2019, at 8:17 PM, Simon Deziel wrote: > > I was not clear because my issue is indeed with those accesses before > privs get dropped. I noticed that tlsproxy accesses tlsmgr's socket > while still running as root so it depends on its CAP_DAC_READ_SEARCH > capability. My workaround

Re: Relay Access Denied

On Sun, Mar 24, 2019 at 06:38:40PM -0400, VP Lists wrote: > # /var/log/mail.log: > Mar 24 18:37:35 alpha.mydomain.com postfix/postscreen[11964]: CONNECT from > [192.168.1.4]:52147 to [192.168.1.6]:25 > Mar 24 18:37:35 alpha.mydomain.com postfix/postscreen[11964]: PASS OLD > [192.168.1.4]:52147 >