Hi
Added the domain to $relay_domian but they i get this error
Recipient address rejected: User unknown in relay recipient table;
Thanks
adam
--
Sent from: http://postfix.1071664.n5.nabble.com/Postfix-Users-f2.html
As the subject stated, how can I get the statistics on the numbers of
inbout/outbound messages every day from Postfix?
Thanks & regards.
On Oct 11, 2019, at 1:53 AM, Wesley Peng wrote:
> As the subject stated, how can I get the statistics on the numbers of
> inbout/outbound messages every day from Postfix?
Install pflogsumm
--
"You're an elf and you're going to wear panties like an elf.”
ab:
> Hi
>
> Added the domain to $relay_domian but they i get this error
Good.
> Recipient address rejected: User unknown in relay recipient table;
Populate relay_recipient_maps, or use recipient address verification.
http://www.postfix.org/STANDARD_CONFIGURATION_README.html#backup
http://www
This was happening when sending internal to external so how can i populate
relay_recipient_maps ?
--
__
Adam Barnett
Systems Engineer
Double Negative
160 Great Portland Street,W1W 5QA
T: 020-7268-5000
[ http://www.dneg.com/ | www.dneg.com ]
__
You have EXTERNAL domain listed in relay_domains? Don't do that.
For relaying to arbitrary remote sites, the SMTP client should be
in a trusted network (mynetworks), or the client should authenticate
(with SASL login, or TLS cert).
It was not clear from the anonymized description which was which.
ah, got it
Thanks
Adam
--
__
Adam Barnett
Systems Engineer
Double Negative
160 Great Portland Street,W1W 5QA
T: 020-7268-5000
[ http://www.dneg.com/ | www.dneg.com ]
__
- Original Message -
| From: "Wietse Venema"
| To: "Postfix users"
|
I am running Postfix mail_version = 3.5-20190922, with OpenSSL 1.1.1d
on a FreeBSD 11 machine. I am just wondering what the recommended
settings are for the following items:
smtp_tls_mandatory_protocols=
smtpd_tls_mandatory_protocols=
smtp_tls_protocols=
smtpd_tls_protocols=
I have seen several r
If we want to try and respect MTA-STS, when doing STARTTLS, the sender
needs to send the right information in the TLS SNI (Server Name
Inidication) extension. An MTA-STS-honoring SMTP client expects to
validate the X.509 certificate of the receiving MTA, but that MTA might
be known by a dozen nam
Gerard E. Seibert:
> I am running Postfix mail_version = 3.5-20190922, with OpenSSL 1.1.1d
> on a FreeBSD 11 machine. I am just wondering what the recommended
> settings are for the following items:
>
> smtp_tls_mandatory_protocols=
> smtpd_tls_mandatory_protocols=
> smtp_tls_protocols=
> smtpd_tl
micah anderson:
If we want to try and respect MTA-STS, when doing STARTTLS, the sender
needs to send the right information in the TLS SNI (Server Name
Inidication) extension. An MTA-STS-honoring SMTP client expects to
validate the X.509 certificate of the receiving MTA, but that MTA might
be k
"A. Schulze" writes:
> micah anderson:
>
>> If we want to try and respect MTA-STS, when doing STARTTLS, the sender
>> needs to send the right information in the TLS SNI (Server Name
>> Inidication) extension. An MTA-STS-honoring SMTP client expects to
>> validate the X.509 certificate of the rece
> On Oct 11, 2019, at 10:19 AM, micah anderson wrote:
>
> I am aware of that, but I'm not asking specifically how to implement
> this, I'm more trying to find out what really is the concern here with
> enabling this, and what we need to do to fix that.
The concern is as stated, we don't know wha
Hi, I am building new server RHEL7 and Postfix 2.10
The log file is constantly outputting this...
Oct 11 11:15:08 mail6 postfix/master[3266]: warning: process
/usr/libexec/postfix/smtpd pid 18008 exit status 1
Oct 11 11:15:08 mail6 postfix/master[3266]: warning:
/usr/libexec/postfix/smtpd: bad
Viktor Dukhovni writes:
>> On Oct 11, 2019, at 10:19 AM, micah anderson wrote:
>>
>> I am aware of that, but I'm not asking specifically how to implement
>> this, I'm more trying to find out what really is the concern here with
>> enabling this, and what we need to do to fix that.
>
> The conce
> Oct 11 11:16:08 mail6 postfix/submission/smtpd[18091]: fatal: open lock file
> pid/inet.submission: cannot open file: Permission denied
This would be the clue, and according to the docs, pid files are written to the
queue directory by default.
> queue_directory = /var/spool/postfix
so - is th
Hi, thank you for trying to help.
I hope this answers your question.
[root@mail6 pid]# pwd
/var/spool/postfix/pid
[root@mail6 pid]# ll
total 4
-rw---. 1 root root 0 Oct 6 22:14 inet.smtp
-rw---. 1 root root 0 Oct 3 10:00 inet.smtps
-rw---. 1 root root 0 Oct 6 22:18 inet.submissio
Fazzina, Angelo:
> Hi, thank you for trying to help.
> I hope this answers your question.
>
> [root@mail6 pid]# pwd
> /var/spool/postfix/pid
> [root@mail6 pid]# ll
> total 4
> -rw---. 1 root root 0 Oct 6 22:14 inet.smtp
...and so on...
Postfix daemons open lockfiles while running as root. I
On Fri, Oct 11, 2019 at 11:32:50AM -0400, micah anderson wrote:
> > The concern is as stated, we don't know what remote MTAs will do if
> > they receive an unexpected SNI. You can try it I guess, and see
> > what happens.
>
> Indeed, this is why I was wondering how we could go about probing thes
Am 11.10.19 um 18:10 schrieb Viktor Dukhovni:
> So likely at this point it is safe to conclude that sending SNI is
> unlikely to cause problems. Your mileage may vary.
Hi,
that Gmail enabled SNI on their SMTP client is an indicator that using SNI may
not cause relevant trouble.
But it's also
On Fri, Oct 11, 2019 at 08:02:32PM +0200, A. Schulze wrote:
> that Gmail enabled SNI on their SMTP client is an indicator that using SNI
> may not cause relevant trouble. But it's also known, Gmail is able to do
> such stuff very selective to prevent damage.
Indeed I am not presently able to rul
Hi, thanks for the tip about checking SELINUX. Sadly no change when testing
openssl command with SELINUX off. :-(
Not sure if this is a hint but this works on the server
openssl s_client -connect mail6.its.uconn.edu:465
so I think the SSL cert files are all good, as 465 and 587 use sam
Reboot your system, and try again.
> On Oct 11, 2019, at 2:49 PM, Fazzina, Angelo wrote:
>
> Hi, thanks for the tip about checking SELINUX. Sadly no change when testing
> openssl command with SELINUX off.
TLS has nothing to with this. The SMTP server is unable to
lock a file that is used to
...and check permissions on *all* the directories in the path leading to the
lockfile for proper access (at least eXecute permission) and no conflicting
ACLs
(as viktor already wrote).
--tmolitor
Am Freitag, 11. Oktober 2019, 15:00:36 CEST schrieb Viktor Dukhovni:
> Reboot your system, and tr
Thank you both for the hints, I rebooted and saw no change when testing.
On a guess I used "systemctl stop postfix" and tried to manually start postfix
with
"postfix start" at the command line.
Strangely that allows the openssl test command to work perfectly ?!
I am able to repeat the starting a
On Oct 11, 2019, at 7:21 AM, Gerard E. Seibert
wrote:
> I am running Postfix mail_version = 3.5-20190922, with OpenSSL 1.1.1d
> on a FreeBSD 11 machine. I am just wondering what the recommended
> settings are for the following items:
>
> smtp_tls_mandatory_protocols=
> smtpd_tls_mandatory_protoc
26 matches
Mail list logo
