use relay host on direct connection failure

Hi, I have a server which is being blocked by one of the recipient, whoseprovider won't respond to unblock requests (new server, new ip usualbs), and would like to workaround this by using relay host for suchcases. I know I can setup transport list for known domains, but how do Isetup this for unkn

Re: postfix newbe - which standard configuration to use

> Mails are collected by fethcmail (as daemon using /etc/fetchmail.rc) > > > So, you aren't going to receive any email on your VPS, then you should configure inet_interfaces to listen only your VPN IP http://www.postfix.org/postconf.5.html#inet_interfaces You can even listen to the submission port

Re: use relay host on direct connection failure

sashk wrote: Hi, I have a server which is being blocked by one of the recipient, whose provider won't respond to unblock requests Hi, can you give the error line from your mail.log, when trying to deliver mail to this host? Regards Aban -- Aban Dokht aba

Re: use relay host on direct connection failure

sashk: > ?div?Hi,?/div??div???/div??div?I have a server which is being > blocked by one of the recipient, whose?/div??div?provider won't > respond to unblock requests (new server, new ip usual?/div??div?bs), > and would like to workaround this by using relay host for > such?/div??div?cases. I know

Re: SPF/DMARC modified by host en route

On 27 Apr 2021, at 14:41, Jeff Abrahamson wrote: So you note "This perfectly valid signature is useless for DMARC unless the From header address is in p27.eu."   And, indeed, nantes-m1.p27.eu is MX for p27.eu and for mobilitains.fr.  I'd understood that DKIM/DMARC should match the MX hosts na

Re: postfix newbe - which standard configuration to use

Dnia 28.04.2021 o godz. 16:28:39 IL Ka pisze: > configure inet_interfaces to listen only your VPN IP > http://www.postfix.org/postconf.5.html#inet_interfaces > > You can even listen to the submission port (instead of SMTP/25) and close > 25 with a firewall. I'd suggest the opposite: if you will o

Re: postfix newbe - which standard configuration to use

Dnia 28.04.2021 o godz. 16:28:39 IL Ka pisze: configure inet_interfaces to listen only your VPN IP http://www.postfix.org/postconf.5.html#inet_interfaces You can even listen to the submission port (instead of SMTP/25) and close 25 with a firewall. On 28.04.21 16:31, Jaroslaw Rafa wrote: I'd s

Re: postfix newbe - which standard configuration to use

> > just add that IP to "mynetworks" and send the mail to your server the > normal way via port 25... Less to set up... > IMHO: no need to listen to 25 on the public ip if you aren't going to receive any email from there. "mynetworks" will protect server from open relay, but still many bots will t

Re: postfix newbe - which standard configuration to use

Dnia 28.04.2021 o godz. 17:42:20 IL Ka pisze: > > > > just add that IP to "mynetworks" and send the mail to your server the > > normal way via port 25... Less to set up... > > > > IMHO: no need to listen to 25 on the public ip if you aren't going to > receive any email from there. > "mynetworks" w

Clients Sending Phantom Email

Greetings, We are getting reports, more and more, of email clients (Type App, Mac Mail, iOS Mail) that seem to send email, and show that the email has been sent on the client, but the mail server has no record of email ever reaching the SMTP service, nor does it even seem that the client is c

Re: Clients Sending Phantom Email

> > > We are getting reports, more and more, of email clients (Type App, Mac > Mail, iOS Mail) that seem to send email, and show that the email has > been sent on the client, but the mail server has no record of email ever > reaching the SMTP service, nor does it even seem that the client is > conn

Re: Clients Sending Phantom Email

> On Apr 28, 2021, at 12:28 PM, Asai wrote: > > We are getting reports, more and more, of email clients (Type App, Mac Mail, > iOS Mail) that seem to send email, and show that the email has been sent on > the client, but the mail server has no record of email ever reaching the SMTP > service,

Re: Clients Sending Phantom Email

On 2021-04-28 11:28, Asai wrote: We are getting reports, more and more, of email clients (Type App, Mac Mail, iOS Mail) that seem to send email, and show that the email has been sent on the client, but the mail server has no record of email ever reaching the SMTP service, nor does it even seem th

Re: Clients Sending Phantom Email

Asai: > Greetings, > > We are getting reports, more and more, of email clients (Type App, Mac > Mail, iOS Mail) that seem to send email, and show that the email has > been sent on the client, but the mail server has no record of email ever > reaching the SMTP service, nor does it even seem that

Re: Clients Sending Phantom Email

Thank you, Wietse: This means that client systems are compromised with malware that sends email directly to the outside world, bypassing your mail server. To stop these, block outbound port 25 on your firewall for all systems except your mail server. Wietse Is it safe to assume that

Re: postfix newbe - which standard configuration to use

My home server (the client) despite a "noIP", always on the internet, IP address changes are very rear. I'm using a script for report "new" ip to freedns.org and it is logging. My IP does not change from 2019.11.30. (that date when I was rebuild from scratch a new server based on Debian buster).

Re: Clients Sending Phantom Email

On 4/28/21 6:59 PM, Asai wrote: > Thank you, Wietse: >> >> This means that client systems are compromised with malware >> that sends email directly to the outside world, bypassing >> your mail server. >> >> To stop these, block outbound port 25 on your firewall for all >> systems except your mail s

Re: Clients Sending Phantom Email

On 2021-04-29 02:42, Demi Marie Obenour wrote: Many legitimate ISPs (and even some cloud providers) block port 25 outbound, so yes. might be why even microsoft, dreamhost, ovh, have clients try port 465, 587, and even some do try port 993, i cant find that mta that do guide one this directio

Re: use relay host on direct connection failure

- все Hi, They respond with following code on connect: (host mxb-00306701.gslb.pphosted.com[67.231.145.123] refused to talk to me: 554 Blocked - see https://ipcheck.proofpoint.com/?ip=XXX.XXX.XXX.XXX $ nc -v 67.231.145.123 25Connection to 67.231.145.123 25 port [tcp/smtp] succeeded!554 Blocked - se

Re: incoming email SSL errors for only some domains.

On 27/4/2021 2:11 pm, Viktor Dukhovni wrote: http://www.postfix.org/postconf.5.html#smtpd_discard_ehlo_keyword_address_maps http://www.postfix.org/postconf.5.html#smtpd_discard_ehlo_keywords smtpd-ehlo-discard.cidr: # NetName:MERCK1 # NetHandle: NET-155-91-0-0-1 1

Re: use relay host on direct connection failure

sashk wrote: (host mxb-00306701.gslb.pphosted.com[67.231.145.123] refused to talk to me: 554 Blocked - see https://ipcheck.proofpoint.com/?ip=XXX.XXX.XXX.XXX As Wietse already answered, use smtp_fallback_relay, if they do not unlist your

Postfix shows unknown instead of resolved hostname

Hello, Postfix does not show hostname for a connecting IP address, when the hostname does not have reverse lookup: Example from my log: warning: hostname zg-0416b-243.stretchoid.com does not resolve to address 192.241.220.141: Name or service not known connect from unknown[192.241.220.141]

Re: Postfix shows unknown instead of resolved hostname

Sorry for the top posting. http://www.stretchoid.com/ has a way to opt out. Unfortunately they want you to give them your IP space rather than the other way around. They use a floating IP scheme and can't easily be blocked.   Original Message   From: 400the...@gmx.ch Sent:

Re: postfix newbe - which standard configuration to use

As I suspected, my first try was not successful. Used mail from cli try to send message to to...@r-visor.hu Apr 28 21:44:53 vps postfix/qmgr[3600]: 5CFE820FEB: from=, size=343, nrcpt=1 (queue active) Apr 28 21:44:55 vps postfix/smtp[3669]: 5CFE820FEB: host mx1.arkadii.hu[87.229.73.171] said

Make rule to install posttls-finger?

Dear Postfix users, I couldn’t find a Make rule to install `posttls-finger`? Did I overlook something, or would I need to copy it manually? Kind regards, Paul