[pfx] Re: dnsbl submissions

On 07/07/2024 05:18, Nick Edwards via Postfix-users wrote: > > Main: > submission_recipient_restrictions = >         reject_rbl_client cbl.abuseat.org > =127.0.0.[2..255] >         reject_unknown_sender_domain >         reject_unknown_recipient_domain >         permit_myn

[pfx] Documentation Prefix

I have just been perusing my firewall logs, and notice I have had several "hits" using the documentation prefix (2001:db8::/32) as the source address.   Eleven in a fortnight or so. I have also had some hits (on my website) from  Teredo addresses.  I am allowing these, because (arguably) we are

[pfx] Re: dnsbl submissions

As of the first week of 2021, the Composite Blocklist (CBL) is being retired. This data, however, is included in the eXploits Blocklist (XBL). We advise any users currently accessing the CBL through cbl.abuseat.org to reconfigure and query xbl.spamhaus.org. https://www.spamhaus.org/resource-hu

[pfx] Re: dnsbl submissions

On 07/07/2024 06:18, Nick Edwards via Postfix-users wrote: Howdy, I've never seen the point in this before, but i've been asked by a client to implement it if possible, that is, place dnsbl checks on submission and smtps connections, I've tried a few combinations but it does not seem to be wo

[pfx] Re: dnsbl submissions

El dom, 07-07-2024 a las 12:51 +0200, John Fawcett via Postfix-users escribió: >   > On 07/07/2024 06:18, Nick Edwards via Postfix-users wrote: >    > > Master: > >   > > smtps     inet  n       -       n       -       -       smtpd > >    -o smtpd_client_restrictions=$submission_client_restriction

[pfx] Re: dnsbl submissions

On 07/07/2024 13:09, Victoriano Giralt via Postfix-users wrote: El dom, 07-07-2024 a las 12:51 +0200, John Fawcett via Postfix-users escribió: On 07/07/2024 06:18, Nick Edwards via Postfix-users wrote: ... I haven't personally used the $ syntax you're using so I can't say much about it,

[pfx] Re: dnsbl submissions

Thanks John! You nailed it, made the two changes you suggested, and it is now blocking, client will be happy, On Sun, Jul 7, 2024 at 8:52 PM John Fawcett via Postfix-users < postfix-users@postfix.org> wrote: > On 07/07/2024 06:18, Nick Edwards via Postfix-users wrote: > > Howdy, > > I've never se

[pfx] Re: dnsbl submissions

Thanks Cody, made that change too. On Sun, Jul 7, 2024 at 8:25 PM Cody Millard via Postfix-users < postfix-users@postfix.org> wrote: > As of the first week of 2021, the Composite Blocklist (CBL) is being > retired. This data, however, is included in the eXploits Blocklist (XBL). > We advise any

[pfx] Re: dnsbl submissions

On Sun, Jul 07, 2024 at 01:50:19PM +0200, John Fawcett via Postfix-users wrote: > Ok, I had suspected that it might be a valid alternative. However, the > reason I mentioned it was because my configuration without $ seems to be > working fine: > > submission inet n  -   n   -   - 

[pfx] Re: Documentation Prefix

* Allen Coates via Postfix-users: > I have just been perusing my firewall logs, and notice I have had > several "hits" using the documentation prefix (2001:db8::/32) as the > source address. [...] > > I have also had some hits (on my website) from  Teredo addresses.  I > am allowing these, because

[pfx] Does unix:passwd.byname do anything in local_recipient_maps on MacOS?

Hi, I'm running PostFix 3.2.2 on Mac OS Sonoma, configured to accept local delivery for a single local login user, i.e. a user that actually has an account on the Mac. To that end, I have the following in main.cf: local_recipient_maps = proxy:unix:passwd.byname $alias_maps This has worked fi

[pfx] Local delivery for both login and virtual users in a single domain?

Hi, I've got a Mac running PostFix 3.2.2, configured for local delivery for a single domain, call it "mydomain.net ", using dovecot's local delivery agent. At the moment, there's just one relevant login user on the server, for which I've got PostFix delivering emails addr

[pfx] Re: Does unix:passwd.byname do anything in local_recipient_maps on MacOS?

On 07/07/2024 18:57, Robert Fuhrer via Postfix-users wrote: Hi, I'm running PostFix 3.2.2 on Mac OS Sonoma, configured to accept local delivery for a single local login user, i.e. a user that actually has an account on the Mac. To that end, I have the following in main.cf: local_recipien

[pfx] Re: Local delivery for both login and virtual users in a single domain?

On 07/07/2024 18:59, Robert Fuhrer via Postfix-users wrote: Hi, I've got a Mac running PostFix 3.2.2, configured for local delivery for a single domain, call it "mydomain.net ", using dovecot's local delivery agent. At the moment, there's just one relevant login user o

[pfx] Re: Documentation Prefix

On 07/07/2024 16:13, Ralph Seichter via Postfix-users wrote: > * Allen Coates via Postfix-users: > >> I have just been perusing my firewall logs, and notice I have had >> several "hits" using the documentation prefix (2001:db8::/32) as the >> source address. [...] >> >> I have also had some hits

[pfx] Re: Local delivery for both login and virtual users in a single domain?

Oh, thanks; I should’ve realized I could just add another map to local_recipient_maps. D’oh! My Dovecot setup uses MySQL to identify users+passwords. I assume you’re asking that because (as I just discovered) PostFix nominally supports MySQL, but OTOH “postconf -m” doesn’t list the “mysql” look

[pfx] Re: Local delivery for both login and virtual users in a single domain?

Hi Bob yes, I was going to suggest then using mysql lookup maps in postfix to share the user database from dovecot. I imagine there is a way to build postfix with mysql support on MacOS but I don't know what it is. If not you could still generate the info for one of the supported postfix map

[pfx] Re: Local delivery for both login and virtual users in a single domain?

On Sun, Jul 07, 2024 at 06:02:00PM -0400, Robert Fuhrer via Postfix-users wrote: > Oh, thanks; I should’ve realized I could just add another map to > local_recipient_maps. D’oh! You're conflating many rather distinct aspects of the delivery stack. > My Dovecot setup uses MySQL to identify users

[pfx] Re: Documentation Prefix

* Allen Coates via Postfix-users: > I am blocking 2001:db8::/32 (of course); it's the Teredo prefix > which I am allowing. I misunderstood the word "these" in your OP, and the subject line only referenced the documentation prefix, but no harm done. I don't have any numbers for connections from Te

[pfx] SASL authentication - first try local and then AD in postfix

Hi All, I want to setup SMTP authentication in such a way that the user should first be looked locally (/etc/passwd) and then in AD. Is it possible to do so? I was able to configure AD auth via sasl (cyrus), but couldn't do both. Regards, Sandeep ___ P

[pfx] Re: SASL authentication - first try local and then AD in postfix

Sandeep, > Am 08.07.2024 um 07:37 schrieb hkhk_exact10 via Postfix-users > : > > Hi All, > > I want to setup SMTP authentication in such a way that the user should first > be looked locally (/etc/passwd) and then in AD. Is it possible to do so? I > was able to configure AD auth via sasl (cyru