Re: Debian package installation

Isaac Witmer wrote: > Could you point me to the specific list you're referring to? A good catchall is debian-u...@lists.debian.org where general discussion takes place. Bob

Site Rolling Archive Advice?

I am helping a school and they have told me they need to keep an archive of all email through the site for a short period of time. They also need to delete email after a period of time. In the mean time this email needs to be available for review by authorized persons. (In practice actually doing

Re: Site Rolling Archive Advice?

Ralf Hildebrandt wrote: > http://www.arschkrebs.de/postfix/postfix_archive.shtml > but you would use always_bcc_maps Thanks for the pointer to that documentation. And all of the followup discussion from the others. I will give that a try and see how it goes. Thanks! Bob

What attack is this one?

A friend's Mac running Postfix logged this rejected attack: Feb 11 21:45:28 mailer postfix/smtpd[3708]: NOQUEUE: reject: RCPT from unknown[216.104.47.74]: 504 5.5.2 : Helo command rejected: need fully-qualified hostname; from= to=&0 2>&0> proto=SMTP helo= Of course this particular message was

Re: What attack is this one?

Sahil Tandon wrote: > Bob Proulx wrote: > > The remote mta security exploit I couldn't locate references to was > > the "to= > vulnerable to "+:|" in the To address? Or perhaps none are and this > > is simply a failed probe attempt? > > Likely re

Postfix 2.8.1 relayhost configuration problem

Today I upgraded a machine from the older 2.7.x series to the latest 2.8.1 and found a difference. This is from Debian Sid. My previous relayhost configuration was: $ postconf relayhost relayhost = [mail] $ host -t a mail mail.proulx.com has address 192.168.9.3 $ cat /etc/resolv.conf

Re: Postfix 2.8.1 relayhost configuration problem

Wietse Venema wrote: > Bob Proulx: > > Today I upgraded a machine from the older 2.7.x series to the latest > > 2.8.1 and found a difference. This is from Debian Sid. > > Please, review the RELEASE_NOTES file and look for the > section titled "Major changes - dns l

Bouncing an undeliverable message without waiting?

I have been trying to deduce if it is possible to force a message waiting in the mail queue with temporary errors (domain name resolution failures) to bounce right now instead of waiting for the timeout. The mail queue has messages addressed to unreachable addresses. I know that if I do nothing t

Re: Bouncing an undeliverable message without waiting?

Jeroen Geilman wrote: > Bob Proulx wrote: > >The mail queue has messages addressed to unreachable addresses. I > >know that if I do nothing that eventually they will expire normally > >... > > Altering the status in-queue will be difficult, so you will have to > d

Re: Bouncing an undeliverable message without waiting?

Wietse Venema wrote: > Bob Proulx: > > I have been trying to deduce if it is possible to force a message > > waiting in the mail queue with temporary errors (domain name > > resolution failures) to bounce right now instead of waiting for the > > timeout. > >

How to relay ALL mail to relayhost

How can I configure a host to send *all* email to the relayhost? This simple configuration has me stumped. Setting relayhost or using a transport map only handles non-local recipients. But if a recipient has a local login then those are not consulted. After scouring the documentation and trying

Re: How to relay ALL mail to relayhost

Kurt Buff wrote: > Bob Proulx wrote: > > How can I configure a host to send *all* email to the relayhost? > > mydestination = > transport_maps = hash:/usr/local/etc/postfix/transport Aha! Unsetting mydestination seems to be the magic sauce in this problem. Then no

Re: How to relay ALL mail to relayhost

Ralf Hildebrandt wrote: > * Bob Proulx : > > How can I configure a host to send *all* email to the relayhost? > > mydestination = > relayhost = [the.relay.host] Aha! Unsetting mydestination is the magic configuration. Not having mydestination available causes none of the des

How to forward messages with invalid From: address?

I have an account on a host machine that receives email from a mailing list. That account then uses procmail to forward some messages to a different account on a different host machine. :0 ! u...@example.com All fine for the most part. But infrequently someone posts a message to the mailing

Re: How to forward messages with invalid From: address?

Wietse Venema wrote: > Bob Proulx: > > From: Some User > > > > This case is mailed but the From: line is changed to be the account > > user owner of the forwarding process. The result shows up in the > > What clobbers the From: header? Postfix does not, becau

Re: SASL question

Curtis Maurand wrote: > Patrick Ben Koetter wrote: > >> However, nothing in my configuration says to open the sasldb file > >> anywhere as the auth machanism is set to imap, but postfix seems > >> intent on opening this file anyway. > > > > Cyrus SASL opens sasldb as fallback when all other attempt

Incoming bandwidth saturation due to many concurrent connections

Looking for advice... I have a Postfix mail server on a relatively slow 1.5Mbit/s dedicated link. (It used to be relatively fast. Now it is relatively slow.) It receives a lot of mailing list email from a well connected mailing list server running Exim. Periodically a large wave of email from t

Re: Incoming bandwidth saturation due to many concurrent connections

Viktor Dukhovni wrote: > Bob Proulx wrote: > > Periodically a large wave of email from the mailing lists will be > > unleashed. Such as when upstream connectivity is down for a while > > causing a backlog and then it is restored causing a transfer of the Probably due to hi

Re: Incoming bandwidth saturation due to many concurrent connections

Wietse Venema wrote: > [thundering herd problem] > > When the sender exceeds the smtpd_client_connection_count_limit, > > they will get a 4xx deferral. When they retry delivery is out of > > your control -- some may retry in a few minutes, other hours, a few > > never (although not retrying is non-

Re: Mail not being sent to file

Jeremiah Rothschild wrote: > * OS: CentOS 8.4.2105 x64 (fully updated) I tested this on CentOS 7 and it worked okay for me. No problem. I don't know anything about CentOS 8. > [root@c8vm ~]# ls -l /tmp/somefile > ls: cannot access '/tmp/somefile': No such file or directory Is your postfix runn

Re: Is postfix the right tool for detecing and stripping out email addresses that forward to the same address?

Steve Dondley wrote: > raf wrote: > > Postfix isn't the right thing for that. It's a mail > > server, not a mail client. Agreed. But adding my comments to this too. > > For example, with mutt, you can give it a list of all Mutt is very good. :-) > > Another alternative that could involve postf

Debugging Relay Access Denied

I am helping a friend with his system. As such things are not as I would set them up. But just the same I can't figure out this problem. So I come here seeking a second set of eyes on it. What is the problem that I am not seeing here? rwp@teton:~$ echo test | mailx -s test b...@proulx.com

Re: Debugging Relay Access Denied

Viktor Dukhovni wrote: > Bob Proulx wrote: > > I am helping a friend with his system. As such things are not as I > > would set them up. But just the same I can't figure out this > > problem. So I come here seeking a second set of eyes on it. What is > > the p

Re: Using a different DNS to ask zen.spamhaus.org for DNSBL info?

Gerben Wierda wrote: > Actually, the whole question was based on a misunderstanding what was going > wrong. Glad to hear that you think the problem is resolved. > My standard DNS forwards to cloud9 (9.9.9.9) because cloud9 blocks > bad actors. But that means that DNSBL from spamhaus doesn?t work

After network outage postfix found not running

Everything is good so no stress about anything here but I am poking at the log files with a stick after a strange incident. Perhaps this tripped over some problem that discussing it might either enlighten me or perhaps unlikely improve things. Who knows? The GNU Savannah software forge had a net

Re: After network outage postfix found not running

Wietse Venema wrote: > Bob Proulx: > > Any ideas on why postfix would not be running after such an event on > > two of the systems but okay on the others? > > LOGS. Postfix logs a sh*load, including processes that fail to > start. If the systems were unable to record this

Re: After network outage postfix found not running

Matus UHLAR - fantomas wrote: > it's still possible that: > - postfix was killed by e.g. OOM killer, in which case it could not log that. I disable the OOM with vm.overcommit_memory = 2 so that particular thing won't be it. > - the logs were lost because of systemd's log limits That is possible.

Re: After network outage postfix found not running

Wietse Venema wrote: > Postfix was only the messenger of bad news. It does not > spontaneously self-destruct. I have always found Postfix to be extremely reliable and robust. Which was why this happening on two different systems was such an oddity. Bob

Re: After network outage postfix found not running

Viktor Dukhovni wrote: > Could a watchdog timer have killed master(8) if it were suspended > long enough? Seems plausible. I could see something in the code timing out since things would be blocked waiting for I/O for so long.a > Demi Marie Obenour: > > My intuition is that either some timeout s

Re: How to filter email (DKIM) without keeping the message in memory and without writing it to disc twice?

Robert Siemer wrote: > I need to DKIM sign possibly huge emails (up to 150MB). I know you say you need this. But even if you had it would it actually be useful to you? DKIM is needed to interchange email with random email servers around the Internet. Because said random servers will reject the

Re: How to filter email (DKIM) without keeping the message in memory and without writing it to disc twice?

Robert Siemer wrote: > Gmail allows 150MB. Ok? And with that they are right. That is not > "insane". Insane is the opposite: to reject an email, because a > single file attachment ended up a little bigger than expected. Total > user experience disaster. I think you have me confused with someone el

Re: TLS 1.0 with Outlook 2010 and Windows XP

lst_ho...@kwsoft.de wrote: > we have a Postfix Server Version 3.3 and Openssl 1.1.1 on Ubuntu 18.04 LTS. > One user has the need to send e-mail from an age old Windows XP VM used > because of a special not any more available software. I have tried to not > deactivate TLS 1.0 as Outlook/XP should be

Re: Is it possible to send email by copying a file or files to an appropriate queue directory?

Edward Sandberg wrote: > You could use inotify to monitor a directory and trigger a script to send > the mail. Or just poll the directory every N number of seconds. That's also very low overhead. Since the directory contents will be cached in the file buffer cache of the kernel. But inotify is

Re: Strange To: of e-mail on postfix-users

Daniel Azuelos wrote: > I just found an email incorrectly filtered by my .procmailrc, > because the To: wasn't postfix-users@postfix.org: ... > To: postfix-us...@cloud9.net Instead of filtering on the To the better idea is to use the standard mail headers that the mailing list adds to the messag

Re: Strange To: of e-mail on postfix-users

Daniel Azuelos wrote: > Are you still using procmail? Yes. I am still using procmail. It is powerful, mature, and stable. But more importantly you said YOU were using procmail. > I just found an email incorrectly filtered by my .procmailrc, > because the To: wasn't postfix-users@postfix.org:

Gmail specific transport

I have inherited being a caretaker of a sleepy local mailing list. It has about 200 subscribers on it. Unsurprisingly a large percentage of the subscribers use Google's Gmail. Google sometimes will decide that a message will not be accepted. It will log the error like this. Jun 15 21:16:08

Re: Gmail specific transport

Viktor Dukhovni wrote: > No, those settings are used by the queue manager to schedule deliveries > assigned to various delivery agent processes, the delivery agents > themselves only see one message at a time and can do little to affect > concurrency, and related limits. > > So these settings go in

Re: Gmail specific transport

Jaroslaw Rafa wrote: > Dnia 15.06.2022 o godz. 22:00:45 Bob Proulx pisze: > > It is interesting that mail to domains hosted at google that are not > > @gmail.com but other named domains delivered okay. Google accepted > > the exact same message to them fine. > > It ca

Re: Gmail specific transport

Viktor Dukhovni wrote: > Transport resolutiont that does remote DNS lookups will be a prohibitive > performance bottleneck on systems delivering a steady non-trivial stream > of mail. The queue manager is not multi-threaded, and each recipient > domain can/will incur some delay. Yes. That would

Re: Preventing .forward backscatter

Derek B. Noonburg wrote: > I'm running postfix to handle email for several users. One of them > has a .forward file that points to a gmail address. Gmail's servers > are rejecting some email for various causes ("low reputation of > sending domain", SPF failures). Yes. And that might occur for b

Re: How can I set a "Reply-To" header ?

Wietse Venema wrote: > White, Daniel E. (GSFC-770.0)[AEGIS]: > > I found out how to do it from command line: > > > > echo -e "Testing Mail\nThank you" | mailx -v -s "Testing Mail" -S > > "reply-to=yom...@example.com" m...@example.com > > This smells like a common webserve

Re: Wrong Domain in Null Client Setup

Eddie Rowe wrote: > I tried the 2nd and 3rd option during my troubleshooting before my > post, reloaded the configuration and even bounced the service > without anything changing. Option 3 of setting mydomain is guarenteed. If that failed to work for you then the problem will require you to debug

Re: remailer for alias lists?

raf wrote: > Dan Mahoney wrote: > > Or the perl-based one written for perl 4 with the last release > > sometime in 2000 (majordomo)? > > Assuming that wasn't a rhetorical question, :-) > I'd consider majordomo. It probably does > what you need without being a hassle. > It works in Perl 5 too, you k

When a 554 acts like a 471?

I have a case that is odd to me and I can't figure it out. Hopefully someone here will be able to set me straight. This is on a friend's system that I am helping to maintain. My friend somewhat out of the blue decided to start sending mail from a rented VM server. I hadn't expected and don't th

Re: When a 554 acts like a 471?

Noel Jones wrote: > Bob Proulx wrote: > > But this confuses me. It appears to me that the message was rejected > > at SMTP time with a 554 code. Therefore shouldn't that generate a > > bounce message immediately? Why is dsn=4.7.1 being logged there? > > The remo

Re: When a 554 acts like a 471?

Viktor Dukhovni wrote: > > Bob Proulx wrote: > > "By default, the Postfix SMTP client moves on the next mail > > exchanger. Specify "smtp_skip_5xx_greeting = no" if Postfix should > > bounce the mail immediately. Caution: the latter behavior appears to

Re: Need this rule: Everybody may receive from specific address / a few may receive from any address or domain

rdquiterio wrote: > I've been using postfix for several years as a relay but never used it to > restrict inbound mail, since it is done by an anti-spam appliance. > > But now, we need to implement an inbound rule like this: If inbound mail is already restricted by an anti-spam appliance then isn

Re: From header local mail

xegr...@gmail.com wrote: > Hi. In a new install of Postfix 3.4.7-0+deb10u1 on Debian buster, I > would like Postfix to append $myhostname instead of $myorigin to > local mail with a From header containing just a username, like cron > or fail2ban emails. This server is listed in mx records for > ex

Re: Using Postfix to send home server alerts

Ian Evans wrote: > Just looking for a pointer to a recommended tutorial on setting up Postfix > as a send only service to be able to send alert emails from a home server > like smartmontools drive warnings etc. The problem won't be finding one. The problem will be finding less than several dozen.

Re: Using Postfix to send home server alerts

Ian Evans wrote: > Bob Proulx wrote: > > The best solution for you is the one you understand the best. That is > > the one you can manage the easiest. > > > > Sorry if one question begets quite a few more. But that is the nature > > of these things! :-) > >

Re: How to restrict imposters

@lbutlr wrote: > a wrote: > > However, an outside network can still identify as a local email > > account to send into my network, making imposters possible. > > Do not allow connections on port 25 that claim to be from your domains. > > (I think this works still): Yes. It works. > smtpd_helo_

Re: should we use plaintext for message?

Wietse Venema wrote: > I think this train has left the station almost 30 years ago. The > only people who care about plaintext are people who were born before > circa 1980, or who are part of some extremist minority. That isn't required to be a logical OR condition. It is possible for me to be bo

Re: should we use plaintext for message?

Darac Marjal wrote: > This is where your ~/.mailcap file comes in. This is a great file > for registering viewers for MIME types. So, for example, I have the > following in my Mailcap: ... > application/pdf; pdftotext %s -; copiousoutput I suggest using the pdftotext -layout option. It can sign

Re: delaying postfix until/unless VPN is up/connected

Leonid Isaev wrote: > This depends on your distribution and VPN settings. For example, on my > ArchLinux system which uses OpenVPN, I'd make this a systemd unit that binds > to > the tun network interface... I know you said you are running Fedora but I imagine that Fedora has something like this

Re: delaying postfix until/unless VPN is up/connected

Ranjan Maitra wrote: > I am using postfix to deliver my work mail from a remote > location. This works fine when I am on VPN (the postfix traffic goes > through VPN then). However, it gets identified as spam when VPN is > not up while sending the e-mail. Since most people do not routinely > check t

Re: delaying postfix until/unless VPN is up/connected

Scott Kitterman wrote: > On Monday, March 23, 2020 7:47:25 PM EDT Bob Proulx wrote: But don't forget I also said: > > I know you said you are running Fedora but I imagine that Fedora > > has something like this but in a different place. Doesn't Fedora > > have a

Re: delaying postfix until/unless VPN is up/connected

Wietse Venema wrote: > Ranjan Maitra: > > Thanks, except that it does not send even when VPN is up. I get > > the same message and I can get it to send only when I change my > > relayhost back to the default. What is your relayhost setting? > 2) the remote relayhost must only accept mail when the

Re: Postfix as a backup MX

@lbutlr wrote: > Linda Pagillo wrote: > > I want to set up Postfix as a backup MX for a few of my > > Windows-based mail servers. I have never done this before so I > > have been researching to see what I could find. > > Reconsider. +1 to this. Back in the days when systems were not directly con

Re: delaying postfix until/unless VPN is up/connected

Ranjan Maitra wrote: > Bastian Blank wrote: > > I would just reject SMTP connections outgoing on your non-VPN interfaces. > > | iptables -A OUTPUT -o $vpn -m tcp --dport 25 -j ACCEPT > > | iptables -A OUTPUT -m tcp --dport 25 -j REJECT > > So, I was trying this out: > > $ sudo iptables -A OUTPUT

Re: delaying postfix until/unless VPN is up/connected

Peter wrote: > Bob Proulx wrote: > >iptables -A OUTPUT -o 93.184.216.34 -m tcp --dport 25 -j ACCEPT > >iptables -A OUTPUT -m tcp --dport 25 -j REJECT > > > > But replace 93.184.216.34 with the IP address of your VPN relay host. > > I simply used an actu

Re: Replace null sender addresses?

Wietse Venema wrote: > Jason Bailey: > > I've got notification emails from a legacy system passing through a > > Postfix install I'm using to relay messages to the proper outbound Are the notification mails coming from an internal system? That's okay. But why are the recipients undeliverable? I

Re: Replace null sender addresses?

Hello Jason, I do not know why but you sent out three copies of my email message in full unquoted as a reply. And then in between the 2nd and 3rd copies you wrote your own response. That made the message rather unreadable. Please in the future double check the message before hitting send. Jason

Re: filtering locally submitted emails / tidying up the config

Patrick Proniewski wrote: > In mean time I've changed my all setup to use only > milters (more readable config). Seems reasonable to me. > Unfortunately I've discovered that Amavisd is unable to add headers > I want as it would do as an smtp proxy filter. > It will properly add: > > X-Viru

Re: Postfix "IPv6-only" - experience/recommendation question

Bill Cole wrote: > michaelof wrote: > > I've a generic question to all more experienced than me postfix users > > here: Is it nowadays (reasonable) possible to run postfix with IPv6 > > only? E.g "mail.example.com" and "smtp.example.com" with only ipv6 > > records in the DNS, no A / ipv4 anym

Re: Solving a misdelivery puzzle

Wietse Venema wrote: > The net result was that mail for a virtual alias, that should be > forwarded to a remote address, was sometimes delivered to the local > spam folder. But only because a half-dozen conditions were met. Wow! I can see each of the decisions the local admin made when they made

Re: setup issue -- debian /ubuntu 16.04.1 "bad string length 0 < 1: setgid_group ="

Gary Aitken wrote: > Wietse Venema wrote: > > Perhaps you're better of with > > - uninstall Postfix > > - reinstall Postfix > > > > and only after doing that edit Postfix config files. > > A simple uninstall and reinstall of postfix could not be used, as the > uninstall > would remove another pack

Re: setup issue -- debian /ubuntu 16.04.1 "bad string length 0 < 1: setgid_group ="

Scott Kitterman wrote: > Those are both good points, but it's also worth noting that typically > submission requires SMTP Auth which you will have to configure manually after > doing the above. Right. But there are many good guides on the net available that describe setting up SMTP Auth in deta

Re: CentOS 8 KVM -- Reboot Yields fatal: parameter inet_interfaces Error

Greg Sims wrote: > fatal: parameter inet_interfaces: no local interface found for 10.81.198.165 How is the network configured? Netplan? If netplan then what "renderer" is configured? systemd-networkd? Is it a local static IP configuration? Or DHCP? I have observed systemd-networkd to not wai

Re: How To Rewrite "Mail From:"?

Drew Tomlinson wrote: > > >The simplest thing to do is to encapsulate the original message > > >as attachment to a new message. > > > > yes, this should work too. > > But wouldn't this make all my email appear to come from me and I'd > have to go into each email to see the original email? Yes. T

Re: Forwarding best practices

John Regan wrote: > Subject: Forwarding best practices ... > Can someone recommend a set of best practices for using postfix to relay > mail to yahoo/gmail in this way? The Best Practice for forwarding today is not to do it. It has long been a friendly allowed practice on the net. But as Yahoo,

Re: Postfix is no longer forwarding root mail after I changed the forwarding address

PopeRigby wrote: > I have Postfix setup to automatically forward any mail that goes to root to > an > external address. I just recently changed my email main email address from a > Tutanota one to a Mailbox.org one. I went into /etc/aliases and switched out > my addresses there, so now it looks

Re: how do I pass thru incomplete destination email addr to relayhost for 'To' rewrite?

Matthew Patton wrote: > > Why send mail as user@myhostname, when the named host will never > > ever receive email? > > Because I need to retain FROM what host it originated. If I see an > email from root@domain I have no idea which host it came from. In my mailer I would immediately look at the

Re: Temporary Lookup Failure

@lbutlr wrote: > Bind is running, and I can manually lookup the domains and dig -x > the IPs, so I don’t think bind is the issue? Although dig and drill are good for tracing DNS queries the better tool for tracing system default lookups is 'getent'. It will perform a lookup using the same libc li

Send only configuration best practices?

What's the best configuration for a web server that does not receive mail but needs to send mail? Password resets. Bug ticket update notifications. That type of email. (Plus admin mail such as cron output to root. But I can ensure that is delivered to me and read.) But the host never needs to

Re: Send only configuration best practices?

John Stoffel wrote: > Bob> What's the best configuration for a web server that does not > Bob> receive mail but needs to send mail? Password resets. Bug > Bob> ticket update notifications. That type of email. > > I would push all the email to the mailserver for the domain served by > that web s

Re: Send only configuration best practices?

Viktor Dukhovni wrote: > On Wed, Sep 16, 2020 at 04:39:12PM -0600, Bob Proulx wrote: > > What's the best configuration for a web server that does not receive > > mail but needs to send mail? > > Send via a smarthost relay. Use a valid envelope sender domain th

Re: Send only configuration best practices?

Doug Hardie wrote: > Bob Proulx wrote: > > Sigh. I was hoping to be able to avoid this. But both of the > > responses were basically, set up something to handle incoming mail. > > Check and see if DMA, Dragonfly mail agent, is available for your > machine. It is a ve

Comcast 421 throttling multiple recipients

Question about a different system. Pretty much every question of mine is related to a different oddball case. Here I am helping a friend out and they encountered this problem. I'll change the 3rd party addresses so as not to annoy them but the data is otherwise verbatim. Sep 23 14:38:23 yuk

Re: Send only configuration best practices?

Kris Deugau wrote: > Bob Proulx wrote: > > The problem is *other* sites. I am starting to get a trickle of > > complaints from people who are not receiving password reset emails. > > And the problem seems to be other sites that are requiring that > > senders have MX r

Re: Comcast 421 throttling multiple recipients

Viktor Dukhovni wrote: > Bob Proulx wrote: > > ... http://postmaster.comcast.net/smtp-error-codes.php#RL01 (in reply > > to MAIL FROM command)) > > Look carefully at the log entry. The "421" is send in response to "MAIL > FROM", not "RCPT TO

Re: Send only configuration best practices?

Bastian Blank wrote: > Bob Proulx wrote: > > What's the best configuration for a web server that does not receive > > mail but needs to send mail? > > Send only does not exist. Every e-mail can produce bounces, which are > sent to the sender of the original e

Re: Comcast 421 throttling multiple recipients

Viktor Dukhovni wrote: > Bob Proulx wrote: > > > > ... http://postmaster.comcast.net/smtp-error-codes.php#RL01 (in > > > > reply to MAIL FROM command)) > > > > > > Look carefully at the log entry. The "421" is send in response to &q

Re: strange issue with postfix

Ranjan Maitra wrote: > > > Oct 1 14:08:00 localhost postfix/smtpd[4142479]: fatal: in parameter > > > smtpd_relay_restrictions or smtpd_recipient_restrictions, specify at > > > least one working instance of: reject_unauth_destination, > > > defer_unauth_destination, reject, defer, defer_if_perm

Re: strange issue with postfix

Erik Thuning wrote: > Ranjan Maitra wrote: > > Thanks, I am not very knowledgeable with regard to postfix being a > > simple user, so do you mind letting me/us know what you had to fix? It > > is kind of forbidding to me. > > > > > Thank you! I had this exact issue and just couldn't wrap my head a

Re: PostFix not working after update

Paul Lauzon wrote: > PostFix does not seem to work anymore. There are an infinite number of ways for something to fail but only exactly one correct way for it to work. In addition to the other comments I see this: > # service postfix status >? postfix.service - Postfix Mail Transport Agent >

Re: PostFix not working after update

Paul Lauzon wrote: > I have kept Postfix and many other services disabled at power-up since last > year and it works well for me that way. I did that last year after I got > DDOS and spammed tons of mail with virus attachments and my server was so > overwhelmed that I could not use it for days and

Re: reject mail to all local system accounts

cody wrote: > How do i reject incoming e-mail's from remote servers to all local system > accounts? > I can list them in a map via smtpd_recipient_restriction but wonder if there > is an easier way to do that. One of the standard configurations is as a "null client". http://www.postfix.org/ST

Re: Host not found?

Joey J wrote: > I'm trying to understand why this is telling me host not found. > On that same server if I nslookup the ip it does resolve. > > Oct 18 16:00:51 mgw postfix/smtpd[24119]: NOQUEUE: reject: RCPT from > unknown[199.5.50.180]: 450 4.7.1 : Helo command rejected: Host > not found; from= t

Re: Mail server recently became an open relay

Rich Wales wrote: > If the problem were in fact due to a hijacked PHP page, btw, would this > necessarily require the page to be using e-mail or TCP connections > already for its own legitimate purposes, but being co-opted by a hacker > to nefarious ends? Or could *any* PHP script theoretically be

Re: Mail server recently became an open relay

Bob Proulx wrote: > The default PHP "mail()" method sends mail by using the system's > /usr/sbin/sendmail interface rather than SMTP. > > https://www.php.net/manual/en/mail.requirements.php > https://www.php.net/manual/en/function.mail.php Oh! It dep

Re: Host not found?

@lbutlr wrote: > Bob Proulx wrote: > > Since 199.5.50.180 does not appear in the allowance for the SPF > > records that I can see > > dig -x 199.5.50.180 +short > br2.vw.com. > > VW does own Audi, so... mystery deepens? That's simply the reverse DNS PTR re

Re: Limiting HELO spoofing in Postfix?

Rich Wales wrote: > I did find some generally suspicious things in my web server logs -- > including lots of clients looking for the following item: > > /nette.micro?callback=shell_exec&cmd=ifconfig > > but there isn't any /nette.micro anywhere on my server, and all these > GET requests f

Re: Is changing "Hostname" mandatory?

Jason Long wrote: > For configuration Postfix, is changing "hostname" to something like > "Mail.example.net" mandatory? For example, my server running Apache > and I don't like to change its name. Your hostname can be almost anything you feel like completely independent of running either Postfix o

Re: sanity-check postfix XCLIENT usage ?

Demi M. Obenour wrote: > Viktor Dukhovni wrote: > >> Demi M. Obenour wrote: > >> This is really a security hole in gmail. Given the popularity of > >> gmail, however, I seriously suggest somehow treating gmail as if it > >> had p=reject, as it should. > > No it should not have "p=reject" that's o

Re: sanity-check postfix XCLIENT usage ?

Wietse Venema wrote: > Enough already. Here's a From: header > > From: Firstname Lastname > display name email address > > Many mail user agents, especially the GUI based ones, display the > "Firstname Lastname" part, not the sender address. To see the address > one has t

Re: 'temporary error condition' overrides of unknown_client_reject_code 450?

PGNet Dev wrote: > legitsen...@example.com > > my postfix instance does what I intend, and 'rejects' ... I assume this is due to use of reject_unknown_sender_domain in which case unknown_address_reject_code applies. http://www.postfix.org/postconf.5.html#unknown_address_reject_code >

Re: Configuration problem — Postfix + Sympa

Benny Pedersen wrote: > /more rants > > mailman breaks dkim Anything that supports adding subject tags or adding body footers breaks DKIM and at the same time if one doesn't do those things then Mailman works fine with DKIM. Doctor, it hurts when I do this. Well then don't do that. However do

Re: 4xx on rejected host. Why?

Gerben Wierda wrote: > WHen a client is rejected because of a mssing reverse hostname, I see: > > Nov 21 15:37:02 mail smtp/smtpd[2168]: NOQUEUE: reject: RCPT from > unknown[46.221.40.2]: 450 4.7.1 Client host rejected: cannot find your > reverse hostname, [46.221.40.2]; from= > to= proto=ESMTP

Re: empty message-ID

Jaroslaw Rafa wrote: > Dnia 23.11.2020 o godz. 10:18:39 D'Arcy Cain pisze: > > After the first message was accepted all of the rest > > were silently dropped as duplicates due to a very standard procmail > > recipe: > > > > :0 Wh: msgid.lock > > | formail -D 65536 $HOME/.msgid.cache > > Who uses

Re: empty message-ID

@lbutlr wrote: > On 23 Nov 2020, at 15:27, Jaroslaw Rafa wrote: > > Dnia 23.11.2020 o godz. 11:49:39 D'Arcy Cain pisze: > >> > >> If someone replies to a mailing list and copies the sender then that > >> person gets two copies. The above recipe avoids that. > > > Moreover, it breaks the continu

  1   2   >