New to list, been using postfix for a little while.
I would like to point a postfix install to two outbound relay's (all outbound
mail to go thru them) so that, should one be unavailable, it will attempt to
send via the other. Not "round robin" but "fail over".
This is probably simple, but ha
Some mail from local (mynetworks) machines are getting mail rejected with
"warning: Illegal address syntax from blah in MAIL command: "
This is despite "resolve_numeric_domain = yes" in main.cf, which I read was
supposed to fix bad from address from scripts, etc.
Wrong?
joe a.
ignore any
syntax problem in the from address of email, from local/trusted sources, as
this is likely to surface again as time goes on.
Thanks for any assistance you can provide.
>>> "li...@rhsoft.net" 08/21/14 1:45 PM >>>
Am 21.08.2014 um 19:32 schrieb Joe Acquist
mmand: "
That's all there is on that line. Thanks for the assistance.
joe a.
>>> DTNX Postmaster 08/21/14 1:52 PM >>>
On 21 Aug 2014, at 19:32, Joe Acquisto-j4 wrote:
> Some mail from local (mynetworks) machines are getting mail rejected with
> "warni
ammers, as painless as possible.
Since we inflicted this burden on the apps community we were attempting to be as
fraternal as possible. Seems to require a certain masochism on our part.
As you say, tho, there are limits.
joe a.
>>> Wietse Venema 08/21/14 2:36 PM >>>
Jo
> raf wrote:
>> Being flippant, it would protect against a
>> man-in-the-middle-attack where someone tricks you into
>> reading false online documentation. :-)
>
> Why bother? Most of us can misread the docs perfectly well all on our
> own...
>
> -kgd
Today I find only a directory listing at
> Date: Tuesday, January 11, 2022 19:38:05 +0100
>> From: "Claus R. Wickinghoff"
>>
Today I find only a directory listing at www.postfix.org or
>>> www.postfix.com
>> With http it's working.
>>
>> With https I get a certificate warning (issued for
>> archive.science.uu.nl) and a directory listi
> Hello list,
>
> I have got a DSL from the ISP, having a static IP.
> Can I run postfix with this IP for accepting email for my own
domain?
>
> ありがとう
> えりな
Late to the party, but, certainly. Many here do. However, exposing your
mail port "to the world"
might entice much more "unfriendly traffic
While reading the Postfix SASL doc,
(http://www.postfix.org/SASL_README.html#client_sasl),
I puzzled over a few things.
- "The smtp_tls_security_level setting ensures that the connection to the
remote smtp server will be encrypted, and smtp_sasl_tls_security_options
removes the prohibition on
> On 2022-01-13 at 13:09:45 UTC-0500 (Thu, 13 Jan 2022 13:09:45 -0500)
> Joe Acquisto-j4
> is rumored to have said:
>
>> While reading the Postfix SASL doc,
> (http://www.postfix.org/SASL_README.html#client_sasl),
>> I puzzled over a few things.
>>
>>
> On 2022-01-13 at 20:26:53 UTC-0500 (Thu, 13 Jan 2022 20:26:53 -0500)
> Joe Acquisto-j4
> is rumored to have said:
>
> [...]
>> Would it be valid to presume that an SMTP server that can be connected
>> to,
>> securely, via Outlook, Thunderbird and the
> One addition:
>
> The swaks command line you'll need to test properly will be something like
> this:
>
> swaks -tls -t tar...@example.com --auth-user joea --server
> mail.example.com:587
>
Thanks, that got me over that hump. Test email went through,
Now to translate this effort into fixin
>> One addition:
>>
>> The swaks command line you'll need to test properly will be something like
>> this:
>>
>> swaks -tls -t tar...@example.com --auth-user joea --server
>> mail.example.com:587
>>
>
> Thanks, that got me over that hump. Test email went through,
>
> Now to translate this
>> > One addition:
>>> The swaks command line you'll need to test properly will be something like
>>> this:
>>>
>>> swaks -tls -t tar...@example.com --auth-user joea --server
>>> mail.example.com:587
>>>
>>
>> Thanks, that got me over that hump. Test email went through,
>>
>> Now to transl
>>>
>> > > One addition:
>
>The swaks command line you'll need to test properly will be something like
this:
swaks -tls -t tar...@example.com --auth-user joea --server
mail.example.com:587
>>>
>>> Thanks, that got me over that hump. Test email went through,
>>>
>>>
> On 2022-01-17 at 20:09:55 UTC-0500 (Mon, 17 Jan 2022 20:09:55 -0500)
> Joe Acquisto-j4
> is rumored to have said:
>
>
>> Sorry for the garbled message. Looking for the config files, etc that
>> are normally requested.
>
>
> The non-default main.c
. . .
> OK, here goes -
>
> Using version 3.4.7 packaged by Suse. I use "fetchmail" to retrieve email
> via imap one of which is gmail. The fetched mail is all sent to a local "off
> box" machine, via postfix, spamassassin and clamav, all on the same server.
> The off box machine let's cal
For version 3.7.4, is there a means of disabling for smtp per user, per domain,
per IP, when "smtp_sender_dependent_authentication = yes"?
Docs/supplements seem say some roughly analogous settings were available pre V
3.x, but are now deprecated. I've not found any current setting while
flail
> Wietse Venema:
>> Joe Acquisto-j4:
>> > For version 3.7.4, is there a means of disabling for smtp per user,
>> > per domain, per IP, when "smtp_sender_dependent_authentication =
>> > yes"?
>>
>> Postfix will search smtp_sasl_password_
. . .
> I would imagine that Postfix can only authenticate to
> servers that have entries in /etc/postfix/sasl_passwd.
>
> smtp_sasl_password_maps (default: empty)
>
> Optional Postfix SMTP client lookup tables with one
> username:password entry per sender, remote hostname
> or next
> Wietse Venema:
>> Joe Acquisto-j4:
>> > For version 3.7.4, is there a means of disabling for smtp per user,
>> > per domain, per IP, when "smtp_sender_dependent_authentication =
>> > yes"?
>>
>> Postfix will search smtp_sasl_password_
> On Tue, Jan 18, 2022 at 07:22:40PM -0500, Joe Acquisto-j4
>
> wrote:
>
>> . . .
>> > I would imagine that Postfix can only authenticate to
>> > servers that have entries in /etc/postfix/sasl_passwd.
>> >
>> > smtp_sasl_password_maps
> On Sat, Jan 22, 2022 at 08:01:27AM +1100, raf wrote:
>
>> > It is an issue with email that postfix has received, via fetchmail, and is
>> > attempting to deliver to another system. Authentication is being
>> > attempted, without it being required or requested, at least as far as I
>> > can
>
> On Sat, Jan 22, 2022 at 02:03:29PM -0500, Joe Acquisto-j4 wrote:
>
>> > IIRC Wietse already suggested a work-around, by making the
>> > sender-dependent authentication settings be transport-specific.
>> >
>> > In particular the internal nexthop that do
> On Sat, Jan 22, 2022 at 05:11:02PM -0500, Joe Acquisto-j4 wrote:
>
>> > Therefore your master.cf file needs to have an least one additional
>> > smtp-based transport, with either SASL disabled entirely, and/or
>> > sender-dependent authentication disabled, o
>>
> On Sat, Jan 22, 2022 at 05:56:31PM -0500, Joe Acquisto-j4 wrote:
>
>> >> > noauth unix - - n - - smtp
>> >> > -o smtp_sasl_enable=no
>> >> > -o smtp_sender_dependent_aut
> On Sun, Jan 23, 2022 at 12:33:57PM -0500, Bill Cole wrote:
>> On 2022-01-22 at 23:00:55 UTC-0500 (Sat, 22 Jan 2022 23:00:55 -0500)
>> Ruben Safir
>> is rumored to have said:
>>
>> >I am really lost as to why dovecot is not authenticating
>> >
>> >I have
>> >
>> >smtpd_sasl_type = dovecot
>> >
>
>>>
> kris_h:
>> Hey Wietse,
>>
>> thank you for this clearification.
>>
>> What do you think about using the reject-recipient /\$\{/-rule?
>
> As a temporary rule, it may have made sense when the Exim bug was new.
>
> As a permanent 'deny' rule, it won't block new exploits.
>
> Wietse
Not to waste anyone's time, but I posted this on SA list and a Sophos site,
but, came up with zip. Not even a "do-dah". Beyond "experiences"
any leads to general "how to: guides that work in practice?
>> SOHO system, on virtual machines. Fairly recent versions. Running openSUSE
>> Leap 15.1.
> michael Schumacher wrote:
>> Joe,
>>
Due to some recent malware (in attachments, obvious stuff) wanted to add AV
> scanning. I gather "Amavis-new" is the hot ticket these days,
>>> I deal with Sophos products and would like to use their linux product to do
> the scanning. Seems to be preci
I'm revisiting blocking certain attachments. A multi part question:
Implementation, logging, testing.
Seems the accepted way to do attachment blocking is something like this:
in /etc/postfix/main.cf added, without quotes: "mime_header_checks =
regexp:/etc/postfix/block_attachments"
in /etc
> I'm revisiting blocking certain attachments. A multi part question:
> Implementation, logging, testing.
>
> Seems the accepted way to do attachment blocking is something like this:
>
> in /etc/postfix/main.cf added, without quotes: "mime_header_checks =
> regexp:/etc/postfix/block_attachm
Post fix version 3.4.7. with Spamassassin. While adding virus scanning
(clamav) noticed during testing
that any mail send from the postfix host does not get processed by spamassassin.
Postfix does accept it and passes it right thorough without any indication it
was passed through
spamd or clamd
> On 22 Feb 2021, at 17:27, Joe Acquisto-j4 wrote:
>
>> Post fix version 3.4.7. with Spamassassin. While adding virus
>> scanning (clamav) noticed during testing
>> that any mail send from the postfix host does not get processed by
>> spamassassin.
>>
>
Added Virus scanning to a SOHO stetup. clamav-milter is directing (?)
"infected" mail to postfix HOLD queue.
That's fine.
First thought is to process the queue'd mail, alter the subject line, based on
the added descriptive header line, and
deliver it to the intended user(s). I don't cons
> On 24/02/21 11:47 am, Joe Acquisto-j4 wrote:
>> Added Virus scanning to a SOHO stetup. clamav-milter is directing (?)
> "infected" mail to postfix HOLD queue.
>
> Perhaps rather than having clamav-milter put the message on hold, it
> might be possible to hav
> On 22 Feb 2021, at 18:40, Joe Acquisto-j4 wrote:
>
On 22 Feb 2021, at 17:27, Joe Acquisto-j4 wrote:
>>>
>>>> Post fix version 3.4.7. with Spamassassin. While adding virus
>>>> scanning (clamav) noticed during testing
>>>> that any mail s
. . .
>
> I did not notice that adding non_smtpd_milters also caused off
> box (smtpd) mail to be scanned twice, before and after
> spamassassin.
>
> Apparently having both smtpd_milters and non_smtpd_milters
> specified in main.cf causes that.
>
> Initially it appeared to me that milte
Postfix version 2.5.6 being used as a relay for chatty internal processes.
Suddenly, one of them is complaining of this error, in the midst of a 250 ish
recipient email. With attachment of some size.
". . .postfix/smtpd[15953]: NOQUEUE: reject: MAIL from unknown[192.168.aa.bb]:
452 4.3.1
stifx/main.cf ?
>>> "Joe Acquisto-j4" 05/12/16 11:33 AM >>>
Postfix version 2.5.6 being used as a relay for chatty internal processes.
Suddenly, one of them is complaining of this error, in the midst of a 250 ish
recipient email. With attachment of some size.
&q
Using postfix 2.5.6.
In main.cf, changed "relayhost" from and IP address to a valid domain.
- the "sender" changed from the original sender domain to the host name and
domain of the postfix server.
- the mail was shown as "queued" instead of "delivered"
What can I do to retain the senders actua
tart"
Was that naive?
HTH.
>>>> Wietse Venema 08/18/16 10:10 AM >>>
>Joe Acquisto-j4:
>> Using postfix 2.5.6.
>>
>> In main.cf, changed "relayhost" from and IP address to a valid domain.
>
> - the "sender" changed from the
>Please provide concrete evidence as requested.
>
> Wietse
Entirely my misinterpreting what I observed. Working as intended/expected.
Sorry for the inconvenience and thanks for your gentle response.
Any chance of assistance here with alterMIME?There is a need to add
disclaimers to outgoing mail.
I have it configured (one supposes) to be complaint free on restart of postfix
and can see from /var/log/mail that is does act on the specific email addresses
(senders) that I intended. At lea
>>> On 8/22/2016 at 7:31 PM, in message
<6d14c5d6-a707-499e-854b-5287d47b8...@kreme.com>, "@lbutlr"
wrote:
> On 22 Aug 2016, at 14:14, Joe Acquisto-j4
wrote:
>> There is a need to add disclaimers to outgoing mail.
>
> Just as a point of information, I co
>>> On 8/23/2016 at 1:16 AM, in message
<388d98f9-e63e-4d0a-865a-f32814510...@billmail.scconsult.com>, "Bill Cole"
wrote:
> On 22 Aug 2016, at 16:14, Joe Acquisto-j4 wrote:
>
>> Any chance of assistance here with alterMIME?
>
> A slim chance, but it
Perhaps it's time to change the subject line?
Currently have postifx configured to relay mail via a "relay_host" (main.cf).
There is a need to send mail to a certain domain via a different host. Google
has suggested a few ways, transport hash, header filter.
Since this special destination has a primary and a secondary IP, how might
>>>> Wietse Venema 10/20/16 1:56 PM >>>
>Joe Acquisto-j4:
>> Currently have postifx configured to relay mail via a "relay_host"
>> (main.cf). There is a need to send mail to a certain domain via
>> a different host. Google has su
Comments on the ZD net article that claims shellshock exploit via crafty SMTP
headers? Just asking, that's all . . .
I attached a link to it below, please excuse if that is improper behavior.
http://www.zdnet.com/shellshock-attacks-mail-servers-735094/
I confess to not having researched this, mainly as I have no clue how to search
the subject effectively. So, with great trepidation, I timidly squeak out this
question:
Using postfix, is it possible to force a "re-addressing" of an email based on
the sender of the message? To expand a bit, w
obble up
something to allow messages to be sent via SMTP from the old system
to the new, in a controlled and highly restricted manner.
Having had some time to "breath the free air again", I'm not so sure I
should be allowed out without my leash.
joe a.
>>Joe Acquisto-j4:
>&
Hope some find this amusing and not annoying. Perhaps someone know how to
approach this issue toward a resolution.
We have an in house commercial email system. Due to a re-organization, a
number of our users are now required to use an o365 account, yet must still
receive internal messages.
>>> On 1/21/2015 at 10:37 PM, Viktor Dukhovni
>>> wrote:
> On Wed, Jan 21, 2015 at 09:08:19PM -0500, Joe Acquisto-j4 wrote:
>
>> This appeared to work fine and does, for most messages. However,
>> our org often sends an email to thousands of users with in
>>> Daniel Miller 01/22/15 9:03 AM >>>
On 1/22/2015 3:13 AM, Joe Acquisto-j4 wrote:
>> Thanks. I appreciate the reminder. The methodology is long standing
>> and should be altered. The users have only the tools offered to them.
>>
>> However, not tryin
all the comments.
joe a.
>>> Viktor Dukhovni 01/22/15 9:59 AM >>>
On Thu, Jan 22, 2015 at 06:13:30AM -0500, Joe Acquisto-j4 wrote:
> While I agree Bcc is correct, I am having difficulty accepting,
> logically, not in fact, that the forwarded message should fail.
> Af
Sorry to post OT, but anyone having issues with mimecast?
I normally send via my providers mail server (Specturm aka TimeWarner). Email
to certain address never arrived, no bounce.
Setup to send to their domain and/or IP via their published MX and
immediately got "451 - IP temporarily
Pardon the OT post, but looking for comments on smartmontools and
GSmartControl, disk monitoring software. Off list only replies are fine with
me.
58 matches
Mail list logo
