Sorry for not replying to the original thread, I just subscribed.
We have witnessed the same issue on one of our mailservers. Both
servers are the same (postfix/debian), with the same config, both have
letsencrypt certificates.
However we got customer complaints only for 1 server. Renewing the
ce
On Sat, 15 Oct 2022 at 23:24, Gerald Galster wrote:
>
> I'm just curious, which openssl version are you using?
postfix 3.1.15 and openssl 1.1.0l on debian9 still.
> Educating customers to ignore this kind of warning is not a good idea.
> Try to disable session tickets for submission instead:
I
On Sun, 16 Oct 2022 at 02:12, Viktor Dukhovni
wrote:
>
> So if presenting an essentially identical certificate, but with the
> wrong hostname makes the client happy, that's rather unexpected.
>
> There's a non-trivial chance your observations are in error, but if
> indeed presenting the wrong name
On Sun, 16 Oct 2022 at 02:12, Viktor Dukhovni
wrote:
>
> The two certificate chains are structurally identical, differing only in
> minor details, such as: dates, keys, hostnames and signatures.
There is another user (hopefully the URL below won't be blocked by the
list) with the same observation
On Mon, 17 Oct 2022 at 14:57, Wietse Venema wrote:
>
> For Postfix submission and smtps we prefer
>
> tls_ssl_options = NO_RENEGOTIATION, NO_TICKET
>
> Instead of forcing hostname/cert micmatches.
Yes, I am already using NO_TICKET and it is also recommended by the
linked article.
However it i
On Mon, 17 Oct 2022 at 15:48, Gerald Galster wrote:
> This is very strange and I can confirm it.
Can you test the other (working) certificate again? In Outlook set the
hostname as per certificate and in local hosts file in Windows force
IP of the destination server for this hostname. This way Ou
On Tue, 18 Oct 2022 at 08:29, wrote:
>
> just to wrap this up: The flags for lmtp were perfektly set, my "fault"
> was to use dovecot lmtp instead of postfix lmtp for mailbox transport -
> so no instance were setting the required message headers.
Dovecot LMTP doesn't provide info about original r
On Sun, 23 Oct 2022 at 17:21, Markus Schönhaber
wrote:
>
> > warning: access table static:HOLD: with smtpd_proxy_filter specified,
> > action HOLD is unavailable
I am using postfix-cluebringer to limit the number of sent messages
per SASL username (to slow down spam from hacked accounts) and putt
On Wed, 9 Nov 2022 at 10:12, wrote:
>
> When i send an email from terminal by "mail" commaind, the mail is sent via
> postfix installed on localhost, the sender address appears always as
> "u...@sdfsfsdf.example.org", not the expected "u...@example.org".
Depends on what that "mail" command is.
On Wed, 9 Nov 2022 at 12:59, wrote:
>
> I am using mailutils from ubuntu 20.04
> And in main.cf myorigin points to the file /etc/mailname.
> But I don't see a config file /etc/mailutils.conf?
I didn't have a default config either. This is what is working for me:
program mail {
address {
#
On Wed, 4 Jan 2023 at 00:52, Hébergement Arbre Binaire
wrote:
>
> I really appreciate your (very) thorough answer. I'll use it to search for a
> solution or devise a homemade one.
>
> The problem I'm describing affects so many web hosts... I'm surprised that
> this security problem has not bee
It is a feature. Putty has option to use "Telnet" protocol or "Raw"
protocol.
On Tue, 25 Apr 2023 at 16:43, Wietse Venema via Postfix-users <
postfix-users@postfix.org> wrote:
> Ue netcat (nc) instead of putty.
>
> I suspsect that putty is sending telnet protocol options, even when
> it connets t
On Tue, 2 May 2023 at 15:54, Kolusion K via Postfix-users <
postfix-users@postfix.org> wrote:
> Greetings
>
>
> I have found some contradicting Postfix documentation and I feel that it
> is my duty to make a revelation of it.
>
> https://www.postfix.org/postconf.5.html
>
> The inet_interface param
Hello,
On Fri, 9 Jun 2023 at 02:40, Richard Troy via Postfix-users <
postfix-users@postfix.org> wrote:
>
> Given all the work I did on Postfix to stop relaying from unauthorized
> parties, and how after a mountain of work the "open-mail-relaying" was
> only coming from a couple of spammers in Rus
On Thu, 14 Dec 2023 at 12:14, anant--- via Postfix-users <
postfix-users@postfix.org> wrote:
>
> and used header_checks to hold the mails in queue.
>
> Now, as no decision is made, I want to continue to hold for another 13
> days more.
>
>
> Will this change, hold the queue for another 13 days mor
On Tue, 2 Jan 2024 at 13:13, Matus UHLAR - fantomas via Postfix-users <
postfix-users@postfix.org> wrote:
> Hello,
>
> http://www.postfwd.org/ratelimits.html
>
> Of course, if there is any other tool that can do that, I'll look.
>
>
> However, I need to find the limits to set. Guessing is quite h
On Wed, 10 Jan 2024 at 16:45, Viktor Dukhovni via Postfix-users <
postfix-users@postfix.org> wrote:
>
> Keeping in mind
> that of course in smtpd(8) there's no scoring, so the whitelists with
> negative scores aren't available. If you absolutely want to ensure
> that the whitelists are honoured,
Hi,
When/how does postfix prevent duplicate deliveries when delivering to an
alias and explicitly also to the alias result? For example all@domain + Cc
to one of the members of that alias. I have found parameters
"duplicate_filter_limit" and "enable_original_recipient" that mention it,
but I don't
On Sun, 14 Apr 2024 at 01:15, Wietse Venema via Postfix-users <
postfix-users@postfix.org> wrote:
> If there is a difference in deduplication, then you have introduced
> a difference up-stream of the delivery agents. You need to find
> that difference.
>
Unfortunately I don't remember in which ca
On Tue, 4 Jun 2024 at 11:19, Celal.Dikici via Postfix-users <
postfix-users@postfix.org> wrote:
> Hello,
> For the e-mail infrastructure we use roundcube 1.6.6 postfix 3.7.10,
> dovecot 2.3.19.1 installed on debian 12.05. We use the larry theme as the
> interface. We use managesieve plugin for fi
On Sat, 20 Jul 2024 at 06:28, timothy via Postfix-users <
postfix-users@postfix.org> wrote:
>
> When I open webmail, it always displays a dropdown menu for me to select
> an IMAP host.This is so frustrating.How to disable this drop-down menu and
> automatically match email addresses to imap hosts?
On Tue, 30 Jul 2024 at 09:51, Phil Biggs via Postfix-users
wrote:
> I only use list.dnswl.org (for good ones) and zen.spamhaus.org (bad) in
> postscreen. Very effective but I did, just once, see an IP simultaneously
> listed in both.
DNSWL is not for the good ones. It is for well-known mailserve
On Wed, 4 Dec 2024 at 00:16, Tim Harman via Postfix-users
wrote:
>
> FIXED
>
> smtpd_tls_session_cache_timeout = 0
> So there must be something going on in the version of Debian I have (10)
> where TLS session tickets aren't working/negotiated/stored correctly.
I have postfix on Debian 10 wi
23 matches
Mail list logo
