On Wednesday 19 November 2008 13:23:39 Noel Jones wrote:
> Mark Watts wrote:
> > I'm in the process of setting up TLS on a number of servers.
> > I have two servers, both running Postfix, one an smtp client and the
> > other an smtpd server, using a self-signed SSL ce
have any certificates at all.
I've simply configured "smtp_use_tls = yes" and "smtp_tls_loglevel = 1".
The logs are from the originating server.
Mark.
--
Mark Watts BSc RHCE MBCS
Senior Systems Engineer
QinetiQ Applied Technologies
GPG Key: http://www.linux-corner.
On Wednesday 19 November 2008 13:42:59 Noel Jones wrote:
> Mark Watts wrote:
> >> When you're sending mail, no client certificate is requested.
> >> Your postfix doesn't know (and doesn't care) that the client
> >> has a self-signed certificate
On Wednesday 19 November 2008 14:00:29 Wietse Venema wrote:
> Mark Watts:
> > I think my original question still stands; why do connections to
> > one server not generate verification messages, while connections
> > to a third server do. Both remote servers have self-signed
On Wednesday 19 November 2008 14:48:32 Noel Jones wrote:
> Mark Watts wrote:
> > On Wednesday 19 November 2008 14:00:29 Wietse Venema wrote:
> >> Mark Watts:
> >>> I think my original question still stands; why do connections to
> >>> one server
I'm seeing.
> We could speculate forever on what is happening, or you could make
> a proper recording and let the data speak for itself.
At the risk of sounding dumb, what would a "proper recording" be in this case?
Mark.
--
Mark Watts BSc RHCE MBCS
Senior Systems Engin
On Wednesday 19 November 2008 16:29:09 Victor Duchovni wrote:
> On Wed, Nov 19, 2008 at 07:23:39AM -0600, Noel Jones wrote:
> > Mark Watts wrote:
> > >I'm in the process of setting up TLS on a number of servers.
> > >I have two servers, both running Postfix, one an
On Thursday 20 November 2008 15:05:50 Victor Duchovni wrote:
> On Thu, Nov 20, 2008 at 08:56:04AM +0000, Mark Watts wrote:
> > I did wonder what the difference between ADH-AES256-SHA and AES256-SHA
> > was. Both still result in an encrypted connection though, right?
>
>
On Thursday 20 November 2008 15:52:56 Victor Duchovni wrote:
> On Thu, Nov 20, 2008 at 03:48:32PM +0000, Mark Watts wrote:
> > > The first cipher has no authentication mechanism in the SSL handshake,
> > > so you get encryption only, no authentication. The second cipher makes
here please?
http://www.google.com/search?q=mailing+list+software
Mark
--
http://mark.goodge.co.uk - my pointless blog
http://www.good-stuff.co.uk - my less pointless stuff
ing the decision to change a DNS
entry to point to the backups server) I think this may be one of the few
viable options you have.
Mark.
--
Mark Watts BSc RHCE MBCS
Senior Systems Engineer
QinetiQ Applied Technologies
GPG Key: http://www.linux-corner.info/mwatts.gpg
signature.asc
Description: This is a digitally signed message part.
tables as
described there; use a recent version of amavisd-new: 2.6.1 or 2.6.2-rc1)
Mark
ix
Dec 23 12:20:45 shuttle postfix[9561]: Starting postfix: [ OK ]
Dec 23 12:20:45 shuttle systemd[1]: Started LSB: Starts the postfix daemons.
Can anyone see what I'm missing?
Thanks in advance.
Mark
ot support mailing list.
If this is a dovecot issue and someone can point me in a helpful direction for
support, I'd appreciate it.
Thanks.
From: owner-postfix-us...@postfix.org on
behalf of Mark ADAMS
Sent: Monday, December 23, 2019 12:23 PM
To
23, 2019 1:12 PM
To: postfix-users@postfix.org
Subject: Re: Mail shows being queued, but not in queue
On Mon, Dec 23, 2019 at 07:40:01PM +, Mark ADAMS wrote:
> I forgot a couple of things:
> Distro: Linux shuttle 5.4.2-desktop-1.mga7 #1 SMP Thu Dec 5 17:40:00 UTC 2019
> x86_64
ueued, but not in queue
On Mon, Dec 23, 2019 at 10:16:06PM +0000, Mark ADAMS wrote:
> Yeah that sounds like me, but there's nothing showing up in the logs.
I don't call the below "nothing".
> 250 2.0.0 Ok: queued as B03444A4201
> Dec 23 15:07:08 shuttle postfix/cl
A company named "Internet Hosting Ltd" does exist and is in fact
registered to this address but it's only existed since June 2019. It has
a single company officer named Elliot Carey who is the sole shareholder.
Details here: <https://beta.companieshouse.gov.uk/company/12051036>
All for what it's worth.
--
Mark Rousell
Hi, I have a fairly typical postfix install with port 465 requiring
authentication. I'd like to allow one sender (email address or IP) to
inject email on port 465 without providing login/password authentication.
Is this somehow possible?
On 12/2/21 3:14 pm, Viktor Dukhovni wrote:
Hi, I have a fairly typical postfix install with port 465 requiring
authentication. I'd like to allow one sender (email address or IP) to
inject email on port 465 without providing login/password authentication.
The port number and TLS encryption are i
If I connect to port 25 the connect host in the logs is my FQDN...
telnet 12.34.56.78 25
ehlo mail.my.fqdn
connect from mail.my.fqdn[78.56.34.12]
If I try the same via port 465 then I always get "unknown"...
openssl s_client -crlf -quiet -connect 12.34.56.78:465
ehlo mail.my.fqdn
connect from u
On 22/2/21 00:26, Wietse Venema wrote:
If I connect to port 25 the connect host in the logs is my FQDN...
If I try the same via port 465 then I always get "unknown"...
What is the output from:
# postconf -F '*/inet/chroot'
If they are different, then you have a broken chroot setup.
~ postco
0 SMTPUTF8
quit
Apparently also a commercial mailer Momentum supports it.
Mark
differently.
See:
http://marc.info/?l=spamassassin-users&m=141461245312708
one possible workaround:
http://marc.info/?l=spamassassin-users&m=141467352930918
See the whole thread there for details.
Mark
uot;addr is not a string" test to use SvPOKp() before 5.18
Mark
question, but I'm hoping that all
the Postfix-Gods in here might share an opinion or advice.
Mark
Hi there,
We have a transport map setup so that mail destined for the local domain
or from some subdomain email servers is not routed to our relay gateway.
These entries have a null gateway set. Mail destined for all other
domains is routed via our relay.
e.g
serve...@server01.abc.co.za :
a
add the content_filter there. In fact I don't need two
IP addresses for the smtp delivered mail :)
On 09/10/2015 06:12 PM, Mark Clarke wrote:
> Hi there,
>
> We have a transport map setup so that mail destined for the local
> domain or from some subdomain email servers is not ro
networks can only send to internal recipients, with the exception of
these IP's which can also send to external recipients'
I've done some Googling but can't quite figure the best way to achieve this.
Grateful for any pointers!
Many thanks,
Mark
This e-mail message
gt meddelande-
Från: owner-postfix-us...@postfix.org
[mailto:owner-postfix-us...@postfix.org] För Mark Holmes
Skickat: den 18 oktober 2016 21:46
Till: 'postfix-users@postfix.org'
Ämne: Restriction question
Hi list,
I'd like to configure Postfix such that I can prevent certain
I want to supply separate Letsencrypt certificates for each virtual domain
and seeing that SNI does not work I need to allocate separate IPs. Could
anyone give some pointers, or keywords to search for, on...
a) how to make postfix listen for different domains on different IPs?
b) how to configur
truct sockaddr_storage
(RFC 3493).
Seems like elsewhere this is handled correctly
( like in inet_listen.c/inet_accept() ).
Mark
rform this step.
Using postfix-2.12-20140923 .
Mark
es) if the
UTF8SMTPS?A? set would be included in the XFORWARD PROTO field.
Mark
ch string is already assembled
elsewhere in postfix.
Thanks to the current documentation the change would not risk breaking
backward compatibility :)
Mark
www.ietf.org/mailman/listinfo/ima
Mark
Wietse wrote:
Mark Martinec:
Btw, amavisd since 2.10.0 converts ACE domain names to UTF-8
for presentation purposes (logging, JSON structured report,
DNS and admin notfications), and encodes non-ASCII UTF-8 domains
in sender and recipient addresses into ACE if the next hop MTA
(e.g. back-end
t;host".
I like the above two changes. The defaults often are confusing for
people new to postfix.
- mynetworks-style (default: subnet). This should be "host".
Yes, definitely.
Some more archaisms that can be changed to:
biff = no
swap_bangpath = no
allow_percent_hack = no
Mark
avisd/amavisd-new-2.10.0.tar.xz
Mark
; / "~"
http://tools.ietf.org/html/rfc4291
http://tools.ietf.org/html/rfc3493
http://tools.ietf.org/html/rfc4007
Mark
z.co.uk/domain-tools/
http://www.intodns.com/
http://www.dnsqueries.com/en/
I have not implemented spf or dkim.
There you go!
Consider also publishing a DMARC record, not necessarily restrictive.
Mark
address should be enclosed in brackets to avoid ambiguity.
No big deal, just commenting...
Mark
o add their own signature.
Mark
Hi,
I’d like to insert SMTP headers and/or body content (e.g., using alterMIME) in
outgoing e-mails *if* the SMTP connection to the recipient is not protected by
TLS.
Is this possible in postfix today, or would it require a change to source?
Thanks,
--
Mark Nottingham https://www.mnot.net/
> On 11 Jan 2015, at 8:00 pm, Wietse Venema wrote:
>
> Mark Nottingham:
>> Hi,
>>
>> I?d like to insert SMTP headers and/or body content (e.g., using alterMIME)
>> in outgoing e-mails *if* the SMTP connection to the recipient is not
>> protected by
Back from travelling...
> On 12 Jan 2015, at 12:00 pm, Wietse Venema wrote:
>
> Mark Nottingham:
>> Hi,
>>
>> I?d like to insert SMTP headers and/or body content (e.g., using alterMIME)
>> in outgoing e-mails *if* the SMTP connection to the recipient is no
eduled incident which required the
documentation to be consulted :-)
Mark
--
http://www.markgoodge.uk
mavis as described above.
Do, I have that right?
Yes. There is likely and advantage in amavis regarding meeting
the configured deadlines.
Mark
On 04/02/17 21:35, A. Schulze wrote:
if i will run Debian, Postfix + Dovecot on a VPS Machine what i
need about memeory that this application can run without any
Problem, 256Mb are not enough?
works as long you avoid antivirus snakeoil and perl based spam
filtering.
Totally agree with this, t
On 05/02/17 16:04, Dominic Raferd wrote:
In contrast a "full service" mailcow install requires 800Mb at the
very least and 1Gb with some usage. Clamav is the real ram killer.
At the risk of going off-topic, is it worth using clamav? I run it
(via amavis) but it last picked up something 'real' 7
On 23/03/17 23:06, Viktor Dukhovni wrote:
is it possible to setup separate SSL certificates for an each virtual
domain ?
The Postfix smtpd(8) service does not support SNI-based certificate
selection. And this is not needed. Just point all the virtual domains
at a common MX host with a single c
On 24/03/17 00:30, Viktor Dukhovni wrote:
That answer was for the port 25 inbound MX relay host, which can be
changed by updating MX records without any interaction with the
users.
[...]
You are conflating MX hosts with MSAs. Users don't configure their
MUAs to talk to MX hosts.
Not quite. In
On 29/4/17 5:26 am, Linda Pagillo wrote:
Hi everyone. I was wondering which anti-spam and anti-virus programs
do you all use with Postifx? Any advice on which programs work best?
I'm not sure about the absolute best spam filtering system but the
simplest lightweight solution (for me) is postscr
On 5/7/17 9:58 PM, pbw wrote:
...the simplest lightweight solution (for me) is postscreen, SPF/
DKIM and Spamprobe via dovecot/sieve filters.
Your approach seems applicable to me. I have set up postscreen from
the postfix docs. What is the best documentation for the remainder of
your setup?
T
is is done (but this is
Sendmail and difficult to maintain, so we want to switch to Postfix but
keeping this behavior).
Is it possible with Postfix to do this or do I need to look for a milter or
something else to do this?
Regards, Mark
> -Original Message-
> From: Marek Kozlowski [mailto:m.kozlow...@mini.pw.edu.pl]
> Sent: Sunday, June 4, 2017 8:04
> To: Mark Scholten; postfix-users@postfix.org
> Subject: Re: Changing "mail from"
>
> :-)
>
> On 06/04/2017 07:58 AM, Mark Scholte
Hello.
I'm using a fresh install of Postfix 3.2.2 and am seeing strange
warning messages in the log when mail bounces:
Jul 1 19:15:16 mail postfix/bounce[88353]: warning:
midna_domain_to_utf8_create: Problem translating domain "mail.io7m.com" to UTF8
form: U_FILE_ACCESS_ERROR
Jul 1 19:15:16 m
On 2017-07-01T22:33:16 +
Viktor Dukhovni wrote:
> > Perhaps this is because "bounce"
> > is running in a chroot?
>
> That's the most likely cause.
Thanks, all. The chroot was the issue. I've no idea why it has suddenly
become a problem, but I can live without running bounce chrooted.
M
I have a global alias @example.com pointing to ad...@example.com, which
works fine, but when I add a real user, like m...@example.com, the global
alias overrides the real entry in virtual_mailbox_maps (mysql). If I
remove the @exmaple.com global alias from virtual_alias_maps then the
"real" mailbo
On 04/07/17 14:08, Bill Cole wrote:
I have a global alias @example.com pointing to ad...@example.com,
which works fine, but when I add a real user, like m...@example.com,
the global alias overrides the real entry in virtual_mailbox_maps
(mysql).
See the VIRTUAL_README and ADDRESS_CLASS_README
On 2017-07-08T23:27:31 -0400
Scott Talbert wrote:
>
> Unfortunately Google has stopped accepting mail from my server via IPv6
> and I haven't been able to figure out why or resolve the problem.
Hello.
Are you by any chance seeing this message?
Jul 9 08:43:06 mail postfix/smtp[18059]: C95E4849
On 2017-07-09T19:15:29 -0400
wie...@porcupine.org (Wietse Venema) wrote:
> This is how three years ago I solved IPv6 problems for all domains
> that have Google as an MX host.
Thanks for this. Personally, I don't expect to hear back from Google,
so I'll be implementing this one myself.
M
pgphP
an be time sensitive: for example, advocacy organizations ask
subscribers to tweet or call their elected representative that morning.)
--mark B.
signature.asc
Description: OpenPGP digital signature
On 08/01/2017 03:32 PM, Viktor Dukhovni wrote:
On Tue, Aug 01, 2017 at 02:41:52PM -0700, mark burdett wrote:
Hi, I was curious if there are any plans for postfix to eventually support
SMTP connection reuse with STARTTLS.
This requires a complex outbound TLS proxy to cache the connections
in
On 11/08/17 05:20, Michael Fox wrote:
# cat /usr/lib/systemd/system/postfix.service
Hmm. My Ubuntu system has no such file.
On *buntu/deb machines it's...
/lib/systemd/system/postfix.service
dpkg -L postfix | grep service
y outbound message's From and To fields?
Thanks in advance!
Mark
stuff. Is there a way to configure
postfix to do that?
I know that I'd be losing valuable information if I ever had a legitimate mail
delivery problem. But I've never actually run into that.
Thanks in advance.
- Mark
__ Information from ESET NOD32 Antivirus, version of
d. I'd appreciate any hints, leads or tips. Thanks!
- Mark
"Too much sanity may be madness! But maddest of all - -to see life as it is and
not as it should be."
__ Information from ESET NOD32 Antivirus, version of virus signature
database 3669 (20081207) __
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
ts.arcabama.com is still being sent to the Exchange server,
when it should just be delivered to the local unix box.
Any other thoughts?
- Mark
"Too much sanity may be madness! But maddest of all - -to see life as it is and
not as it should be."
-Original Message-
From: [EMAIL
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
unverified_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtual
- Mark
"Too much sanity may be madness! But maddest of all - -to see life as it i
smtpd_use_tls = yes
soft_bounce = yes
tls_random_source = dev:/dev/urandom
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
unverified_recipient_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtual
- Mark
"Too much sanity may be madness! But ma
ma.comlocal:
localhostlocal:
# put in to support mailman
list.arcabama.commailman:
- Mark
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of mouss
Sent: Sunday, December 07, 2008 11:30 PM
To: postfix-users@postfix.org
Subject: Re: Info
st suggested I change that
to re-inject it back into postfix, and configure postfix to deliver the mail to
either exchange or the unix box that hosts mailman. Is there a basic-level
howto on configuring postfix to do that?
- Mark
"Too much sanity may be madness! But maddest of all --
whose group
ownership was set to mailman. That didn't work, nor did setting the separate
aliases file's group ownership to nogroup.
Before I go in and reconfigure mailman I thought I'd check here and in the
mailman users group to see if anyone had any other alternative solutions.
That's what I did, but it didn't work. Nor did chgrp nogroup.
- Mark
"Too much sanity may be madness! But maddest of all -- to see life as it is and
not as it should be."
-Original Message-
From: mouss [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 09, 200
Thanks for confirming that. I'll go ahead and recompile mailman.
- Mark
"Too much sanity may be madness! But maddest of all -- to see life as it is and
not as it should be."
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Wietse Venem
Any chance there is a UTM device in the email stream?
We see lots of these errors when our SonicWalls do an RBL lookup, don't like
the data in the email stream etc. The SonicWalls then just drop the connection
and Postfix logs the drop.
Hope that helps,
Mark
...
L. Mark Stone - General Manager, Managed and Private/Hybrid Cloud Services
"Uptime. All the time." ® www.reliablenetworks.com
Eleven Years In Business 2003 - 2014
477 Congress Street, Suite 812 | Portland, ME 04101 | (207) 772-5678
private/hybrid cloud hosting | Zimbra
This is new to me so any advise about what I’m doing wrong and how to stop this
is very welcome.
Have a nice weekend,
Mark
- - quote - - - -
root@mail:/home/sympa/spool/msg# more
oceandocscommunity-ow...@sympa.iode.org.1484660591.438
X-Sympa-To: oceandocscommunity-ow...@symp
On Jan 18, 2010, at 17:05, "Steve" wrote:
Original-Nachricht
Datum: Mon, 18 Jan 2010 11:30:49 -0800
Von: "Daniel L. Miller"
An: Postfix users
Betreff: Re: The method behind the madness
Stan Hoeppner wrote:
Daniel L. Miller put forth on 1/18/2010 12:51 PM:
A point -
On Jan 18, 2010, at 17:48, Stan Hoeppner wrote:
Mark Nernberg (gmail account) put forth on 1/18/2010 4:17 PM:
I have achieved this with a slightly hacked TMDA (www.tmda.net). if
you
want my modifications, contact me off-list.
I'm surprised you actually mentioned a solution whose
On Jan 18, 2010, at 18:30, Stan Hoeppner wrote:
Mark Nernberg (gmail account) put forth on 1/18/2010 4:50 PM:
On Jan 18, 2010, at 17:48, Stan Hoeppner
wrote:
Mark Nernberg (gmail account) put forth on 1/18/2010 4:17 PM:
I have achieved this with a slightly hacked TMDA (www.tmda.net
--
sent from my mobile phone
On Jan 18, 2010, at 18:54, wie...@porcupine.org (Wietse Venema) wrote:
Stan Hoeppner:
[ Charset ISO-8859-1 unsupported, converting... ]
Mark Nernberg (gmail account) put forth on 1/18/2010 4:50 PM:
On Jan 18, 2010, at 17:48, Stan Hoeppner
wrote:
Mark
On Dec 21, 2009, at 13:17, "William Jordan"
wrote:
Is there a (easy and/or simple) way to get a copy of a person's
inbound &
outbound mail sent to another mail user? We want to monitor a mail
account.
I am pretty sure I can forward incoming mail but outbound mail I am
not so
sure abo
Best,
Mark.
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
ell?
I'm trying to be as restrictive as possible, against haux&pseudo
hostnames/helo attempts, spammers and attackers.
Many thanks,
Much regards.
Mark.
2 Şubat 2024 Cuma tarihinde Viktor Dukhovni via Postfix-users <
postfix-users@postfix.org> yazdı:
> On Fri, Feb 02, 2024 at 08:
rules are happening in main.cf, which is listed here;
https://pastebin.mozilla.org/i5tMtPAk
I've learned a lot from your replies, much grateful!
Thank you,
Mark.
Viktor Dukhovni via Postfix-users , 4 Şub 2024
Paz, 19:14 tarihinde şunu yazdı:
> On Sun, Feb 04, 2024 at 01:22:45PM +020
uld you explain further please
where I made a mistake?
Regards.
Matus UHLAR - fantomas via Postfix-users , 5 Şub
2024 Pzt, 15:15 tarihinde şunu yazdı:
> On 04.02.24 22:06, Mark via Postfix-users wrote:
> >->"Best practice is to require submission users sending outbound mail do
> s
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_rbl_client zen.spamhaus.org=127.0.0.[2..11],
check_policy_service unix:private/spf-policy,
permit
I think this is a better approach, if I did it correctly? Could you confirm
please?
Much regards,
Mark.
Ma
Many thanks in advance,
Regards
Mark
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
en as you have rspamd, is that correct?
> Jonathan
Hi Jonathan, thank you.
It helped me to eliminate some fake senders and spams, but I see your point.
Yes, I'm not using postscreen as I have rspamd.
Is there any further suggestion you might have?
Many thanks,
Mark.
___
Disable clamav completely, restart your server and try it like that,
for a few days.
ClamAV is a RAM killer!
On Mon, Mar 3, 2025 at 5:34 PM Turritopsis Dohrnii Teo En Ming via
Postfix-users wrote:
>
> Dear Varadi Gabor,
>
> I have just asked ChatGPT Artificial Intelligence (AI) for assistance.
>
:
default_destination_concurrency_limit = 50
We did a postfix reload and a postconf and we are seeing the correct config -
however - connections are still restricted to 20?
Any suggestions on what we are missing?
Thanks,
Mark
___
Postfix-users mailing list -- postfix-users@postfix.org
sr/sbin/ss -p -n -t | grep "smtp" | awk -F'[=
,]*' '{print $8}'
* Finalist = intersection between child_pids and Process_connections
(This gives the connections for that pid)
This may well be a bit convoluted but as I
1-out:
* smtp2-out:
If possible then what is the exact config entry for a "wildcard" in this
situation?
--
Cheers, Mark Constable :: +61 0419 530 037
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an e
with this config file...
https://github.com/markc/sh/blob/main/etc/_etc_opendkim.conf
and with this added to /etc/postfix/main.cf...
smtpd_milters = inet:127.0.0.1:8891,inet:127.0.0.1:54321
--
Cheers, Mark Constable :: +61 0419 530 037
___
Postfix
lay2 postfix/smtpd[95962]: maps_find: canonical_maps:
@dohd.org: not found
So I don't see any action being taken for sender canonical mapping.
Does anyone have a slight hint what logging I should be looking for, or even
better: what I'm doing wrong?
Kind regards,
Mark
--
Ah, women
anyone have any suggestions on how best to debug?
Regards,
Mark
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
401 - 497 of 497 matches
Mail list logo
