s
> with idn domains and postfix
SMTPUTF8 allows for UTF-8 characters in email address local parts. This is
pretty important for most of the people in the World who might want to use
Email.
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1F84 3
ddress on the
front page of https://grepular.com
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4
signature.asc
Description: Digital signature
* on the Wed, Nov 11, 2015 at 06:36:20PM +, Viktor Dukhovni wrote:
> On Wed, Nov 11, 2015 at 09:28:56AM +0000, Mike Cardwell wrote:
>> I wrote an overview of how it works a while ago on my blog which a few
>> people have told me helped with their understanding:
>>
&g
previously able to do.
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4
signature.asc
Description: Digital signature
=$submission_tls_key_file
> ...
Thanks, that works perfectly. And also clarifies a lot more about
how Postfix config in general works to me.
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP
atively" inside
Postfix, that would be preferable.
If anyone cares, here is how I did it in Exim:
https://grepular.com/Automatically_Expiring_Email_Addresses
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
rently using flat files rather than MySQL.
I've added Amavis to the mix for SpamAssassin filtering and I'm
starting to think that might be a good place to do this if I can't do
it directly inside Postfix.
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
Ope
What (if there is one) is the current "recommended" book for learning
Postfix? I've come across "The Book of Postfix" and "The Definitive
Guide to Postfix", but the both seem to have been released years ago
and I'm assuming much of the material is out of
simply by creating files like:
/virtual/example.com
And giving a user rights to edit it...
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4
0 and the result
of the lookup is emailed to me instead.
This functionality is very useful for doing "real time" email
address validation when email addresses are posted from web forms.
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1
ting the following Perl from a CGI script is
completely safe:
my $valid = eval {
open(my $output, '-|', '/usr/sbin/sendmail', '-bv', $email_address);
close $output;
return $? == 0 ? 1 : 0;
};
--
Mike Cardwell https://grepular.com https://emailprivacytes
d = eval {
>>open(my $output, '-|', '/usr/sbin/sendmail', '-bv', $email_address);
>>close $output;
>>return $? == 0 ? 1 : 0;
>> };
>
> if it is done safe and secure - you know every scripts
> present on your
runs an
> email address through Postfix's "routers" and agents that know how
> to deliver mail. If the mail queue is not congested then this
> produces a result in seconds.
That feature sounds like it would be useful to me, but I understand
that lack of demand would make it a low
be interested to hear figures regarding how much traffic would
change from being encrypted to plain text if SSLv3 was dropped for
SMTP...
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06
disabled SSLv3 on my websites a year or
so ago.
However, I have a feeling that the figures would show that doing
this is worse than not doing it when it comes to SMTP. I'm not after
anecdotes or opinions but hard figures from people who get a lot of
TLS traffic.
--
Mike
lowing tcp connections
for mail submission is important, you might want to take a look at
Exim instead.
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4
signature.asc
Description: Digital signature
nt part
> and so on)
I'm guessing you've never worked for a shared hosting company which
provides a platform where tens of thousands of users can upload their
own php scripts. Content filtering is useful, but ratelimiting is
essential in these environemts.
If a user attempts to
you're not qualified to write a web app and you're
most likely a toxic customer. I suspect most shared hosting companies would
be glad to see the back of such a customer.
> if i have to do that i don't need the f*** MTA at all and can directly
> deliver to the MX
It would be
mail servers for this. SASL-based rate limits
> have been supported since Postfix 2.2, and postfwd has been around
> for many years (other policy daemons may also do the job; I
> have lost count).
That sounds like a fine solution.
--
Mike Cardwell https://grepular.com https://emailpri
h.
There is value in noticing when a user is sending an unexpectedly
large amount of mail, even if you don't use that information to reject.
Ratelimiting is a highly useful tool.
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3
d undefined subdomains and
> how should somebody send mail without a DNS record?
You've never heard of wildcard dns? He could do what he wants by just
adding this to his "foo.org" zone:
* IN MX 10 mx.example.com.
I don't know how he'd do the Postfix side though...
--
reated in a respectful manner
on this list, you will be disappointed.
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
XMPP OTR Key 8924 B06A 7917 AAF3 DBB1 BF1B 295C 3C78 3EF1 46B4
signature.asc
Description: Digital signature
ssage. Encrypt then retry.
Is there really no equivalent way of doing something like this in Postfix
without having to call out to an external program?
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
X
* on the Mon, Feb 16, 2015 at 03:50:24PM +, Viktor Dukhovni wrote:
> On Mon, Feb 16, 2015 at 12:57:26PM +0000, Mike Cardwell wrote:
>> On an old Exim box, I used to do something similar to this with the following
>> two line bit of config:
>>
>> deny condition
ering if I can get a quick fix from Postfix.
FWIW, in Exim I would do this by adding something like this to my
smtp transport:
helo_data = ${if isip4{$sending_ip_address}{my.ipv4.helo}{my.ipv6.helo}}
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3
pgit" ["--encrypt-mode", "prefer-inline", "my-pgp-uid"];
} else {
filter "gpgit" ["--encrypt-mode", "inline-or-plain", "--inline-flatten",
"my-pgp-uid"];
}
I prefer to use inline when possible for incoming mai
ver all of your other online
accounts by triggering password reset emails. They'll still be able to trigger
the reset emails, and receive them, but they wont be able to read.
--
Mike Cardwell https://grepular.com https://emailprivacytester.com
OpenPGP Key35BC AF1D 3AA2 1F84 3DC3 B0CF 7
OUTPUT -p tcp -d 105.106.107.108 --dport 25 -j DNAT \
--to-destination 192.168.0.1
Where 192.168.0.1 is replaced by whatever the new IP should be. Assuming
you don't have any legit mail going to the old IP anymore.
--
Mike Cardwell https://grepular.com/ https://www.parsemail.org/
OpenPG
28 matches
Mail list logo
