How can I temporarily defer internal delivery of e-mails?

Hi, As part of a backup script for cyrus-imapd, I'd like to temporarily stop postfix delivering mails to cyrus-imapd and to just queue them. If it is at all possible I'd like to do it without restarting any services (I know I can just stop cyrus-imapd). Reading what I can, there is a paramete

Re: How can I temporarily defer internal delivery of e-mails?

On 11/09/2021 13:42, Wietse Venema wrote: Nick Howitt: Hi, As part of a backup script for cyrus-imapd, I'd like to temporarily stop postfix delivering mails to cyrus-imapd and to just queue them. If it is at all possible I'd like to do it without restarting any services (I know

Re: How can I temporarily defer internal delivery of e-mails?

On 11/09/2021 13:24, Kristian wrote: On 11/09/2021 13.43, Nick Howitt wrote: As part of a backup script for cyrus-imapd, I'd like to temporarily stop postfix delivering mails to cyrus-imapd and to just queue them. If it is I believe you can do this with check_recipient_access

Re: How can I temporarily defer internal delivery of e-mails?

On 11/09/2021 13:57, Nick Howitt wrote: On 11/09/2021 13:24, Kristian wrote: On 11/09/2021 13.43, Nick Howitt wrote: As part of a backup script for cyrus-imapd, I'd like to temporarily stop postfix delivering mails to cyrus-imapd and to just queue them. If it is I believe you c

Re: How can I temporarily defer internal delivery of e-mails?

On 11/09/2021 14:03, Nick Howitt wrote: On 11/09/2021 13:57, Nick Howitt wrote: On 11/09/2021 13:24, Kristian wrote: On 11/09/2021 13.43, Nick Howitt wrote: As part of a backup script for cyrus-imapd, I'd like to temporarily stop postfix delivering mails to cyrus-imapd and to

Re: How can I temporarily defer internal delivery of e-mails?

On 11/09/2021 16:40, Nick Howitt wrote: On 11/09/2021 14:03, Nick Howitt wrote: On 11/09/2021 13:57, Nick Howitt wrote: On 11/09/2021 13:24, Kristian wrote: On 11/09/2021 13.43, Nick Howitt wrote: As part of a backup script for cyrus-imapd, I'd like to temporarily stop po

Re: How can I temporarily defer internal delivery of e-mails?

On 11/09/2021 20:05, Wietse Venema wrote: Nick Howitt: Partly answering my own question, "postconf -o body_checks=regexp:/etc/postfix/body_checks" seems to do the right thing in that the output of the command shows it is set No it doesn't. Where did you get the idea from th

Re: How can I temporarily defer internal delivery of e-mails?

On 11/09/2021 20:28, Viktor Dukhovni wrote: On Sat, Sep 11, 2021 at 08:22:46PM +0100, Nick Howitt wrote: I interpreted this, perhaps mistakenly, as if this were now the running config of postfix. There is no such thing as "the running config of Postfix". There's just mai

Re: multiple ip addresses for submission -- My Google Fu is lacking

On 14/09/2021 04:29, raf wrote: On Tue, Sep 14, 2021 at 01:20:03PM +1000, raf wrote: But chances are that mail clients just do what any other TCP client would do. That might be why you can't find any discussion on the topic. Remember, the only IP address(es) that the mail client will be co

Re: Rewriting the MAILER-DAEMON address and header formats

On 18/09/2021 11:32, Jaroslaw Rafa wrote: Dnia 18.09.2021 o godz. 08:39:41 Vladimir Mishonov pisze: 2. While the above is mostly for aesthetical reasons, there is one other thing: the templates for mailer-daemon messages have obsolete "From" and "To" header formats, e.g.: From: mailer-dae.

Re: Rewriting the MAILER-DAEMON address and header formats

I am having problems replying to the list as it keeps bouncing. This time I am trying removing the preceding messages, Is this an uphill battle? Excluding docs, on my system I get: [root@server ~]# grep MAILER-DAEMON /usr/* -r Binary file /usr/bin/fetchmail matches Binary file /usr/bin/procmail

Re: Relay to google chaning from address

On 20/09/2021 11:15, Adam Barnett wrote: Hi, I have setup a postfix relay to allow us t send some of our mail to google My main.cf looks like this inet_protocols = ipv4 append_dot_mydomain = no biff = no config_directory = /etc/postfix mailbox_size_limit = 0 readme_director

Re: reject_unknown_reverse_client_hostname not working as I expect

On 11/08/2022 11:54, Matus UHLAR - fantomas wrote: On 11.08.22 11:43, Nick Howitt wrote: [root@server ~]# postconf -n | grep restrictions smtpd_client_restrictions = permit_mynetworks, reject_unknown_reverse_client_hostname smtpd_recipient_restrictions = permit_mynetworks

Re: reject_unknown_reverse_client_hostname not working as I expect

On 11/08/2022 14:49, Matus UHLAR - fantomas wrote: On 2022-08-11 at 07:56:41 UTC-0400 (Thu, 11 Aug 2022 12:56:41 +0100) Nick Howitt is rumored to have said: I can't use reject_unknown_client_hostname as I know at least one major ISP in the UK has their mailserver announcing a ???.

Authentication query

Hi, I'm afraid I struggle a bit with understanding all the various restrictions with their meaning and where they are applied to so can I please have some help? Last night I noticed one IP address repeatedly trying to authenticate on port 25, trying different user names until he finally went

Re: Authentication query

On 16/01/2016 15:15, Benny Pedersen wrote: Nick Howitt skrev den 2016-01-16 15:48: reject_rhsbl_sender, dsn.rfc-ignorant.org rfc domain is gone to dev/null see

Re: Authentication query

On 16/01/2016 15:24, Wietse Venema wrote: Nick Howitt: Is it possibly to stop anyone outside my LAN who tries to authenticate on port 25? For example: Remove 'smtpd_sasl_auth_enable = yes' from main.cf.

Re: Authentication query

On 16/01/2016 16:39, Benny Pedersen wrote: Nick Howitt skrev den 2016-01-16 17:03:  Because I have a dynamic (quasi-static) IP so I relay via my ISP who insisted on SMTPS. SMTPS has only been introduced

Re: Authentication query

On 16/01/2016 17:39, Steve Wardle wrote: On 16 Jan 2016, at 16:47, Nick Howitt wrote: Only since 2.10 or 2.11. It was added because of a discussion with me on these lists. My distro (RHEL6 related) is stuck on 2.6.6. At some point, when it is more s

Can this sort of spam be easily and safely blocked in postfix

Hi, In the last few weeks I've seen a increase in the number of e-mails with nasty .doc or .xls files, generally with some sort of invoice supposedly in them. Can postfix be reliably configured to block them at source. Below is a message header, the relevant but of the maillog and my configura

Re: Can this sort of spam be easily and safely blocked in postfix

It does not apply to this message, but I was wondering if it was safe to block unknown e.g. "connect from unknown[123.63.85.49]". Presumably this means no reverse DNS record, but is it reasonable to block these or will I reject too much good stuff? If it is reasonable, wh

Re: Can this sort of spam be easily and safely blocked in postfix

Hi Noel, On 10/02/2016 19:39, Noel Jones wrote: On 2/10/2016 1:03 PM, Nick Howitt wrote: Hi, In the last few weeks I've seen a increase in the number of e-mails with nasty .doc or .xls files, generally with some sort of invoice supposedly in them. Can postfix be reliably configured to

Re: Outbound TLS

As far as I know Google use STARTTLS on port 587 and not port 25. Have a look at https://www.clearos.com/resources/documentation/clearos/content:en_us:kb_howtos_smtp_authentication_to_isp to see how to set up relaying via STARTTLS. A word of caution though. I believe

Problem relaying through Virginmedia (ntlworld) with authentication

Hi, My ISP Virginmedia (VM) suddenly made authentication compulsory a couple of days ago. I use Thunderbird relaying through postfix. I did have it working a few years ago on port 587 but now they want port 465. In main.cf I've set: smtp_sasl_auth_enable

Re: PATCH: smtps support (was: Problem relaying through Virginmedia)

Thanks for all this attention to my problem. I would like to give a little history as to perhaps why port 465 authentication is required. VirginMedia (and NTLWorld, therefore) appear to sub out their e-mail handling to GMail. All the webmail appears the same but is branded VM. A few years ag

Re: Postfix as intermediary server

It used to be possible. In GMail, go to Settings > Accounts and Import and look at the "Send mail as" section and see if you can set it up. This used to work, but for my domain now does not in the way it used to and it wants to relay through my own domain's mail server. T

Re: PATCH: smtps support (was: Problem relaying through Virginmedia)

2015 at 12:53:38PM +0000, Nick Howitt wrote: In the meanwhile as it will probably take ages for RHEL to incorporate your patches and upgrade to the latest version (I think I'm on 2.6.6-6 but I'd need to check at home) I'll follow your suggestion and look at stunnel. The new cod

How do I get User/Password authentication on 587 only for relaying

Hi, Up to now I have been using postfix as an internal server at home relaying messages from internal clients to my ISP, but also receiving mail on port 25. Now my wife has an Android, I'd like to enable her to send mail through the server when out and about. With the

Re: How do I get User/Password authentication on 587 only for relaying

Brilliant, thanks. On 14/02/2015 14:19, li...@rhsoft.net wrote: Am 14.02.2015 um 15:13 schrieb Nick Howitt: Up to now I have been using postfix as an internal server at home relaying messages from

Default actions on restrictions

Hi, I am trying to set up authentication on 587 and I'm struggling with the postfix implementation in ClearOS. I have a restriction: smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unknown_recipient_domain, reject_unaut

Certificate only authentication on 587

Hi, Following previous conversations here I have user/pass authentication working on 587. I am hoping to take this one stage further by using certificate authentication, perhaps without user/pass authentication, but I am failing. The client I am using is K-9 mail

Re: Certificate only authentication on 587

On 06/04/2015 03:54, Viktor Dukhovni wrote: On Sat, Apr 04, 2015 at 07:40:33PM +0100, Nick Howitt wrote: The client I am using is K-9 mail ... The line I am currently trying in master.cf is: submission inet n - n

Re: Delivery Status Notification

@Ansgar Wiechars I tried to reply to your e-mail earlier today about HTML formatted e-mails out of courtesy but received the bounce below. I don't think I am mis-configured but if I am I'd love some help. I had a look at the rhsbl.ahbl.org list and it seems that this list is no longer active a

Re: Delivery Status Notification

17/04/2015 11:07, Ansgar Wiechers wrote: Hi Nick On 2015-04-16 Nick Howitt wrote: I tried to reply to your e-mail earlier today about HTML formatted e-mails out of courtesy but received the bounce below. I don't think I am mis-configured but if I am I'd love some help. I had a look at the

Re: Delivery Status Notification

block of addresses. My mx record points directly to my server. Regards, Nick On 16/04/2015 18:02, Nick Howitt wrote: @Ansgar Wiechars I tried to reply to your e-mail earlier today about HTML formatted e-mails out of courtesy but received the bounce below. I don't think I am mis-config

Assistance to protect from spam flood

Hi all, Until recently I did not receive too much spam and had it pretty-much under control. This week has gone mental. So far this week I have received 29860 connection attempts form {some_random_number}@qq.com to {the_same_random_number}@howitts.co.uk. I have a mail server and two backup MX

Re: Assistance to protect from spam flood

On 12/01/2019 11:43, John Fawcett wrote: On 12/01/2019 12:09, Nick Howitt wrote: Hi all, Until recently I did not receive too much spam and had it pretty-much under control. This week has gone mental. So far this week I have received 29860 connection attempts form {some_random_number}@qq.com

Re: Assistance to protect from spam flood

On 12/01/2019 14:23, Nick Howitt wrote: On 12/01/2019 11:43, John Fawcett wrote: On 12/01/2019 12:09, Nick Howitt wrote: Hi all, Until recently I did not receive too much spam and had it pretty-much under control. This week has gone mental. So far this week I have received 29860

Re: Assistance to protect from spam flood

On 12/01/2019 14:47, John Fawcett wrote: On 12/01/2019 15:23, Nick Howitt wrote: On 12/01/2019 11:43, John Fawcett wrote: On 12/01/2019 12:09, Nick Howitt wrote: Hi all, Until recently I did not receive too much spam and had it pretty-much under control. This week has gone mental. So far

Re: Assistance to protect from spam flood

On 12/01/2019 16:42, @lbutlr wrote: On 12 Jan 2019, at 07:52, Nick Howitt wrote: Unfortunately I don't have access to the MX Backup service. It is provided by my DNS provider. Honestly, you should not have an MX server outside of your control. If your server is routinely down for se

reject_unknown_reverse_client_hostname query

I have the follosing restrictions in main.cf: smtpd_client_restrictions = permit_mynetworks, reject_unknown_reverse_client_hostname smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipie

Re: reject_unknown_reverse_client_hostname query

On 24/03/2019 21:53, Wietse Venema wrote: Nick Howitt: I have the follosing restrictions in main.cf: smtpd_client_restrictions = permit_mynetworks, reject_unknown_reverse_client_hostname What is the output from "postconf mynetworks"? If the client matches

Re: reject_unknown_reverse_client_hostname query

On 24/03/2019 22:13, Viktor Dukhovni wrote: On Sun, Mar 24, 2019 at 09:00:24PM +, Nick Howitt wrote: [ Please avoid pasting "non-breaking space" characters into your email. It is tedious to have to convert these to ASCII. ] The header is below (x headers and DK

Is it possible to use header checks on multiple headers

I am receiving some not very nice spam and I was wondering if I could use as a single filter: To: contains mydomain From: is the same as To: (inside < and >) Return-Path: is not from my domain Or am I using completely the wrong tool for this? Thanks, Nick

Re: Is it possible to use header checks on multiple headers

On 13/04/2019 09:26, Andrey Repin wrote: Greetings, Nick Howitt! I am receiving some not very nice spam and I was wondering if I could use as a single filter: To: contains mydomain From: is the same as To: (inside < and >) Return-Path: is not from my domain Or am I using complete

Re: spam from own email address

On 23/04/2019 15:02, Ian Jones wrote: Hello, I am getting emails like the one below, in which the header from is my own address. The emails contain text in a jpg image and claims my account has been hacked and demands $1000 paid to a bitcoin account. I would like to find a way to reject email