Postfix with two certifikates and DANE

2020-01-31 Thread Stephan Seitz
Hi! Since I’m having now DNSSEC I want to use DANE as well. I have found Viktor’s article https://mailarchive.ietf.org/arch/msg/uta/SR2EKnnj8749AtVeIvjEEEXz7fg (about web.de) with other links. My postfix has two certificates/keys (RSA and ECDSA) from Let’s encrypt. It says in the article:

Re: Postfix with two certifikates and DANE

2020-02-03 Thread Stephan Seitz
On Fr, Jan 31, 2020 at 07:13:40 -0500, Viktor Dukhovni wrote: Would be nice if someone could help me. I think I'm someone... Thanks for your help. I have something to read now. Stephan -- |If your life was a horse, you'd have to shoot it.|

Re: are rsa certs/keys still needed/recommended for use in postfix? or can just ecc be relied on?

2020-06-04 Thread Stephan Seitz
On Mo, Jun 01, 2020 at 20:28:12 -0700, PGNet Dev wrote: for websites it seems that, for all practical purposes, ecc ssl certs are all that's needed anymore does the same hold true for smtp(d)? That depends. The AVM Fritzbox for example can only use RSA, so if your Fritzbox should send mail re

Re: The historical roots of our computer terms

2020-06-07 Thread Stephan Seitz
On So, Jun 07, 2020 at 14:32:37 -0400, micah anderson wrote: the color black has been always associated with the negative, and As long as the night is dark and black these words are considered negative. A dark room or a black room are always more negative than a light room. Many dangers in th

Re: The historical roots of our computer terms

2020-06-08 Thread Stephan Seitz
On Mo, Jun 08, 2020 at 07:52:34 +0200, Claus R. Wickinghoff wrote: What about redlist (stop) and greenlist (go)? Traffic lights are pretty international. They aren’t. As far as I know you have a blue light for go in Japan. Stephan -- |If your life was a horse, you'd have to shoot

Re: Enable IPv6 support in main.cf by default

2020-07-21 Thread Stephan Seitz
On Di, Jul 21, 2020 at 15:20:36 +0200, l...@ungleich.ch wrote: The change: /etc/postfix/main.cf: from: inet_protocols = ipv4 (DEFAULT: enable IPv4 only) to:inet_protocols = all(DEFAULT: enable IPv4, and IPv6 if supported) I don’t think this is a good idea. You’re right that m

Sending failure messages in separate mailbox

2020-07-27 Thread Stephan Seitz
Hello! If a user sends a mail and postfix can’t deliver it (user unknown, mailbox quota, etc.), this user gets the error message. Is it possible to configure postfix in such a way, that these error messages are going to a different mailbox? Many greetings, Stephan -- |If your

Mail delivery times: SASL vs permit_mynetwork

2020-09-01 Thread Stephan Seitz
Hello! I try to understand different mail delivery times. I have a script (phpmailer) that sends 500 mails to a remote mail server. The target address is a local /dev/null mailbox. The script uses SMTPKeepAlive = true; to keep the connection open. If my client IP is part of mynetworks the t

Re: Mail delivery times: SASL vs permit_mynetwork

2020-09-01 Thread Stephan Seitz
On Di, Sep 01, 2020 at 09:27:03 -0400, Wietse Venema wrote: Stephan Seitz: If my client IP is part of mynetworks the time for 500 mails is about 29 seconds. That's 5.8ms per delivery. If [not in mynetworks] the time is about 47 seconds. That's 9.4ms per delivery. Looks like yo

Re: Mail delivery times: SASL vs permit_mynetwork

2020-09-01 Thread Stephan Seitz
On Di, Sep 01, 2020 at 07:18:44 -0600, @lbutlr wrote: It could be as simple as the remote severing taking very slightly longer to process for reasons on its end (slower lookup into its tables from the secure ports, for example). I used port 25 for both tests, so that I could hope to avoid diff

Re: Mail delivery times: SASL vs permit_mynetwork

2020-09-01 Thread Stephan Seitz
On Di, Sep 01, 2020 at 07:46:26 -0600, @lbutlr wrote: Do you control the target server? If not, then you have no idea what Yes, I do control the server. This is a simple setup, no spamfilter or such things. And yes, besides the fact that in one case the sasl user is logged there aren’t any ot

Re: Mail delivery times: SASL vs permit_mynetwork

2020-09-01 Thread Stephan Seitz
On Di, Sep 01, 2020 at 12:59:05 -0400, Bill Cole wrote: Did you test by changing the value of $mynetworks and using the same source machine or are the SASL and $mynetworks sources physically different machines? No, of course it was the same machine. I’m very sorry, I thought that would be obv

Re: mysql lookup table and utf8

2016-09-15 Thread Stephan Seitz
On Thu, Sep 15, 2016 at 06:49:08AM -0400, Wietse Venema wrote: FYI, Postfix uses libmysqlclient. So what's up with not reading the default config file? Can it be the usual chroot problem? Stephan -- | Stephan Seitz E-Mail: s...@fsing.rootsland.net | | Public Keys:

Re: Supporting SSLv3 in Postfix 3.1.0

2017-01-27 Thread Stephan Seitz
On Fr, Jan 27, 2017 at 11:03:06 -0500, Michael D. Sofka wrote: Reloaded, and while postconf shows the new settings, postfix still does not support SSLv3. If you have a modern distribution it may be that the compiled openssl package has SSLv3 disabled. In this case postfix will never support S

Problems with header checks

2019-11-08 Thread Stephan Seitz
Hi! I’m using Debian 10 with postfix 3.4.5. Trying to solve the problem with non-Re subjects I have found a regex for header checks. So I have a „/etc/postfix/header_check.pcre” with: /eSubject:\s*((RE|AW|Aw|Antw|Antwort|RES|SV):\s*)+(.*)$/ REPLACE Subject: Re: $3 In main.cf: header_checks =

Re: Problems with header checks

2019-11-08 Thread Stephan Seitz
On Fr, Nov 08, 2019 at 01:44:53 +0100, Stephan Seitz wrote: Has anyone an idea how I can debug this further? Or why it is only sometimes working? I think I’ve found the problem. It happens if the subject has non-ASCII characters to the line looks like: =?UTF-8?Q?Aw=3A_Weinprobe_gut_=C3

Re: Problems with header checks

2019-11-08 Thread Stephan Seitz
On Fr, Nov 08, 2019 at 03:11:34 +0100, Jaroslaw Rafa wrote: If I understand the OP correctly, he is trying to solve the problem of e-mail clients using other prefixes instead of "Re:" for replies (for example "AW:" or "Odp:" - these are among a few I encountered myself). When you exchange emails

Re: Problems with header checks

2019-11-11 Thread Stephan Seitz
On Fr, Nov 08, 2019 at 03:31:05 +0100, Jaroslaw Rafa wrote: But in that case probably LDA is the best place to do such change. Some time ago I was doing something similar via procmail. Yes, I could do the same with procmail. But procmail will probably like postfix use the encoded subject, so I

Re: Problems with header checks

2019-11-18 Thread Stephan Seitz
On Fr, Nov 08, 2019 at 03:31:05 +0100, Jaroslaw Rafa wrote: But in that case probably LDA is the best place to do such change. Some time ago I was doing something similar via procmail. I found a great program for procmail: https://fex.belwue.de/fstools/#aw2re It fixes the subject and can remov

[pfx] Re: disable authentication on port 25

2024-05-24 Thread Stephan Seitz via Postfix-users
Am Fr, Mai 24, 2024 at 20:48:16 +0800 schrieb Northwind via Postfix-users: ehlo localhost.localdomain 250-mx.domain.xyz 250-PIPELINING 250-SIZE 250-VRFY 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250-DSN 250 CHUNKING no AUTH was there. so it should be working. :) Carefull, if y

[pfx] Re: disable authentication on port 25

2024-05-24 Thread Stephan Seitz via Postfix-users
Am Fr, Mai 24, 2024 at 15:12:31 +0200 schrieb Benny Pedersen via Postfix-users: Stephan Seitz via Postfix-users skrev den 2024-05-24 15:01: Carefull, if you have „smtpd_tls_auth_only = yes” (I think), then you’ll see AUTH after STARTTLS… port 25 must not be tls only I didn’t say that, but

[pfx] Re: Process and deliver email but return error to the client?

2024-09-20 Thread Stephan Seitz via Postfix-users
Am Fr, Sep 20, 2024 at 20:37:10 +0200 schrieb Gerald Galster via Postfix-users: That is probably because your mailserver's ip reputation has not been reset by t-online. Have you ever contacted What do you mean with reset? T-Online refused to accept mails from servers using our own IP ranges wi

[pfx] Re: Questions about relayhost

2025-03-06 Thread Stephan Seitz via Postfix-users
Am Mi, Mär 05, 2025 at 13:30:07 -0500 schrieb Wietse Venema via Postfix-users: If you have more than one, how is the host chosen? Always the first until it fails? Or always randomly? In the specified order. Using multiple relayhosts is rare, using them randomly even rarer. Strange. If you hav

[pfx] Questions about relayhost

2025-03-05 Thread Stephan Seitz via Postfix-users
Hello! According to the manpage relayhost can have more than one host. If you have more than one, how is the host chosen? Always the first until it fails? Or always randomly? Can I configure Postfix to use the relay hosts randomly? Many greetings, Stephan -- |If your life was a