Hi there
I wonder if the following is possible: can postfix add a header with a
dynamic value? My goal would be to add a header with the current unix
timestamp on the edge system and then check that header against current
time on last system in the delivery chain.
Have a good one
tobi
the header via the milter app then :-)
Cheers
tobi
On 23/03/2023 13:27, Matus UHLAR - fantomas via Postfix-users wrote:
Dnia 23.03.2023 o godz. 12:48:36 Tobi via Postfix-users pisze:
I wonder if the following is possible: can postfix add a header with
a dynamic value? My goal would be to add a
Hello
we use the "new" feature for the mitigation of the SMTP smuggling via
> smtpd_forbid_bare_newline = yes
in main.cf and wanted to ask if it would be possible to log more
information upon such a reject
> bare received after DATA (0 bytes) from mail-
m121165.qiye.163.com[115.236.121.165]
W
Hi
I wonder if it is possible in postfix client to enforce usage of TLS
based on sender. Just like in smtp_tls_policy_maps but based on sender
of the message and not on rcpt or nexthop. The only way I can see so
far is to setup another postfix instance with smtp_tls_security_level =
encrypt and us
we want it :-)
Have a nice weekend
tobi
On Fri, 2024-04-26 at 01:46 -0400, Viktor Dukhovni via Postfix-users
wrote:
> On Fri, Apr 26, 2024 at 07:21:24AM +0200, Tobi via Postfix-users
> wrote:
>
> > Or would it be possible to use a sender_dependent_relayhost_maps
> > an
Hi list
maybe someone has a good idea :-)
I'm looking for a way to reliably determine how long a message sits in
active queue. Currently I use postqueue -j and pipe it to jq, get only
hits from queue_id==active and then get arrival time, sort it by
arrival time, take the oldest and calculate the
Victor,
On Mon, 2024-12-09 at 19:46 +1100, Viktor Dukhovni via Postfix-users
wrote:
> On Mon, Dec 09, 2024 at 08:28:55AM +0100, Tobi via Postfix-users
> wrote:
>
> > since this weekend we have the issue that our postfix seems to be
> > unable to verify TLS certs presented
Hi Victor
think you push my to the right path :-)
On Mon, 2024-12-09 at 22:51 +1100, Viktor Dukhovni via Postfix-users
wrote:
> On Mon, Dec 09, 2024 at 12:03:02PM +0100, Tobi via Postfix-users
> wrote:
>
> > > Is that preventing mail delivery, or just noise in the logs?
>
Hello list
since this weekend we have the issue that our postfix seems to be
unable to verify TLS certs presented by Microsoft. We get
> Server certificate not verified
all over the postfix logs. Manually testing shows the same
> openssl verify -verbose <(echo | openssl s_client -connect
52.101
policy for Microsoft.
Thanks @Victor for your support
Cheers
tobi
On Mon, 2024-12-09 at 22:51 +1100, Viktor Dukhovni via Postfix-users
wrote:
> On Mon, Dec 09, 2024 at 12:03:02PM +0100, Tobi via Postfix-users
> wrote:
>
> > > Is that preventing mail delivery, or just
ed only check the TXT record's version "id"
> against the cached value.
Again a good argument for "mta-sts" is stupid and DANE should always be
preferred :-)
Cheers
tobi
On Tue, 2024-12-10 at 14:30 +1100, Viktor Dukhovni via Postfix-users
wrote:
> On Mon, Dec 09,
I know that this is not a postfix issue, but I have the hope that
someone from DHL is on this list :-)
It looks like that DHL (and possibly many other DHL related domains)
messed with their DNSSec. With NSEC3 to be more precise
If checking the csync the following is returned
> dig dhl.com csync
Hi there
I guess the answer will be "not possible" but maybe (hopefully) I'm
wrong :-) I'm looking for a way to achieve the following: if postfix
smtp client cannot establish a TLS connection to MX host then we want
to change nexthop **and** add a suffix to the subject. The goal is to
route back t
Hi list
we have an issue with mail delivery. We use tlspol to tell postfix if
mta-sts or DANE should be used for a recipient domain. Now we have the
case that a rcpt domain has 3 MX records. The first one with prio 0 has
**no** TLSA records but the other two (prio 10 and 20) have proper TLSA
recor
On Thu, 2025-01-16 at 08:33 -0500, Wietse Venema via Postfix-users
wrote:
> Tobi via Postfix-users:
> > Hi list
> >
> > we have an issue with mail delivery. We use tlspol to tell postfix
> > if
> > mta-sts or DANE should be used for a recipient domain. Now we
15 matches
Mail list logo
