connections from ipv4 localhost logged as unknown[127.0.0.1]

Hi, After setting up postfix up on a ipv4/ipv6 dualstack machine I'm seeing the following issue: connections on 127.0.0.1 (where my content_filter re-injects mail) are logged as: 010-01-13T22:51:07+01:00 meredith-vmail postfix/smtpd[4772]: warning: 127.0.0.1: address not listed for hostname ip6-l

Re: connections from ipv4 localhost logged as unknown[127.0.0.1]

Wietse Venema wrote: > Tom Hendrikx: >> Hi, >> >> After setting up postfix up on a ipv4/ipv6 dualstack machine I'm seeing >> the following issue: connections on 127.0.0.1 (where my content_filter >> re-injects mail) are logged as: >> >> 010-01-1

Re: OT: Alternative for Spamassassin

Michael Reck wrote: > I`m looking for a SA replacement in an large scale enviroment. > DSPAM seems to use filesystem (--with-userdir=) for various functions > which is not what i want. dspam also needs per user activation. Your assumptions about Dspam are wrong. Using --with-userdir is optional,

Re: Sending email from a pool of IP addresses

David Michard wrote: > we are having more and more problems with > very conservative SMTP servers enforcing a low number of simultaneous > connections from a single IP address. Our subscribers wish to receive > their email as soon as possible so delaying the email for a few hours > is not an option

Re: Mail to wildcard MX records doesn't work from Yahoo Mail, but fine from other addresses

Bob Eastbrook wrote: > NOQUEUE: reject: RCPT from > web81307.mail.mud.yahoo.com[68.142.199.123]: 554 5.7.1 > : Relay access denied; > from= to= proto=SMTP > helo= > This says that the yahoo user tries to send mail addressed to b...@myapp.appspot.com, not to b...@example.org. Your mail server is

Re: Outgoing Approval Queue - Yes This is a Dumb Idea

Zachary Burns wrote: > I have a company controller that loves to micro-manage people and > unfortunately loves to do it with software instead of dealing with the > people problem...but anyway I'm getting off on a rant > > Is there a way to have postfix queue outgoing mail until he reviews it a

Re: Stopping spam from a specifig subnet (relayed through a freemail provider)

On 06/05/10 10:58, Louis-David Mitterrand wrote: > On Wed, May 05, 2010 at 01:44:54PM -0400, Brian Evans - Postfix List wrote: >>> You could try this in /etc/postfis/header_checks >>> >>> if >>> /^(Received|X-((Origin(ating)?|Client|MDRemote|Sender)-?IP|(Client|Remote_)Addr|PHP-Script)):

Re: fail2ban for spamtraps

On 23/06/10 16:28, Phil Howard wrote: > On Tue, Jun 22, 2010 at 16:46, Michael Orlitzky wrote: > >> A word of caution: don't assume that everyone browses the web using a >> graphical web browser. People still browse from the command line, and more >> importantly, screen readers for the disabled.

Re: Negation in header_checks doesn't work as expected?

On 14/07/10 06:11, Hendra . wrote: > Hi All, > > I'm new to postfix as well as to this mailing list, so I apologize in > advance for any blunder ;) > > Need some expert advice on what I'm trying to achieve but encountered > a major roadblock so far. > I need a mail server with a catch-all address

Temporarily disable mail acceptance

Hi, To do some maintenance work, I need to temporarily disable mail acceptance in my postfix MX. I'm curious what is the best way to do this. The 2 (obvious) options I came up with: 1) stop listening on tcp/25, f.i. by firewall adjustment 2) adding some access check in smtpd_mumble_restrictions

Re: Reject unencrypted messages

On 06/01/11 20:06, IT geek 31 wrote: > I am talking about the mail content, and I'm using S/MIME. > > Yes, I'm sure the accountant will never send me unencrypted mail. > > Thanks, > > > > On 6 January 2011 14:25, Ansgar Wiechers wrote: >> On 2011-01-06 IT geek 31 wrote: >>> My accountant and

Re: [Q] smtpd: warning: n.n.n.n: address not listed for hostname smtp.academicjobseu.com

On 15/02/11 13:18, J4K wrote: > > Hi, > > I just watched an IP address fail to be correctly resolved back to > the A record. I could resolve the IP with the the same DNS on the same > server myself. > > These connection from a server is recorded by postfix as unknown for > 212.89.81.105, ye

Re: Problems with postfix while sending emails

On 15/03/11 15:10, Wietse Venema wrote: > Rafael Azevedo: > [ Charset ISO-8859-1 unsupported, converting... ] >> Hi Wietse! >> >> Thanks again for helping me! >> >> Here is the postfix log: >> >> # SLOW DOMAIN >> Mar 15 10:37:46 mxcluster postfix/smtpd[22804]: connect from >> srv01.iagentemail.com.

Re: Accepting only bona fide "plus" addresses

On 27/04/11 18:52, Jerry wrote: > I am in the process of setting up a mail system with plus addressing. > Presently it is using Dovecot with sieve to filter the mail. What I > want to do is limit the number of "plus" addresses that are accepted. > > Example: > > Employees: Tom, Joe, Jane > > An

Re: Postfix rejecting all incoming emails sent from outside localhost

On 30/07/11 12:29, Miguel Guedes wrote: > Hi, > > I've recently followed a guide I found online [1] and installed Postfix and > Courier on my server machine. I can send emails from the server to any email > address but unfortunately I can only receive emails sent from the server - > it's only a

Re: Relay transport works, then stops

On 26/08/11 22:16, lance raymond wrote: > > My transport file looks like this; (one example) > members...@domain.com > smtp:[ASPMX.L.GOOGLE.COM ]:25 > > When postfix was started and happy, an example looked like this; > > pwsdata postfix/

Re: Unable to send e-mail

On 19/10/11 15:30, Tolga wrote: > > > On 10/19/2011 04:01 PM, Reindl Harald wrote: >> >> Am 19.10.2011 14:57, schrieb Tolga: >>> Oct 19 15:40:01 vps postfix/pickup[3517]: 5DBFA4100B2B: uid=1005 >>> from= >>> Oct 19 15:40:01 vps postfix/cleanup[3575]: 5DBFA4100B2B: >>> message-id=<20111019124001.5

Re: Using Spamassassin as content filter

On 19-10-11 17:33, Daniele Nicolodi wrote: > On 19/10/11 16:01, Kris Deugau wrote: >> Daniele Nicolodi wrote: >>> Sieve can not call external programs, therefore I do not know ho to hook >>> Spamassassin there, and, furthermore, I would like to avoid to have to >>> setup things for each user. >> >>

Re: Using Spamassassin as content filter

On 19-10-11 18:54, Daniele Nicolodi wrote: > On 19/10/11 18:46, Tom Hendrikx wrote: >> Actually, there is an experimental extension for dovecot sieve that >> allows piping to external commands, but with a quite secure design >> (sysadmin controls which commands are available

Re: Postfix MX selection

On 12/29/2011 01:00 PM, Stan Hoeppner wrote: On 12/29/2011 5:23 AM, Thomas Bange wrote: Hi, I have a mail stuck in my mail queue. The Mail should be delivered to some.u...@some-domain.de. Looking up MX records for the domain gives me: # host -t mx some-domain.de some-domain.de mail is handled

Re: AW: forcing MX lookups

On 16-02-12 23:52, Dipl.-Ing. Juergen Ladstaetter wrote: > Thank you both very much. That input was very good and I might rethink the > strategy we're aiming at. Probably active DNS checks and periodic re-checks > are better to ensure some security. Thanks guys > Checking DNS at input time would

Re: AW: forcing MX lookups

On 21-02-12 20:06, Ed W wrote: > On 16/02/2012 23:07, Tom Hendrikx wrote: >> On 16-02-12 23:52, Dipl.-Ing. Juergen Ladstaetter wrote: >>> Thank you both very much. That input was very good and I might >>> rethink the >>> strategy we're aiming at. Proba

Re: postfix REGEX bug ???

On 29/03/12 10:51, Женя wrote: > I'm using postfix (2.7.0 on Ubuntu Linux 10.04.3) as mail relay and > antispam filter. It's set up and works perfectly except one small > bug. I use smtpd_client_restrictions to filter SMTP clents as > following: > > smtpd_client_restrictions = permit_mynetworks,

Re: Autoresponse for Postfix problem

On 13-04-12 20:24, J Gao wrote: > > We have a Postfix mail server (CentOS 5.7, Postfix, Courier, Virtual > Domain, MailScanner) and I want setup the autoresponder for Postifx. > > I followed the instruction on > http://nefaria.com/project_index/autoresponse/ > > I looked the maillog and I found

Re: Autoresponse for Postfix problem

On 13-04-12 20:47, J Gao wrote: > On 12-04-13 11:35 AM, Tom Hendrikx wrote: >> On 13-04-12 20:24, J Gao wrote: >>> We have a Postfix mail server (CentOS 5.7, Postfix, Courier, Virtual >>> Domain, MailScanner) and I want setup the autoresponder for Postifx. >>&g

Re: Exploring conditional local log and external firewall control. Best practices?

On 02-05-12 19:53, kar...@mailcan.com wrote: > > My recently installed Postfix works as I'd hoped; I moved it into full > production as our corporate server yesterday. > > There's one annoyance, and I admit that's all it is, that I'd like to > get rid of. *Noisy* pests. They irritate me. > > I

Re: need some OT help

On 02-05-12 22:45, ghe wrote: > > I've asked on several lists, googled, and read books. I can't figure out > what's going on. I thought the lack of rhost= indicated one of my monit > monitors. So I turned them all off, and the entries came right in. > Sorry for being an arse, but I fail to see

Re: RV: problems again

On 7/19/12 10:52 AM, Tomas Garijo (Click) wrote: > > > Hi to all I am Thomas. > > Here I have the same problem > > I have installed a new server this server ip other I is not a gateway, > not connect with Exchange, is a SMTP Server with mail box in it, I send > mail via roundcube > > I s

Re: Mapping one domain to another (mysql)

On 8/6/12 2:28 PM, Benny Pedersen wrote: > Den 2012-08-06 12:03, email builder skrev: > >> This causes a bounce instead of reject. Do I have to add a clause for >> this to my query? I start to feel like I'm doing things Postfix should >> be doing. There must be a more simple way to do this? > > p

Re: Mapping one domain to another (mysql)

On 8/7/12 8:58 PM, email builder wrote: >>> Probably the best lesson to learn from postfixadmin is: you can >>> have > >>> more than one lookup table in postfix per main.cf directive. >>> Postfixadmin uses 2 separate queries for "regular" aliases and >>> domain aliases. >>> >>> from main.cf: vi

Re: Mapping one domain to another (mysql)

On 8/8/12 11:27 AM, email builder wrote: > query = select if ('%d' = 'example-2.com', > IFNULL((select dest from aliases where addr = '%u...@example.com'), (select addr from users where addr = '%u...@example.com')), NULL) I've found that in conjunction with a 2nd qu

Re: MX vs A records

On 10/17/12 10:05 AM, Tom Kinghorn wrote: > On 11/10/2012 14:48, Wietse Venema wrote: >> Tom Kinghorn: >>> check_sender_ns_access type:table >>> Search the specified access(5) database for the DNS servers for >>> the MAIL FROM address, and execute the corresponding action. >>> Note: a r

Re: Learning how to respecth REPLY-TO headers

On 12-01-13 15:59, Reindl Harald wrote: > > but as said - there are a lot of mailing-lists out there which are > configured by morons where this all does not work as it should or > is destroyed because many users on other lists are doing permanently > "reply-all" and if your server is configured l

Re: using cidr notation in client_access

On 12-01-13 17:39, LEVAI Daniel wrote: > On szo, jan 12, 2013 at 14:11:12 +0100, Bastian Blank wrote: >> On Sat, Jan 12, 2013 at 01:51:26PM +0100, LEVAI Daniel wrote: >>> How should I put this... My question is not in regards to how to store >>> IP networks (w/ CIDR postfix) in PostgreSQL; this is

Re: postfix stopped relaying after client changed IP address

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/29/2013 11:43 AM, M. Fioretti wrote: > > which looks like postfix on the SERVER was not aware that now > 2.39.122.159 IS in mynetworks. Why? Any help to figure out what is > happening is > myn

Re: possible localhost dns spoof attack

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 02/26/2013 11:32 AM, Jamie wrote: > Hi > > Earlier today I noticed a spammer using my Postfix server as a > relay to send out spam. This was puzzling because i had all > requisite anti relay host settings applied. Further, it was > particularly ala

Re: LDA understanding

On 03/14/2013 05:07 PM, Kris Deugau wrote: > Jerry wrote: >> Personally, I have no idea why anyone uses "procmail". For relatively >> fine grain sorting of mail upon delivery, I use Dovecot and Sieve. From >> what I can ascertain, procmail hasn't even been maintained in over a >> decade. > > Sieve

Re: Postfix 2.8.x anti anti backscattering settings

On 04/19/2013 12:07 AM, Stan Hoeppner wrote: > On 4/18/2013 4:26 AM, Mikael Bak wrote: >> Hi Josef, >> >> On 04/18/2013 11:06 AM, Josef Karliak wrote: >>> Good morning, >>> our outgoing smtp server gets into a backscatter blacklist. When I >>> checked my logs, there were only one mailer daemon

Re: Reject mails based on headers (comparing envelop mailfrom and body from)

Hi Abhijeet, you might be interested in DMARC, a relatively new technique that tries to do what you want: attach validation rules based on the From header. See dmarc.org for details. Tom On 05/07/2013 05:06 PM, Abhijeet Rastogi wrote: > Hi Noel, > > Thanks for your reply. I already have spam

Re: question about postfix queue scheduler

On 06/04/2013 01:22 PM, Antonio Gutiérrez Mayoral wrote: > Hi Wietse, > > Yes, its a solution, but these emails should be delivered in > bussines-time :-( > (it doesnt matter if it takes 2 hours... but in bussiness time...) > > thank you so much! > You could run a script as a cronjob that queue

Re: Problem with transport setup

On 10-06-13 21:30, Patrick Lists wrote: > On 06/10/2013 09:14 PM, Wietse Venema wrote: >> Patrick Lists: >>> Jun 10 20:19:11 test postfix/smtpd[13975]: NOQUEUE: reject: RCPT from >>> localhost[::1]: 550 5.1.1 : Recipient address >>> rejected: User unknown; from= to= >>> proto=ESMTP helo= >> >> To f

Re: postfix munin graphs

On 06/19/2013 10:03 AM, Grant wrote: >> I think I need to tell munin where my postfix logs are >> (/var/log/mail/current) since I use metalog. How can I do that? >>> >>> Instead of searching online, use the built-in pod based format, e.g.: >>> >>> $ munindoc postfix_mailstats >> >> You jus

Re: Blacklist IP with a reject message

On 06/26/2013 08:11 AM, Abhijeet Rastogi wrote: > Hi all, > > Straight to the point, I ban IPs using fail2ban based on 4 jails. The > reasons vary from bruteforce sasl login attacks from specific IPs to > number of attempts to send suspect/confirmed spam mails. Right now, > there is a iptables rul

Re: smtpd optional authentication and relay

On 07/05/2013 04:07 PM, Viktor Dukhovni wrote: > On Fri, Jul 05, 2013 at 10:00:02AM -0400, W T Riker wrote: > >> Thanks for that explanation. I think I understand the way it works now >> so I modified my restrictions a bit. Does this order pass the sniff test? >> >> smtpd_recipient_restrictions =

Re: default_milter_action

On 10/24/2013 08:39 AM, Roland de Lepper wrote: > Hi , > > The connection between Postfix and the archive is over SMTP. > > In my example with the smtpd_milter, will the email also go to the hold > queue if only one archive connection is down? > Or will it deliver the email to the archive which i

Re: default_milter_action

server must have the same Ip-address. Or do I > mis something? > > Roland > > > On Thu, Oct 24, 2013 at 2:37 PM, Tom Hendrikx <mailto:t...@whyscream.net>> wrote: > > On 10/24/2013 08:39 AM, Roland de Lepper wrote: >> Hi , >> >> The connection

Re: Use of smtpd_reject_unlisted_sender

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 20-12-13 20:54, Bernardo Pons wrote: > On these days where theft of credentials of legitimate e-mail > server users in order to send spam checking the MAIL FROM: using > smtpd_reject_unlisted_sender would be a helping Postfix feature. > > Perhap

Re: Forward secrecy

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 23-12-13 15:40, Wietse Venema wrote: > nanotek: >> Still, might be a good time to create my own CA and upgrade to >> 4096 bit keys/certificates using SHA512 algorithms and make use >> of some Diffie-Hellman ephemeral elliptic curve parameters for

Re: Forward secrecy

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 23-12-13 18:30, Viktor Dukhovni wrote: > On Mon, Dec 23, 2013 at 05:49:40PM +0100, Tom Hendrikx wrote: > >>> I am still fixing it for clarity, but it should be accurate. >>> Feedback is welcome. >>> >

Re: Forward secrecy

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 23-12-13 18:40, Wietse Venema wrote: > Viktor Dukhovni: >> On Mon, Dec 23, 2013 at 05:49:40PM +0100, Tom Hendrikx wrote: >> >>>> I am still fixing it for clarity, but it should be accurate. >>>> Feedback i

Re: Request for data points: DANE-enabled receiving domains

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 25-04-14 17:00, Viktor Dukhovni wrote: > On Fri, Apr 25, 2014 at 02:35:55PM +, Eray Aslan wrote: > >>> $ tlsagen cert.pem $(uname -n) DANE-EE PKEY SHA2-256 >>> _25._tcp.mail.example.com IN TLSA 3 1 1 {hex string} >> >> For the record, looks

Re: Understanding postscreen timeouts

On 05/02/2014 03:15 AM, Alex wrote: > Hi, > > On Thu, May 1, 2014 at 5:38 PM, Wietse Venema > wrote: > > Alex: > > I'm using postfix-2.10.3 with fedora20 and have configured > postscreen with > > spamhaus, barracuda, and a few other DNSBLs. I'm howeve

Re: SPF and leboncoin.fr vs sfr.fr

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 28-05-14 17:11, Daniele Nicolodi wrote: > Hello, > > this question is not strictly related to Postfix but I don't know > where else I may find knowledgeable people to ask about the issue. > > leboncoin.fr is classifieds website and it offers the

Re: header_checks and REPLACE

On 08/11/2014 01:00 PM, li...@rhsoft.net wrote: > Hi > > http://www.postfix.org/header_checks.5.html > > RULE: /X-Virus-Scanned/ REPLACE X-Virus-Scanned: Yes > BEFORE: X-Virus-Scanned: clamav-milter 0.98.4 at testserver.rhsoft.net > NOW:X-Virus-Scanned: Yes > > so far, so nice > __

Re: header_checks and REPLACE

Hi, you already did this, but I'll point you to the correct chapter anyway: RTFM :) http://spamassassin.apache.org/full/3.4.x/doc/Mail_SpamAssassin_Conf.html#scoring_options You could probably do everything you want with REPLACE and backreferences in the regular expressions too, but why complica

Re: Postfix with Kibana, help with configuration?

On 27-10-2021 07:43, raf wrote: On Tue, Oct 26, 2021 at 02:01:11PM -0300, SysAdmin EM wrote: Hello everyone? Has anyone correctly configured kibana to read postfix logs? I read this documentation, but in kibana 7 not work for me. https://github.com/whyscream/postfix-grok-patterns postfix_

Re: milter_default_action=accept not honored

Hi, In http://opendkim.org/opendkim.conf.5.html there are several error conditions defined, with the default actions for them, for instance "On-SignatureError", "On-KeyNotFound". Ar least some conditions default to tempfail. Configure the milter correctly and you should be fine. Kind regards

Re: Rejecting emails based on address extension?

On 09-04-2020 01:01, @lbutlr wrote: Given an email address of user+ama...@example.com how can I reject all emails to that address that do not come from amazon.com? I think I did something like this once but if I did, I didn’t keep notes. :/ A slightly different take on this: I'm using addr

Re: Rejecting emails based on address extension?

On 10-04-2020 18:09, Fred Morris wrote: I didn't follow this to begin with, apologies. On Fri, 10 Apr 2020, Tom Hendrikx wrote: On 09-04-2020 01:01, @lbutlr wrote:  Given an email address of user+ama...@example.com how can I reject all  emails to that address that do not come

Re: Sender restriction to reject message with multiple from addresses

On 07-10-2020 02:27, Pau Peris wrote: I'm hosting my dad's webpage which has a contact form (which should be improved to avoid spam and/or bots) and from time to time someone types multiple email addresses in the from field of the form so contact emails with multiple from addresses like "from: h.

Re: Recommended milters for small setup

On 15-10-2020 17:19, Ian Evans wrote: The long story short is that due to dealing with family medical issues over the past few years, my Combo web/postfix server is still on Ubuntu 14.04. In a couple of months I will have some time to upgrade. Instead of risking an in place upgrade, I am goin

Re: How do I stop getting multiple copies of emails from "always_bcc" option?

On 05-03-2021 09:41, Steve Dondley wrote: You may also have disabled recipient duplication. We will never knwo unles yo reveal yur configration as described in http://www.postfix.org/DEBUG_README.html#mail. I've been looking at this a lng time tonight. Despite my best efforts, I did not

Re: Clients Sending Phantom Email

On 28-04-2021 22:41, Wietse Venema wrote: Asai: Greetings, We are getting reports, more and more, of email clients (Type App, Mac Mail, iOS Mail) that seem to send email, and show that the email has been sent on the client, but the mail server has no record of email ever reaching the SMTP se

Re: DSpam and Postfix

On 13-10-15 18:47, Phil Stracchino wrote: > On 10/13/15 12:40, Viktor Dukhovni wrote: >> Keep in mind that wildcard virtual(5) aliases can also break >> recipient validation. Any "@domain" keys in the tables for alias_maps >> or virtual_alias_maps? > > Nope, none. There are @domain keys in rel

Re: Throttling locally generated email

Hi, You might want to 'replace' the postfix sendmail command with mini_sendmail or something alike, and have that actually forward to localhost:25 using SMTP. Then you can apply throttling on the localhost ip, but lose the ability to see which local user was the source. Tom On 11-11-15 08:41, B

Re: reject connections from hosts without mx record

On 09-12-15 17:46, sb wrote: > > In what follows, "(secure)" means authenticated DNSSEC response, > "(insecure)" means spoofable DNS response. > >> ... Received: from spike.porcupine.org (spike.porcupine.org >> [IPv6:2604:8d00:189::2]) by english-breakfast.cloud9.net >> (Postfix) with ESMTP id

smtp-sink does not support all ipv6 addresses?

Hi, I'm trying to setup a test environment using smtp-sink as a mail receiver. For ipv4 I'm running smtp-sink on random addresses in 127.0.0.0/8, and was looking for the same trick on ipv6. My OS allows me to (ab)use :::0:0/96 for this, but unfortunately, smtp-sink does not: $ smtp-sink -v :

Re: smtp-sink does not support all ipv6 addresses?

On 04-01-16 18:58, Wietse Venema wrote: > Tom Hendrikx: >> >> Hi, >> >> I'm trying to setup a test environment using smtp-sink as a mail >> receiver. For ipv4 I'm running smtp-sink on random addresses in >> 127.0.0.0/8, and was looking for the

Re: Can anyone decipher this Policyd-spf error?

Hi, As the ticket says, the error is caused by handling ipv6 addresses. When you hit any troubles later, you could look into disabling ipv6 :/ Regards, Tom On 05-02-16 00:08, Danny Horne wrote: > Thanks for both replies, > > I've just checked and I'm running python-ipaddr 2.1.9, with no

Re: 3.0.3: "mynetworks" values are busted and missing ipv6 info

On 09-02-16 12:14, Wietse Venema wrote: > Quanah Gibson-Mount: >> --On Monday, February 08, 2016 8:00 PM -0500 Wietse Venema >> wrote: >> >>> Quanah Gibson-Mount: In Postfix > 3.0.x, the value from postconf mynetworks returns incorrect netmask values, and it is missing IPv6 entirely:

Re: Milter not to all messages

On 11-03-16 15:48, Alfredo Saldanha wrote: > Is there some way to use milter check in a type of conditional ? > In my situation here, it can not be mandatory to each message. > I'm asking this because some users here want to receive all messages without > Spam verification. > > Part of my main.cf

[OT] Re: Is /usr/bin/mail a link to sendmail/postfix

On 14-03-16 17:05, @lbutlr wrote: > On Mar 13, 2016, at 9:06 AM, Robert Chalmers > wrote: >> Nice hardware, but the software is really recycled FreeBSD. say >> what? > > This should not be news. One of the reasons I chose FreeBSD for my > servers was because I wouldn’t have to change modes betwee

pflogsumm patch: SRS unmunging

Hi postfix users, Ever since I added SRS to my mail setup, reading daily pflogsumm reports got a lot harder since most senders were changed to SRS addresses. This also threw off statistics since multiple sender addresses were used when actually the sender was the same. Attached is a patch for pfl

Re: Special method required for Gmail dkim/spf verification

On 13-04-16 01:54, li...@lazygranch.com wrote: > Google sent me a "fail" on my DMARC. Everyone else seems happy. It > turns out much like Google not accepting robots.txt for some search > engines controls, they expect special fields in their DNS. > > https://support.google.com/mail/answer/62271

Re: Test DANE

Hi, I have been playing around with the dane check tool from sys4 too, and it seems it doesn't support the nice CNAME trick shown in https://community.letsencrypt.org/t/please-avoid-3-0-1-and-3-0-2-dane-tlsa-records-with-le-certificates/7022 The tool does not seem to follow the CNAME pointer, and

Re: Test DANE

On 06-06-16 20:26, Tom Hendrikx wrote: > On 06-06-16 17:46, Viktor Dukhovni wrote: >> On Mon, Jun 06, 2016 at 05:31:49PM +0200, Tom Hendrikx wrote: >> >>> I have been playing around with the dane check tool from sys4 too, and >>> it seems it doesn't support t

Re: Test DANE

On 06-06-16 17:46, Viktor Dukhovni wrote: > On Mon, Jun 06, 2016 at 05:31:49PM +0200, Tom Hendrikx wrote: > >> I have been playing around with the dane check tool from sys4 too, and >> it seems it doesn't support the nice CNAME trick shown in >> https://community.let

Re: simple greylisting by geoip? milter or policy server?

On 15-06-16 02:21, Allen Coates wrote: > > > On 14/06/16 23:31, list...@tutanota.com wrote: >> >> 14. Jun 2016 15:01 by njo...@megan.vbhcs.org >> : >> >> Is there some way to integrate the GeoIP dbs with postscreen? >> >> >> No, at least not easily. >>

Logging for 'too many hops' issue

Hi, We're currently in the process of parsing postfix logs into something that is suitable for end users. After covering lots of basic errors, we are working through some edge cases. Since we use customer provided data for relaying mail, there is a possibility that something gets mis-configured an

Re: Logging for 'too many hops' issue

On 09/18/2014 03:22 PM, Wietse Venema wrote: > Tom Hendrikx: >> We're currently in the process of parsing postfix logs into something >> that is suitable for end users. After covering lots of basic errors, we >> are working through some edge cases. Since we use cus

Re: Logging for 'too many hops' issue

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 18-09-14 17:28, Wietse Venema wrote: > Tom Hendrikx: >>>> However, it seems that the error message is only sent in the >>>> smtp dialog (554 5.4.0 Error: too many hops), postfix logging >>>> does not

Testing DANE-enabled smtp client

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, I configured my mailserver to use DANE for outbound mail whenever possible, but I am having a hard time in verifying that this actually works. When I use posttls-finger from the machine, it indicates "Verified TLS connection established" when i

Re: Testing DANE-enabled smtp client

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 14-11-14 22:27, Viktor Dukhovni wrote: > On Fri, Nov 14, 2014 at 10:01:02PM +0100, Tom Hendrikx wrote: > >> One notable difference between posttls-finger and postfix (as >> described in the documentation) is that postfix wou

Re: Testing DANE-enabled smtp client

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 15-11-14 00:00, Viktor Dukhovni wrote: > On Fri, Nov 14, 2014 at 10:58:08PM +0100, Tom Hendrikx wrote: > >> Nov 14 22:55:56 hostname postfix-out/smtp[11505]: Verified TLS >> connection established to mail.sys4.de[2001:1

Re: postscreen feature request

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi, If you want to block more DUL ip blocks, the easiest way is probably to use some upstream DUL DNSBL providers, and use rbldnsd to create your private DNSBL to provide your own additions. There also is a community-maintained pcre file for smtpd

Re: RegExp help

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 14-05-15 12:48, Barbara M. wrote: > > I am trying to use regexp to block mails from specific domains to > specific users (and let other users receive it). > > I need to merge (logical AND operator), something like: > > /^From:.*\@.*domainsourc

Re: Where are bounce messages for milters configured?

On 11-03-17 15:17, Den1 wrote: > Since Linda brought it up I thought I would pop in as well. That's exactly > what I tried to configure too but in spamass-milter in combination with > Postfix. It's working OK but always says this, > > 5xx Reject milter > END-OF-MESSAGE

Re: Specify VPN for postfix

On 01-08-17 16:46, Wietse Venema wrote: > Yubin Ruan: >> Can anyone tell me how to point postfix to a VPN connection? I have >> setup a VPN listening at background on my Ubuntu and I want to point >> postfix to that listening port whenever postfix try to connect to the >> internet. > > Wietse: >

Re: Outbound address rewriting

On 19-04-18 23:26, Kevin Miller wrote: > -Original Message- >> I think in this case both domains are remote, in which case the >> bounce issue may be moot. Only users authorized to send outbound >> mail can create email for the destination in question, and the >> goal is to "correct" the d

Re: spamming mailbox ?

On 14-06-18 15:27, Poliman - Serwis wrote: > I check the mail queue and the logs and this time I found some strange > thing. I used command "grep -r "emailemailemail.com > " /var/log/mail.log" and result is in > attached .txt file. If I understand properly there is ma

Re: any api to read logs ?

Hi, I have a set of grok patterns for logstash. You can send the postfix logs to logstash, have them parsed into something more or less structured by the pattersn, then expose the logstash data through some api. https://github.com/whyscream/postfix-grok-patterns/ Kind regards, Tom On 0

Re: ODMR/ATRN ?

On 10-06-19 03:37, Ronald F. Guilmette wrote: > In message <64994169-2c87-4029-9c31-0765608f4...@opendmz.com>, > Christopher van de Sande wrote: > >> Yes absolutely correct >> >> If your sever at home is online then it will pass through your cloud VM in >> mere seconds If your home server is of

[pfx] Re: Different set of milters for one domain?

Hi, I've been using milter-manager [1] for a long time now to run various milters selectively. In my case, I defined a custom 'Applicable condition' (see docs) to exempt various email accounts from spamfilter/virus checks (f.i. spamtraps). The docs look like they haven't been updated in a wh

[pfx] Re: Njal.la

On 02-05-2023 13:14, pripercat--- via Postfix-users wrote: Thanks, but it still doesn't work for me with those parameters. The relayhost value is an email server of my hosting. And I don't have that information. The njal.la admin refers me to this forum. :( If njal.la provides documentation on

[pfx] Re: Domain-Specific inbound relay host rules

On 15-10-2023 15:52, B Williams via Postfix-users wrote: All: Long time postfix user. I have an internet facing mail server running Postfix. For about half of my domains, I have them run through a spam filtering service (like MimeCast/Proofpoint). The other half just come direct because they

[pfx] Re: Some TLS connections untrusted in postfix but trusted with posttls-finger

On 01-12-2023 08:59, Alexander Leidinger via Postfix-users wrote: Am 2023-11-30 16:53, schrieb Wietse Venema via Postfix-users: Alexander Leidinger via Postfix-users: What is wrong here that [tlsproxy] doesn't establish a trusted connection to the github mailservers when posttls-finger is able