On Wed, Jan 01, 2025 at 10:01:56PM +0100, Antonin VERRIER via Postfix-users
wrote:
> Le 01/01/2025 à 21:26, Christian Seberino via Postfix-users a écrit :
> [...]
> > server.login("cs@bighelp.business", password)
> [...]
> > ===
On Sun, Feb 09, 2025 at 04:35:03PM +0100, Ömer Güven via Postfix-users wrote:
> I can only endorse this. Simply setting it to „dane“ should solve the
> hassle and make the operation more consistent and predictable.
The whole thing is a misunderstanding. The insecure MX setting is only
ever used
On Sun, Feb 09, 2025 at 03:00:22AM +0100, Ömer Güven wrote:
> How did I misunderstand the settings if Wietse said that
> smtp_tls_dane_insecure_mx_policy only defaults to dane, when the
> smtp_tls_security_level variable is set to dane, else it defaults to
> may, regardless of the security level r
On Sat, Feb 15, 2025 at 07:08:20PM +0200, Nikolaos Milas via Postfix-users
wrote:
> > Have you tried adding "options edns0" to your resolv.conf? The "A"
> > RRset for this name exceeds 512 bytes, and so, absent edns0 can only be
> > returned via TCP, and some Linux versions had no TCP fallback s
On Sun, Feb 16, 2025 at 11:14:44AM +1100, Viktor Dukhovni via Postfix-users
wrote:
> > 154.52.2.229 154.52.2.243 154.52.2.248 154.52.2.241 154.52.2.235
> > 154.52.2.233 154.52.2.238 154.52.2.239 154.52.2.149 154.52.2.234
> > 154.52.2.246 154.52.2.237 154.52.2.247 154.52.
On Sat, Feb 15, 2025 at 08:49:01PM +0100, Gerald Galster via Postfix-users
wrote:
> >> Yes, but what you really need is working TCP fallback, when the DNS
> >> response is truncated due to exceeding the UDP packet size limit (even
> >> happens with EDNS0, the default UDP buffer size could still b
On Sat, Feb 15, 2025 at 10:54:58AM +0200, Nikolaos Milas via Postfix-users
wrote:
> On 15/2/2025 1:45 π.μ., Wietse Venema via Postfix-users wrote:
> > It is possible to override these system library functions by providing
> > your own alternatives with LD_PRELOAD.
>
> Thanks Wietse, it makes sen
On Sat, Feb 15, 2025 at 04:45:41PM +0200, Nikolaos Milas via Postfix-users
wrote:
> > I don't recall seeing you testing with "getaddrinfo" (and perhaps also
> > "getnameinfo" to see whether it is slow PTR lookup that is the problem).
> > It may also help to perform tcpdumps to see how long the de
On Fri, Feb 14, 2025 at 11:30:53AM +0200, Nikolaos Milas via Postfix-users
wrote:
> Jan 14 10:37:12 mailgw1 postfix/smtpd[1125361]: warning: hostname
> smtpfra7.fortimailcloud.com does not resolve to address 154.52.2.249: Name
> or service not known
This host seems to have ~46 A records:
$
On Fri, Feb 14, 2025 at 06:13:51PM +, Matt Selsky via Postfix-users wrote:
> > Email with:
> > From: "whatever" ,
>
> Exchange rejects this.
But it is valid RFC5322 syntax.
https://datatracker.ietf.org/doc/html/rfc5322#section-3.4
mailbox-list= (mailbox *("," mailbox
On Wed, Feb 19, 2025 at 06:22:42PM -0500, Christophe Kalt via Postfix-users
wrote:
> Yes. What's even more puzzling is both builds are fairly recent. I just
> happened to rebuild 3.9.1 a few days ago.
> IOW, the build environment should be the same for both builds. I've also
> just rebuilt both v
On Fri, Feb 21, 2025 at 11:46:16AM +0100, Florian Piekert wrote:
> Understanding correctly, what I defined in the smtp_tls_policy_maps has what
> function then?
> https://www.postfix.org/postconf.5.html#smtp_tls_policy_maps
> I tell pf to send mail for this domain via "secure"d TLS to - probably
On Fri, Feb 21, 2025 at 08:51:47AM +0100, Florian Piekert via Postfix-users
wrote:
> testmail to e.g.postmas...@renraku-software.de delivers:
>
> MX 2 is the example sending host itself.
> Feb 21 08:19:20 theater postfix/local[536980]: 257561229F34:
> to=, relay=local, delay=1.6,
> delays=1.6/
On Thu, Feb 20, 2025 at 07:20:13PM -0500, Christophe Kalt via Postfix-users
wrote:
> On Wed, Feb 19, 2025 at 7:41 PM Viktor Dukhovni via Postfix-users <
> postfix-users@postfix.org> wrote:
>
> > On Wed, Feb 19, 2025 at 06:22:42PM -0500, Christophe Kalt via
> > Postfix
On Thu, Feb 20, 2025 at 08:49:09PM -0500, Christophe Kalt wrote:
> > Thanks, that's helpful. Turns out that the change in the default value
> > of insecure MX TLS policy had unanticipated implications. To be fixed
> > in the next set of patch releases. :-(
>
> Glad to hear you figured this out.
On Tue, Feb 25, 2025 at 03:39:39PM +1100, duluxoz via Postfix-users wrote:
> After much toing-and-froing I finally tracked down the issue, and I'm happy
> to say it *wasn't* postfix causing the problem at all, but haproxy. In
> particular it was a (health) `check` statement on the offending port i
On Mon, Feb 24, 2025 at 09:53:24AM -0500, Wietse Venema via Postfix-users wrote:
> > I need some help in interpreting the following postfix log message,
> > please (this is showing up all over the log):
> >
> > `Feb 24 17:46:55 mail postfix/smtpd[77980]: fatal:
> > smtpd_peer_hostaddr_to_sockad
On Mon, Feb 17, 2025 at 08:13:39PM +0100, Damian via Postfix-users wrote:
> > You may have noticed that BDAT and BINARYMIME are distinct features.
> Yes, but I have argued that RFC2045 compliance of mail data is a
> property of said data, not of the transport, so that BDAT, BINARYMIME
> and even S
On Tue, Feb 25, 2025 at 05:01:01PM +1100, duluxoz via Postfix-users wrote:
> Oh, and the HAProxy health check? The relevant lines in the HAProxy config
> file are/were:
>
> backend submission_server
>
> option smtpchk
>
> server mail mail.local:25587 check send-proxy-v2
Per
On Mon, Feb 17, 2025 at 04:10:30PM +0100, Damian via Postfix-users wrote:
> > Systems that do not announce BINARYMIME in EHLO can receive only
> > content with lines of 998 between CRLF.
> >
> > Only systems that anounce BINARYMIME in EHLO can receive content
> > that is not lines of 998 between
On Tue, Feb 18, 2025 at 12:18:08PM -0500, John Griffiths via Postfix-users
wrote:
> I am getting soft bounces even with soft_bounce = no set in main.cf.
>
>Feb 18 02:03:17 joe postfix/smtpd[601395]: NOQUEUE: reject: RCPT
>from inbound2b.ore.mailhop.org[54.68.193.51]:
>450 4.1.8 : Se
On Fri, Feb 28, 2025 at 11:55:14AM +0100, Jaroslaw Rafa via Postfix-users wrote:
> > Mandatory STARTTLS is not unencrypted. Postfix-to-Postfix over port 587
> > is not less secure than over 465. Just an extra couple of network
> > round-trips that don't much matter in email. Think of it as a le
On Sat, Mar 01, 2025 at 08:28:08AM +0100, michael-dev via Postfix-users wrote:
> I want to set up Postfix for authentication with a relay host using GSSAPI.
>
> I'm using the configuration proposed in
> https://www.mail-archive.com/postfix-users@postfix.org/msg29041.html but am
> now looking into
On Sun, Mar 02, 2025 at 10:08:04AM -0500, Wietse Venema via Postfix-users wrote:
> This sounds like a bad builds, bad install, or bad hardware. My
> primary MX host has 2GB of memory and it never runs out.
>
> If the problem happens again, can you find out WHAT PROGRAM is
> consuming virtual memor
On Fri, Feb 28, 2025 at 10:31:03AM +0100, Jaroslaw Rafa via Postfix-users wrote:
> Dnia 27.02.2025 o godz. 18:50:08 Wietse Venema via Postfix-users pisze:
> >
> > There is no 'automatic' wrappermode at this time.
> [...]
> > For now, use port 587 and enforce a TLS security level that can
> > match
On Wed, Mar 05, 2025 at 12:30:46PM +0100, Herbert J. Skuhra via Postfix-users
wrote:
> On Mon, 28 Jan 2019 13:59:23 +0100, Stefan Bauer wrote:
> > we would like to go the next step, enable smtp_tls_security_level = dane.
> > Currently we have encrypt site-wide.
> >
> > But in cases where remote
On Fri, Mar 07, 2025 at 02:38:23PM -0500, John Griffiths via Postfix-users
wrote:
> As Wietse said, the resolver (bind) was bouncing emails from hosts
> that failed DNSSEC.
Not bouncing mails, perhaps failing to resolve the domain. If you're on
a RedHat system, you need to tweak the crypto poli
On Sun, Mar 09, 2025 at 12:08:38AM +0100, Andreas Kuhlen via Postfix-users
wrote:
> Hi, so far I am using the postfix package of my distribution, which is
> probably already considered ‘legacy’. For this reason I would like to
> compile the current stable version 3.10.1. Is there any
> documentat
On Sun, Mar 09, 2025 at 01:13:06AM +0100, Andreas Kuhlen via Postfix-users
wrote:
> > I am running Postfix out of /opt, with just "alternatives" symlinks for
> > /usr/sbin/sendmail. So less prone to conflicts with system updates.
>
> Could you please tell me a little more about the "alternative
On Sun, Mar 09, 2025 at 08:50:17AM +0200, Petko Manolov via Postfix-users wrote:
> On 25-03-08 13:05:42, Peter via Postfix-users wrote:
> Well, i maybe seeing only in black and white, but if somebody is careless
> enough
> to not set SPF and DKIM, they pretty much asked for it. These mechanisms
On Sun, Mar 09, 2025 at 09:54:29AM +0100, Andreas Kuhlen via Postfix-users
wrote:
> But before I get to that point, I guess I
> need to make more detailed plans about which features I compile postfix
> with. STARTTLS, MySQL and SASL authentication come to mind. I don't really
> know what else is
On Sun, Mar 09, 2025 at 06:37:38PM +0100, Andreas Kuhlen via Postfix-users
wrote:
> Since I use virtual mailboxes using MySQL, I would have to include the
> support.
Sure, include what you need.
> Would my customisation for the bash script be correct in this case?
>
> #! /bin/sh
> PFIX=/op
On Tue, Mar 11, 2025 at 11:15:13AM +0100, John Doe via Postfix-users wrote:
> Let's say I have relayhost with FQDN: srv2378948273.mydomain.com
>
> I'd like to create a DNS Alias record or A record to use more friendly
> name:
>
> relayhost1.mydomain.com
A CNAME is fine, example:
relayh
On Mon, Mar 10, 2025 at 08:14:33PM +0100, Andreas Kuhlen via Postfix-users
wrote:
> I have two mail servers that use different content transfer encodings
> for the same content. Based on the configuration, I can't work out why
> this is the case.
The list is not psychic, you can examine your ser
On Wed, Mar 12, 2025 at 06:42:48PM -0700, Doug Hardie via Postfix-users wrote:
> Then I went to find what's in /var/run/postfix.
Normally, messages are in /var/spool/postfix, is this not the case on
your system?
> There are 4 messages in defer/* and they match the mailq entries.
The defer/ dire
On Wed, Mar 12, 2025 at 05:17:52PM -0400, Bill Cole via Postfix-users wrote:
> > My mail server is over 13 years old. Rather than waiting for it to
> > fail, I have provisioned a replacement. It has the identical
> > configration as the production server. It has been tested on my local
> > LAN
On Wed, Mar 12, 2025 at 08:48:17PM -0700, Doug Hardie via Postfix-users wrote:
> >> Most are dated in 2017, ... Why would there be 1175 messages in
> >> deferred with no defer entry?
> >
> > They probably don't have the execute bit set, and were put there
> > manually in ~2017 by someone who did
901 - 937 of 937 matches
Mail list logo
