[pfx] Re: Understanding log entries

Small edit for clarity. Wietse Doug Hardie via Postfix-users: > Is there a way to configure postfix to drop the email if all the > providers MTAs return a 5xx response? We had a problem like that when some people wanted to make TLS mandatory. The solution was not to bounce mail when a s

[pfx] Re: Understanding log entries

Small edit for clarity. Wietse Doug Hardie via Postfix-users: > Is there a way to configure postfix to drop the email if all the > providers MTAs return a 5xx response? We had a problem like that when some people wanted to make TLS mandatory. The solution was not to bounce mail when a s

[pfx] Re: How to forward submitted mails under the identity of an email alias to all other members of that alias?

Matthias Nagel via Postfix-users: > > > How do I forward submitted mails under the identity of an email alias > > > to all other members of that alias? Is that even possible with Postfix > > > only? > > > > Yes, with sender_bcc_maps, and with the proviso that the BCC will be to > > all the members

[pfx] Re: masquerade_domains does not work for relayed domain

Aleksandar Ivanisevic via Postfix-users: > > Is it true that masquerade_domains does not work for header From: in relayed > emails? I have a fairly generic setup: > > masquerade_classes = envelope_sender, header_sender, header_recipient > masquerade_domains = mydomain.com > > that does indeed r

[pfx] Re: Unexpected behavior of regexp table in check_sender_access directive

Jakob Cornell via Postfix-users: > If I understand right the non-indexed skip is implemented by the > 'continue' at global/maps.c:199, so a flag could be added to track > whether execution has passed line 199 and if not, the log statement > at 221 could be skipped. I can add a debug log that a spe

[pfx] Re: Forward mails if user unknown in local recipient table

Akshay Pushparaj via Postfix-users: > > > >> I would like to know if i can configure postfix to forward mails if user > >> not found in local recipient table. > > > > That is possible (with static: mapping) but not a good idea. > May i know why it's not a good idea? Forwarding ALL recipients no

[pfx] What features to deprecate

Over 25 years, Postfix has accumulated some features that are essentially obsolete. - permit_mx_backup is fundamentally incompatible with recipient address validation. There is no way to work around that with reject_unverified_recipient, because that requires that a domain is reachable, and in th

[pfx] Re: What features to deprecate

Geert Hendrickx via Postfix-users: > On Tue, Feb 13, 2024 at 12:23:32 -0500, Wietse Venema via Postfix-users wrote: > > - masquerade_domains complicates table-driven address validation. > > Log a deprecation warning with compatibility_levels>=3.9. > > >

[pfx] Re: What features to deprecate

Viktor Dukhovni via Postfix-users: > On Tue, Feb 13, 2024 at 12:23:32PM -0500, Wietse Venema via Postfix-users > wrote: > > > Over 25 years, Postfix has accumulated some features that > > are essentially obsolete. > > > > - permit_mx_backup is fundamen

[pfx] Re: Unexpected behavior of regexp table in check_sender_access directive

Jakob Cornell via Postfix-users: > Hi Wietse, > > > I can add a debug log that a specific table is skipped for a specific name. > > Ah yes, that's a better fix. That would take care of my confusion with the > logging. > > Do you have any thoughts on postconf(5) describing partial key > lookups

[pfx] Re: sending not trying TLS?

Michael W. Lucas via Postfix-users: > Hi, > > Running 3.8 on FreeBSD 14, with postfixadmin 3.4. > > I'm trying to send a message and got this bounce message. > > : host mx.nixnet.email[5.161.67.119] said: 530 5.7.0 > Must issue a STARTTLS command first (in reply to MAIL FROM command) > > > The

[pfx] Re: dynamic user lookup

Andre Rodier via Postfix-users: > Hello, Postfix users. > > I am looking for a dynamic user mapping, if possible. > For instance, something like lua, python or perl, to return a user lookup. > What I need is something very simple and the language don't need to be > advanced. > > I'd like to give

[pfx] Re: [postfix] 3.4.23: SpamAssassin - Re-submission with sendmail - Append"receive_override_options = no_address_mappings"?

hawky--- via Postfix-users: > Is there a way to stop resolving a second time the alias table with the > after-queue approach? With "pickup -o receive_override_options=no_address_mappings...", but that disables virtual_alias_maps lookup for all submissions through the Postfix sendmail command. Co

[pfx] Re: Verbose postfix logs cleartext password for SQL database

dimi--- via Postfix-users: > Dear fellow users, > > Unless my configuration isn't safe (not yet included), i may have found an > unwanted behavior in Postfix. > > When i set the -v flag in master.cf for smtpd, my logs mail.log contains > cleartext passwords for my SQL user database. This happens

[pfx] Update: What features to deprecate

Viktor Dukhovni via Postfix-users: > On Tue, Feb 13, 2024 at 12:23:32PM -0500, Wietse Venema via Postfix-users > wrote: > > > Over 25 years, Postfix has accumulated some features that > > are essentially obsolete. A quick status update. First, several features have been

[pfx] Re: removing Authentication-Results, how?

Matus UHLAR - fantomas via Postfix-users: > I guess the inline code available since 3.7 supports this: > > header_checks = regexp:{ {/^Authentication-Results: $myhostname/ IGNORE} } > > This would only remove problem headers and exempt MX backups. > > >If it helps, header_checks happen before Mi

[pfx] Re: Update: What features to deprecate

Peter via Postfix-users: > > A quick status update. > > > > First, several features have been logging warnings that they would > > be removed for 10 years or more, so we could delete them in good > > conscience (perhaps keeping the warning with the suggested alternative). > > This change has not y

[pfx] Re: Update: What features to deprecate

Peter via Postfix-users: > On 21/02/24 12:40, Wietse Venema via Postfix-users wrote: > > Peter via Postfix-users: > >>> A quick status update. > >>> > >>> First, several features have been logging warnings that they would > >>> be remo

[pfx] Re: Postconf.5 smtp_tls_loglevel 2

Viktor Dukhovni via Postfix-users: > On Wed, Feb 21, 2024 at 08:32:49AM +, Rune Philosof via Postfix-users > wrote: > > It seems a bit unclearly phrased > > > 2 Also log levels during TLS negotiation. > > Indeed this is not very helpful. See the description of the "-L" option > in

[pfx] Re: Potential bug in milter interface, can't change first header field

The Postfix Milter implementation is sometimes inconsistent about the "first" header so that it can sometimes not be updated. The fix below was in the queue for Postfix 3.5 - 3.8 a few days before the SMTP smuggling shitshow happened. The last SMTP smuggling patch was released on January 21. For

[pfx] Re: Potential bug in milter interface, can't change first header field

Taco de Wolff via Postfix-users: > Thanks Wietse and Steffen, I forgot to mention that I'm using Postfix > 3.5.8, but it appears the bug is thus still present in the latest version. > Looking forward to the fix :-) Another solution is to adopt Postfix 3.9 (the development release) where this was f

[pfx] Re: Authentication question

michaelof--- via Postfix-users: > 2024-02-22T13:56:15.715392+01:00 vserver postfix/submission/smtpd[150038]: > connect from > 2024-02-22T13:56:15.715607+01:00 vserver postfix/submission/smtpd[150038]: > improper command pipelining after CONNECT from sender-dns-name[IPv4]>: \026\003\001\001 > \

[pfx] Re: Authentication question

michaelof--- via Postfix-users: > 2024-02-22T17:49:57.074140+01:00 vserver postfix/smtps/smtpd[165894]: connect > from > 2024-02-22T17:49:57.177663+01:00 vserver postfix/smtps/smtpd[165894]: > warning: : SASL LOGIN authentication failed: > Invalid authentication mechanism Your smtpd_sasl_secu

[pfx] Re: smtpd_discard_ehlo_keyword_address_maps all but internal

Matus UHLAR - fantomas via Postfix-users: > hello, > > as I maintain some mail gateways with postfix, I would like to discard the > DSN ehlo keyword, from all hosts but internal network. > > I see that with smtpd_discard_ehlo_keyword_address_maps > "Tables will be searched in the specified orde

[pfx] Re: smtpd_discard_ehlo_keyword_address_maps all but internal

Wietse Venema via Postfix-users: > Matus UHLAR - fantomas via Postfix-users: > > hello, > > > > as I maintain some mail gateways with postfix, I would like to discard the > > DSN ehlo keyword, from all hosts but internal network. > > > > I see that with

[pfx] Re: dumb-ish question about submission rewriting

John Levine via Postfix-users: > I am trying to tidy up a complicated and messy postfix config that has > all the issues you'd expect in one that has been twiddled by many > people over a decade to handle multiple sort of related mail streams. Auch. > Today's issue is ensuring that we only do sub

[pfx] Re: dumb-ish question about submission rewriting

Wietse Venema via Postfix-users: > John Levine via Postfix-users: > > I am trying to tidy up a complicated and messy postfix config that has > > all the issues you'd expect in one that has been twiddled by many > > people over a decade to handle multiple sort of relat

[pfx] Re: cyrus_sasl_config_path is ignored

Christoph Zimmermann via Postfix-users: > The setting for cyrus_sasl_config_path is ignored. Apparently, ignored by the Cyrus SASL library. > Specifying this in main.cf doesn't have any effect as only the standard > locations are > searched for smtpd.conf as the following strace snippet shows:

[pfx] Re: postfix and smtpd_proxy_timeout

natan via Postfix-users: > If i set smtpd_proxy_timeout=60s I "terminating" (timeout) all old > connections who get > "warning: proxy:mysql:/etc/postfix/mysql_sender_bcc_maps_user.cf-new > lookup error for u...@test.lt" > after 60s ? smtpd_proxy_timeout is a time limit for Postfix to talk to an

[pfx] Re: rbl bounces email that has both rbl_override and client_checks whitelisting

Your mistake: you are trying to match a SENDER ADDRESS with check_CLIENT_access. Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: rbl bounces email that has both rbl_override and client_checks whitelisting

Wietse: > Your mistake: you are trying to match a SENDER ADDRESS with > check_CLIENT_access. lists--- via Postfix-users: > Well do I put the domain in sender_access or sender_checks? What do you want to not block: the sender email domain? Then use check_sender_access (note that is check_sender_

[pfx] Re: postfix and smtpd_proxy_timeout

natan via Postfix-users: > for "us...@domain.ltd" > Feb 27 16:02:28 smtp1v postfix/cleanup[23476]: warning: > proxy:mysql:/etc/postfix/mysql_sender_bcc_maps_user.cf-new lookup error > for "us...@domain.ltd" > Feb 27 16:02:29 smtp1v postfix/cleanup[23476]: warning: > proxy:mysql:/etc/postfix/mysq

[pfx] Re: Postfix gmail relay SASL authentication failed invalid parameter supplied

Nuno Catarino via Postfix-users: > postfix/smtp[31278]: CFC982C034E: to=, > relay=smtp.gmail.com[64.233.167.109]:587, > delay=5.5, delays=0.05/0/5.4/0, dsn=4.7.0, status=deferred (SASL > authentication failed; cannot authenticate to server > smtp.gmail.com[64.233.167.109]: > invalid parameter suppl

[pfx] Re: userid for file delivery ?

John Levine via Postfix-users: > Here's another question that might be answered in the documentation > but I can't find it. If I have a file delivery like this in > the /etc/aliases file > > foo: /a/b/somefile > > what userid writes to the file? postfix? nobody? > > I realize that for user mai

[pfx] Re: Configuration Settings for TLS 1.2 and 1.3 with No Weak Ciphers

Scott Hollenbeck via Postfix-users: > Sorry, I should note that this is for postfix 3.6.4. > postconf -H | grep -E 'high|medium' Wietse > > > -Original Message- > > From: Scott Hollenbeck via Postfix-users > > Sent: Wednesday, February 28, 2024 8:55 AM > > To: postfix-users@pos

[pfx] Re: Configuration Settings for TLS 1.2 and 1.3 with No Weak Ciphers

h_cipherlist https://www.postfix.org/postconf.5.html#tls_medium_cipherlist Wietse > > Scott > > > -----Original Message- > > From: Wietse Venema via Postfix-users > > Sent: Wednesday, February 28, 2024 2:18 PM > > To: Postfix users > > Subject: [p

[pfx] Re: postfix check_sender_access and subdomain test

Scott Techlist via Postfix-users: > I need to allow a domain to bypass my RBL checks. I'm doing something wrong, > or I'm misunderstanding what I'm checking from my logs. I'd be grateful for > an assist to remedy. > Depending on whether omain is client or sender or ... ... reject_una

[pfx] Re: Configuration Settings for TLS 1.2 and 1.3 with No Weak Ciphers

Scott Hollenbeck via Postfix-users: > Right, but that page says "You are strongly encouraged not to change this > setting". I'm also unsure why I'm not seeing any TLS 1.3 ciphers when > "smtpd_tls_protocols = >=TLSv1.2". Doesn't that setting include TLS 1.3? tls_high_cipherlist and tls_medium_cip

[pfx] Re: postqueue fatal: output write error: Input/output error

Paul Lemmons via Postfix-users: > I am getting the following message in my syslog exactly every 30 > seconds. Everything is working but words like "Fatal" and "Input/output > error" cause me an inordinate amount of angst. > > postfix/postqueue[]: fatal: output write error: Input/output error A wr

[pfx] Re: postqueue fatal: output write error: Input/output error

Paul Lemmons: > I am getting the following message in my syslog exactly every 30 > seconds. Everything is working but words like "Fatal" and "Input/output > error" cause me an inordinate amount of angst. > > postfix/postqueue[]: fatal: output write error: Input/output error Wietse: > A write(2) o

[pfx] Re: A functional lightweight reverse alias?

Gerben Wierda via Postfix-users: > Aliases are nice, to receive mail. But when you reply, the address behind the > alias is exposed. > > To prevent that I need to create full mailboxes, which requires a lot of > administration in dovecot, postfix. > > Suppose > - I am m...@mydomain.tld > - At

[pfx] Re: A functional lightweight reverse alias?

Wietse Venema via Postfix-users: > Gerben Wierda via Postfix-users: > > Aliases are nice, to receive mail. But when you reply, the address behind > > the alias is exposed. > > > > To prevent that I need to create full mailboxes, which requires a lot of > > ad

[pfx] Re: Implementing From: field heuristic when sending messages?

Paul Menzel via Postfix-users: > Dear Postfix users, > > > A user had their password guessed/leaked, and the account was used to > send spam/phishing messages - but only once an hour or so, so it wasn't > detected as abnormal traffic. One thing detectable thing would have > been, that the sent

[pfx] Re: Escaping of braces {} in configuration (master(5))

Steffen Nurpmeso via Postfix-users: > Hello. > > Is it possible to escape braces in resource files? > I am currently testing an hm early beta of my thing and did > > lb = { > rb = } No, Don't do that. Wietse ___ Postfix-users mailing list

[pfx] Re: Escaping of braces {} in configuration (master(5))

Steffen Nurpmeso via Postfix-users: > Hello. > > Is it possible to escape braces in resource files? > I am currently testing an hm early beta of my thing and did > > lb = { > rb = } > > in main.cf to be able to say > > dkim-sign unix - n n - - spawn > user=_postfix_xlocal argv=/tmp/s-

[pfx] Re: Escaping of braces {} in configuration (master(5))

Steffen Nurpmeso via Postfix-users: > Steffen Nurpmeso wrote in > <20240305004501.fwAHTulV@steffen%sdaoden.eu>: > |Wietse Venema via Postfix-users wrote in > | <4tpc280nhvzj...@spike.porcupine.org>: > ||Steffen Nurpmeso via Postfix-users: > ||> Is it poss

[pfx] Re: Escaping of braces {} in configuration (master(5))

With this in master.cf: dkim-sign unix - n n - 0 spawn user=_postfix_xlocal argv=/tmp/s-dkim-sign --milter-macro-sign {daemon_name},sign --key rsa-sha256,rsa,/tmp/pri-rsa.pem These are options to a non-Postfix peogram, so I need to investiga

[pfx] Postfix stable release 3.8.6, and legacy releases 3.7.11, 3.6.15, 3.5.25

[An on-line version of this announcement will be available at https://www.postfix.org/announcements/postfix-3.8.6.html] This is the first regular update after the SMTP smuggling episode. As the last regular update was early November, this update is larger than usual. Fixed with Postfix 3.8.6, 3.7

[pfx] SOLVED: Escaping of braces {} in configuration (master(5))

Wietse Venema via Postfix-users: > With this in master.cf: > > dkim-sign unix - n n - 0 spawn > user=_postfix_xlocal argv=/tmp/s-dkim-sign > --milter-macro-sign {daemon_name},sign > --key rsa-sha256,rsa,/tmp/pri-rsa.pem >

[pfx] Re: SOLVED: Escaping of braces {} in configuration (master(5))

Wietse Venema via Postfix-users: > The text should have said: > > Other command-line arguments > Specify "{" and "}" around command arguments that must start > with "{" or that must contain whitespace (Postfix 3.0 and > late

[pfx] Re: dmarc reports from Microsoft (possibly off topic)

Alan Munday via Postfix-users: > As of the 22 Feb 2024 I have been seeing invalid MAIL FROM address from > Microsoft: > > In: MAIL FROM: XATTRDIRECT=Originating > XATTRORGID=xorgid:96f9e21d-a1c4-44a3-99e4-37191ac61848 > > Clearly an issue with line termination, but one I have yet to find >

[pfx] Re: dmarc reports from Microsoft (possibly off topic)

Alan Munday: > As of the 22 Feb 2024 I have been seeing invalid MAIL FROM address from > Microsoft: > > In: MAIL FROM: XATTRDIRECT=Originating > XATTRORGID=xorgid:96f9e21d-a1c4-44a3-99e4-37191ac61848 Wietse: > When I send the above as one line into Postfix, the response is: > > 555 5.5

[pfx] Re: SOLVED: Escaping of braces {} in configuration (master(5))

Are you trying to say that Postfix represents a multiline message header as text with \n instead of \r\n? That is very well possible. Postfix strips \n and \r\n line terminators on input, and the MIME parser synthesizes multiline headers with \n boundaries thusly, before they are sent to header_ch

[pfx] Milter multiline header formatting

Steffen Nurpmeso via Postfix-users: > Wietse Venema via Postfix-users wrote in > <4tqh100n6pzj...@spike.porcupine.org>: > |Are you trying to say that Postfix represents a multiline message > |header as text with \n instead of \r\n? > > Yes. > > |That is very we

[pfx] Re: pushing changes to remote system

Alex via Postfix-users: > Hi, > I have a few postfix systems on fedora38 with nearly identical > configurations. I'd like to be able to push changes to them from a third > system without having to login to them directly to do so. What's the > best/most secure way to do this? > > For example, I'd l

[pfx] Re: improving SRS support

Christophe Kalt via Postfix-users: > Hi, > > The two options I've seen for implementing SRS are milter and > [sender_]canonical_maps but it seems to me that neither are a good fit when > rewriting the envelope From as they happen early on (smtpd and cleanup > specifically) and before Postfix knows

[pfx] Re: Milter multiline header formatting

Wietse Venema via Postfix-users: > Again, Postfix does not store line terminators, not when email comes > from UNIX tool with \n, via SMTP with \r\n, or encapsulated as > netstrings which uses neither. > > Instead, Postfix generates line terminators upon output, and until > n

[pfx] Re: improving SRS support

Viktor Dukhovni via Postfix-users: > On Wed, Mar 06, 2024 at 07:30:01PM -0500, Christophe Kalt via Postfix-users > wrote: > > > The two options I've seen for implementing SRS are milter and > > [sender_]canonical_maps but it seems to me that neither are a good fit when > > rewriting the envelope

[pfx] Re: Milter multiline header formatting

Claus Assmann via Postfix-users: > On Wed, Mar 06, 2024, Wietse Venema via Postfix-users wrote: > > > > Again, Postfix does not store line terminators, not when email comes > > > from UNIX tool with \n, via SMTP with \r\n, or encapsulated as > > > netstrings which

[pfx] Postfix stable release 3.9.0

[An on-line version of this announcement will be available at https://www.postfix.org/announcements/postfix-3.9.0.html] Postfix stable release 3.9.0 is available. Postfix 3.5 - 3.8 were updated earlier this week; after that, Postfix 3.5 will no longer be updated. The main changes are below. See t

[pfx] Re: [ext] Re: [OT] postfwd3 as check_policy_service hogging the CPU

Ralf Hildebrandt via Postfix-users: > * Viktor Dukhovni via Postfix-users : > > > Note that if you want the actual recipient addresses, (not just a > > count), > > I just need the count in this case > > > you'll need to also intercept recipient restrictions. > > oh! > > > The Postfix smtpd(8)

[pfx] Re: Active queue congestion

Colin McKinnon via Postfix-users: > Thank you, Viktor. > > I am planning to look at increasing the size of the Active queue however I > would need to resize to a minimum of 50x based on past events. That should be OK as long as your syustem has enough memory. > > You can also configure a non-zer

[pfx] Re: Misunderstanging on masquerade_domains and rewriting in master.conf

Steffen Nurpmeso via Postfix-users: > What if i would have multiple smtpd listening on different xy and > each needs different settings? Would i need different main.cf's > for each of those? > And you say the local_header_rewrite_clients at least i can > specifiy via -o, if i understand correctly.

[pfx] Re: Dumb question about logging

Stephen Satchell via Postfix-users: > Assuming that one's configuration has open relay, what does a log entry > for relayed mail look like? > > I don't think I've any open relay, but I want to look and make sure. > > I've searched for half an hour, and no answer came up. But, I did find > some

[pfx] Re: preserving multi line header_checks REPLACE

Mailinglists35 via Postfix-users: > > Hi > > I run a postfix 3.5.9 smtp relay for a webserver that sends user signup and > forgot password emails. That's the only use case and the server does not > receive any other emails and neither generates any locally. > > I'm trying to prevent le

[pfx] Re: preserving multi line header_checks REPLACE

Viktor Dukhovni via Postfix-users: > On Fri, Mar 08, 2024 at 03:45:42PM -0500, Wietse Venema via Postfix-users > wrote: > > > The postmap command reads input from stdin one line at a time, and > > applies each input line to all the header_checks patterns. It can't

[pfx] Re: [ext] Re: [OT] postfwd3 as check_policy_service hogging the CPU

Matus UHLAR - fantomas via Postfix-users: > On 07.03.24 12:14, Wietse Venema via Postfix-users wrote: > >The Postfix SMTP server counts only the recipients that it accepts, > >not the ones that it rejects. > > > >That is, a DATA or BDAT command after all recipients are r

[pfx] Re: Dumb question about logging

Viktor Dukhovni via Postfix-users: > On Sat, Mar 09, 2024 at 12:49:42PM +0100, Matus UHLAR - fantomas via > Postfix-users wrote: > > > In case of domains in relay_domains, the command could be even > > postfix/relay, so one needs to exclude that one as well. > > Actually, no, the "relay" transpo

[pfx] Re: [PATCH] Drop removed -style option from html2text

Christian Goettsche via Postfix-users: > html2text dropped the command line option -style in version 2[1]. I am not using that html2text version on the machine where I prepare Postfix releases. I found that removing that flag makes the output massively different. I need that documentation builds

[pfx] Re: [PATCH] Drop removed -style option from html2text

Christian Goettsche via Postfix-users: > On Mon, 11 Mar 2024 at 17:50, Wietse Venema wrote: > > > > Christian Goettsche via Postfix-users: > > > html2text dropped the command line option -style in version 2[1]. > > > > I am not using that html2text version on the machine where I prepare > > Postfi

[pfx] Re: [PATCH] Drop removed -style option from html2text

Wietse Venema via Postfix-users: > Christian Goettsche via Postfix-users: > > On Mon, 11 Mar 2024 at 17:50, Wietse Venema wrote: > > > > > > Christian Goettsche via Postfix-users: > > > > html2text dropped the command line option -style in version 2[1]. &g

[pfx] Re: smtpd filter orig_client

Reg Inaldo via Postfix-users: > > Hi > > I am seeing an issue with relaying and am looking for a way to filter on > a specific smtp line but can't find a way to make it work: > > In the transaction (eg):? mta-k postfix/smtpd[23771]: 97F808837: > client=localhost[127.0.0.1], orig_client=localho

[pfx] Re: Trouble with qmqp

Brad Koehn via Postfix-users: > I'm trying to deliver email with Postfix 3.7.10 using `qmqpd`. > Unfortunately when I do this, the email is often unreadable by a > variety of email clients. I suppose you mean "receive" mail with Postfix using qmqpd. > Curiously, if I deliver the same email direct

[pfx] Re: Trouble with qmqp

Wietse Venema via Postfix-users: > Brad Koehn via Postfix-users: > > I'm trying to deliver email with Postfix 3.7.10 using `qmqpd`. > > Unfortunately when I do this, the email is often unreadable by a > > variety of email clients. > > I suppose you mean "r

[pfx] Re: Don't BCC a particular domain

Richard Raether via Postfix-users: > We have an auditor account where all incoming and outgoing mail is BCC'd > to, to retain for compliance reasons. However, since mailman retains its > own archives, and we have a mailman on a separate server with a separate > domain, is there a way to tell pos

[pfx] Re: Feature request

Ralf Hildebrandt via Postfix-users: > Hi! > > I wonder if this is possible: > > If a PCRE/regexp style map is triggering, it can be quite hard to > find out WHICH pattern actually caused the action. > > So maybe postmap (when invoked with "-b", "-h" or "-q key") could emit > which regular expres

[pfx] Re: Don't BCC a particular domain

ain name(s) and/or email addresses that need to be excluded. Wietse > Excuse. my ignorance, > > Richard > > On 3/21/24 8:54 AM, Wietse Venema via Postfix-users wrote: > > Richard Raether via Postfix-users: > >> We have an auditor account where all incom

[pfx] Re: postfix and from

natan via Postfix-users: > 1. > FROM is encoded as "FRIENDLY_NAME " == encoding ==> "base64" That form is NOT VALID. For proper encoding, please see https://datatracker.ietf.org/doc/html/rfc2047#section-5 > 2. > FROM is encoded as "FRIENDLY_NAME " == encoding ==> > "base64 " That form is valid,

[pfx] Re: Postfix thinks smtp.gmail.com uses self-signed certificate

Unleess you can hand over the certificate that Postfix complained about, you have not proven that Postfix was in error. Specifically, yout tests with curl and openssl s_client may have used a different IP address than Postfix, because the smtp.gmail.com IP address changes frequently. The smtp.gm

[pfx] Re: Postfix thinks smtp.gmail.com uses self-signed certificate

Cowbay via Postfix-users: > So, I will collect necessary information next time I encounter this > issue as what Viktor suggested. Please note that Postfix does not automatically use the "system" root CA store that openssl s_client and curl may use. That could result in verification differences be

[pfx] Re: Why has smtpd_tls_cipherlist been deprecated?

Matthias Nagel via Postfix-users: > Hello everybody, > > what is the rationale behind the deprecation of the setting > `smtpd_tls_cipherlist`? Are there any plans to remove it entirely > in some future versions? smtpd_tls_cipherlist was removed in Postfix 2.3 (18 years ago). Postfix 2.9 (12 years

[pfx] Re: Do I have to reload Postfix after the X.509 certificate (and key) file has been renewed?

TLS using processes will eventually pick up new certifictate info. A Postfix SMTP client and server process has a limited life time, bounded by max_idle (100s) and max_use (100 times). A tlsproxy process (used by postscreen, and by a Postfix SMTP client when reusing an SMTP-over-TLS connection) t

[pfx] Re: dane.sys4.de

Benny Pedersen via Postfix-users: > it go into endless loop if mx is missing, so it does not do a/ > failback testing, is this a bug ? What is 'it', what did you ask 'it' to do, and what are the concrete symptoms in the form of logging? Wietse

[pfx] Re: Sending email via ipv4

Jack Raats via Postfix-users: > Hi, > > Can any help me. I want to recieve email via ipv4 and ipv6. main.cf: inet_protocols=ipv4,ipv6 as well as appropriate DNS MX and A records. > I want to send email via ipv6 only. master.cf: smtp .. .. .. .. .. .. smtp -o inet_protocols=ipv6

[pfx] Re: check_policy_service for customizing routing & load balancing

Colin McKinnon via Postfix-users: > Hi, > > I want to provision load balancing for my relays. The catch is that > there is already some customized routing in place based on recipient > domain and large block lists. These are currently handled by a > transport map. > > I would prefer not to implem

[pfx] Re: check_policy_service for customizing routing & load balancing

Viktor Dukhovni via Postfix-users: > That's fine, the SRV records can be keyed by destination domain. Locally-managed SRV records, keyed by the final destination domain name, to select a local relay host? Wietse ___ Postfix-users mailing list --

[pfx] Re: check_policy_service for customizing routing & load balancing

Viktor Dukhovni via Postfix-users: > On Tue, Mar 26, 2024 at 02:20:55PM -0400, Wietse Venema via Postfix-users > wrote: > > Viktor Dukhovni via Postfix-users: > > > That's fine, the SRV records can be keyed by destination domain. > > > > Locally-m

[pfx] Re: Setting up another "smarthost" with Postfix

Samuel Goodies via Postfix-users: [ text/html is unsupported, treating like TEXT/PLAIN ] > Hi guys. I'm inheriting a job that has an email server hosting > several domains, and I'm wanting to move them behind our firewall > and route mail from the main mail server to an offsite pos

[pfx] Re: Setting up another "smarthost" with Postfix

My reading is that this will be a sending only host: This postfix server will only take mail from the [main] server and send it out, and return bounce/errors to the main host. It won't accept any incoming mail. We should probably ask how they expect to be receiving mail, then. W

[pfx] Re: Documentation update request

Ricardo F via Postfix-users: > > > Hello, > > I would like to suggest an addition to the documentation under > default_destination_rate_delay and default_destination_concurrency_limit > > As pointed in > https://mailing.postfix.users.narkive.com/yvG5ceqQ/balancing-destination-concurrency-rate

[pfx] Re: Setting up another "smarthost" with Postfix

Cowbay via Postfix-users: > On 2024/3/28 00:25, Samuel Goodies via Postfix-users wrote: > > Hi guys. I'm inheriting a job that has an email server hosting several > > domains, and I'm wanting to move them behind our firewall and route mail > > from the main mail server to an offsite postfix serve

[pfx] Re: Fallback virtual_transport

Emmanuel Seyman via Postfix-users: > > Hello, all. > > I handle two SMTP gateways at $WORK which relay mail from the internet > to an internel server and vice-versa. Accordingly, I have > "virtual_transport = smtp:internal-host.example.com" in my main.cf . > > We recently had a network issue bet

[pfx] Re: milter_mail_macros in master.cf for using rspamd

Martin Stenzel via Postfix-users: > Hi group, > > I run rspamd on the same server in which the latest version of postfix > runs on. > > Plus, there is ciphermail for the purpose of GPG signing. > > > For rspamd functionality I have to define milter_mail_macros, but in > master.cf, not in main

[pfx] Re: milter_mail_macros in master.cf for using rspamd

Martin Stenzel: > Awesome, incredibly fast, you are awesome > But, when I put this definition into master.cf (as you explained > wisely (postfix is overwhelming, in a positive way)) the > X-Spamd-Result header is missing. > > When I put it in main.cf, it works as expected. This is the part of

[pfx] Re: Thunderbird 91, Postfix 3.7.x, Debian 12, Virtual Mailbox Users, TLS with Letsencrypt, error improper command pipelining after helo

David Mehler via Postfix-users: > to utilize Thunderbird v91.x. I've tried configuring with both the > automatic configuration and the manual configuration, in both cases I am > getting an error in my maillog from submission/smtpd service stating > error improper command pipelining after helo. G

[pfx] Re: Is there a way to just quickly deliver "everything" to a file somewhere

Dan Mahoney via Postfix-users: > Hey there all, > > I'm setting up a staging version of dayjob?s ticket system, and > we?d basically like postfix to still function, but instead of > touching the internet at all, just deliver everything to a single > file (or a maildir, I suppose), regardless of if

[pfx] Re: Thunderbird 91, Postfix 3.7.x, Debian 12, Virtual Mailbox Users, TLS with Letsencrypt, error improper command pipelining after helo

David Mehler via Postfix-users: > Hello, > > Here is the complete log of the connections, IPS x-d out, but I tried > twice, once on 587, once with smtps enabled. Any help appreciated. We DID NOT ask for verbose logs. All we asked for is this: > postfix/submission/smtpd[1529]: improper command

[pfx] Re: disable search by at_domain in virtual

v k via Postfix-users: > When delivering mail, Postfix generates LDAP queries with query_filter > mail=@domain, which are unnecessary in my environment. This becomes > critical when sending to a mailing list group with many participants, > as each member address generates an additional query, consu

[pfx] Re: Forward mail

Paul van der Vlis via Postfix-users: > Hallo, > > Unfortunately, I have quite a few customers who want to receive email > from their own domain at a different email address, such as a Gmail or > Hotmail address. I forward this in /etc/postfix/virtual. > > But I actually don't understand why thi

[pfx] Re: Submission Forward

svoop_pvde84wdgt--- via Postfix-users: > Hiya! > > I'm running my own Postfix as part of a dockered MailU which works > really smoothly for my own domains. However, I also have a few > email addresses for client projects at work and for the sake of > MUA simplicity, I forward all incoming mail to

<    1   2   3   4   5   6   7   8   9   10   >