GhettoForge has a repo for Postfix3, it is not clear to me if Postfix3 is
another beast entirely or if it is just a normal Postfix version 3 and higher.
Can someone explain what is the purpose of "Postfix3"?
Are there other options (repos) for getting current versions of Postfix using
> According to http://ghettoforge.org/index.php/Postfix3 it's the
> latest (presumably stable) release. They appear to have Postfix
> 3.6 at this time.
Yes, I see that. But why "Postfix3"? How is that different from normal Postfix?
If it's a repo providing the sam
> likely at least a minimal attempt to avoid naming conflicts. renaming
> forked the code (hopefully) helps avoid blaming Wietse for whatever gets
> broken in that fork.
Wait, so its a fork of Postfix?
And not the same code as what Wietse releases for the same version?
If reject_unlisted_recipient isn't used in any of the smtpd_*_restrictions
And smtpd_reject_unlisted_recipient = yes
At what stage is smtpd_reject_unlisted_recipient checked and rejected?
During smtpd_recipient_restrictions checks?
At the end after smtpd_end_of_data_restrictions?
Or somewhere els
>> With the default "smtpd_reject_unlisted_recipient = yes" the implicit
>> reject_unlisted_recipient is evaluated after smtpd_relay_restrictions
>> and smtpd_recipient_restrictions, but only if the recipient was not
>> already rejcted.
>>
>> If you wonder why not evaluate this first, that is becau
server is doing gray listing and responds with a 4xx during the probe
process?
How does postfix handle this? Does it also give the email triggering the
verification a 4xx or rejects it with a 5xx?
ification to be rejected. But i do not see anything about 4xx defer
>> responses. What if the remote server is doing gray listing and
>> responds with a 4xx during the probe process?
>>
>> How does postfix handle this? Does it also give the email triggering
>> the ve
Just in case you were unaware...
If you are going to use DMARC then you do not need to mess around with or
install policyd-spf.
OpenDMARC has built in SPF lookup, it adds a header with the SPF results, and
uses it in deciding if the email passes DMARC or not.
When using DMARC you wouldn't want t
> On 02-05-2022 11:47 am, Benny Pedersen wrote:
> On 2022-02-05 17:15, post...@ptld.com wrote:
>> Just in case you were unaware...
>>
>> If you are going to use DMARC then you do not need to mess around with
>> or install policyd-spf.
>
> you will miss latest rfc on this one
>
> libspf2 is old
> On 02-05-2022 11:47 am, Benny Pedersen wrote:
> On 2022-02-05 17:15, post...@ptld.com wrote:
>> Just in case you were unaware...
>>
>> If you are going to use DMARC then you do not need to mess around with
>> or install policyd-spf.
>
> you will miss latest rfc on this one
>
> libspf2 is old
> We are considering (and the latest releases release notes say) deprecating
> the internal SPF libs, and currently recommend using libspf2, which is not
> perfect, but at least spares us having to maintain our own internal
> implementation.
> -Dan
My system (RHEL8 flavor) is using OpenDMARC v1
Just to clarify, does this error mean they requested SASL login and postfix
told them it wasn't enabled?
I am under the belief SASL logins are disabled on port 25.
(smtpd_sasl_auth_enable = no)
Or does it mean postfix allowed them to provide login details and it failed
because of bad user
> On 02-13-2022 11:56 am, post...@ptld.com wrote:
> Just to clarify, does this error mean they requested SASL login and postfix
> told them it wasn't
> enabled?
> I am under the belief SASL logins are disabled on port 25.
> (smtpd_sasl_auth_enable =
> no)
> Or does
> There doesn't appear to be a way to say "here is user and this is his
> email address". It seems to be assumed that user "Fred" will have an
> email
> address of "fred@..." and no way to override that.
That is not how dovecot works. Dovecot goes "here is this authenticated user
and they are
> On 02-25-2022 9:10 am, @lbutlr wrote:
> Are there any issue with using multiple names for the same mail server?
No, postfix does not know what domain the client looked up to find the IP to
connect to.
> For example, I use mail.exampl.net as the FQDN for the mail sever,
> but
> By default, Postfix does not care how a client discovers an MTA
> (which MX record was used, if any, etc.).
Oh, did i misunderstand this part?
It is possible for postfix to know what domain MX the client used to get the IP?
> Yes, I have been doing this for many many years, what I have not done
> previously
> is create an MX record for mail.otherdomain.com pointing to the same IP as
> main.maindomain.net
Clearly I am no expert, so this is just my 2cents. I think pointing
otherdomain.com to MX=mail.example.com is
that is how MX works. If someone wants to send an email to u...@otherdomain.com
the delivering smtp server (like postfix) looks up the MX record for
otherdomain.com, sees that it is mail.example.com then looks up the IP for
mail.example.com. None of this process has anything to do with end us
> No, they use "mail.example.com" which normally would not exist, both for IMAP
> and SMTP.
> If the clients do not care that the mail server is not the mailserver,
> perhaps I am overthinking this.
One idea would be to leave mail.example.com as an A record pointing to the
submission server I
> On 02-25-2022 2:58 pm, post...@ptld.com wrote:
>> No, they use "mail.example.com" which normally would not exist, both for
>> IMAP and SMTP.
>> If the clients do not care that the mail server is not the mailserver,
>> perhaps I am overthinking this.
>
>
> One idea would be to leave mail.examp
> With regard to disabling AUTH on port 25 only - we need to let AUTH available
> on submission port (587)
> what exactly should I do? Would it be enough to remove
> "permit_sasl_authenticated" from "smtpd_client_restrictions" in main.cf?
main.cf:
smtpd_sasl_auth_enable = no
master.cf:
s
-- THE SITUATION --
Postfix version 3.5.8 on a RHEL8 flavor
I have virtual mailboxes:
u...@example.com
catch...@example.com
I have virtual aliases:
al...@example.com -> u...@example.com
@example.com -> catch...@example.com
main.cf
...
virtual_mailbox_d
Follow up...
> I have virtual mailboxes:
> u...@example.com
> catch...@example.com
>
> I have virtual aliases:
> al...@example.com -> u...@example.com
> @example.com -> catch...@example.com
>
> But when I send email to al...@example.com it goes to catch...@example.com
> maildir
>> virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_email_aliases
>> @example.com -> catch...@example.com
> To stop the recursion for a specific user, ADD a 1:1 alias:
>
> u...@example.com -> u...@example.com
>
> This works because the more spe
> No, though you should consider *not* implementing a catchall, these are
> generally a bad idea.
If you don't mind, could you please highlight why catchall is a bad idea?
Is it a technical, policy, security, etc, issue?
;> catch...@example.com?
>
> Yes, and generating these is easily automated.
Ah yes, you're right and after thinking about it I came up with this solution
to break recursion:
(If it helps future readers trying to do the same thing)
main.cf
virtual_alias_maps = proxy:mysql
> Could I solve this by setting smtp_helo_name in main.cf to
> 77-172-184-9.fixed.kpn.net ?
> Or is this a bad idea?
Yes you can set the helo name to match but this wont have much effect.
Some servers are looking at domain -> IP -> domain which in your case is:
mail.linetec.nl -> 77.172.184
> There is rspamd. It does more than just DMARC, but seems to be in better
> shape than OpenDMARC.
I use OpenDMARC and have not noticed any issues.
More than one person has said it has issues, what are the problems with it?
> On 04-23-2022 12:35 am, ミユナ wrote:
> when postfix talks to dovecot, does it require user's username/password for
> authentication? or this communication just goes without
> authentication?
I have to do a little guessing on what you mean.
When postfix talks to dovecot? To do
> On 04-23-2022 9:58 pm, ミユナ wrote:
> does plain traffic on port 25 require a certificate?
That is optional and up to you if you want connections to use STARTTLS.
Look into the following settings:
smtpd_tls_security_level
smtp_tls_security_level
smtpd_tls_cert_file
smtpd_tls_key_file
What is the best option for changing the recipient address case such as forcing
all to be lowercase?
> All you need is a case folding regexp before your real virtual table.
>
> /etc/postfix/main.cf:
> virtual_maps =
> regexp:/etc/postfix/virtual_regexp
> mysql:/etc/postfi
> On 05-21-2022 10:30 am, Wietse Venema wrote:
> Doesn't mysql support case-insensitive lookup?
Yes, and I am not experiencing an issue with postfix lookups.
My goal is to have postfix deliver to LMTP lowercase recipient addresses to
overcome a dovecot shortcoming (delimited fo
> On 05-21-2022 11:46 am, Benny Pedersen wrote:
> On 2022-05-21 17:23, post...@ptld.com wrote:
>>> On 05-21-2022 10:30 am, Wietse Venema wrote:
>>> Doesn't mysql support case-insensitive lookup?
>>
>> Yes, and I am not experiencing an issue with postfix
> On 05-21-2022 5:51 pm, Wietse Venema wrote:
> Documented in pipe(8):
>flags=BDFORXhqu.> (optional)
This is new territory for me, can you point me in a direction on how to set
these flags?
Is this something done when compiling postfix? Or is this a setting that can be
> On 05-21-2022 5:51 pm, Wietse Venema wrote:
> Documented in pipe(8):
> flags=BDFORXhqu.> (optional)
I am confused on this.
I read the pipe(8) and lmtp(8) pages and it is unclear to me how i would use
pipe flags with lmtp.
Do i need to replace using lmtp with pipe? Or does pipe work in conjunct
> On 05-23-2022 3:36 pm, James Feeney wrote:
> Reading at http://www.postfix.org/MILTER_README.html, and wondering what
> results from Postfix interacting with multiple milters, we see, paraphrasing,
> in
> part:
>
> 1) There can be more than one Milter application.
> 2)
> On 05-24-2022 10:14 am, Dan Mahoney wrote:
>
> configure to reject (for some to: addresses) at the end of DATA, but still
> forward the mail on?
Not sure I understand, do you mean if a mail is sent to multiple recipients to
prevent the mail from being delivered to some of the recipients while
> On 06-13-2022 2:34 pm, Matus UHLAR - fantomas wrote:
>
> do you know of any milter or other solution that encapsulates whole mails?
> conditionally, when sender domain is not
> local.
https://www.mailmunge.org/ is a milter allowing you to write your own logic in
Perl and gives you access to
as the
smtp_bind_address
Is the second interface with the private IP being considered? With the above
config is there a risk of postfix trying to use the 192.168.x.x (or IPv6
equivalent) for outbound connections? Should the bind addresses be specified
when using a private network on second
> Hi,
> Does your Private address 192.168.x.x have a default gateway as well?
> Rgds/DP
No, the gateway is left blank on that interface. The private interfaces are
just cabled together via a switch.
In systemd:
[ipv4]
address1=192.168.0.200/24
may-fail=true
method=manual
>> No, the gateway is left blank on that interface. The private interfaces are
>> just cabled together via a switch.
> Then Postfix should not make any attempt to deliver mail using the
> private address since it doesn't have a network route to deliver the
> mail thro
e should be similar
> text for IPv6.
Yes i assumed the same behavior applies to both IPv4 and IPv6. And I personally
don't see an issue with the way the documents are written because there is a
separate section for smtp_bind_address6 which explains the same for IPv6.
But what I'm s
> As you can see above, with "inet_interfaces = all" Postfix will
> LISTEN on all available IPv4 (or IPv6) interface addresses, and it
> will NOT BIND to a specific IPv4 (or IPv6) address.
Sorry if I'm being slow.
Yes postfix will listen to ALL and bind to 0.0.0.0:25
Does postfix through either smtp or submission (or both) force line breaks?
I am noticing line breaks after every 998 characters in the body of plain text
messages.
If postfix is the one doing this, is it hard coded or is it a variable that can
be changed?
I am trying to understand what the connecting client is doing in this situation
on submission port 587. I replaced my domain with example.com.
Aug 18 14:15:27 mx postfix/smtpd[26495]: warning: hostname
dsl-201-121-80-137-dyn.prod-infinitum.com.mx does not resolve to address
201.121.80.137
> Why do you believe that the logs below are for port 587?
That server only listens to port 587, #smtp inet is commented out in master.
> For port 587 submission, you should have configured at least:
>
> -o syslog_name=postfix/submission
> -o smtpd_tls_security_level=en
> postfix/submission/smtpd[27525]:
>
> Is that expected to still have the smtpd appended?
Nevermind, i see in the docs
http://www.postfix.org/postconf.5.html#syslog_name
that it does. Thanks for the tip.
e Mail From /
Return-Path is blank.
Is there a proper way to block this kind of junk in Postfix or do I have to
rely on my antispam (that will need tuning, obviously)?
Viktor, genuine question and not meant to be combative;
I feel like I'm forgetting / missing something.
Why isn't every spammer sending spam from <> if it gets a free pass?
?B?dXMgZXhjbHVzaXZlIHZvdWNoZXJzIHdpdGggU1BheUxhdGVyISDwn5GJ?=
LOGS
Aug 25 01:06:58 hostname postfix/cleanup[3106]: 4MCrYG4Y4Zz7VvCt: info: header Subject:
=?UTF-8?B?8J+YsSBTSE9QIE5PVzogR2V0IDAlIElOVEVSRVNUIERlYWxzIHBs?=?
=?UTF-8?B?dXMgZXhjbHVzaXZlIHZvdWNoZXJzIHdpdGggU1BheUxhdGVyISDwn5GJ?= from
On 08-26-2022 3:25 am, Wietse Venema wrote:
post...@ptld.com:
I know this is minor, just bringing it to light if Wietse feels
it is worth doing something about. I noticed on emails with encoded
subject lines an extra character is being inserted into the logs.
Postfix (and Postfix logging
?dXMgZXhjbHVzaXZlIHZvdWNoZXJzIHdpdGggU1BheUxhdGVyISDwn5GJ?=
=?UTF-8?B?8J+YsSBTSE9QIE5PVzogR2V0IDAlIElOVEVSRVNUIERlYWxzIHBs?=?
=?UTF-8?B?dXMgZXhjbHVzaXZlIHZvdWNoZXJzIHdpdGggU1BheUxhdGVyISDwn5GJ?=
You missed the newline in the first line. Postfix will obviously not
let those through and will replace such characters with '?' or so
dGVyISDwn5GJ?=
I still don't understand where the extra '?' came from, nor do I see in RFC5322
2.2.3 where it says anything about adding or replacing characters. I am also
still confused by what Wietse said when he confirmed postfix does not add
characters. Then where did the e
On 08-26-2022 10:08 am, Paul Kingsnorth wrote:
MTA-STS seems to be getting more widespread. I wondered how many people are
using the postfix-mta-sts-resolver from Snawoot, and whether there are any
standout good/bad features of it? Or whether there are any other ways of
implementing MTA-STS
the subject line to be able to assume that is the
reason why? IMO that seems unlikely.
Wietse said postfix logging "does not alter subject lines". Replacing
unprintable characters with '?' in my opinion is altering, if that is what is happening.
I can tell that im beating
e way you worded that. Thank you very
much.
That is the part I was missing, I didn't understand that unfolding wasn't being
done by postfix logging.
So it's a design choice and what im going on about would be a QOL request at
best.
. Therefore unprintable characters - which have the
greatest possibility of breaking things yet are easily filtered - are replaced in the log
with "?" for safety.
I get all of that and believe it to be the most sensible thing.
Now that I understand what is happening with postfix
On 08-26-2022 1:03 pm, Viktor Dukhovni wrote:
On Fri, Aug 26, 2022 at 12:48:40PM -0400, post...@ptld.com wrote:
Now that I understand what is happening with postfix logging as
explained to me in the previous reply, the issue is that postfix
logging is unfolding the subject without removing the
In my setup reject_unlisted_recipient is in smtpd_data_restrictions.
I have milters that run, including during the RCPT command.
Normally, I can observe the milters run before postfix rejects for "User unknown in
virtual mailbox table" by reject_unlisted_recipient in smtpd_data_re
On 09-16-2022 3:16 pm, Wietse Venema wrote:
If Postfix rejects an SMTP event (connect, ehlo, data, and so on),
then Postfix will not send that event to the Milters. If it passed
all SMTP events to Milters, then they would get out of sync with
Postfix.
Is it possible for a client to include non
It has been my experience that it is beneficial to include SPF and DMARC
records for the mail server's hostname along with the domain name.
Domain example.com with mail server mail.example.com:
@IN TXT "v=spf1 a mx -all"
mail IN TXT "v=spf1 include:example.com -all"
_dma
How long do servers try to resend email if your server is temporarily down?
The host has given themselves an 8 hour overnight window.
The default retry for postfix is 5 days.
http://www.postfix.org/postconf.5.html#bounce_queue_lifetime
though the sender IP is not listed in any RBL, outlook still blocks it.
do you know how can I deal with this?
What was the reject reason given?
They will tell you why and usually provide an URL explaining what needs to be
fixed.
i...@example.comn...@example.com
supp...@example.com n...@example.com
suppo...@example.comn...@example.com
The strange thing is that only the first and third aliases work. The
support@ alias is not resolved, Postfix just sends it on to Dovecot
with supp...@example.com as
Some of my users got emails pretending to be from the admin, but looking into
the source of these emails, the From header was modified to mislead the users,
but the return-path still holds the real sender email address.
What is the best way to deal with this? Is it a good idea to match the From
Is Postfix capable of checking DKIM and SPF records on incoming email
and adding headers based upon its findings?
Not the postfix code itself, but postfix supports milters which do this.
My google searches have only returned results on how to do DKIM
signing on outbound email and not how to
So my question is which directive to put rbl settings in?
"smtpd_recipient_restrictions" or "smtpd_client_restrictions"?
Dealers choice. Both work, just depends when you want them rejected. If you
wait for recipient you can see in the logs who the mail was going to. If you
kick them during the
My another question is, for the last statement "permit", is is needed or not?
Not needed. Mail is accepted unless explicitly rejected.
My mailserver once had some issues on sending messages to different providers.
We only allow evidently commercial or similar operators to connect to our
mailservers.
That's so strange policy to permit only commercial company to send messages to
them.
Did you host your mail server in a data c
Is there a way, in postfix, to run a script when the authentication fails,
please ?
I would like to use nftables sets, with the timeout option, to ban IP
addresses. I know fail2ban exists, but I am considering other options.
nftables sets, implemented in the kernel, with the timeout option
I apologize for the email being html-only, not my intention.
I'm having trouble getting Thunderbird to do this right as I have to manually
do this for every outgoing email.
Tools > Settings > Composition > Sending Format > (Automatic || Only Plain Text)
and
Tools > Account Settings > Com
On 12-22-2022 2:18 pm, mailm...@ionos.gr wrote:
sorry to have to burst your bubble, but postfix does not have documentation
at least not in the way we call documentation these days
maybe you'd call them "notes" or a "reference guide" but not real documentation
it
unix_listener /var/spool/postfix/private/lmtp {
mode = 0660
user = postfix
group = postfix
}
DO NOT do this! That socket is for the listen side of the qmgr<->lmtp
communication. The Dovecot LMTP socket needs to be outside the
Postfix-private namespace.
Viktor,
C
There are two lmtp sockets. One (unix:private:lmtp) created by postfix and one
(in postfix speak: unix:private:dovecot-lmtp)created by dovecot. Postfix uses
the first one internally and uses the LMTP protocol over it. Dovecot puts the
second one in postfix's private area for postfix to de
Since I am using SPF as a validation method, the non-srs messages from those
big providers will have possibility to break SPF and be rejected by our systems.
Do you reject based on solely the SPF result? It would be better to use DMARC,
have SPF only create the auth header and not reject, then
No SPF is OK, but as long as the domain of RFC822 MAIL FROM address has a SPF,
this SPF must pass.
DMARC will pass as long as either SPF or DMARC passes.
DMARC will still pass if SPF fails and DKIM passes.
I think you might be misinterpreting what you are reading.
Regardless, in practice in th
Perhaps it would be sensible for Postfix itself to provide a
configuration parameter that somehow lets you conceal or replace the
sending IP/hostname of submitted mail?
My solution...
main.cf:
smtp_header_checks = pcre:/etc/postfix/header_checks_smtp
/etc/postfix/header_checks_smtp
main.cf:
smtp_header_checks = pcre:/etc/postfix/header_checks_smtp
/etc/postfix/header_checks_smtp:
/^Received:/ IGNORE
/^X-Originating-Ip:/ IGNORE
That's a rather radical "solution". More typically one would just drop
"Received" headers
Currently, every time haproxy checks if postfix is still alive, e.g. on port
587, I see this in my logging:
Jan 28 13:13:20 albus submission/smtpd[97331]: warning: haproxy read: EOF
Jan 28 13:13:20 albus submission/smtpd[97331]: connect from unknown[unknown]
Jan 28 13:13:20 albus submission
I am looking to understand if I misinterpreted the documentation or if this is
an issue with postfix.
main.cf
smtpd_reject_unlisted_recipient = no
smtpd_data_restrictions = reject_unlisted_recipient
My intention is to prevent postfix from rejecting invalid recipients at the
RCPT
First off does "queue file write error (in reply to end of DATA command))"
indicate a write error on my server, or on the receiver's server?
Best I can tell from grepping the logs, this is happening only with two
addresses:
Feb 1 07:36:36 h6lix postfix/smtp[22140]:
So those log snippets are from the logs on 50.75.172.140 (my postfix
server). What more might I be looking for?
On Wed, 1 Feb 2023, Wietse Venema wrote:
post...@fongaboo.com:
Jan 31 20:06:15 h6lix postfix/smtp[6552]: 7128C4089C:
to=, relay=50.75.172.140[50.75.172.140]:25,
delay=2.5
hould have
realized that.
Just to clarify in trying to achieve my end goal, is there any way to get
milters to run before postfix would evaluate reject_unlisted_recipient in the
RCPT command?
Since I'm using AlmaLinux, a derivative of RHEL, it does not have PCRE because
Redhat decided to remove it entirely from RHEL.
Thus, I had to convert all my "pcre:" into "regexp:", like the above.
I'm using a similar flavor of RHEL and
dnf -y install postfi
dnf -y install postfix-pcre
It was added later, but by then I had already converted to regex.
FYI: I was given the impression that pcre has better performance than regex in
postfix, if that is something relevant to you.
On 24/04/2020 13.27, Bandaru, Vamsi wrote:
Hello List ,
I am sorry if this query doesn’t belong here , but I am trying to
configure Cyrus SASL on Postfix to use our LDAP servers for
authentication ,
The moment I turn on SASL auth on main.cf , telnet to the system on port
25 starts to
I am writing a policy server in PHP. I am confused by some of postfix
behavior.
I designed the PHP service in this manner;
/usr/libexec/postfix/per-user-policy:
#!/usr/bin/php
master.cf:
userpolicy unix - n n - 0 spawn user=mail
argv=/usr/libexec/postfix/per-user-policy
main.cf
should i expect to happen? Is it intended each instance of the
script should handle just one email then self terminate?
Is there something in the master.cf telling postfix to start a new
instance per email that i can change?
Can you elaborate what you mean my script isn't doing what i think?
I f
On 04-16-2021 12:43 pm, Viktor Dukhovni wrote:
On Fri, Apr 16, 2021 at 11:50:12AM -0400, post...@ptld.com wrote:
master.cf:
userpolicy unix - n n - 0 spawn user=mail
argv=/usr/libexec/postfix/per-user-policy
This means one process per connection. So when there are multiple
smtpd(8
terminates. None of the
userpolicy ever terminate, the number of instances never decreases only
grows. Even with 15+ userpolicy instances loaded, every new email always
starts another instance. I watched it for an hour and they never
terminated, only when i restarted postfix did they finally
expected behavior is it is supposed to be
one new spawn for each client connection/event? So the answer im looking
for is my script should self terminate when it detects the client
(postfix) disconnect? Is that the expected behavior, there are no other
clues given by postfix to the policy
On 04-16-2021 1:28 pm, Viktor Dukhovni wrote:
Of course. Since it is spawned for a single connection, once
that connection is closed, it couldn't possibly get any further
requests. This is not the same as handling one request, you
still need a loop to handle one or requests until EOF.
I will
I am making my own policy service:
userpolicy unix - n n - 0 spawn user=mail
argv=/usr/libexec/postfix/per-user-policy
Which is called in smtpd_recipient_restrictions with
check_policy_service.
Per the SMTPD_POLICY_README it accepts inputs then replies with actions
and an empty line
be
added to the headers second, and so on, thus allowing multiple
action=prepend responses.
No where in the access.5 or SMTPD_POLICY_README could i explicitly find
anything saying you can only send one action.
I also confirm my assumption with the logic that is why an [empty line]
is needed to
Using Linux, postfix, dovecot.
For sorting incoming mail into different maildir folders, i know general
advice is to have postfix deliver to dovecot instead of maildir, and use
dovecot sieve to deliver the mail into a user's sub-folder.
Is there anyway within postfix (or policy servic
I read the NFS_README.html, and i could not find any other postfix page
talking about NFS.
Are there any other write ups on best practices for using postfix with
only the maildir location over NFS?
Many of the random blogs online give advice for older versions NFS2 and
3 which rely on RPC
Viktor's announcement reminds me,
It is my understanding if you publish DANE and TLSA records not only
must you be using DNSSEC (Which most big companies don't) but then your
mail server will not accept mail from anyone not using TLS 1.2+. Why
would you want to do that and block receiving some
I am setting up a postfix instance as submission only to compliment
dovecot in imap mode.
Is there a way to turn off listening on port 25 and only have submission
listen on 587?
I already know how to bind the submission service to 587 in the
master.cf
I assume listening on 25 is controlled by
New problem, i can not specify two IP's in the master.cf for submission
to bind to.
This works:
127.0.0.1:submission inet n - n - - smtpd
This works:
[::1]:submission inet n - n - - smtpd
This does not work:
127.0.0.1,[::1]:submission inet n - n - - smtpd
127.0.0.1 [::1]:submission inet n - n
I noticed in the headers it shows:
dkim=pass (2048-bit key; unprotected)
What does the unprotected part refer to?
Anything to worry about? Something i need to setup or configure?
I googled but didn't find anything, just people talking about why their
dkim didn't pass.
I notice emails from gmail
301 - 400 of 4070 matches
Mail list logo
