On May 16, 2023 12:16:21 PM UTC, Tom Reed via Postfix-users
wrote:
>Hello list,
>
>Should we reject failed message on DKIM validation stage, or DMARC
>validation stage, or both?
No and it depends.
DKIM has no policy mechanism associated with it, so there's no basis in
On 2023-05-16 at 08:16:21 UTC-0400 (Tue, 16 May 2023 20:16:21 +0800)
Tom Reed via Postfix-users
is rumored to have said:
Hello list,
Should we reject failed message on DKIM validation stage, or DMARC
validation stage, or both?
Generally, neither.
IF (and ONLY IF) the "From: &qu
* Scott Kitterman via Postfix-users :
> DKIM has no policy mechanism associated with it, so there's no basis in any
> standardized mechanism to determine if a DKIM failure should be cause for
> rejection. I don't think it makes logical sense to treat a message with a
&g
Dnia 16.05.2023 o godz. 20:16:21 Tom Reed via Postfix-users pisze:
>
> Should we reject failed message on DKIM validation stage, or DMARC
> validation stage, or both?
There is no rule ststing what you "should" do in these cases. It depends on
what you *want* to do, that is
mailmary--- via Postfix-users:
>
> I am talking about the authentication email, not MAIL FROM or RCPT TO.
>
> hmm, when using the -v parameter, just above the "SASL LOGIN
> authentication failed: UGFzc3dvcmQ6" log entry, I can clearly see
> the email/password
>
Alex via Postfix-users:
> Hi,
> I have a postfix-3.7.3 fedora37 system and have a few users who want me to
> disable reject_non_fqdn_sender because it seems many of their users have
> DNS problems. For example, email from nore...@info.apr.gov.rs fails to
> resolve with:
>
> $
mailmary--- via Postfix-users:
>
> In all honesty, the current situation of logging the base64 string
> "UGFzc3dvcmQ6" does not help us.
>
> Maybe we could reconsider, and actually log the data (raw or base64-decoded)?
Absolutely not. As a matter of security princi
On May 16, 2023 1:20:53 PM UTC, Ralf Hildebrandt via Postfix-users
wrote:
>* Scott Kitterman via Postfix-users :
>
>> DKIM has no policy mechanism associated with it, so there's no basis in any
>> standardized mechanism to determine if a DKIM failure should be caus
at 08:16:21 UTC-0400 (Tue, 16 May 2023 20:16:21 +0800)
> Tom Reed via Postfix-users
> is rumored to have said:
>
>> Hello list,
>>
>> Should we reject failed message on DKIM validation stage, or DMARC
>> validation stage, or both?
>
> Generally, neither
Tom Reed via Postfix-users skrev den 2023-05-16 14:16:
Should we reject failed message on DKIM validation stage, or DMARC
validation stage, or both?
if dkim is based on reject you will ignore dmarc policy, just dont
reject is safe :)
tip, add ipwhitelist in both so you never ever reject
Tom Reed via Postfix-users skrev den 2023-05-16 14:41:
so for both DKIM and DMARC failure you send them to spam folder?
what dmarc policy ?, none, quarantine, reject ?
forget dkim here, its not designed to be a spam scanner
___
Postfix-users
João Silva via Postfix-users skrev den 2023-05-16 14:49:
Yes, straight to a Spam folder.
a bit silly if its a maillist, if its spam why not unsubscribe ?
i loose maybe :/
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe
Scott Kitterman via Postfix-users skrev den 2023-05-16 15:04:
DMARC does have such a policy component. Rejecting mail which fails
DMARC for domains that have a policy of p=reject is common. DMARC
does have a high error rate for some types of email, so I would
recommend a careful evaluation of
Ralf Hildebrandt via Postfix-users skrev den 2023-05-16 15:20:
* Scott Kitterman via Postfix-users :
DKIM has no policy mechanism associated with it, so there's no basis
in any standardized mechanism to determine if a DKIM failure should be
cause for rejection. I don't think it mak
mailmary--- via Postfix-users skrev den 2023-05-16 11:50:
Isn't the above useless? Should it say something like:
SASL LOGIN authentication failed: failed@email.address
PS:
I know that I can add -v to the smtpd submission process to get
thousands of debug lines and among them is the
Wietse Venema via Postfix-users skrev den 2023-05-16 13:52:
That is not the case.
i know my weakforced is not perfekt but i see all detail before reject,
even if postfix dont log it
https://github.com/PowerDNS/weakforced
___
Postfix-users mailing
mailmary--- via Postfix-users skrev den 2023-05-16 14:14:
so why not report the email, instead of a base64 string?
how usefull is decode of base64 here ?
its what happens next it more usefull to log
https://github.com/PowerDNS/weakforced
On 2023-05-16 at 10:11:39 UTC-0400 (Tue, 16 May 2023 22:11:39 +0800)
Tom Reed via Postfix-users
is rumored to have said:
For OpenDMARC this setting:
SPFSelfValidate true
Can it handle the case when incoming message has rewritten
envelope address by SRS then no SPF found for header From
etc/postfix/sender_access.pcre:
/\.example\.com$/ DUNNO
/./ reject_unknown_sender_domain
Though I wonder how one would ever be able to reply to the sender.
Wietse
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
On 2023-05-16 at 11:27:52 UTC-0400 (Tue, 16 May 2023 11:27:52 -0400)
Alex via Postfix-users
is rumored to have said:
> Is there a way to control smtpd_recipient_restrictions on a per-domain
> basis so I can relax some of these restrictions for cases like this,
> instead of a more
Hello,
Am I correct that the string in question should normally contain the
SASL response? While the "Password:" is apparently some interactive
prompt, indicating that something might be wrong with the connection or
configuration?
Eugene
On 16.05.2023 17:06, Wietse Venema via Pos
On Tue, May 16, 2023 at 07:32:55PM +0300, Eugene R via Postfix-users wrote:
> Am I correct that the string in question should normally contain the SASL
> response? While the "Password:" is apparently some interactive prompt,
> indicating that something might be wrong wit
On Tue, May 16, 2023 at 09:44:41AM -0400, Wietse Venema via Postfix-users wrote:
> Looks like you have a *local* DNS problem. Check your routing,
> including netmasks.
The domain is broken. See
https://dnsviz.net/d/info.apr.gov.rs/dnssec/
On of the listed name servers is unresponsive an
Bill Cole via Postfix-users skrev den 2023-05-16 17:34:
I have no idea what the answer to that is, as I don't use OpenDMARC.
You may want to figure out where, if anywhere, OpenDMARC support is
available.
http://www.trusteddomain.org/open
On 2023-05-16 at 12:19:03 UTC-0400 (Tue, 16 May 2023 18:19:03 +0200)
Víctor Rubiella Monfort via Postfix-users
is rumored to have said:
For example for imap/pop login failures dovecot log email account that
produces the failure.
If you are using Dovecot for SASL and have auth_verbose enabled
On Tue, May 16, 2023 at 11:27:52AM -0400, Alex via Postfix-users wrote:
> > > $ host info.apr.gov.rs
> > > Host info.apr.gov.rs not found: 2(SERVFAIL)
>
> There's definitely a problem with their name servers, but it also seems my
> version of bind is not per
rs.
If you do find out something actionable, you can post the solution here.
--
Viktor.
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
https://dkinbox.com/
_______
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
It appears that Tom Reed via Postfix-users said:
>Since the message was sent to mailing list which rewrites envelope address
>and adds list signature, so:
>
>1) SPF for header From: address won't get pass due to SRS.
>2) DKIM won't get pass due to list signature.
>
On 2023-05-16 at 21:09:35 UTC-0400 (Wed, 17 May 2023 09:09:35 +0800)
Tom Reed via Postfix-users
is rumored to have said:
[...]
Since the message was sent to mailing list which rewrites envelope
address
and adds list signature, so:
1) SPF for header From: address won't get pass due to S
> On Tue, May 16, 2023 at 10:15:35PM -0400, Bill Cole via Postfix-users
> wrote:
>
>> On 2023-05-16 at 21:09:35 UTC-0400 (Wed, 17 May 2023 09:09:35 +0800)
>> Tom Reed via Postfix-users
>> is rumored to have said:
>> [...]
>> > Since the message was se
rom https://dkinbox.com/
_______
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
> On 16.05.23 16:38, Benny Pedersen via Postfix-users wrote:
>>dmarc does not imho use ARC results yet :/
>
> You must configure trusted ARC signers.
> You can't blindly trust ARC just like you can't blindly trust SPF
>
May I ask what policyd or milter you use
You are ignoring my response. That is rude. Stop spamming
the postfix-users list with your repeated information.
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
Matus UHLAR - fantomas via Postfix-users:
[ Charset ISO-8859-2 converted... ]
> >On 2023-05-16 at 12:19:03 UTC-0400 (Tue, 16 May 2023 18:19:03 +0200)
> >V?ctor Rubiella Monfort via Postfix-users
> >is rumored to have said:
> >>For example for imap/pop login failure
= permit_mynetworks permit_sasl_authenticated
defer_unauth_destination
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated,
defer_unauth_destination
Thanks.
--
sent from https://dkinbox.com/
_______
Postfix-users mailing list -- postfix-users@postfi
Tom Reed via Postfix-users:
>
> Hello,
>
> multiple items for a given directive, "," or space or "," + space all are
> valid delimiters. Am I right? Such as the following.
No, it is different for some.
> smtpd_relay_restrictions =
> pe
17.05.23, 13:20 +0200, Tom Reed via Postfix-users:
multiple items for a given directive, "," or space or "," + space all are
valid delimiters. Am I right? Such as the following.
Yes. From the doc[1]:
| Specify a list of restrictions, separated by commas
On 17/05/2023 08:18, Matus UHLAR - fantomas via Postfix-users wrote:
On 16.05.23 22:11, Tom Reed via Postfix-users wrote:
For OpenDMARC this setting:
SPFSelfValidate true
this only causes opendmarc to resolve SPF itself instead of using existing
Authentication-Results: header.
Actually (from
Matus UHLAR - fantomas via Postfix-users skrev den 2023-05-17 09:28:
On 16.05.23 16:38, Benny Pedersen via Postfix-users wrote:
dmarc does not imho use ARC results yet :/
You must configure trusted ARC signers. You can't blindly trust ARC
just like you can't blindly trust SPF
i
Tom Reed via Postfix-users skrev den 2023-05-17 09:31:
On 16.05.23 16:38, Benny Pedersen via Postfix-users wrote:
dmarc does not imho use ARC results yet :/
You must configure trusted ARC signers.
You can't blindly trust ARC just like you can't blindly trust SPF
May I ask what
But it seems that all the useful information is already shown in the
dovecot log line (unless we want to differentiate SASL vs IMAP auth
failures for some reason).
Eugene
On 17.05.2023 14:06, Wietse Venema via Postfix-users wrote:
Matus UHLAR - fantomas via Postfix-users:
[ Charset ISO-8859
-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
On Thu, May 18, 2023 at 07:48:32PM +0800, Tom Reed via Postfix-users wrote:
> If a sender write a message which has N recipients in the same
> destination domain (say gmx.de), when postfix deliver this message to
> peer MTA, will it deliver one copy, or N copies?
For a typical message t
On Thu, May 18, 2023 at 09:22:34PM +0900, Byung-Hee HWANG via Postfix-users
wrote:
> And now i added TLSA record for only *outbond* smtp server,
> .
It is also your secondary MX host:
https://stats.dnssec-tools.org/explore/?doraji.xyz
the primary MX host does not yet have TLSA r
-Ursprüngliche Nachricht-
Von: Viktor Dukhovni via Postfix-users
Gesendet: Donnerstag, 18. Mai 2023 15:12
An: postfix-users@postfix.org
Betreff: [pfx] Re: DANE and DNSSEC
On Thu, May 18, 2023 at 09:22:34PM +0900, Byung-Hee HWANG via Postfix-users
wrote:
> And now i added TLSA record for o
Hello Byung-Hee ,
for testing you may want to try https://blog.lindenberg.one/EmailSecurityTest.
Best Regards,
Joachim
-Ursprüngliche Nachricht-
Von: Byung-Hee HWANG via Postfix-users
Gesendet: Mittwoch, 17. Mai 2023 10:16
An: Postfix-users
Betreff: [pfx] Re: DANE and DNSSEC
Now i
On Thu, May 18, 2023 at 08:54:16PM +0200, Joachim Lindenberg via Postfix-users
wrote:
> For Letsencrypt certificates I´d definitely go with 2 1 1
> 8D02536C887482BC34FF54E41D2BA659BF85B341A0A20AFADB5813DCFBCF286D and
> optionally the R4 derivate and add their successors when these are
&
On Thu, May 18, 2023 at 09:20:38AM -0400, Alex via Postfix-users wrote:
> Maybe my issue is that the always_bcc user is going through a transport at
> all, and instead should just be delivered locally, or perhaps processed
> only by the local_transport? How can I do that?
>
> I re
Alex via Postfix-users:
> May 18 18:24:00 cable postfix-120/smtpd[2919509]: NOQUEUE: reject: RCPT
> from send106.emailfilter.io[185.54.163.144]: 450 4.1.8 :
> Sender address rejected: Domain not found; from= to=<
> vojisla...@example.com> proto=ESMTP helo=
Thi
> On Thu, May 18, 2023 at 07:48:32PM +0800, Tom Reed via Postfix-users
> wrote:
>
>> If a sender write a message which has N recipients in the same
>> destination domain (say gmx.de), when postfix deliver this message to
>> peer MTA, will it deliver one copy, or
On Thu, May 18, 2023 at 07:07:55PM -0400, Alex via Postfix-users wrote:
> > Is there a way to control smtpd_recipient_restrictions on a per-domain
> > > basis [...]
To resolve the ambiguity, you might have said: "per *recipient* domain"
> If I interpret your instruc
On Fri, May 19, 2023 at 08:57:34AM +0800, Tom Reed via Postfix-users wrote:
>
>
> > On Thu, May 18, 2023 at 07:48:32PM +0800, Tom Reed via Postfix-users
> > wrote:
> >
> >> If a sender write a message which has N recipients in the same
> >> destination
Byung-Hee HWANG via Postfix-users skrev den 2023-05-19 04:26:
Thanks for advice!
[renewalparams]
reuse_key = True
preferred_chain = ISRG Root X1
And
I can't say anything yet. I need some test for long time. If i am sure
what DANE is,
posttls-finger example.org,
/
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
> On 21.05.23 15:53, Tom Reed via Postfix-users wrote:
>>My postfix has setup another MTA for relay host,
>>
>>relayhost = [relay_ip]
>>
>>If I setup this postfix as backup mx for a domain, such as foo.com.
>>will messages for foo.com relay from relay_ip
Alex via Postfix-users:
> Hi,
> I'm using multi-instance postfix-3.7.2 on fedora37 and would like to be
> able to control which header and body checks apply to which domain in a
> specific instance. I'm looking for advice on the best way to do this.
>
> I have abou
Wietse Venema via Postfix-users:
> Alex via Postfix-users:
> > Hi,
> > I'm using multi-instance postfix-3.7.2 on fedora37 and would like to be
> > able to control which header and body checks apply to which domain in a
> > specific instance. I'm looking
Alex via Postfix-users:
> > > I'd say, start with one instance per domain. The 'cost' of doing so
> > > is really small.
> >
> > Once you run out of IP addresses, you will need policy selection
> > based on the recipient domain. For example:
Alex via Postfix-users:
> Hi,
>
> On Sun, May 21, 2023 at 4:41?PM Wietse Venema via Postfix-users <
> postfix-users@postfix.org> wrote:
>
> > Alex via Postfix-users:
> > > > > I'd say, start with one instance per domain. The 'cost' of doi
Alex via Postfix-users:
> Hi,
>
> > > > > internet -> front-end Postfix instance -> filter -> back-end
> > > > Postfix
> > > > > > instance
> > > > > >
> > > > > >
On Sun, May 21, 2023 at 06:26:34PM -0400, Alex via Postfix-users wrote:
> I don't have any content filters set up in the front-end postfix. How do I
> connect the front-end postfix with the filters?
For per-domain message content modification you need to first "split the
envelop
On Sun, May 21, 2023 at 02:05:31PM -0400, Alex via Postfix-users wrote:
> Can I follow up on this? I can't figure out why always_bcc mail is being
> sent through the default content filter while mail designated for my
> domain-specific transport is sent through another in my
can't be reachable, so relay_host
deliver message to backup MX again.
Will this delivery loop happen in real world?
Thank you.
--
sent from https://dkinbox.com/
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an ema
decide on
her/his own.
Cheers,
Joachim
-Ursprüngliche Nachricht-
Von: raf via Postfix-users
Gesendet: Samstag, 20. Mai 2023 00:53
An: postfix-users@postfix.org
Betreff: [pfx] Re: DANE and DNSSEC
On Thu, May 18, 2023 at 08:54:16PM +0200, Joachim Lindenberg via Postfix-users
wrote
On Mon, 22 May 2023, Tom Reed via Postfix-users wrote:
Given the case that:
1. postfix is a backup MX for foo.com
2. this postfix uses other MTA as relay_host
When the primary MX for foo.com is down, messages to u...@foo.com will be
delivered into backup MX. And, backup MX delivers the
On 2023-05-22 at 08:36:49 UTC-0400 (Mon, 22 May 2023 14:36:49 +0200
(CEST))
Bernardo Reino via Postfix-users
is rumored to have said:
My world is only a very small subset of the real world :), but in that
world, if I say that a given server is the MX for a domain, then
that's that, it s
On Mon, May 22, 2023 at 08:26:19PM +0800, Tom Reed via Postfix-users wrote:
> 1. postfix is a backup MX for foo.com
> 2. this postfix uses other MTA as relay_host
This would be a misconfiguration. A backup MX host MUST NOT be an
effective null client that relays *all* non-local mai
Tom Reed via Postfix-users:
> Hello list,
>
> Given the case that:
>
> 1. postfix is a backup MX for foo.com
> 2. this postfix uses other MTA as relay_host
Please don't do that. By design a Postfix backup MX host will deliver
to an MX host with a 'better' MX pre
Thank you Victor, you are the embodiment of truth.
> On Mon, May 22, 2023 at 08:26:19PM +0800, Tom Reed via Postfix-users
> wrote:
>
>> 1. postfix is a backup MX for foo.com
>> 2. this postfix uses other MTA as relay_host
>
> This would be a misconfiguration. A ba
comparison.
regards.
--
sent from https://dkinbox.com/
_______
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
Tom Reed via Postfix-users skrev den 2023-05-23 01:53:
I am not sure why I need a backup mx indeed, but if you make a simple
dig,
you find gmail, fastmail, protonmail, comcast, free.fr those big
providers
do have backup MXs.
Though yahoo, outlook don't have backup MX as a comparison.
Yahoo has multiple server weight 1 servers providing redunancy.
yahoo.com mail is handled by 1 mta6.am0.yahoodns.net.
yahoo.com mail is handled by 1 mta5.am0.yahoodns.net.
yahoo.com mail is handled by 1 mta7.am0.yahoodns.net
Thanks
Matthew
On 5/22/2023 6:53 PM, Tom Reed via Postfix-users wrote
On 2023-05-22 at 19:53:11 UTC-0400 (Tue, 23 May 2023 07:53:11 +0800)
Tom Reed via Postfix-users
is rumored to have said:
PS: Why do you (think you) need a backup MX?
Hello
I am not sure why I need a backup mx indeed,
If you don't know why you want the added complexity, you do not
nstance.
--
Viktor.
_______
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
On Mon, May 22, 2023 at 02:34:41PM +0200, Joachim Lindenberg via Postfix-users
wrote:
> reusing the private key for too long (say a year or more) is
> considered a bad security practice. Imho it is easier to monitor
> changes of the issuing CA (I do) or just mark your calendar to up
/
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
On Tue, May 23, 2023 at 11:56:41AM +0800, Tom Reed via Postfix-users wrote:
> Does virtual domains (such as virtual_alias_domains) support wildcard?
> such as putting this one in the file:
>
> *.foo.com
>
> so that one.foo.com, two.foo.com... will be a recipient domain.
You
61:postfix
```
Do you know of other solutions?
Kind regards,
Paul
[1]: https://www.email-security-scans.org/
[2]: https://github.com/Snawoot/postfix-mta-sts-resolver
[3]:
https://raw.githubusercontent.com/Snawoot/postfix-mta-sts-resolver/master/README.md
______
On Wed, May 24, 2023 at 02:25:38PM +0200, Paul Menzel via Postfix-users wrote:
> Running the *Public Email & DNS Testbed* [1], I was reminded, that we
> have MTA-STS set up, but do not take the MTAT-STS policy of other
> domains into account.
>
> As a solution I found *postf
If the MX hostname has only IPv6 resolved,
does it have problems in mail functions?
Thanks.
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
Ken Peng via Postfix-users:
> If the MX hostname has only IPv6 resolved,
> does it have problems in mail functions?
Does every legitimate sender have IPv6 connectivity?
Wietse
___
Postfix-users mailing list -- postfix-users@postfix.
On 2023-05-24 at 09:50:08 UTC-0400 (Wed, 24 May 2023 13:50:08 +)
Ken Peng via Postfix-users
is rumored to have said:
If the MX hostname has only IPv6 resolved,
does it have problems in mail functions?
Yes.
Not all sending systems have IPv6 addresses or connectivity. If your
inbound
arbitrary unauthenticated hosts.
Cheers,
Joachim
-Ursprüngliche Nachricht-
Von: Viktor Dukhovni via Postfix-users
Gesendet: Mittwoch, 24. Mai 2023 14:32
An: postfix-users@postfix.org
Betreff: [pfx] Re: TLS client policy according to domain MTA-STS policy
On Wed, May 24, 2023 at 02:25:38PM +
change them to group writeable to get the
milter to work.
Is this the proper way to set this up?
Or should postfix be run as mailnull?
or???
Thanks,
Gary
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix
Gary Aitken via Postfix-users:
> New install of postfix on a freebsd 12.4 system.
> I have milter-greylist installed, set up in main.cf as:
>
>milter_protocol = 6
>milter_default_action = accept
>smtpd_milters = local:/var/milter-greylist/milter-greylist.sock
>
&
On Mon, May 22, 2023 at 09:53:36PM -0400, Viktor Dukhovni via Postfix-users
wrote:
> Key reuse as a *default* rollover approach is robust. When it is time
> to change keys, one can do so deliberately, and with due care to
> prepublish TLSA records matching the *next* key, then after a
Byung-Hee HWANG via Postfix-users skrev den 2023-05-25 05:42:
Thanks for good tool, because still i feel very hard to make "3 1 1"
tlsa things. Someday far later, i'll try this "3 1 1" things.
Actually i cannot say anything about DANE. Still work in progress ...
39#c3
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
On Fri, May 26, 2023 at 01:05:09PM +0200, Paul Menzel via Postfix-users wrote:
> > This behaviour is to be expected given the incorrect MIME structure
> > of the message. It is:
> >
> > multipart/alternative
> > text/plain
> > multipart/mixed
> >
On 2023-05-26 at 07:05:09 UTC-0400 (Fri, 26 May 2023 13:05:09 +0200)
Paul Menzel via Postfix-users
is rumored to have said:
Dear Postfix folks,
Apple Mail violates the standard [1],
That's no "standard" that's a Mozilla Inc. bug report.
There is no violation of stan
Hello
If I set up backup MX just the same weight as primary MX, can the two MX
servers work as load balancer for incoming emails?
Thank you.
--
Sent from https://dkinbox.com/
___
Postfix-users mailing list -- postfix-users@postfix.org
To
Tom Reed via Postfix-users:
>
> Hello
>
> If I set up backup MX just the same weight as primary MX, can the two MX
> servers work as load balancer for incoming emails?
The backup MX will need a transport map to route mail to the primary MX.
See:
http://
> Tom Reed via Postfix-users:
>>
>> Hello
>>
>> If I set up backup MX just the same weight as primary MX, can the two MX
>> servers work as load balancer for incoming emails?
>
> The backup MX will need a transport map to route mail to the primar
On Tue, May 30, 2023 at 07:18:01PM +0800, Tom Reed via Postfix-users wrote:
> If I set up backup MX just the same weight as primary MX, can the two MX
> servers work as load balancer for incoming emails?
Will both then relay the mail to some other server for mailbox storage?
Or are mai
> On Tue, May 30, 2023 at 07:18:01PM +0800, Tom Reed via Postfix-users
> wrote:
>
>> If I set up backup MX just the same weight as primary MX, can the two MX
>> servers work as load balancer for incoming emails?
>
> Will both then relay the mail to some other serve
ient_maps = ...
> If I add a backup MX server saying it's mx2.dkinbox.com, I just want both
> the mx1 and mx2 load balances the incoming messages, and mx2 forwards
> messages to mx1 then.
There's no good reason to have mail sent to mx2 unless mx1 is down.
--
Viktor.
_
Viktor Dukhovni via Postfix-users skrev den 2023-05-30 14:30:
There's no good reason to have mail sent to mx2 unless mx1 is down.
and subject says load balancing, not backup mx
imho OP asked not to have mx backup, but load balancing, in with case
HA-Proxy would help more
also if
On Tue, May 30, 2023 at 04:07:32PM +0200, Benny Pedersen via Postfix-users
wrote:
> > There's no good reason to have mail sent to mx2 unless mx1 is down.
Under the proviso that "mx1" is the mail store. The mail has to go
there anyway, so it may as well get there in one
Le 30/05/2023 à 16:07, Benny Pedersen via Postfix-users a écrit :
Viktor Dukhovni via Postfix-users skrev den 2023-05-30 14:30:
There's no good reason to have mail sent to mx2 unless mx1 is down.
and subject says load balancing, not backup mx
imho OP asked not to have mx backup, but
1901 - 2000 of 8177 matches
Mail list logo
