[pfx] Re: SMTP Smuggling with long-term fix

smuggling for the `\r\n.\n` case. Sorry, that was a bad copypaste, I meant '\r\n.\r'. _______ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: SMTP Smuggling with long-term fix

If I remember correctly, on the wire there was \r\n\r\n.\r\r\n I will assemble a pcap and some logs when I'm back home. > In other words, I need to see proff in the form of a PCAP file and > NON-VERBOSE logging, or it did not happen. _______ Po

[pfx] Re: SMTP Smuggling with long-term fix

People are welcome to test tools against postfix-3.9-20240106. I could test against a 3.7.9 codebase if you posted a patch for it. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le

[pfx] Re: Smuggling?

5) score SPAM_DOMAIN_OUTLOO9 15.0 describeSPAM_DOMAIN_OUTLOO9 Outlook spam with missing headers, missing To (outloo) On Sun, 7 Jan 2024 10:17:56 -0500 John Hill via Postfix-users wrote: > First I am really amazed at the amount of support, that's not true > everywhere. I al

[pfx] recipient_bcc_maps clarification.

ov.in -- ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: SMTP Smuggling with long-term fix

ect - all was rejected (Rejected at spf level) [1] https://github.com/The-Login/SMTP-Smuggling-Tools.git _______ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org -- __

[pfx] Re: SMTP Smuggling with long-term fix

ort-term workarounds are doing their job.___________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: SMTP Smuggling with long-term fix

W dniu 8.01.2024 o 13:35, Damian via Postfix-users pisze: I create test VPS (outside my infrastructure) and install all for python3 for testing root@hanz:~# python3 smtp_smuggling_scanner.py --sender-domain gmail.com piot...@mydomain.ltd Don't use a sender-domain you don't have co

[pfx] Re: SMTP Smuggling with long-term fix

s "fake" end-of-data sequence! Are those really standalone emails with subject "SMUGGLED EMAIL ..."? If they are, I cannot reproduce that even with disabled short-term workarounds.___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: SMTP Smuggling with long-term fix

Hi Yest this is e-mails body from test - only when sender domain have SPF set ~all or SPF not exist W dniu 8.01.2024 o 15:08, Damian via Postfix-users pisze: SMUGGLING WORKS with '\r\n\x00.\r\n' as "fake" end-of-data sequence! SMUGGLING WORKS with '\r.\r\n'

[pfx] Re: recipient_bcc_maps clarification.

- Message from Viktor Dukhovni via Postfix-users -     Date: Mon, 8 Jan 2024 12:40:49 -0500     From: Viktor Dukhovni via Postfix-users Reply-To: postfix-users@postfix.org, Viktor Dukhovni Subject: [pfx] Re: recipient_bcc_maps clarification.       To: postfix-users

[pfx] Logging of SMTP smuggling mitigation

[115.236.121.165] Would it be possible to log at least the queue-id as well? Also sender and/or recipient would be nice ;-) Or is it for security that no more information is logged? Have a good one tobi _______ Postfix-users mailing list -- postfix-user

[pfx] Not a very important problem - smtpd_sender_login_maps

have such a map for outgoing e-mails But I need a this  "wildcard" for my MX that only works for incoming mail something like .*@.* -> *.@.* I just don't want stupid bots to try to play... -- _______ Postfix-users mailing list -- postfix-us

[pfx] postfix repo

Hi Wietse Have you thought about postfix repo for Debian, just like dovecot has for his relase ? I'm asking by the way -- ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] schleuder and postfix virtual domains

;transport" map. If you need more info, please ask. Thanks -- roughnecks OpenPGP_0x8FBF94AC1E006074.asc Description: OpenPGP public key OpenPGP_signature.asc Description: OpenPGP digital signature _______ Postfix-users mailing list -- postfix-users@p

[pfx] Re: schleuder and postfix virtual domains

Il 14/01/2024 14:07, Wietse Venema via Postfix-users ha scritto: If there are any schleuder users on this list, maybe someone knows what you are talking about. For the rest of the readership, concrete informnation (settings, not beliefs) is needed. https://paste.woodpeckersnest.space

[pfx] Re: schleuder and postfix virtual domains

Il 14/01/2024 15:52, Wietse Venema via Postfix-users ha scritto: To receive receive list mail fordecentralize-send...@wood...nest.eu you need to list wood...nest.eu in mydestination. But I believe I read in several places in the docs to NOT add a virtual domain to mydestination.. Didn

[pfx] Re: schleuder and postfix virtual domains

Il 14/01/2024 16:21, Wietse Venema via Postfix-users ha scritto: Actually, this happens because your virtual alias @woodpeckersnest.eu@woodpeckersnest.space rewritesdecentralize-send...@wood...nest.eu to decentralize-send...@wood...nest.space If you cannot change that, then your

[pfx] Re: schleuder and postfix virtual domains

Il 14/01/2024 16:21, Wietse Venema via Postfix-users ha scritto: Actually, this happens because your virtual alias @woodpeckersnest.eu@woodpeckersnest.space rewrites decentralize-send...@wood...nest.eu to decentralize-send...@wood...nest.space. If you cannot change that, then

[pfx] Re: schleuder and postfix virtual domains

Il 14/01/2024 15:56, roughnecks via Postfix-users ha scritto: Il 14/01/2024 15:52, Wietse Venema via Postfix-users ha scritto: To receive receive list mail fordecentralize-send...@wood...nest.eu you need to list wood...nest.eu in mydestination. But I believe I read in several places in the

[pfx] Re: schleuder and postfix virtual domains

Il 14/01/2024 18:57, Wietse Venema via Postfix-users ha scritto: Does the other .eu mailinglist sill work? If you mean the .space one, it does, but I had to also remove the canonical map :) I had a schleuder .space list, (still) working Now I have a schleuder .eu list, also working Plus

[pfx] Re: postfix repo

On 12/01/24 04:08, Wietse Venema via Postfix-users wrote: Viktor Dukhovni via Postfix-users: On Thu, Jan 11, 2024 at 03:53:35PM +0100, natan via Postfix-users wrote: Hi Wietse Have you thought about postfix repo for Debian, just like dovecot has for his relase ? What is a "Postfix rep

[pfx] ldap + 550 5.1.1

dap:/etc/postfix/ldap/virtual-mailbox-maps.cf virtual_transport = lmtp:unix:private/dovecot-lmtp   _______ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Steps to replicate SMTP smuggling

hey postfix-users,I am trying to replicate the smtp smuggling for my postfix servers to verify the fix. But I am not able to recreate it. Incoming side I am always receiving single mail. I am trying to send a mail with the incorrect END-OF-DATA with a script. Can someone help with the same?Thanks

[pfx] client checks with suspect IPs

s.pcre: /myclient\.com/ permit Any ideas greatly appreciated. _______ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: postfix repo

On 16/01/24 17:26, Scott Kitterman via Postfix-users wrote: As many are aware Ghettoforge builds these for EL. To me the simplest way for Debian and other distros is for a community member to take up the mantle and build Postfix in a similar way. It's not that difficult to do and it put

[pfx] Re: Documentation on upgrade 2.10 to 3.5

On 25/01/24 04:38, Bill Gee via Postfix-users wrote: Oops!  I just realized that I sent this instead of saving it.  Dang! I've re-organized the quoted section to put your questions in their intended order. The time is finally coming when I have to do something with my Postfix serve

[pfx] [postfix] 3.4.23: virtual, pipe and ${original_recipient} vs. ${recipient}

} ${recipient} -- end of postfinger output -- ___________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Adjusting smtpd_recipient_restrictions

Best, Mark. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] migrating server to new host

tconf mail_version mail_version = 3.5.8 # postconf -m btree cidr environ fail hash inline internal ldap memcache mysql nis pcre pipemap proxy randmap regexp socketmap static tcp texthash unionmap unix ___ Postfix-users mailing list -- postfix-users@postfi

[pfx] Re: Adjusting smtpd_recipient_restrictions

ell? I'm trying to be as restrictive as possible, against haux&pseudo hostnames/helo attempts, spammers and attackers. Many thanks, Much regards. Mark. 2 Şubat 2024 Cuma tarihinde Viktor Dukhovni via Postfix-users < postfix-users@postfix.org> yazdı: > On Fri, Feb 02, 2024 at 08:

[pfx] Re: Adjusting smtpd_recipient_restrictions

rules are happening in main.cf, which is listed here; https://pastebin.mozilla.org/i5tMtPAk I've learned a lot from your replies, much grateful! Thank you, Mark. Viktor Dukhovni via Postfix-users , 4 Şub 2024 Paz, 19:14 tarihinde şunu yazdı: > On Sun, Feb 04, 2024 at 01:22:45PM +020

[pfx] Re: Adjusting smtpd_recipient_restrictions

uld you explain further please where I made a mistake? Regards. Matus UHLAR - fantomas via Postfix-users , 5 Şub 2024 Pzt, 15:15 tarihinde şunu yazdı: > On 04.02.24 22:06, Mark via Postfix-users wrote: > >->"Best practice is to require submission users sending outbound mail do > s

[pfx] Re: Adjusting smtpd_recipient_restrictions

tus UHLAR - fantomas via Postfix-users , 5 Şub 2024 Pzt, 16:33 tarihinde şunu yazdı: > On 05.02.24 15:46, Mark wrote: > >Thanks for the idea below. I'm going to try wrapping them in $mua in > main.cf > >. > > > >However, you said; > > > >"Looking

[pfx] Re: [postfix] 3.4.23: virtual, pipe and ${original_recipient} vs. ${recipient}

Thanks for your advice. Am 25.01.2024 22:56 schrieb Viktor Dukhovni via Postfix-users: On Thu, Jan 25, 2024 at 04:48:39PM -0500, Bill Cole via Postfix-users wrote: > - Are you expected exactly one recipient per-invocation of the > spamassassin filter? I'm not sure how sp

[pfx] ARC or DKIM or SRS?

swer/81126?visit_id=638429520681370280-1110640002&rd=1#zippy=%2Crequirements-for-all-senders _______ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: ARC or DKIM or SRS?

On 8/02/24 14:23, Alex via Postfix-users wrote: I'm hoping I could ask for some advice. We have a pretty large percentage of users who forward mail through our systems to personal Gmail accounts. Sometimes it is mail from bulk senders like mailgun and lanyon/cvent. Before answering

[pfx] Re: ARC or DKIM or SRS?

On 8/02/24 21:38, Kees van Vloten via Postfix-users wrote: A little addition that also helps a bit: move the content of the From: header to the Reply-To: header and replace From: with the local account that is forwarding the message. All mail then originates from your domain and a reply to a

[pfx] Incorrect user rights

spamd child But it looks like I can't make the directory persist to /root/.spamassassin. Where can I change the path? I can't find a spamd.conf file Thank you for your help Christian _______ Postfix-users mailing list -- postfix-users@postfix.org

[pfx] I don't understand the problem with DMARC and postfix

And I don't know what to pay attention to the email itself has the correct structure -- ___________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: I don't understand the problem with DMARC and postfix

W dniu 9.02.2024 o 15:13, Juri Haberland via Postfix-users pisze: On 09.02.24 14:58, natan via Postfix-users wrote: Hi I have setup postfix+SPF+DKIM+DMARK and im confused Sometimes I get in logs fail like: Feb  2 09:02:46 mail134 opendmarc[29379]: AE3D53B0062: allegromail.pl fail Feb  2 09:02

[pfx] Re: ARC or DKIM or SRS?

On 10/02/24 02:50, Matus UHLAR - fantomas via Postfix-users wrote: On 08.02.24 13:05, Doug Hardie via Postfix-users wrote: I implemented postscreen quite a while ago.  I don't see where or how it introduces a delay to force the originating MTA to queue and try later. It does not intr

[pfx] Re: Understanding log entries

On 11/02/24 13:51, Doug Hardie via Postfix-users wrote: If I am understanding correctly, that means that if I set smtp_skip_5xx_greeting to "no", then postfix would stop after the first 5xx and terminate the email. That seems like it might open up some issues where a provider wit

[pfx] Re: ARC or DKIM or SRS?

ervers to see if the client has attempted a connection to one of the other MX servers. I'm not sure I ever managed to set it up successfully, however. ___________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: ARC or DKIM or SRS?

On 12/02/24 11:47, Alex via Postfix-users wrote: My concern would be with multiple MX records for the same domain - is it possible it would come back to try again with another MX and be delayed yet again? Unless you're referring to your own MX records these are not relevant. That said,

[pfx] Re: ARC or DKIM or SRS?

Hi, On Mon, Feb 12, 2024 at 5:39 AM Jaroslaw Rafa via Postfix-users < postfix-users@postfix.org> wrote: > Dnia 11.02.2024 o godz. 17:47:05 Alex via Postfix-users pisze: > > My concern would be with multiple MX records for the same domain - is it > > possible it would come b

[pfx] [postfix] 3.4.23: SpamAssassin - Re-submission with sendmail - Append"receive_override_options = no_address_mappings"?

lt of going a second time through cleanup daemon and resolving the alias table. One of the solution might be to set smtpd -o content_filter=spamassassin -o receive_override_options=no_address_mappings But then we're back at https://www.mail-archive.com/postfix-users@postfix.org

[pfx] Verbose postfix logs cleartext password for SQL database

mitri ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: Update: What features to deprecate

On 19/02/24 14:00, Wietse Venema via Postfix-users wrote: Viktor Dukhovni via Postfix-users: On Tue, Feb 13, 2024 at 12:23:32PM -0500, Wietse Venema via Postfix-users wrote: Over 25 years, Postfix has accumulated some features that are essentially obsolete. A quick status update. First

[pfx] OT: VPS w/FDE suggestions?

5GB, 20TB) ovhcloud ($4.20 2GB, 1CPU, 20GB, 100Mbps unmetered) ($5.50 2GB, 2CPU, 40GB, 500Mbps unmetered) brownrice ($5.95 3GB, 1CPU, 10GB, unlimited) ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users

[pfx] Re: Update: What features to deprecate

On 21/02/24 12:40, Wietse Venema via Postfix-users wrote: Peter via Postfix-users: A quick status update. First, several features have been logging warnings that they would be removed for 10 years or more, so we could delete them in good conscience (perhaps keeping the warning with the

[pfx] Authentication question

bmission/smtpd[150038]: disconnect from ehlo=2 starttls=1 auth=0/1 commands=3/4 Any hints, would be great, if this might be a firmware bug from NVR, our could maybe be solved by changing my SASL etc. config. Thanks in advance, Michael _______ Postfix-us

[pfx] Re: Authentication question

Am 22.02.24 um 15:58 schrieb Wietse Venema via Postfix-users: michaelof--- via Postfix-users: 2024-02-22T13:56:15.715392+01:00 vserver postfix/submission/smtpd[150038]: connect from 2024-02-22T13:56:15.715607+01:00 vserver postfix/submission/smtpd[150038]: improper command pipelining after

[pfx] Re: Authentication question

Am 22.02.24 um 18:29 schrieb Matus UHLAR - fantomas via Postfix-users: Am 22.02.24 um 15:58 schrieb Wietse Venema via Postfix-users: michaelof--- via Postfix-users: 2024-02-22T13:56:15.715392+01:00 vserver postfix/submission/smtpd[150038]: connect from 2024-02-22T13:56:15.715607+01:00

[pfx] rbl override doesn't work perhaps due to sender using relay

check_sender_access hash:/etc/postfix/sender_checks, check_client_access hash:/etc/postfix/rbl_override, reject_rbl_client bl.spamcop.net, check_policy_service unix:private/policy * ___________ Postfix-users mailing list -- postfix-users@postf

[pfx] Re: rbl override doesn't work perhaps due to sender using relay

2024 6:03:54 AM Matus UHLAR - fantomas via Postfix-users : > On 24.02.24 00:49, lists--- via Postfix-users wrote: >> I have set up rbl_override for the sender's domain. However it >> occasionally gets blocked by spamcop. The user owns a domain but relays >> the mail from o

[pfx] Re: rbl override doesn't work perhaps due to sender using relay

see how much spam spamcop stops that isn't coming from Microsoft. Maybe I could whitelist the Microsoft IP space in rbl_override. Feb 24, 2024 6:15:10 AM Benny Pedersen via Postfix-users : > lists--- via Postfix-users skrev den 2024-02-24 09:49: > >>   check_client_access

[pfx] Re: rbl override doesn't work perhaps due to sender using relay

That should work. Thanks https://www.postfix.org/access.5.html Feb 24, 2024 8:05:00 AM Matus UHLAR - fantomas via Postfix-users : >>> On 24.02.24 00:49, lists--- via Postfix-users wrote: >>>> I have set up rbl_override for the sender's domain. > [...] >

[pfx] postfix and smtpd_proxy_timeout

that - but I am looking for a solution -- ___________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] rbl bounces email that has both rbl_override and client_checks whitelisting

27 03:55:55 MYDOMAIN postfix/smtpd[31397]: disconnect from mail-dm6nam10on2125.outbound.protection.outlook.com[40.107.93.125] ehlo=2 starttls=1 mail=1 rcpt=0/1 quit=1 commands=5/6 Feb 27 03:57:47 ___________ Postfix-users mailing list -- postfix-users@postfix.org

[pfx] Re: rbl bounces email that has both rbl_override and client_checks whitelisting

2024 1:09:02 PM Wietse Venema : > Your mistake:  you are trying to match a SENDER ADDRESS with > check_CLIENT_access. > >     Wietse ___________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] question regarding postmap -q test

rejected in actual use even though postmap -q testing with a specific user at the domain name doesn't return anything? This test has similar results with OK instead of REJECT. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubs

[pfx] Re: postfix and smtpd_proxy_timeout

lived move IP) All new connections work ok, but the old ones get an error connecting to the database. W dniu 27.02.2024 o 17:44, Wietse Venema via Postfix-users pisze: natan via Postfix-users: If i set smtpd_proxy_timeout=60s I "terminating" (timeout) all old connections who get &

[pfx] Re: postfix and smtpd_proxy_timeout

W dniu 28.02.2024 o 16:14, Wietse Venema via Postfix-users pisze: natan via Postfix-users: for"us...@domain.ltd" Feb 27 16:02:28 smtp1v postfix/cleanup[23476]: warning: proxy:mysql:/etc/postfix/mysql_sender_bcc_maps_user.cf-new lookup error for"us...@domain.ltd" Feb 27 16:

[pfx] postfix check_sender_access and subdomain test

irehose of spam. Up to you of course. I have a few posts on the list trying to whitelist just one sender. _______ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: A functional lightweight reverse alias?

Matus UHLAR - fantomas via Postfix-users wrote: > > Mozilla supports multiple identities on the same mailbox, even using > different sending server/mailbox. > So, with mozilla you can have the same result with both alias and mailbox. > However, this may not apply to other

[pfx] pushing changes to remote system

ient_checks -rw-r--r-- 1 appuser appuser 2305 Mar 6 18:37 recipient_checks.cdb _______ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: improving SRS support

On Wed, Mar 06, 2024 at 07:30:01PM -0500, Christophe Kalt via Postfix-users wrote: > Hi, > > The two options I've seen for implementing SRS are milter and > [sender_]canonical_maps but it seems to me that neither are a good fit when > rewriting the envelope From as they ha

[pfx] Which DKIM application for postfix 3.9.0

good suggestions will be appreciated. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] preserving multi line header_checks REPLACE

fix.pem smtpd_tls_key_file = /etc/pki/tls/private/postfix.key smtpd_tls_security_level = may transport_maps = hash:/etc/postfix/transport unknown_local_recipient_reject_code = 550 ___________ Postfix-users mailing list -- po

[pfx] Re: preserving multi line header_checks REPLACE

/usr/lib64/postfix > > smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt > > smtp_tls_CApath = /etc/pki/tls/certs > > smtp_tls_security_level = may > > smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.pem > > smtpd_tls_key_file = /etc/pki/tls/private/postfix.key > > smtpd_tls_security_level = may > > transport_maps = hash:/etc/postfix/transport > > unknown_local_recipient_reject_code = 550 > > > > > > > > > > > > > > > > > ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] postfix and from

rrecting it, he sends me to block such e-mails using Postfix. -- _______ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: postfix and from

better to improve the application than to play around with postfix because you can cause a big problem I don't want to kick with the horse... W dniu 19.03.2024 o 11:43, Erwan David via Postfix-users pisze: Le 19/03/2024 à 11:39, natan via Postfix-users a écrit : Hi I have one question regard

[pfx] Postfix thinks smtp.gmail.com uses self-signed certificate

--8<8< Of course, I also configured the smtp_sasl_password_maps to login to gmail. I believe my transport and sasl configurations are well since the problem is postfix thinks smtp.gmail.com:465 uses self-signed certificate. Do you have idea to solve this problem ? _

[pfx] Re: Postfix thinks smtp.gmail.com uses self-signed certificate

On 2024/3/20 22:25, Cowbay via Postfix-users wrote: Below is openssl example: 8<8<8< $ openssl s_client -4 -connect smtp.gmail.com:465 -CAfile /etc/ssl/certs/ca-certificates.crt CONNECTED(0003) depth=2 C = US, O = Google Trust Services LLC, CN = GT

[pfx] Re: Postfix thinks smtp.gmail.com uses self-signed certificate

On 2024/3/23 04:57, Wietse Venema via Postfix-users wrote: Unleess you can hand over the certificate that Postfix complained about, you have not proven that Postfix was in error. You are right, I can't guarantee if the certificate openssl dumped was the one Postfix encountered. Specifi

[pfx] Re: Postfix thinks smtp.gmail.com uses self-signed certificate

On 2024/3/23 20:04, Wietse Venema via Postfix-users wrote: Cowbay via Postfix-users: So, I will collect necessary information next time I encounter this issue as what Viktor suggested. Please note that Postfix does not automatically use the "system" root CA store that openssl s_

[pfx] Re: Postfix thinks smtp.gmail.com uses self-signed certificate

On 2024/3/24 00:49, Viktor Dukhovni via Postfix-users wrote: and also "posttls-finger" as in the example I posted. You might not get to observe the problem for quite some time (if ever again). I'm quite seldom sending mail by gmail via my postfix server. If the "pos

[pfx] Re: Postfix thinks smtp.gmail.com uses self-signed certificate

On 2024/3/25 01:12, Viktor Dukhovni via Postfix-users wrote: If the "posttls-finger" has the identical behavior as postfix, then I could write a simple cronjob script to "finger" the smtp.gmail.com:465. Not necessarily 100% identical, but quite close. It seems not per

[pfx] Re: Postfix thinks smtp.gmail.com uses self-signed certificate

On 2024/3/25 10:55, Viktor Dukhovni via Postfix-users wrote: I checked posttls-finger on my another container which is Ubuntu 22.04.4, posttls-finger still doesn't support ipv6, weird. It isn't posttls-finger that does not support "ipv6", but rather your network stack

[pfx] Re: Postfix thinks smtp.gmail.com uses self-signed certificate

On 2024/3/25 12:05, Viktor Dukhovni via Postfix-users wrote: On Mon, Mar 25, 2024 at 12:00:12PM +0800, Cowbay via Postfix-users wrote: On 2024/3/25 10:55, Viktor Dukhovni via Postfix-users wrote: I checked posttls-finger on my another container which is Ubuntu 22.04.4, posttls-finger still

[pfx] Re: Setting up another "smarthost" with Postfix

On 2024/3/28 00:25, Samuel Goodies via Postfix-users wrote: Hi guys. I'm inheriting a job that has an email server hosting several domains, and I'm wanting to move them behind our firewall and route mail from the main mail server to an offsite postfix server that will in turn send t

[pfx] sender_login_maps and dovecot and roundcube

s auth from submission? I also thought of using the recipient_delimiter, so sending something like user1+a...@mydomain.com might work, but it's not what was asked for. Maybe this is a dovecot config option I'm missing? Thanks for any ideas on what I'm missing here. ________

[pfx] Re: sender_login_maps and dovecot and roundcube

suitable > entry to the sender_login_maps file. Run postmap on the file. > > That entry probably should look like: > > @example.com alex > Thank you - I initially didn't think the format supported that, but also just realized it. Thanks, Alex __

[pfx] reliable RBL

It is kind of off topic, but to my opinion there is no FP-less RBL available. Consider moving to scoring system to not rely on listing at only one blocklist. -- Send unsolicited bulk email to carl...@at.encryp.ch ___ Postfix-users mailing list

[pfx] header_checks.pcre

beacuse I get many many spam from *.bc.googleusercontent.com -- ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] header_checks.pcre

You should use check_reverse_client_hostname_access I have the following pcre map entry: /\.googleusercontent\.com$/ REJECT policy forbids MTA with generic PTRs ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an

[pfx] Re: reliable RBL

Στις 11/4/24 10:59, ο/η Matus UHLAR - fantomas via Postfix-users έγραψε: It still works, but you may need supplementary software as amavis, sagator, spamass-milter or mimedefang because SpamAssassin only focuses on classification, not about delivery. iirc, you also need a compiler

[pfx] Submission Forward

_____ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: Forward mail

Στις 13/4/24 13:51, ο/η Paul van der Vlis via Postfix-users έγραψε: Unfortunately, I have quite a few customers who want to receive email from their own domain at a different email address, such as a Gmail or Hotmail address. I forward this in /etc/postfix/virtual. a totally different

[pfx] Re: IMPORTANT, drop "resolve [!UNAVAIL=return]" from Linux nsswitch.conf files

On Mon, Apr 22, 2024 at 03:50:34PM GMT, Viktor Dukhovni via Postfix-users wrote: > and this (specifically, !UNAVAIL=return) turns soft DNS failures into > hard errors. > > The solution, on any production mail server, is to remove (with > prejudice) > > resolve [!UNAVAIL=

[pfx] Re: hmm spf is missing :)

On 15/04/24 10:14, Benny Pedersen via Postfix-users wrote: Authentication-Results    list.sys4.de; dkim=pass header.d=porcupine.org; arc=none (Message is not ARC signed); dmarc=pass (Used From Domain Record) header.from=porcupine.org policy.dmarc=none What does this have to to with Postfix

[pfx] Re: Which DKIM application for postfix 3.9.0

27;re going to run down the postfix list for your own failure at least have the decency to do it *on* the postfix list. Peter ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: hmm spf is missing :)

On 25/04/24 19:42, Benny Pedersen via Postfix-users wrote: Peter via Postfix-users skrev den 2024-04-25 09:19: On 15/04/24 10:14, Benny Pedersen via Postfix-users wrote: Authentication-Results    list.sys4.de; dkim=pass header.d=porcupine.org; arc=none (Message is not ARC signed); dmarc=pass

[pfx] Enforce TLS in smtp client sender based?

transport (to be defined in master.cf) and the normal MX of recipient domain? Have a good one tobi ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: Enforce TLS in smtp client sender based?

we want it :-) Have a nice weekend tobi On Fri, 2024-04-26 at 01:46 -0400, Viktor Dukhovni via Postfix-users wrote: > On Fri, Apr 26, 2024 at 07:21:24AM +0200, Tobi via Postfix-users > wrote: > > > Or would it be possible to use a sender_dependent_relayhost_maps > > an

[pfx] Different SMTP access/relay control for ipv4 vs ipv6?

= ipv6, inet_interfaces = a:b:c::d, mynetworks, smtpd__restrictions, etc). Am I on the right track with the previous paragraph, or is/are there better way(s) to accomplish this? Sincerely, Peter ___________ Postfix-users mailing list -- postfix-users@postfix.o

[pfx] Implementing ARC with postfix to allow/assist with forwarding

ble identifying which milter(?) to use for this. https://blog.mystrika.com/arc/ _______ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: Implementing ARC with postfix to allow/assist with forwarding

x via Postfix-users" wrote: Hi, I'm using postfix-3.7.9 on fedora38 and would like to implement ARC to assist with authenticating emails being forwarded by users to Gmail and others. The research I've done points to OpenARC as a dead project. This looks like a great guide to

[pfx] recipient_bcc_maps with multi-instance

-o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings -o local_header_rewrite_clients= ___________ Pos

<    1   2   3   4   5   6   7   8   9   10   >