Hi
I try block all bc.googleusercontent.com but some adress allow
Is this make sense ?
cat /etc/postfix/header_checks.pcre
#allow
/^Received:.from.mg.gitlab.com.*bc.googleusercontent.com/ DUNNO
#reject
/^Received:.from.*bc.googleusercontent.com/ REJECT spam/scam/419
detected
I blocked
he
application than to play around with postfix because you can cause a big
problem
I don't want to kick with the horse...
W dniu 19.03.2024 o 11:43, Erwan David via Postfix-users pisze:
Le 19/03/2024 à 11:39, natan via Postfix-users a écrit :
Hi
I have one question regarding the RFC of the FR
Hi
I have one question regarding the RFC of the FROM field: in the message
header.
Is there any restriction that will force the FROM field to be correct
according to the RFC?
I'm asking because one client "parses e-mails strangely" and his
application hangs and instead of correcting it, he
W dniu 28.02.2024 o 16:14, Wietse Venema via Postfix-users pisze:
natan via Postfix-users:
for"us...@domain.ltd"
Feb 27 16:02:28 smtp1v postfix/cleanup[23476]: warning:
proxy:mysql:/etc/postfix/mysql_sender_bcc_maps_user.cf-new lookup error
for"us...@domain.ltd"
Feb 27 16:
lived move IP)
All new connections work ok, but the old ones get an error connecting to
the database.
W dniu 27.02.2024 o 17:44, Wietse Venema via Postfix-users pisze:
natan via Postfix-users:
If i set smtpd_proxy_timeout=60s I "terminating" (timeout) all old
connections who g
Hi
I have questions about "high ability" in postfix
For example setup
1)postfix + external mysql (klaster) like
main.cf:
...
smtpd_sender_login_maps =
proxy:mysql:/etc/postfix/mysql_sender_login_maps.cf
smtpd_proxy_timeout=60s
...
For example I have a mysql maps - mysql_sender_login_maps.cf:
W dniu 9.02.2024 o 15:13, Juri Haberland via Postfix-users pisze:
On 09.02.24 14:58, natan via Postfix-users wrote:
Hi
I have setup postfix+SPF+DKIM+DMARK and im confused
Sometimes I get in logs fail like:
Feb 2 09:02:46 mail134 opendmarc[29379]: AE3D53B0062: allegromail.pl fail
Feb 2 09:02
Hi
I have setup postfix+SPF+DKIM+DMARK and im confused
Sometimes I get in logs fail like:
Feb 2 09:02:31 mail134 opendmarc[29379]: 5AB633B005D: gmail.com none
Feb 2 09:02:39 mail134 opendmarc[29379]: D02333B005D: patronite.email pass
Feb 2 09:02:44 mail134 opendmarc[29379]: 363153B005D:
Hi Wietse Have you thought about postfix repo for Debian, just like
dovecot has for his relase ?
I'm asking by the way
--
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
Hi
I know it may seem quite strange, but I need it for my MX ...
I need a mapping every single email to the same one in pcre for
sender_login_maps.cf for
reject_sender_login_mismatch
...
smtpd_sender_login_maps = pcre:/etc/postfix/sender_login_maps.cf
...
Yes, I can use an existing map - I
Hi
Yest this is e-mails body from test - only when sender domain have SPF
set ~all or SPF not exist
W dniu 8.01.2024 o 15:08, Damian via Postfix-users pisze:
SMUGGLING WORKS with '\r\n\x00.\r\n' as "fake" end-of-data sequence!
SMUGGLING WORKS with '\r.\r\n' as "fake" end-of-data sequence!
W dniu 8.01.2024 o 13:35, Damian via Postfix-users pisze:
I create test VPS (outside my infrastructure) and install all for
python3 for testing
root@hanz:~# python3 smtp_smuggling_scanner.py --sender-domain
gmail.com piot...@mydomain.ltd
Don't use a sender-domain you don't have control over.
Hi
Sorry for stupid question but I dont realy undarstand
I create test VPS (outside my infrastructure) and install all for
python3 for testing
root@hanz:~# python3 smtp_smuggling_scanner.py --sender-domain gmail.com
piot...@mydomain.ltd
[*] Getting MX record for domain: xx
[*] Running
Hi
I was in the same place some time ago and I use postwfd + others for
600K users and analize via sawmill (probably 6.x)
And conclusion for me
...
First rate is for 1 minut
id=sasl_msg_1min ; sasl_username=~$$sender ;
action=rate(sasl_username/40/60/421 4.7.1: $$sasl_username:
Sorry, send
Hi
A good idea in my opinion, additionally add
reject_sender_login_mismatch with maps (u...@domain.ltd user@domainltd)
smtpd_sender_restrictions =
...
reject_sender_login_mismatch,
...
reject_unauth_pipelining,
Than only reject_unauth_pipelining
smtpd_data_restrictions =
Hi
In postfix-3.4.23 (debian) I set
(I use always)
smtpd_data_restrictions = reject_unauth_pipelining
And today I put
smtpd_discard_ehlo_keywords = chunking
And I get many many logs like:
...
Dec 29 10:10:13 msmtp postfix/submission/smtpd[11064]: discarding EHLO
keywords: CHUNKING
Dec 29
Venema via Postfix-users pisze:
natan:
https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
Wietse:
See:https://www.postfix.org/smtp-smuggling.html
natan:
reject_unauth_pipelining in: smtpd_data_restrictions
or maybe only in smtpd_end_of_data_restrictions
Hi
Thenx for info Wietse
reject_unauth_pipelining in: smtpd_data_restrictions
or maybe only in smtpd_end_of_data_restrictions ?
W dniu 21.12.2023 o 19:11, Wietse Venema via Postfix-users pisze:
natan via Postfix-users:
Hi
I found today
https://sec-consult.com/blog/detail/smtp-smuggling
Hi
I found today
https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
--
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
Hi
Thenx problem solved - problem was trivial (existing process with port
10028) W dniu 17.10.2023 o 17:37, Wietse Venema via Postfix-users pisze:
natan via Postfix-users:
Hi
I have a some problem with setup
opendkim+opendmarc+amavisd-milter
main.cf---
smtpd_milters =
inet:localhost
Hi
I have a some problem with setup
opendkim+opendmarc+amavisd-milter
main.cf---
smtpd_milters =
inet:localhost:10028,inet:localhost:10027,inet:localhost:10029
When I try local telnet 25 i get many many logs like:
..
Oct 17 13:59:01 mail2 postfix/10028/smtpd[6]: connect
Hi
Exactly as you're saying - problem solved - CA cant load via aplications.
W dniu 8.05.2023 o 15:31, Viktor Dukhovni via Postfix-users pisze:
On Mon, May 08, 2023 at 01:29:55PM +0200, natan via Postfix-users wrote:
I have some problem with cert - user who connect via 465
postfix/smtps
Hi
Problem is only via web aplications (php)
W dniu 8.05.2023 o 13:29, natan via Postfix-users pisze:
Hi
I have some problem with cert - user who connect via 465
postfix/smtps/smtpd[6901]: warning: TLS library problem:
error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown
ca:../ssl
Hi
I have some problem with cert - user who connect via 465
postfix/smtps/smtpd[6901]: warning: TLS library problem:
error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown
ca:../ssl/record/rec_layer_s3.c:1544:SSL alert number 48:
Debian10
Cert is new (renew) and openssl x509 -in
Hi
In old version 3.4.x problem not exists
W dniu 27.04.2023 o 14:50, Wietse Venema via Postfix-users pisze:
SATOH Fumiyasu (TSUCHIDA Fumiyasu) via Postfix-users:
I see the following problems.
1. `postconf -M bar/unix='foo unix ...'` will duplicates entries
in master.cf.
Nice find: postconf
Hi
In centos7
root@node2-klone:~# postconf mail_version
mail_version = 3.4.23
root@node2-klone:~# postconf -M bar/unix='foo unix - n n - - pipe
argv=/bin/false'
root@node2-klone:~# postconf -M bar/unix='foo unix - n n - - pipe
argv=/bin/false'
root@node2-klone:~# postconf -M bar/unix='foo unix
Hi
I use keepalived and easy check like:
vrrp_script chk_myscript {
script "/usr/bin/postfix-check.sh"
interval 4
fall 2
weight 10
user root
}
...
#!/bin/bash
echo "ehlo localhost" | /bin/nc -w 1 "127.0.0.1" 25 |grep -q "250"
...
It's not very pretty but
W dniu 19.04.2023 o 17:23, Wietse Venema via Postfix-users pisze:
natan via Postfix-users:
Hi
I have question about *_error_limit and postfix
I have separated services like
smtp incomming and smtp outgoing and webmail
I have roudcube which is used by several thousand users
On smtp outgoing
Hi
I have question about *_error_limit and postfix
I have separated services like
smtp incomming and smtp outgoing and webmail
I have roudcube which is used by several thousand users
On smtp outgoing in main.cf:
...
smtpd_client_connection_count_limit = 900
smtpd_hard_error_limit = 5
/regexp but hash I use too
W dniu 27.03.2023 o 14:16, Matus UHLAR - fantomas via Postfix-users pisze:
On 27.03.23 12:39, natan via Postfix-users wrote:
/etc/postfix/sender_checks.pcre
/@scripkabox\.com/
/etc/postfix/recipient_checks.pcre
smtpd_sender_restrictions
Hi
Try postfwd for postfix
http://postfwd.org/ratelimits.html
W dniu 27.03.2023 o 13:21, Gino Ferguson via Postfix-users pisze:
Hi,
How can one set up outbound rate limiting for a certain mail service provider?
Can postfix 'recognise' that recipientdomainA, recipientdomainB and
Hi
Mayby this help you:
/etc/postfix/sender_checks.pcre
/@scripkabox\.com/
/etc/postfix/recipient_checks.pcre
smtpd_sender_restrictions =
permit_mynetworks
check_sender_access pcre:/etc/postfix/sender_checks.pcre
reject_unknown_sender_domain
...
cat
Hi
Today uceprotect add class /24 to blaclist ... One user (dedicated
server) send probably spam but the user claims that he did not send spam
only 6 e-mails in 1h. And uceprotect was blocked by the whole class ...
other RBLs it was clean any IP with that class /24
Any idea ? I'm not going
Hi
Is there any rfc about having to use or regarding the need to use
"sender login mismatch";
This is just a loose question
I know that everything depends on the administrator and you don't have
to impose anything
--
02.2023 o 15:56, Wietse Venema pisze:
natan:
Hi
I gat many many e-mails with virus and double exstension like:
*.jpg.img
*.pdf.img
*.*.img
I try in header_checks.pcre
[broken regexp omitted]
and not working
The following blocks a 'bad' extension before a 'good' one such
as 'name.exe.pdf'.
1) Take t
Hi
But in config i have:
postconf |grep "mime_header_checks"
mime_header_checks = $header_checks
W dniu 27.02.2023 o 15:47, Matus UHLAR - fantomas pisze:
On 27.02.23 12:38, natan wrote:
I gat many many e-mails with virus and double exstension like:
*.jpg.img
*.pdf.img
*.*.
Hi
Auto added footer is very bad but nn one of server i have:
smtp inet n - n - - smtpd -o
content_filter=stopka
stopka unix - n n - - pipe
flags=Rq user=filter argv=/home/filter/add_filter.sh -f ${sender}
--
Hi
I gat many many e-mails with virus and double exstension like:
*.jpg.img
*.pdf.img
*.*.img
I try in header_checks.pcre
Hi
One of client have two serwervers
1)for outgoing - smtp.domain.ltd
2)for incomming - mx.domain.ltd
and hi send e-mail from n...@domain.ltd
bounce -> smtp.domain.ltd send to mx.domain.ltd
how disable bounce and non delivery and sender notify who was send to
smtp.domain.ltd ?
I try in
Hi
Before add sender-acces works fine ?
Can you send output postconf -m ?
W dniu 8.02.2023 o 14:15, James Pifer pisze:
On 2/8/2023 4:14 AM, Viktor Dukhovni wrote:
On Wed, Feb 08, 2023 at 10:00:14AM +0200, mailm...@ionos.gr wrote:
/\.top$/ REJECT
/\.xyz$/ REJECT
/\.cam$/ REJECT
/\.fun$/
Hi
Please send info like:
postconf -m
Probably you dont have pcre
try postmap -q your_ask pcre:/etc/postfix/reject_domains
W dniu 7.02.2023 o 22:49, James Pifer pisze:
Hello all. I'm trying to block some TLDs and everything I try I'm
getting: 451 4.3.5 : Sender address rejected: Server
W dniu 24.01.2023 o 13:03, Wietse Venema pisze:
natan:
W dniu 24.01.2023 o?12:05, Wietse Venema pisze:
natan:
Hi
For test i runnig gallera claster + haproxy
haproxy:
.
listen galera-test
bind 10.10.10.10:3307
balance leastconn
mode tcp
option tcplog
option tcpka
option httpchk
server
W dniu 24.01.2023 o 12:05, Wietse Venema pisze:
natan:
Hi
For test i runnig gallera claster + haproxy
haproxy:
.
listen galera-test
bind 10.10.10.10:3307
balance leastconn
mode tcp
option tcplog
option tcpka
option httpchk
server sql1 10.10.10.11:3306 check port 9200 inter 12000 rise 2
me times all works fine
And I would like to eliminate it and I dont have idea where i must find
"problem"
I use everywhere proxy:mysql:/etc/postfix/mysql_maps.
W dniu 20.01.2023 o 18:43, Wietse Venema pisze:
natan:
W dniu 20.01.2023 o?15:04, Wietse Venema pisze:
natan:
Hi
I t
Hi
I need to set reject_sender_login_mismatch on one server to warn only in
logs and let the message through?
Is it possible ?
I know it's not supposed to do this but it needs a couple of hours.
--
W dniu 20.01.2023 o 15:04, Wietse Venema pisze:
natan:
Hi
I try to run "backup" transport maps like:
smtpd_sender_login_maps =
#first-main database
proxy:mysql:/etc/postfix/mysql_sender_login_maps.cf
#second-backup
proxy:mysql:/etc/postfix/mysql_sender_login_maps-backu
Hi
I try to run "backup" transport maps like:
smtpd_sender_login_maps =
#first-main database
proxy:mysql:/etc/postfix/mysql_sender_login_maps.cf
#second-backup
proxy:mysql:/etc/postfix/mysql_sender_login_maps-backup.cf
Both databases are the same because they are synchronized (cluser
Hi
I mean
/etc/postfix/sender_checks.pcre
...
/emailll\.org/ DISCARD Too many fake spam2
/surdeu\.de/ DISCARD Too many fake spam
...
W dniu 16.01.2023 o 11:03, natan pisze:
Hi
Is there any chance to reject domain (incomming) via postscreen ?
I get many e-mails from one
Hi
Is there any chance to reject domain (incomming) via postscreen ?
I get many e-mails from one domain (from diferent IP)
NOQUEUE: discard: RCPT from
vc-gp-n-105-244-68-222.umts.vodacom.co.za[105.244.68.222]:
: Sender address Too many fake spam;
from= to= proto=ESMTP
helo=
I reject in
Hi
I have a postfix (for outgoing) and I have many vusers and vdomain (in
mysql)
Works fine but one of client have external spam fileter (like
barracuda/sophos/others) and I need a filter all his outgoing e-mail
(only one client vdomain or two vdomain)
I thinking:
cat
Hi
I have one specific question
in main.cf i have:
...
smtpd_hard_error_limit = 5
smtpd_soft_error_limit = 2
...
It is possible to change number *_error_limit for one IP ?
--
W dniu 23.06.2022 o 15:00, Wietse Venema pisze:
natan:
W dniu 23.06.2022 o?13:37, Wietse Venema pisze:
natan:
Hi
I found in logs:
Jun 23 10:08:54 mx4 postfix/master[4540]: warning:
master_wakeup_timer_event: service qmgr(public/qmgr): Resource
temporarily unavailable
Your operating system
W dniu 23.06.2022 o 13:37, Wietse Venema pisze:
natan:
Hi
I found in logs:
Jun 23 10:08:54 mx4 postfix/master[4540]: warning:
master_wakeup_timer_event: service qmgr(public/qmgr): Resource
temporarily unavailable
Your operating system kernel is running out of resources. You need
a better
Hi
I found in logs:
Jun 23 10:08:54 mx4 postfix/master[4540]: warning:
master_wakeup_timer_event: service qmgr(public/qmgr): Resource
temporarily unavailable
But I don't know what this problem is caused by
master.cf
smtp inet n - - - 1 postscreen
smtpd
W dniu 31.05.2022 o 17:17, Viktor Dukhovni pisze:
On Tue, May 31, 2022 at 04:52:58PM +0200, natan wrote:
lmtp_destination_concurrency_limit = 100
lmtp_destination_recipient_limit = 1
virtual_transport = lmtp:inet:10.xxx.xxx.5:24
Wny do you have "lmtp_destination_recipient_limit = 1&quo
W dniu 31.05.2022 o 16:41, Viktor Dukhovni pisze:
On Tue, May 31, 2022 at 03:28:30PM +0200, natan wrote:
I have separate servers for outgoing and incomming e-mail like
One user who have many alias group like:
1)alias...@domain1.ltd - 500 recipients
2)alias...@domain1.ltd - 500 recipients
3
W dniu 31.05.2022 o 15:44, Wietse Venema pisze:
natan:
Hi
I have separate servers for outgoing and incomming e-mail like
One user who have many alias group like:
1)alias...@domain1.ltd - 500 recipients
2)alias...@domain1.ltd - 500 recipients
3)alias...@domain1.ltd - 500 recipients
4)alias
Hi
I have separate servers for outgoing and incomming e-mail like
One user who have many alias group like:
1)alias...@domain1.ltd - 500 recipients
2)alias...@domain1.ltd - 500 recipients
3)alias...@domain1.ltd - 500 recipients
4)alias...@domain1.ltd - 500 recipients
-all recipients is in
16.05.2022 o 14:46, Viktor Dukhovni pisze:
No. Better to apply the reject rule only on the inbound side, where
it should only lead to bounces on remote systems.
The OP's own systems should be sending outbound mail via the
outbound MTA.
On 16.05.22 14:52, natan wrote:
Maybe smart loop
to apply the reject rule only on the inbound side, where
it should only lead to bounces on remote systems.
The OP's own systems should be sending outbound mail via the
outbound MTA.
On 16.05.22 14:52, natan wrote:
Maybe smart loop if then ? But I do not know if it is not
overcomplicated and what
W dniu 16.05.2022 o 14:46, Viktor Dukhovni pisze:
On 16 May 2022, at 9:35 pm, Matus UHLAR - fantomas wrote:
Any idea to whitlist ?
perhaps the null address at outgoing server, so you don't reject your own
bounces
No. Better to apply the reject rule only on the inbound side, where
it
W dniu 16.05.2022 o 13:10, Wietse Venema pisze:
natan:
Hi
I have probably trivial problem - but I cannot resolv
I have two server
1)for outgoing
2)for incoming (typical mx)
For test i create in (incoming server) body_checks.pcre:
/alakot/ REJECT spam2bok bla bla
If i send e-mail from
Hi
I have probably trivial problem - but I cannot resolv
I have two server
1)for outgoing
2)for incoming (typical mx)
For test i create in (incoming server) body_checks.pcre:
/alakot/ REJECT spam2bok bla bla
If i send e-mail from external (gmail, yahoo) I get info from
Mailer-Daemon about
Hi
Postfix cant limited per user/domian - try workaround solutions about
limit sender/incomming/others
postfwd - https://postfwd.org/ratelimits.html
policyd-lemat - https://pp.siedziba.pl/tmp/policyd/policyd.pl
lpolicyd - https://wiki.policyd.org/
W dniu 29.04.2022 o 15:06, al...@coakmail.com
Hi
Or use allow_nets (geoip) for dovecot-auth (in mysql) and fail2ban
or
ipset + hashlimit + geoip
or 2fa - It's a bit of fun in configurations
W dniu 25.04.2022 o 12:44, Ludi Cree pisze:
Hi,
Even if fail2ban is “whack a mole”, you could also feed the data on auth
spammers to an
Hi
Probably fail2ban resolve your problem about brute-force auth
W dniu 25.04.2022 o 09:07, Laura Smith pisze:
--- Original Message ---
On Monday, April 25th, 2022 at 05:26, ミユナ wrote:
do you know how to stop passwords from being brute-forced for a
mailserver? do you have any
Hi
It is probably not for this group, but... Maybe someone has such a
solution and can suggest?
I have vuser and vdomain and my working environment (general scheme) :
postfix+haproxy(external 2 x amavis) ...
Spamassassin works fine with inwidual score (in mysql) but Amavis will
overwrite
W dniu 18.01.2022 o 16:53, natan pisze:
> W dniu 18.01.2022 o 16:17, Wietse Venema pisze:
>> natan:
>>> Hi
>>> My happiness did not last long
>>>
>>> Jan 18 13:33:22? postfix/master[3581]: warning:
>>> master_wakeup_timer_event: service q
W dniu 18.01.2022 o 16:17, Wietse Venema pisze:
> natan:
>> Hi
>> My happiness did not last long
>>
>> Jan 18 13:33:22? postfix/master[3581]: warning:
>> master_wakeup_timer_event: service qmgr(public/qmgr): Resource
>> temporarily unavailable
>>
>
, natan pisze:
> Hi
> Thenx all :) for test i change to 300 for default_process_limit and
> change 190 to 300
>
>
>
> Wysłano z mojego Mi MIX 2
> Wietse Venema 17 sty 2022 18:34 napisał(a):
>
> natan:
> > W dniu 17.01.2022 o?15:58, Wietse Venema pisze
Hi
Thenx all :) for test i change to 300 for default_process_limit and change 190 to 300
Wysłano z mojego Mi MIX 2Wietse Venema 17 sty 2022 18:34 napisał(a):natan:
> W dniu 17.01.2022 o?15:58, Wietse Venema pisze:
> > natan:
> >> W dniu 14.01.2022 o 22:18, Wietse Venema p
W dniu 17.01.2022 o 15:58, Wietse Venema pisze:
> natan:
>> W dniu 14.01.2022 o 22:18, Wietse Venema pisze:
>>> natan:
>>> Wietse:
>>>> Do you know if the problem is a kernel limit or a per-process limit?
>>>> Does master have 4096 open files (i
W dniu 14.01.2022 o 22:18, Wietse Venema pisze:
> natan:
> Wietse:
>> Do you know if the problem is a kernel limit or a per-process limit?
>> Does master have 4096 open files (including network sockets: ip,
>> unix-domain, etc.).
> Wietse:
>> BTW that last one was
W dniu 14.01.2022 o 18:11, Wietse Venema pisze:
> Wietse Venema:
>> natan:
>>> W dniu 14.01.2022 o?14:54, Wietse Venema pisze:
>>>> natan:
>>>>> Hi
>>>>> I have very strong machine with load average: 2,22, 2,32, 2,19
>>>>>
W dniu 14.01.2022 o 14:54, Wietse Venema pisze:
> natan:
>> Hi
>> I have very strong machine with load average: 2,22, 2,32, 2,19
>>
>> and today i get
>>
>> Jan 14 12:34:25 thebe postfix/master[4925]: warning:
>> master_wakeup_timer_event: servi
Hi
I have very strong machine with load average: 2,22, 2,32, 2,19
and today i get
Jan 14 12:34:25 thebe postfix/master[4925]: warning:
master_wakeup_timer_event: service qmgr(public/qmgr): Resource
temporarily unavailable
Jan 14 12:39:25 thebe postfix/master[4925]: warning:
W dniu 23.12.2021 o 12:12, raf pisze:
> On Thu, Dec 23, 2021 at 09:52:05AM +0100, natan wrote:
>
>> W dniu 23.12.2021 o 01:53, raf pisze:
>>> On Wed, Dec 22, 2021 at 11:25:10AM +0100, natan wrote:
>>>
>>>> W dniu 21.12.2021 o 18:15, Wietse Venema pisze:
W dniu 23.12.2021 o 01:53, raf pisze:
> On Wed, Dec 22, 2021 at 11:25:10AM +0100, natan wrote:
>
>> W dniu 21.12.2021 o 18:15, Wietse Venema pisze:
>> 10.x.x.10 - is gallera klaster wirth 3 nodes (and max_con set to 1500
>> for any nodes)
>>
>> when I get thi
W dniu 22.12.2021 o 21:01, Phil Stracchino pisze:
> On 12/22/21 12:55, Wietse Venema wrote:
>> In this case Postfix is (also) overloading the MySQL server.
>>
>> - Get a more powerful system (or VM) for the MySQL server.
>>
>> - Reduce the workload per MySQL server (spread the load across
>>
W dniu 22.12.2021 o 15:44, Wietse Venema pisze:
> natan:
>> And today I get other error:
>> Dec 22 10:38:28 mx4 postfix/proxymap[27207]: warning: connect to mysql
>> server 10.x.x.10:3307: Lost connection to MySQL server at 'reading
>> authorization packet', system erro
W dniu 22.12.2021 o 11:25, natan pisze:
> W dniu 21.12.2021 o 18:15, Wietse Venema pisze:
>> natan:
>>>> postscreen tries to hand off each 'good' connection to an smtpd
>>>> process. Apparently, there are not enough of smtpd processes to
>>>> take thos
W dniu 21.12.2021 o 18:15, Wietse Venema pisze:
> natan:
>>> postscreen tries to hand off each 'good' connection to an smtpd
>>> process. Apparently, there are not enough of smtpd processes to
>>> take those connections, and some kernel-internal queue is filling
Hi
I turn on a deep test in postscreen like:
postscreen_non_smtp_command_enable = yes
postscreen_non_smtp_command_action = enforce
or
postscreen_bare_newline_enable = yes
postscreen_bare_newline_action = enforce
every time i get problem with ...gmail
Dec 21 17:27:13 m4
W dniu 21.12.2021 o 16:22, Wietse Venema pisze:
> natan:
>> Dec 20 14:51:19 m4 postfix/postscreen[5883]: warning: cannot connect to
>> service private/smtpd: Resource temporarily unavailable
>> Dec 20 14:51:19 m4 postfix/postscreen[5883]: warning: cannot connect to
>
Hi
ps -e|grep smtpd |wc -l
273
root@m4:~# grep "Resource temporarily unavailable" /var/log/mail.log
root@m4:~#
W dniu 21.12.2021 o 11:03, natan pisze:
> Hi
> Where is a limit for postscreen/smtpd ?
>
> Dec 20 14:51:19 m4 postfix/postscreen[5883]: warning: cannot connect to
&
Hi
Where is a limit for postscreen/smtpd ?
Dec 20 14:51:19 m4 postfix/postscreen[5883]: warning: cannot connect to
service private/smtpd: Resource temporarily unavailable
Dec 20 14:51:19 m4 postfix/postscreen[5883]: warning: cannot connect to
service private/smtpd: Resource temporarily
W dniu 20.12.2021 o 16:52, post...@ptld.com pisze:
>> What is a fastest method to block that recipient domain (because I would
>> like it not to ask the ldap server for that account/domain )
> One way to block an entire domain:
>
>
> main.cf
>smtpd_recipient_restrictions =
Hi
I have user who have domain and subdomain like subdomain.domain.ltd
For both domain's cliet set entries MX in DNS
for first domain (domain.ltd) client create e-mail accont - thats ok
for second (subdomain.domain.ltd) clinet dont create anty accunts and
any aliases - Hi set only rekord mx
Hi
Sorry for my stupid question. I know you shouldn't do that -but it
interests me.
One of my client have old qmail+ldap (virtualboxes in ldap) but it's not
have virtualdomain list - this server is for incoming mail only (MX)
In qmail i found "magic path" who allow all domain which have MX set
Wietse:
Thanks for repley, but in docu mysql_table manpage
hosts = 10.10.10.1, 10.10.10.2
is not simle HA but "roundrobin" style
W dniu 26.11.2021 o 13:43, Wietse Venema pisze:
> natan:
> [ text/html is unsupported, treating like TEXT/PLAIN ]
sorry
>
>> Hi
>>
Hi
Is it possible to use two hosts entries in the map in case of failure of the first one, the second server will be asked
I know I can use haproxy but is there anything simpler?
Ile:
# virtual_domain_maps.cf
user = postfix
password = $password
dbname = postfix
hosts = 10.10.10.1
hosts =
Hi
I need block all in incomming to one e-mail like:
to= DISCARD
but allow:
from=
At the earliest level as possible only in smtpd_recipient_restrictions ?
--
Matus:
On 16.11.2021 12:09, Matus UHLAR - fantomas wrote:
>>> On 16.11.21 10:06, natan wrote:
>>>> I need some help about uderstand log:
>>>>
>>>> I have
>>>> FILTER smtp-amavis:[127.0.0.1]:10628
>
>> On 16.11.2021 10:22, Matus U
10.0.100.5 - this is this local ip (in thebe4) for lmtp to dovecot
On 16.11.2021 10:41, natan wrote:
> On 16.11.2021 10:22, Matus UHLAR - fantomas wrote:
>> On 16.11.21 10:06, natan wrote:
>>> I need some help about uderstand log:
>>>
>>> I have
>>>
On 16.11.2021 10:22, Matus UHLAR - fantomas wrote:
> On 16.11.21 10:06, natan wrote:
>> I need some help about uderstand log:
>>
>> I have
>> FILTER smtp-amavis:[127.0.0.1]:10628
>
> you have this where?
in master.cf:
smtp-amavis unix - -
Hi
I need some help about uderstand log:
I have
FILTER smtp-amavis:[127.0.0.1]:10628
this is local haproxy where connect postfix to port 10628 like:
...
bind 127.0.0.1:10628
server amavis1 86.xxx.xxx.125:10628 check maxconn
server amavis2 86.xxx.xxx.155:10628 check maxconn
server amavis3
But it seems a little complicated
W dniu 08.11.2021 o 15:47, Matus UHLAR - fantomas pisze:
>> natan:
>>> Hi
>>> I have aliasgroup (I mean a...@domain.ltd)
>>>
>>> schema:
>>> To:--a...@domain.ltd->postfix->amavis+SA--->-b
Hi
I have aliasgroup (I mean a...@domain.ltd)
schema:
To:--a...@domain.ltd->postfix->amavis+SA--->-back-to-postfix--robalck-from-aliasgroup-lmtp>dovecot
works fine but I have one question is avilable in postfix (to limit
rolback) e-mail in alias group ?
I limited
Hi
I need disallow for just one client IP
I have two servers:
1)for outgoing (smtp)
2)for incomming (MX)
W dniu 04.11.2021 o 20:28, Viktor Dukhovni pisze:
> On Thu, Nov 04, 2021 at 09:35:22AM +0100, natan wrote:
>
>> Is available restrict any DSN sending to one
Hi
Is available restrict any DSN sending to one IP for my MX ?
In my MX like:
smtp_discard_ehlo_keyword_address_maps =
cidr:/etc/postfix/no_access
no_access:
217.xxx.xxx.xxx/32 silent-discard, dsn
--
1 - 100 of 164 matches
Mail list logo
