Re: stupid question about ipv4 and ipv6?
On Tue, Mar 29, 2022 at 09:50:43PM +0200, Jack Raats wrote: > I have a postfix server on an ip4 and ipv6 adres. > I'm using clamav-milter for virus scanning. Do I have to use 2 milters, > one for ipv4 and one for ipv6 or can I use only one milter? One is enough. -- Viktor.
stupid question about ipv4 and ipv6?
Hi, I have a postfix server on an ip4 and ipv6 adres. I'm using clamav-milter for virus scanning. Do I have to use 2 milters, one for ipv4 and one for ipv6 or can I use only one milter? Thanks Jack
Re: execvp failure but command seems to be there
No. Thanks. It was a long-leftover 32-bit binary in the wrong place. Sent from my iPhone > On Mar 29, 2022, at 4:23 AM, Wietse Venema wrote: > > Wietse
Re: Why the name Postfix?
Wietse Venema previously_wrote on Mon-28-Mar 22 12:00AM > external name "Postfix". "post" was a different word for "mail", > and "fix" was for Sendmail, the inspiration for my efforts. It is a much cooler sounding name now that its decoded. But in retrospect the meaning is pretty obvious 臘
Re: unexpected: postfix tls deploy-server-cert + smtpd_tls_chain_files
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, Just going to say I banged my head against this wall for months on end - every time I updated certificates (using letsencrypt it's pretty frequent) postfix showed the new certs as active - but external tests still showed certs from over a year ago. On Mon, 2022-03-28 at 15:23 +1100, raf wrote: > I just tried this (debian-11, postfix-3.5.6) > and was surprised by the effect: > > postfix tls new-server-key > postfix tls deploy-server-cert /etc/postfix/cert-20220328-033631.pem > /etc/postfix/key-20220328-033631.pem > > The main.cf file originally contained: > > smtpd_tls_chain_files = > /etc/postfix/smtpd.key > /etc/postfix/smtpd.cert > > The deploy-server-cert subcommand appended the following: > > smtpd_tls_cert_file = /etc/postfix/cert-20220328-033631.pem > smtpd_tls_key_file = /etc/postfix/key-20220328-033631.pem > > I expected it to notice that smtpd_tls_chain_files was set, > and instead of changing main.cf, just output what I need to > change. So my solution to the problem is to store all the tls certificate and key information in one file (in my case vmail_ssl.map) that file gets mapped with postmap. When new keys or certs get deployed I delete the vmail_ssl.map.db file, regenerate it with postmap, and then restart postfix. (I is worth noting that I host multiple domains and use SNI - so this solution may not be for you.) - -- Nikolai Lusan -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEVfd4GW6z4nsBxdLo4ZaDRV2VL6QFAmJC+XkACgkQ4ZaDRV2V L6QxOQ//WEJZl4xAnNux29PLIs/oSm8g7qQxb44Hmjpqc0r2WbMegl7T8WKdJFBw g7S9gEEiFTR7tTgGxBJYIZaq/Cyq8Sc57mzmLg5VtK/OLyFL3cwJzf2hiA11SLkQ 90PdwBO6PHaqf7tLxNzih9c99U86vWMKBFGuP/XyZ3G+cAKeIsNADp25RTbKkmFk h3o+hGWiX9omORXLsPkX4tUHhP87rE5CCokDMkmueRTDgMK/YJzctOiSgFlVOhWv GLwS2SViDaxakiq4G1vNoQlQXxCsVuNm6EKmbCdeJdY1UFoDxAaHdiU9PL14BDSS ZxKFQ4F2Cj24uLSpXIeItzDBgXICigUHLI3Ex0bnqyczgBon/5PKS+/nqIoKEqAu tspDcG2raOu6ZDAycOvSxMR7RdCwRg/RGx1E35vjCByboWJzOyY1aVlif3zoFkUL vppZQkaKAlVb5Ne6wH0iSGPR0H/OOx4k3AKonQtLTKOXhubKTbohIicnuTZiiRWK NTurgc+VlFY8OfWXL1dUTu7FUEzEwMLj8zfXqMjSapWMwO7sFO7YU9HQKprM+erw XehEdUAVz09U6hbl4uwB3bi1mg9MF6KKLcOiPiYcehr0DGBZbldqmANuD3rYAVEk k2+Xorng0FIGyzfjdDwFo2uQkbC6k7FdAFjXXRUFbl7Cd696HOY= =m7ot -END PGP SIGNATURE-
Re: Why the name Postfix?
On Monday, March 28, 2022, 12:01:58 AM GMT+2, Wietse Venema wrote: | the inspiration for my efforts. Thanks for your efforts, Wietse... and for all your support in the list!!! Regards.. Pete.
Re: Why the name Postfix?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hey, On Sun, 2022-03-27 at 10:59 +0200, Benny Pedersen wrote: > funny from myside: it fixes all known sendmail bugs :) > it did not take m4 configure from it How plebeian, you used m4 to configure sendmail. ️ In all my years administering sendmail I never got around to using m4 - I just found the directives I needed and put them in proper places, worked quite well for me and gave me a greater understanding of how sendmail functioned. That said it was still better than when I was forced to use Qmail, but not as good as when I transitioned to Postfix. - -- Nikolai Lusan -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEVfd4GW6z4nsBxdLo4ZaDRV2VL6QFAmJC9vAACgkQ4ZaDRV2V L6QuZBAAj7WVOh5wA8ZWRX4FcrtJLR487ofUZX0/JTqOKe9AuRN+naCPlPcaPooG jH6BTQ1EuFptzPyEUb3T401yX2q9/6UOyPCFnGF8X2R00eXcAb9FVri4b3okotHq WIiEwWXsDlzSSJsJqEWSj87QMhbZ0lcnwKB+0CwwjcQmAeyMOXYN+SI0824ihbl9 P4SKLhkIi0SlXmEnZ/YVK+fRfNmilh1JGaTGxN3SlVvMzQQQ8EhZC23bdd8nzm7Z wmJkDb+t5AQwqrYSh5CoS09XHlOhtDu7ORZkkcSIB2FTzx0JWZPDpD6hrXAfcggN YYvzIEgPDf47zA1IDyxLSbpC9fT16PI6qZOfsrLrKbVV4/BwGOUJhgaAx2E2d2ZL JAAvcW6s7m4Td+vCdryziyivEuXSushfLZiqoGN8/OinTatbgkIW7k64fxhVZjvF A++Sq8/ITb/Hz+55zf+Ik8SFyrb0/7ww3TV7jki242tdc7beOWSGndWR9xDLJ0DF TmRJ5XwIlQXmY09ZuhJoHkhDQ54c7sx/AlhsFT8ijff+yanfVsguSkToPUC/dgyE e9E3S8D1x8R9utB2gs2u37X3TV0V+XwSSc/rdsXF+xPMDnzstEgUYgr/iQ/z4gCg sY8ZIZQuwB/1SnkuoxOHOHPNhfo/L84ohXy3nUzmsbk6EDfRaOE= =YjU8 -END PGP SIGNATURE-
Re: Why the name Postfix?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Sun, 2022-03-27 at 09:08 +0530, Amarjeet Anand wrote: > What’s the story behind choosing the name as “Postfix”? As with all children it's what it's parents chose to call it - -- Nikolai Lusan -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEVfd4GW6z4nsBxdLo4ZaDRV2VL6QFAmJC9Z0ACgkQ4ZaDRV2V L6RpVhAAlG1+bl1zPIcR8f/8OuFtIabDVztlzlaSAco8NBP0GV5TWhvsgeap85zD h+cjhE0TejMMBt/KsybAtVyxS60X6aSaJaAo1sOUa1IOpvnT6aHka/6sTggs0o8I CDXVDXBPrGAC01YTBCarB2uytooWezmdLX8VwHaMmMRxwM+IwmHemNHM4Oh4YZWD RdQlRTht106G3X5dPBamIdKj0qRti1+plkOnp3uygDEQ5FzFKux9VM5e0rTxJtt2 mO+UfO58czUVJiEmoQzsUEdPJ+597VMBvBHW44QcOsdrPsQEf9iSpWTv63h6Zxuw iyqOO9FKt5C+lDtR4y4wCS57QSGN/neLgyJBHsm7dxnLGFMtFofPVB6QSnkvjt5p CKwTJCB/95VC4368Odin2oCu8ZSS22ctMdXmDwvFfFC6GLD4BzGZGcnty7pYcvI3 ncJ5bS8bztWTtUiL0wS6LUcgfAYygTFfbACz9+051h2eWkH9r9QzxxKoEOqwH4iV 24pR1jA2CCakLnA6+DcvcGaDKpuMdwu0NKG8Zu0YMj7fX9gazKDTp1aBPOnmSzKZ peX+K03lxK0JQmIC0RBhXlzFgrJl+TsYnbPqEJ5xPKqBuREMA8fRALUjLVp8m2NU RGugUuTGuvlIAO/Z6f1UYEWADUTuMYKRSgoqLgn/eAT4ZwqdJ/g= =keBh -END PGP SIGNATURE-
Re: execvp failure but command seems to be there
Roger Klorese: > CentOS 7.9 with SELinux off. > > Log shows: > > Mar 28 11:29:16 divine postfix/pipe[2685]: 21FE73000171E: > to=, relay=sympa, > delay=599, delays=599/0.06/0/0.04, dsn=4.3.0, status=deferred (temporary > failure. Command output: pipe: fatal: pipe_command: execvp > /var/sympa/bin/queue: No such file or directory ) Is the chroot feature enabled in master.cf? Wietse
Re: reject_unknown_helo_hostname
On 2022-03-29 Istvan Prosinger wrote: > the documentation says: > > "Reject the request when the HELO or EHLO hostname has no DNS A or MX > record" > > I'm trying to understand the "or" between the "A" and "MX" words - > will this test reject the transport when any of those records are > missing, or when the propagated HELO/EHLO domain doesn't have any of > those records? Postfix will reject the connection when neither A nor MX record exists. Regards Ansgar Wiechers -- "Abstractions save us time working, but they don't save us time learning." --Joel Spolsky
reject_unknown_helo_hostname
Hi guys, the documentation says: "Reject the request when the HELO or EHLO hostname has no DNS A or MX record" I'm trying to understand the "or" between the "A" and "MX" words - will this test reject the transport when any of those records are missing, or when the propagated HELO/EHLO domain doesn't have any of those records? best, Istvan