[pfx] Re: Maildir filename format

2023-08-09 Thread Eugene R via Postfix-users
Hello

I think something like this should work
----.domain.com:2,S
That is, change @ into dot, remove ".eml", and add ":2,S" suffix (marking 
messages as read).

The message sizes are Dovecot extension, I guess mutt will not use them anyway.

Best wishes
Eugene

⁣Get BlueMail for Android ​

On 10 Aug 2023, 04:49, at 04:49, H via Postfix-users 
 wrote:
>On 07/31/2023 09:24 AM, Eugene R via Postfix-users wrote:
>> Hello,
>>
>> Those "ugly characters" are there for a reason: they are specified by
>the Maildir standard (and the Dovecot's extensions to it) to encode
>various metadata such as message ID, size, flags, etc
>>
>> https://en.wikipedia.org/wiki/Maildir
>> https://cr.yp.to/proto/maildir.html
>> https://doc.dovecot.org/admin_manual/mailbox_formats/maildir/
>>
>> Also, why the "filename esthetics" even matters? The maildir
>directory is not supposed to be viewed (let alone directly accessed or
>modified) by a user. Mail clients and Dovecot provide useful (as well
>as format-independent and universal) human-oriented interfaces and
>admin tools.
>>
>> Best wishes,
>> Eugene
>>
>> On 31.07.2023 09:43, Fourhundred Thecat via Postfix-users wrote:
>>> Hello,
>>>
>>> I am using Maildir format on my server (Postfix + Dovecot).
>>>
>>> The individual filenames have this format:
>>>
>>>     1690633510.M94611123819.mail,S=11706,W=12202:2,S
>>>
>>> Now, I have another, unrelated email account (not my mail server),
>and I
>>> have set up Thunderbird with local Maildir support. When I look
>inside
>>> the folder, the emails have this nice and clear format:
>>>
>>> for received:
>>>
>>>   ----x...@sender.com.eml
>>>
>>> for sent:
>>>
>>>   ----x...@recipient.com.eml
>>>
>>> how could I have such nice filenames on my server, with useful
>>> information in the filename, instead of those ugly containing
>special
>>> characters like '=' and ':' ?
>>>
>>> Do the nioe filenames come from Thunderbird, or from the mailserver
>?
>>>
>>> thanks,
>>> ___
>>> Postfix-users mailing list -- postfix-users@postfix.org
>>> To unsubscribe send an email to postfix-users-le...@postfix.org
>> ___
>> Postfix-users mailing list -- postfix-users@postfix.org
>> To unsubscribe send an email to postfix-users-le...@postfix.org
>
>I have a related problem where I have to merge several Thunderbird
>maildir directory trees into maildir directory trees to be used by mutt
>(and postfix). As noted above, Thunderbird does not follow the same
>standard for naming mail files so I plan to write a script to rename
>all Thunderbird mail files "appropriately".
>
>What would the "minimum" requirement be for components to include when
>renaming these individual mail files?
>
>The script would have to extract the appropriate information from each
>individual mail.
>
>Thank you in advance.
>
>___
>Postfix-users mailing list -- postfix-users@postfix.org
>To unsubscribe send an email to postfix-users-le...@postfix.org
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: Maildir filename format

2023-08-09 Thread H via Postfix-users
On 07/31/2023 09:24 AM, Eugene R via Postfix-users wrote:
> Hello,
>
> Those "ugly characters" are there for a reason: they are specified by the 
> Maildir standard (and the Dovecot's extensions to it) to encode various 
> metadata such as message ID, size, flags, etc
>
> https://en.wikipedia.org/wiki/Maildir
> https://cr.yp.to/proto/maildir.html
> https://doc.dovecot.org/admin_manual/mailbox_formats/maildir/
>
> Also, why the "filename esthetics" even matters? The maildir directory is not 
> supposed to be viewed (let alone directly accessed or modified) by a user. 
> Mail clients and Dovecot provide useful (as well as format-independent and 
> universal) human-oriented interfaces and admin tools.
>
> Best wishes,
> Eugene
>
> On 31.07.2023 09:43, Fourhundred Thecat via Postfix-users wrote:
>> Hello,
>>
>> I am using Maildir format on my server (Postfix + Dovecot).
>>
>> The individual filenames have this format:
>>
>>     1690633510.M94611123819.mail,S=11706,W=12202:2,S
>>
>> Now, I have another, unrelated email account (not my mail server), and I
>> have set up Thunderbird with local Maildir support. When I look inside
>> the folder, the emails have this nice and clear format:
>>
>> for received:
>>
>>   ----x...@sender.com.eml
>>
>> for sent:
>>
>>   ----x...@recipient.com.eml
>>
>> how could I have such nice filenames on my server, with useful
>> information in the filename, instead of those ugly containing special
>> characters like '=' and ':' ?
>>
>> Do the nioe filenames come from Thunderbird, or from the mailserver ?
>>
>> thanks,
>> ___
>> Postfix-users mailing list -- postfix-users@postfix.org
>> To unsubscribe send an email to postfix-users-le...@postfix.org
> ___
> Postfix-users mailing list -- postfix-users@postfix.org
> To unsubscribe send an email to postfix-users-le...@postfix.org

I have a related problem where I have to merge several Thunderbird maildir 
directory trees into maildir directory trees to be used by mutt (and postfix). 
As noted above, Thunderbird does not follow the same standard for naming mail 
files so I plan to write a script to rename all Thunderbird mail files 
"appropriately".

What would the "minimum" requirement be for components to include when renaming 
these individual mail files?

The script would have to extract the appropriate information from each 
individual mail.

Thank you in advance.

___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: email being flagged a spam for using localhost [127.0.0.1] as first hop

2023-08-09 Thread Steffen Nurpmeso via Postfix-users
Michel Verdier via Postfix-users wrote in
 <87jzu4c5qi@free.fr>:
 |On 2023-08-09, Steffen Nurpmeso via Postfix-users wrote:
 |
 |>   192.0.2.1:submission inet n -   n   -   -   smtpd
 |>   -o syslog_name=vpnsub
 |>   -o smtpd_sasl_auth_enable=no
 |>   -o smtpd_relay_restrictions=permit_mynetworks,reject_unauth_des\
 |>   tination
 |>   -o cleanup_service_name=vpnsub_cleanup
 |>   vpnsub_cleanup   unix  n   -   n   -   0   cleanup
 |>   -o {header_checks=regexp:{{/^Received:/ IGNORE}}}
 |>
 |> where 192.0.2.1 is the address where postfix listens on the VPN.
 |> Shouldn't this be adoptable?  (Ie special "cleanup" service.)
 |
 |You apply header_checks on cleanup. I think the header is added by
 |postfix after incoming. Personnally I put header_checks in main.cf to
 |apply filters also when sending. You can use smtp_header_checks if you
 |want to apply only on sending.

I only did what i was told.  :)  It is that mail flow of mine, and
it works just fine.  .. You mean no special cleanup but simply
anything going out .. which is then covered by the mentioned?
Well i could try this, thanks for the suggestion.  The above was
because the VPN IP address is mistreat by Spamassassin.  Of
course, mailing-list and such (on the otherwise valid server IP)
indeed still sends via 127.0.0.1, which luckily was no problem at
all for now.

--steffen
|
|Der Kragenbaer,The moon bear,
|der holt sich munter   he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: email being flagged a spam for using localhost [127.0.0.1] as first hop

2023-08-09 Thread Wietse Venema via Postfix-users
Michel Verdier via Postfix-users:
> On 2023-08-09, Steffen Nurpmeso via Postfix-users wrote:
> 
> >   192.0.2.1:submission inet n -   n   -   -   smtpd
> >   -o syslog_name=vpnsub
> >   -o smtpd_sasl_auth_enable=no
> >   -o 
> > smtpd_relay_restrictions=permit_mynetworks,reject_unauth_destination
> >   -o cleanup_service_name=vpnsub_cleanup
> >   vpnsub_cleanup   unix  n   -   n   -   0   cleanup
> >   -o {header_checks=regexp:{{/^Received:/ IGNORE}}}
> >
> > where 192.0.2.1 is the address where postfix listens on the VPN.
> > Shouldn't this be adoptable?  (Ie special "cleanup" service.)
> 
> You apply header_checks on cleanup. I think the header is added by
> postfix after incoming.

It is added by the smtpd process, i.e. before mail is queued.

The exception is that the header is omitted by an smtpd process
before an smtpd_proxy_filter. This was done to avoid stutter (two
near-identical headers from the smtpd processes before and after a
filter) but that overlooked the possibility that the filter is
delivering the message to a non-local SMTP server.

Wietse
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: email being flagged a spam for using localhost [127.0.0.1] as first hop

2023-08-09 Thread Michel Verdier via Postfix-users
On 2023-08-09, Steffen Nurpmeso via Postfix-users wrote:

>   192.0.2.1:submission inet n -   n   -   -   smtpd
>   -o syslog_name=vpnsub
>   -o smtpd_sasl_auth_enable=no
>   -o 
> smtpd_relay_restrictions=permit_mynetworks,reject_unauth_destination
>   -o cleanup_service_name=vpnsub_cleanup
>   vpnsub_cleanup   unix  n   -   n   -   0   cleanup
>   -o {header_checks=regexp:{{/^Received:/ IGNORE}}}
>
> where 192.0.2.1 is the address where postfix listens on the VPN.
> Shouldn't this be adoptable?  (Ie special "cleanup" service.)

You apply header_checks on cleanup. I think the header is added by
postfix after incoming. Personnally I put header_checks in main.cf to
apply filters also when sending. You can use smtp_header_checks if you
want to apply only on sending.
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: email being flagged a spam for using localhost [127.0.0.1] as first hop

2023-08-09 Thread Wietse Venema via Postfix-users
Viktor Dukhovni via Postfix-users:
> On Wed, Aug 09, 2023 at 02:53:02PM -0400, Wietse Venema wrote:
> 
> > > >   vpnsub_cleanup   unix  n   -   n   -   0   cleanup
> > > >   -o {header_checks=regexp:{{/^Received:/ IGNORE}}}
> > > 
> > > I am not aware of any suport for such inline regexp tables.  What
> > > release of Postfix supports this?
> > 
> > Postfix 3.7 introduced inline tables for regexp, pcre, and cidr
> > tables. I used the regexp support to get better logging with ALPACA
> > attacks (http://www.postfix.org/wip.html).
> 
> Cool.  Somehow that feature flew under my "radar".  This rather
> simplifies my advice in another thread today (dummy address this time):
> 
> check_client_access cidr:{
> { 192.0.2.1 = DUNNO },
> { 0.0.0.0/0 = reject_unauth_pipelining },
> { ::/0 = reject_unauth_pipelining }
> }

Caution: these tables don't use '='. The format of the inner {text}
is dictated by the regexp_table, pcre_table and cidr_table manpages.

> I expect there's no "if ... endif" support in the inline forms (none
> documented).

There is, it just looks ugly. The mapping from 

{ {text1} {text2} {text3} }

to

text1
text2
text3

is map-type independent and does not care if some text contains 'f'
or 'endif'.  The pcre_table etc. parser, of course, do care.

Unfortunately the Postfix 3.0 inline:{} table does use '='.  
This is because it reuses main.cf parsing infrastructure.

Wietse
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: email being flagged a spam for using localhost [127.0.0.1] as first hop

2023-08-09 Thread Viktor Dukhovni via Postfix-users
On Wed, Aug 09, 2023 at 02:53:02PM -0400, Wietse Venema wrote:

> > >   vpnsub_cleanup   unix  n   -   n   -   0   cleanup
> > >   -o {header_checks=regexp:{{/^Received:/ IGNORE}}}
> > 
> > I am not aware of any suport for such inline regexp tables.  What
> > release of Postfix supports this?
> 
> Postfix 3.7 introduced inline tables for regexp, pcre, and cidr
> tables. I used the regexp support to get better logging with ALPACA
> attacks (http://www.postfix.org/wip.html).

Cool.  Somehow that feature flew under my "radar".  This rather
simplifies my advice in another thread today (dummy address this time):

check_client_access cidr:{
{ 192.0.2.1 = DUNNO },
{ 0.0.0.0/0 = reject_unauth_pipelining },
{ ::/0 = reject_unauth_pipelining }
}

I expect there's no "if ... endif" support in the inline forms (none
documented).

-- 
Viktor.
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: email being flagged a spam for using localhost [127.0.0.1] as first hop

2023-08-09 Thread Wietse Venema via Postfix-users
Wietse Venema via Postfix-users:
> Viktor Dukhovni via Postfix-users:
> > On Wed, Aug 09, 2023 at 06:48:11PM +0200, Steffen Nurpmeso via 
> > Postfix-users wrote:
> > 
> > > Yeah the wonderful suggestion of this super helpful list (thanks
> > > again!) for my setup (laptop postfix on "forbidden address" relays
> > > to in-VPN postfix which then sends out) was
> > > 
> > >   192.0.2.1:submission inet n -   n   -   -   smtpd
> > >   -o syslog_name=vpnsub
> > >   -o smtpd_sasl_auth_enable=no
> > >   -o 
> > > smtpd_relay_restrictions=permit_mynetworks,reject_unauth_destination
> > >   -o cleanup_service_name=vpnsub_cleanup
> > >   vpnsub_cleanup   unix  n   -   n   -   0   cleanup
> > >   -o {header_checks=regexp:{{/^Received:/ IGNORE}}}
> > 
> > I am not aware of any suport for such inline regexp tables.  What
> > release of Postfix supports this?
> 
> Postfix 3.7 introduced inline tables for regexp, pcre, and cidr
> tables. I used the regexp support to get better logging with ALPACA
> attacks (http://www.postfix.org/wip.html).

Well, the ALPACA attack was easy to detect because it sends HTTP
commands which Postfix smtpd_forbidden_commands already recognized.
The regexp pattern is for abuse thath isn't so well-behaved.

Wietse
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: email being flagged a spam for using localhost [127.0.0.1] as first hop

2023-08-09 Thread Wietse Venema via Postfix-users
Viktor Dukhovni via Postfix-users:
> On Wed, Aug 09, 2023 at 06:48:11PM +0200, Steffen Nurpmeso via Postfix-users 
> wrote:
> 
> > Yeah the wonderful suggestion of this super helpful list (thanks
> > again!) for my setup (laptop postfix on "forbidden address" relays
> > to in-VPN postfix which then sends out) was
> > 
> >   192.0.2.1:submission inet n -   n   -   -   smtpd
> >   -o syslog_name=vpnsub
> >   -o smtpd_sasl_auth_enable=no
> >   -o 
> > smtpd_relay_restrictions=permit_mynetworks,reject_unauth_destination
> >   -o cleanup_service_name=vpnsub_cleanup
> >   vpnsub_cleanup   unix  n   -   n   -   0   cleanup
> >   -o {header_checks=regexp:{{/^Received:/ IGNORE}}}
> 
> I am not aware of any suport for such inline regexp tables.  What
> release of Postfix supports this?

Postfix 3.7 introduced inline tables for regexp, pcre, and cidr
tables. I used the regexp support to get better logging with ALPACA
attacks (http://www.postfix.org/wip.html).

Wietse
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: email being flagged a spam for using localhost [127.0.0.1] as first hop

2023-08-09 Thread Viktor Dukhovni via Postfix-users
On Wed, Aug 09, 2023 at 06:48:11PM +0200, Steffen Nurpmeso via Postfix-users 
wrote:

> Yeah the wonderful suggestion of this super helpful list (thanks
> again!) for my setup (laptop postfix on "forbidden address" relays
> to in-VPN postfix which then sends out) was
> 
>   192.0.2.1:submission inet n -   n   -   -   smtpd
>   -o syslog_name=vpnsub
>   -o smtpd_sasl_auth_enable=no
>   -o 
> smtpd_relay_restrictions=permit_mynetworks,reject_unauth_destination
>   -o cleanup_service_name=vpnsub_cleanup
>   vpnsub_cleanup   unix  n   -   n   -   0   cleanup
>   -o {header_checks=regexp:{{/^Received:/ IGNORE}}}

I am not aware of any suport for such inline regexp tables.  What
release of Postfix supports this?

-- 
Viktor.
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: email being flagged a spam for using localhost [127.0.0.1] as first hop

2023-08-09 Thread Wietse Venema via Postfix-users
Steffen Nurpmeso via Postfix-users:
> Michel Verdier via Postfix-users wrote in
>  <87fs4s49y5@free.fr>:
>  |On 2023-08-09, Fourhundred Thecat via Postfix-users wrote:
>  |
>  |> do you think this would be OK, or does the hostname and IP (be it
>  |> localhost.local) have to be there ?
>  |
>  |Why don't you remove completely this header in your postfix using for
>  |example header_checks ? Received is frequently removed to hide internal
>  |IP if you don't need to trace them.
> 
> Yeah the wonderful suggestion of this super helpful list (thanks
> again!) for my setup (laptop postfix on "forbidden address" relays
> to in-VPN postfix which then sends out) was
> 
>   192.0.2.1:submission inet n -   n   -   -   smtpd
>   -o syslog_name=vpnsub
>   -o smtpd_sasl_auth_enable=no
>   -o 
> smtpd_relay_restrictions=permit_mynetworks,reject_unauth_destination
>   -o cleanup_service_name=vpnsub_cleanup
>   vpnsub_cleanup   unix  n   -   n   -   0   cleanup
>   -o {header_checks=regexp:{{/^Received:/ IGNORE}}}
> 
> where 192.0.2.1 is the address where postfix listens on the VPN.
> Shouldn't this be adoptable?  (Ie special "cleanup" service.)

We could add a section to the STANDARD_CONFIGURATION_README text
(and perhaps include that in SOHO_README). This could be useful
even with non-VPN use cases.

Wietse
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: email being flagged a spam for using localhost [127.0.0.1] as first hop

2023-08-09 Thread Steffen Nurpmeso via Postfix-users
Michel Verdier via Postfix-users wrote in
 <87fs4s49y5@free.fr>:
 |On 2023-08-09, Fourhundred Thecat via Postfix-users wrote:
 |
 |> do you think this would be OK, or does the hostname and IP (be it
 |> localhost.local) have to be there ?
 |
 |Why don't you remove completely this header in your postfix using for
 |example header_checks ? Received is frequently removed to hide internal
 |IP if you don't need to trace them.

Yeah the wonderful suggestion of this super helpful list (thanks
again!) for my setup (laptop postfix on "forbidden address" relays
to in-VPN postfix which then sends out) was

  192.0.2.1:submission inet n -   n   -   -   smtpd
  -o syslog_name=vpnsub
  -o smtpd_sasl_auth_enable=no
  -o 
smtpd_relay_restrictions=permit_mynetworks,reject_unauth_destination
  -o cleanup_service_name=vpnsub_cleanup
  vpnsub_cleanup   unix  n   -   n   -   0   cleanup
  -o {header_checks=regexp:{{/^Received:/ IGNORE}}}

where 192.0.2.1 is the address where postfix listens on the VPN.
Shouldn't this be adoptable?  (Ie special "cleanup" service.)

--steffen
|
|Der Kragenbaer,The moon bear,
|der holt sich munter   he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: debugging an appliance connection

2023-08-09 Thread Viktor Dukhovni via Postfix-users
On Wed, Aug 09, 2023 at 11:35:12AM -0500, shorton wrote:

> >Do you have "reject_unauth_pipelining" in any of your smtpd
> >restrictions, in either main.cf or master.cf?
> 
> I do:
>   smtpd_data_restrictions =
> reject_unauth_pipelining,
> permit

That's the reason why the client is unable to submit its message.

> >What is your Postfix version (it may have been patched by the vendor
> >without changing the patch level number).  
> 
> 3.2.2  running on CENTOS 7.  From http://ghettoforge.org/index.php/Postfix3
> postfix3.x86_64 2:3.2.2-4.gf.el7 
> @gf-testing
> postfix3-pcre.x86_642:3.2.2-4.gf.el7 
> @gf-testing
> 
> >What is the output of:
> >
> >$ postconf smtpd_forbid_unauth_pipelining
> 
> postconf: warning: smtpd_forbid_unauth_pipelining: unknown parameter

The default enforcement of correct pipelining is new in Postfix 3.9, at
some point in the future, you may need to pay attention to this
variable.  For now your obstacle is the explicit restriction.

> How hard is it to authorize pipelining for that host, if that's the issue?

Instead of your current data restrictions, try:

smtpd_data_restrictions =
   check_client_access inline:{152.86.61.4=permit},
   reject_unauth_pipelining

If you prefer a more flexible solution,

main.cf:
cidr = cidr:${config_directory}/
smtpd_data_restrictions =
   check_client_access ${cidr}clnt-data-access.cidr

clnt-data-access.cidr:
# IPv4 clients
if 0.0.0.0/0
152.86.61.4 DUNNO
# Any additional IPv4 special cases here
# ...
# Default action
0.0.0.0/0   reject_unauth_destination
endif

# IPv6 clients
if ::/0
# Any special IPv6 cases here
# ...
# Default action
::/0reject_unauth_destination
endif

-- 
Viktor.
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: debugging an appliance connection

2023-08-09 Thread Viktor Dukhovni via Postfix-users
On Wed, Aug 09, 2023 at 10:31:18AM -0500, Scott Techlist via Postfix-users 
wrote:

> Client has an appliance (Axion RTAC) that sends email based reports.
> I don't have access to the appliance or its docs.  It used to send its
> emails to an Exchange server that has been decommissioned.  I'm trying
> to get it to send to my postfix server.  I have it whitelisted for
> postfix checks.  
> 
> Aug  9 00:00:01 tn3 postfix/smtpd[16414]: improper command pipelining after 
> MAIL from oxyrtac.mlec.com[152.86.61.4]: RCPT TO: 
> oxyme...@mlec.com\r\nDATA\r\nFrom: OXY Report RTAC\r\nTo: 
> OxyMeter = 3.9: yes)
   Disconnect remote SMTP clients that violate RFC 2920 (or 5321)
   command pipelining constraints. The server replies with "554
   5.5.0 Error: SMTP protocol synchronization" and logs the
   unexpected remote SMTP client input. This feature is enabled by
   default with Postfix >= 3.9. Specify
   "smtpd_forbid_unauth_pipelining = no" to disable.

   This feature is available in Postfix >= 3.9, 3.8.1, 3.7.6, 3.6.10, and
   3.5.20.

What is the output of:

$ postconf smtpd_forbid_unauth_pipelining

(This will report an error in older Postfix versions).

-- 
Viktor.
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] debugging an appliance connection

2023-08-09 Thread Scott Techlist via Postfix-users
Client has an appliance (Axion RTAC) that sends email based reports.  I don't 
have access to the appliance or its docs.  It used to send its emails to an 
Exchange server that has been decommissioned.  I'm trying to get it to send to 
my postfix server.  I have it whitelisted for postfix checks.  

I'm getting this in my log:

Aug  9 00:00:00 tn3 postfix/postscreen[16413]: CONNECT from [152.86.61.4]:46016 
to [serverip]:25
Aug  9 00:00:00 tn3 postfix/postscreen[16413]: WHITELISTED [152.86.61.4]:46016
Aug  9 00:00:00 tn3 postfix/smtpd[16414]: connect from 
oxyrtac.mlec.com[152.86.61.4]
Aug  9 00:00:01 tn3 postfix/smtpd[16414]: improper command pipelining after 
MAIL from oxyrtac.mlec.com[152.86.61.4]: RCPT TO: 
oxyme...@mlec.com\r\nDATA\r\nFrom: OXY Report RTAC\r\nTo: 
OxyMeter 
Aug  9 00:00:01 tn3 postfix/smtpd[16414]: disconnect from 
oxyrtac.mlec.com[152.86.61.4] mail=0/1 rcpt=0/1 data=0/1 unknown=0/1 
commands=0/4

Not sure if it's the  it's sending that's hosing the pipelining or 
what.  How can I debug what happens with this connection?



___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: email being flagged a spam for using localhost [127.0.0.1] as first hop

2023-08-09 Thread Jaroslaw Rafa via Postfix-users
Dnia  9.08.2023 o godz. 09:22:03 Bill Cole via Postfix-users pisze:
> A Received header that seems to record a SMTP
> session on the loopback by Postfix is not common,

Hm... I think it's quite common for webmail applications. They usually
connect to IMAP/SMTP server on loopback interface. (assuming of course
everything is installed on the same server)
-- 
Regards,
   Jaroslaw Rafa
   r...@rafa.eu.org
--
"In a million years, when kids go to school, they're gonna know: once there
was a Hushpuppy, and she lived with her daddy in the Bathtub."
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: email being flagged a spam for using localhost [127.0.0.1] as first hop

2023-08-09 Thread Michel Verdier via Postfix-users
On 2023-08-09, Fourhundred Thecat via Postfix-users wrote:

> do you think this would be OK, or does the hostname and IP (be it
> localhost.local) have to be there ?

Why don't you remove completely this header in your postfix using for
example header_checks ? Received is frequently removed to hide internal
IP if you don't need to trace them.
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: email being flagged a spam for using localhost [127.0.0.1] as first hop

2023-08-09 Thread Bill Cole via Postfix-users

On 2023-08-09 at 03:40:20 UTC-0400 (Wed, 9 Aug 2023 09:40:20 +0200)
Fourhundred Thecat via Postfix-users <400the...@gmx.ch>
is rumored to have said:


On 2023-08-09 07:58, Viktor Dukhovni via Postfix-users wrote:
On Wed, Aug 09, 2023 at 07:34:48AM +0200, Fourhundred Thecat via 
Postfix-users wrote:



So that the first hop looks like this:

   Received: from [127.0.0.1] (localhost [127.0.0.1])
 by mail.xxx.yyy (Postfix) with ESMTPSA id 7E011B0
 for ; Wed,  9 Aug 2023 07:04:42 +0200 (CEST)


Try a small change:

 Received: from localhost.local (localhost.local [127.0.0.1])
   by mail.xxx.yyy (Postfix) with ESMTPSA id 7E011B0
   for ; Wed,  9 Aug 2023 07:04:42 +0200 (CEST)

That is, use a hostname as the recorded "HELO" name, rather than
address-literal, and make that name be an FQDN while you're at it.

This might be enough.


thank you.

thinking about it now, could I remove the host and the IP entirely?


You CAN do just about anything with the Received headers, as it has a 
long history of wildly divergent contents.


How MS reacts is the more relevant question and the answer is only known 
to Cortana, or whatever MS calls their quasi-sentient spam filter...



I have looked at what the header looks like when I send an email 
locally

(from mutt as user on the postfix server). And there is no hostname or
IP or localhost entry at all:

Received: by mail.xxx.yyy (Postfix, from userid 1000) id A73CFD6; Wed,
9 Aug 2023 08:36:22 +0200 (CEST)

do you think this would be OK, or does the hostname and IP (be it
localhost.local) have to be there ?


It is probably a good idea (if you are committed to an audit trail going 
nowhere and being obviously intentionally deceptive) to mimic mail that 
works. So the answer is testing. If sending with mutt works, fake that. 
A Received header that seems to record a SMTP session on the loopback by 
Postfix is not common, so maybe the local submission pattern will be 
less suspect. Test.


One thing that seems to work is to not attempt to craft Received headers 
at all. You have to evaluate your own threat model, but the marginal 
value of the information in a Received header is rarely significant. On 
the other side, it is usually possible to detect obfuscated Received 
headers and it is entirely reasonable for receiving sites to see that in 
a message and deem it suspect on that basis.



--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org


[pfx] Re: email being flagged a spam for using localhost [127.0.0.1] as first hop

2023-08-09 Thread Fourhundred Thecat via Postfix-users

> On 2023-08-09 07:58, Viktor Dukhovni via Postfix-users wrote:

On Wed, Aug 09, 2023 at 07:34:48AM +0200, Fourhundred Thecat via Postfix-users 
wrote:


So that the first hop looks like this:

   Received: from [127.0.0.1] (localhost [127.0.0.1])
 by mail.xxx.yyy (Postfix) with ESMTPSA id 7E011B0
 for ; Wed,  9 Aug 2023 07:04:42 +0200 (CEST)


Try a small change:

 Received: from localhost.local (localhost.local [127.0.0.1])
   by mail.xxx.yyy (Postfix) with ESMTPSA id 7E011B0
   for ; Wed,  9 Aug 2023 07:04:42 +0200 (CEST)

That is, use a hostname as the recorded "HELO" name, rather than
address-literal, and make that name be an FQDN while you're at it.

This might be enough.


thank you.

thinking about it now, could I remove the host and the IP entirely?

I have looked at what the header looks like when I send an email locally
(from mutt as user on the postfix server). And there is no hostname or
IP or localhost entry at all:

Received: by mail.xxx.yyy (Postfix, from userid 1000) id A73CFD6; Wed,
9 Aug 2023 08:36:22 +0200 (CEST)

do you think this would be OK, or does the hostname and IP (be it
localhost.local) have to be there ?

___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org