[pfx] Re: sendmail -v add@ress hangs / postdrop calls read(0, … and waits forever
On Sun, Jun 23, 2024 at 06:06:40PM +, Дилян Палаузов wrote: > «sendmail -v myself@domain» however hangs. Of course it does, it is waiting to read the message headers and body from standard input as expected. > until I press Ctrl+C. This is Postfix 3.4.13. On Postfix 2.11 the > same command works. As far I see, there is no close(0), so read(0, … > expect data from standard input. > > Can you tell me why does «sendmail -v address» hang? Because you haven't provided a message to send, and standard input is attached to a terminal. If you do not want to send a message: $ sender=la...@example.com $ recipients=(cu...@example.com m...@example.com) $ sendmail -f "$sender" -bv "${recipients[@]}" -- Viktor. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] inquiry for milter server
what's the mainstream milter server for customized content analysis such as headers and languages? I may want to block some special messages which have a special header or special language (like middle-east). Thanks in advance. regards. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: how to implement this route
On 2024-06-23 20:24, Wietse Venema via Postfix-users wrote: Jeff Peng via Postfix-users: Hello I saw gmx.de/web.de have a policy that, if the submission IP is not from DE/EU, messages will be routed to a different gateway which is listed in spamhaus already. Otherwise if submission client's IP is in DE/EU, messages will be routed out via the normal gateway whose IP is clean. How to customized my own transport for that? You can configure customized SMTP clients in master.cf, each with an appropriate smtp_bind_address setting, and use transport_maps to choose between those clients. Thanks Wietse. other than binding multi-IP on a same host, is it better to have multi-geobased-MTAs for incoming messages? References: https://www.postfix.org/postconf.5.html#smtp_bind_address https://www.postfix.org/transport.5.html appreciate for the references. AI is an experimental feature of this mailing list. what AI is used for this mailing list? Thanks. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: No email forwarding?
On 2024-06-23 at 17:15:33 UTC-0400 (Sun, 23 Jun 2024 23:15:33 +0200) Jaroslaw Rafa via Postfix-users is rumored to have said: The forwarding issue is easily solvable. It's only the unwillingness of mainstream email providers to solve it. That implies a definition of "easily" that somehow includes "essentially impossible." It is logically simple. It is practically imaginary. A very different option *which is also never going to happen* but which is conceivably in the hands of sending domain owners would be to implement per-user SPF and provide users with the tools to define their own records. This will not happen in part for the same reasons the behemoths won't solve it: non-trivial implementation and ongoing support costs without tangible return on investment. -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo@toad.social and many *@billmail.scconsult.com addresses) Not Currently Available For Hire ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: No email forwarding?
Jaroslaw Rafa via Postfix-users skrev den 2024-06-23 23:15: But nobody wants to implement this, they rather want to advise against forwarding. forwarding is not brokken, what is brokken is that srs is needed to solve another domains spf records ? no just stop fokus on dkim, and dmarc aligment is just happing on direct to mx, not when mails is sent to maillists that break dkim, before content is arc signed and arc sealed order of things is most important, as long this is not done we could have endless debate on what is brokken ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: No email forwarding?
Dnia 23.06.2024 o godz. 12:20:37 Bill Cole via Postfix-users pisze: > Transparent forwarding is infeasible of the modern net. Forwarding > using SRS or encapsulation is still usable if you are willing to > accept that those methods are imperfect and add complexity to a mail > system. > > Forwarding outside of a common administrative realm carries > substantial risk of mail being blocked, even with the use of SRS or > encapsulation. It can seriously impair the reputation of the > forwarding site, particularly with mass-market mailbox providers. It > can often be a path for spam to get into mailboxes that it could not > get to directly. On the other hand, it is the same functionality at > the core of mailing lists like this one, which people find useful. The forwarding issue is easily solvable. It's only the unwillingness of mainstream email providers to solve it. All it takes is to give the users of said provider access to an interface where they could define IP addresses or domains from which mail will be forwarded to their account. Then failed SPF should be ignored on these messages (so even classic forwarding can be used, which can be done by any MTA without need to install additional software), and if spam will be identified in such message, it should not count towards forwarding server's reputation. But nobody wants to implement this, they rather want to advise against forwarding. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: DQS key in error responses
Bill Cole via Postfix-users: > On 2024-06-23 at 08:30:53 UTC-0400 (Sun, 23 Jun 2024 08:30:53 -0400 (EDT)) > Wietse Venema via Postfix-users > is rumored to have said: > > > Wietse Venema via Postfix-users: > >> If you specify > >> > >> reject_rbl_client string-with-complex-syntax > >> > >> Then the rbl_reply_maps seach key will be that > >> string-with-complex-syntax. > > ... > >> Unlike rbl_reply_maps, postscreen strips the filter (and weight) > >> before searching the reply table. There are merits to both approaches. > >> Zen is a combination of XBL, PBL, and other lists. In some cases > >> one might want to handle XBL, PBL, etc. differently. > > > > It may be helpful to update rbl_reply_maps, so that it will query > > with the domain, after a query with domain=filter returns 'not > > found'. > > > > That's a backwards compatible change that can simplify configuration. > > Yes, that would help a bit. I have some code for Postfix 3.10. rbl_reply_maps will first search the table with the reject_rbl_* or reject_rhsbl_* argument. If the argument result is not found, and the argument has the form domain=address, then rbl_reply_maps will also search with the domain. That still allows different responses for different addreess filters, but most sites won't need that flexibility. Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: Precision of time in Postfix log files
Peter Uetrecht via Postfix-users: > Hello list, > > is the precision of time in Postfix log files (version 3.8.4) configurable > (microseconds or milliseconds)? Postfix does not generate the timestamp for logfiles written by syslogd or equivalent. That is done by the syslog(3) system library function. To group related records together, see the collate script in the Postfix source tarball in the auxiliary/collate directory. Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: DQS key in error responses
On 2024-06-23 at 08:30:53 UTC-0400 (Sun, 23 Jun 2024 08:30:53 -0400 (EDT)) Wietse Venema via Postfix-users is rumored to have said: > Wietse Venema via Postfix-users: >> If you specify >> >> reject_rbl_client string-with-complex-syntax >> >> Then the rbl_reply_maps seach key will be that >> string-with-complex-syntax. > ... >> Unlike rbl_reply_maps, postscreen strips the filter (and weight) >> before searching the reply table. There are merits to both approaches. >> Zen is a combination of XBL, PBL, and other lists. In some cases >> one might want to handle XBL, PBL, etc. differently. > > It may be helpful to update rbl_reply_maps, so that it will query > with the domain, after a query with domain=filter returns 'not > found'. > > That's a backwards compatible change that can simplify configuration. Yes, that would help a bit. -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo@toad.social and many *@billmail.scconsult.com addresses) Not Currently Available For Hire ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: No email forwarding?
On 2024-06-22 at 18:54:32 UTC-0400 (Sat, 22 Jun 2024 22:54:32 +) Jeff Pang via Postfix-users is rumored to have said: But google "why email forwarding is a bad idea" will get a lot of results. That is an extraordinarily poor measure of anything other than Google's indexing capability and their radical agnosticism on all disputable questions. Some of us remember the era when the classical sort of transparent forwarding done via /etc/alias and ~/.forward was a common simple working solution. It has not been that way for >20 years, but it takes a long time for some people to accept that the world changes and one must either change along with it or be left behind. Transparent forwarding is infeasible of the modern net. Forwarding using SRS or encapsulation is still usable if you are willing to accept that those methods are imperfect and add complexity to a mail system. Forwarding outside of a common administrative realm carries substantial risk of mail being blocked, even with the use of SRS or encapsulation. It can seriously impair the reputation of the forwarding site, particularly with mass-market mailbox providers. It can often be a path for spam to get into mailboxes that it could not get to directly. On the other hand, it is the same functionality at the core of mailing lists like this one, which people find useful. Whether and how one supports automated forwarding on a mail system is a very site-specific question, dependent largely on what your users want/need and what sort of service you want to be providing. For example, I run mail systems for small and medium sized businesses, most (but not all) of whom have strict rules against users forwarding mail anywhere. It's a business policy decision. -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo@toad.social and many *@billmail.scconsult.com addresses) Not Currently Available For Hire ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Precision of time in Postfix log files
Hello list, is the precision of time in Postfix log files (version 3.8.4) configurable (microseconds or milliseconds)? Thanks in advance Peter ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: how to implement this route
Wietse Venema via Postfix-users: > Jeff Peng via Postfix-users: > > Hello > > > > I saw gmx.de/web.de have a policy that, if the submission IP is not from > > DE/EU, messages will be routed to a different gateway which is listed in > > spamhaus already. Otherwise if submission client's IP is in DE/EU, > > messages will be routed out via the normal gateway whose IP is clean. > > How to customized my own transport for that? > > You can configure customized SMTP clients in master.cf, each with > an appropriate smtp_bind_address setting, and use transport_maps > to choose between those clients. > > References: > https://www.postfix.org/postconf.5.html#smtp_bind_address > https://www.postfix.org/transport.5.html > > AI is an experimental feature of this mailing list. A small improvement: instead of transport_maps, one could use a FILTER action in check_policy_service, SMTP server acccess table, or in header/body_checks. Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: DQS key in error responses
Wietse Venema via Postfix-users: > If you specify > > reject_rbl_client string-with-complex-syntax > > Then the rbl_reply_maps seach key will be that > string-with-complex-syntax. ... > Unlike rbl_reply_maps, postscreen strips the filter (and weight) > before searching the reply table. There are merits to both approaches. > Zen is a combination of XBL, PBL, and other lists. In some cases > one might want to handle XBL, PBL, etc. differently. It may be helpful to update rbl_reply_maps, so that it will query with the domain, after a query with domain=filter returns 'not found'. That's a backwards compatible change that can simplify configuration. Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: how to implement this route
Jeff Peng via Postfix-users: > Hello > > I saw gmx.de/web.de have a policy that, if the submission IP is not from > DE/EU, messages will be routed to a different gateway which is listed in > spamhaus already. Otherwise if submission client's IP is in DE/EU, > messages will be routed out via the normal gateway whose IP is clean. > How to customized my own transport for that? You can configure customized SMTP clients in master.cf, each with an appropriate smtp_bind_address setting, and use transport_maps to choose between those clients. References: https://www.postfix.org/postconf.5.html#smtp_bind_address https://www.postfix.org/transport.5.html AI is an experimental feature of this mailing list. Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: DQS key in error responses
Cody Millard via Postfix-users: > Check out this link showing a example postfix configuration. > > https://portal.spamhaus.com/dqs/#3.1.2 > > I found it to be very helpful in displaying the ranged syntax that > spamhaus supports. For a web page that does not require logging in, see: https://docs.spamhaus.com/datasets/docs/source/40-real-world-usage/MTAs/020-Postfix.html Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] how to implement this route
Hello I saw gmx.de/web.de have a policy that, if the submission IP is not from DE/EU, messages will be routed to a different gateway which is listed in spamhaus already. Otherwise if submission client's IP is in DE/EU, messages will be routed out via the normal gateway whose IP is clean. How to customized my own transport for that? Thanks. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: DQS key in error responses
Check out this link showing a example postfix configuration. https://portal.spamhaus.com/dqs/#3.1.2 I found it to be very helpful in displaying the ranged syntax that spamhaus supports. On 6/22/2024 4:25 PM, Bill Cole via Postfix-users wrote: On 2024-06-22 at 16:58:26 UTC-0400 (Sat, 22 Jun 2024 16:58:26 -0400 (EDT)) Wietse Venema via Postfix-users is rumored to have said: Bill Cole via Postfix-users: On 2024-06-22 at 15:19:42 UTC-0400 (Sat, 22 Jun 2024 15:19:42 -0400 (EDT)) Wietse Venema via Postfix-users is rumored to have said: [...] The rbl_reply_maps are searched with the domain specified with reject_rbl_client. That includes the optional "=address" portion, added in Postfix 2.8, but that was not added to the much older rbl_reply_maps documentation. There is an rbl_reply_maps example (a hash map) at https://docs.spamhaus.com/datasets/docs/source/40-real-world-usage/MTAs/020-Postfix.html your_DQS_key.zen.dq.spamhaus.net=127.0.0.[2..11] 554 $rbl_class $rbl_what blocked using ZEN - see ... for details Are you certain that the range syntax works? Absolutely. If you specify reject_rbl_client string-with-complex-syntax Then the rbl_reply_maps seach key will be that string-with-complex-syntax. OK. Right now I have multiple items like this in smtpd_recipient_retrictions reject_rbl_client KEY.zen.dq.spamhaus.net=127.0.0.2 reject_rbl_client KEY.zen.dq.spamhaus.net=127.0.0.3 [... etc.] So the string being searched is 'KEY.zen.dq.spamhaus.net=127.0.0.2', but if I consolidated those into a single restriction: reject_rbl_client KEY.zen.dq.spamhaus.net=127.0.0.[2..11] that would then search for 'KEY.zen.dq.spamhaus.net=127.0.0.[2..11]', matching the existing map entry. Is that correct? ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org