[pfx] Re: Cant join postfix users mailing list
Tuesday, August 6, 2024, 10:08:33 PM, Marek Podmaka via Postfix-users wrote: > On Tue, 30 Jul 2024 at 09:51, Phil Biggs via Postfix-users > wrote: >> I only use list.dnswl.org (for good ones) and zen.spamhaus.org (bad) in >> postscreen. Very effective but I did, just once, see an IP simultaneously >> listed in both. > DNSWL is not for the good ones. Yes, poor choice of words on my part. > BTW has there been any recent study on the effectiveness of > greylisting? I've never used greylisting. -- Cheers, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: Cant join postfix users mailing list
Tuesday, July 30, 2024, 5:24:53 PM, Gary R. Schmidt via Postfix-users wrote: > You need to look into what ban-lists your host subscribes to, blocking a > fairly well-known e-mail source but letting a TPG residential IP address > (that's me!) through is a bit whiffy. I was about to ask a similar question. I only use list.dnswl.org (for good ones) and zen.spamhaus.org (bad) in postscreen. Very effective but I did, just once, see an IP simultaneously listed in both. -- Cheers, yet another Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: question again about email routing
Wednesday, July 10, 2024, 8:59:57 AM, Jeff Pang via Postfix-users wrote: > Hello experts, > One of my customers in HK want to send bulk messages to local users > (about 500/day). > I plan to setup a separated sending out server in HongKong for him. > my question is how to route messages for a specific account to a > specific postfix server to send out? > Thanks in advance sender_dependent_relayhost_maps might do what you want - but I'm no expert. -- Cheers, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: News about The new Postfix book ?
Wednesday, July 3, 2024, 8:03:38 AM, Jean-François Bachelet via Postfix-users wrote: > Hello folks ^^) > There was a new Postfix book in the writing announced on the list, is it > finished and where to find/buy it ? > Thanks by advance :) > Cheers, > Jeff > ___ > Postfix-users mailing list -- postfix-users@postfix.org > To unsubscribe send an email to postfix-users-le...@postfix.org It seems to be finished but not available for delivery just yet. Here's a link to the web site where you can order it: https://www.tiltedwindmillpress.com/product/ryoms-preorder/ -- Cheers, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: Help please on converting SENDMAIL VIRTUSERTABLE to postfix
Monday, March 18, 2024, 3:01:11 PM, Glenn Tenney via Postfix-users wrote: > On Sun, Mar 17, 2024 at 8:05 PM Phil Biggs via Postfix-users > wrote: >> Not sure about the rest of your requirements but perhaps >> >> smtpd_recipient_restrictions = reject_unverified_recipient >> https://www.postfix.org/ADDRESS_VERIFICATION_README.html > I don't think I can do that because I host a couple of domains that > require any email address, except specific ones that have been > blocked, to work. i.e. for better or worse, some domains I'm hosting > just create an email address without any warning. > Glenn > ___ > Postfix-users mailing list -- postfix-users@postfix.org > To unsubscribe send an email to postfix-users-le...@postfix.org Fair enough. Sorry for the noise. -- Cheers, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: Help please on converting SENDMAIL VIRTUSERTABLE to postfix
Monday, March 18, 2024, 1:52:46 PM, Glenn Tenney via Postfix-users wrote: > My question in one, hopefully simple sentence, is: > In Postfix, how do I configure Postfix such that all email to > "user@some.domain" will return an error code (e.g. 550 user unknown) > to bounce that email > Glenn > ___ > Postfix-users mailing list -- postfix-users@postfix.org > To unsubscribe send an email to postfix-users-le...@postfix.org Not sure about the rest of your requirements but perhaps smtpd_recipient_restrictions = reject_unverified_recipient https://www.postfix.org/ADDRESS_VERIFICATION_README.html -- Cheers, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: DNSBL rank log messages after HANGUP
Thursday, March 7, 2024, 3:58:26 PM, Viktor Dukhovni via Postfix-users wrote: > On Thu, Mar 07, 2024 at 01:06:53PM +1100, Phil Biggs via Postfix-users wrote: >> Today I noticed that, occasionally, I see a syslog message stating "blocked >> using zen.spamhaus..." but no matching "DNSBL rank ..." message. >> >> A couple of examples from the past two days: >> >> postfix/postscreen 84893 - - CONNECT from [43.157.61.211]:30092 to >> [192.168.11.2]:25 >> postfix/dnsblog 84894 - - addr 43.157.61.211 listed by domain >> zen.spamhaus.org as 127.0.0.11 >> postfix/postscreen 84893 - - HANGUP after 3.2 from [43.157.61.211]:30092 in >> tests before SMTP handshake > > - >> postfix/postscreen 84893 - - DISCONNECT [43.157.61.211]:30092 >> >> Some other syslog records do have the DNSBL rank. For example: >> >> postfix/postscreen 86907 - - CONNECT from [185.242.226.22]:49012 to >> [192.168.11.2]:25 >> postfix/dnsblog 86910 - - addr 185.242.226.22 listed by domain >> zen.spamhaus.org as 127.0.0.3 >> postfix/postscreen 86907 - - DNSBL rank 2 for [185.242.226.22]:49012 >> postfix/postscreen 86907 - - HANGUP after 0.8 from [185.242.226.22]:49012 in >> tests after SMTP handshake > > > The client hung up too early for a rank to be logged. Thank you, Viktor. I completely missed that before/after difference. -- Cheers, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] DNSBL rank log messages after HANGUP
Today I noticed that, occasionally, I see a syslog message stating "blocked using zen.spamhaus..." but no matching "DNSBL rank ..." message. A couple of examples from the past two days: postfix/postscreen 84893 - - CONNECT from [43.157.61.211]:30092 to [192.168.11.2]:25 postfix/dnsblog 84894 - - addr 43.157.61.211 listed by domain zen.spamhaus.org as 127.0.0.11 postfix/postscreen 84893 - - HANGUP after 3.2 from [43.157.61.211]:30092 in tests before SMTP handshake postfix/postscreen 84893 - - DISCONNECT [43.157.61.211]:30092 postfix/postscreen 1274 - - CONNECT from [45.83.66.127]:42402 to [192.168.11.2]:25 postfix/dnsblog 1276 - - addr 45.83.66.127 listed by domain zen.spamhaus.org as 127.0.0.11 postfix/postscreen 1274 - - HANGUP after 5.3 from [45.83.66.127]:42402 in tests before SMTP handshake postfix/postscreen 1274 - - DISCONNECT [45.83.66.127]:42402 postfix/postscreen 1292 - - CONNECT from [64.62.197.225]:56707 to [192.168.11.2]:25 postfix/dnsblog 1294 - - addr 64.62.197.225 listed by domain zen.spamhaus.org as 127.0.0.4 postfix/postscreen 1292 - - HANGUP after 4.5 from [64.62.197.225]:56707 in tests before SMTP handshake postfix/postscreen 1292 - - DISCONNECT [64.62.197.225]:56707 My postscreen_dnsbl_* settings are: postscreen_dnsbl_action = enforce postscreen_dnsbl_allowlist_threshold = -1 postscreen_dnsbl_sites = zen.spamhaus.org*2, list.dnswl.org*-6 postscreen_dnsbl_threshold = 2 Some other syslog records do have the DNSBL rank. For example: postfix/postscreen 86907 - - CONNECT from [185.242.226.22]:49012 to [192.168.11.2]:25 postfix/dnsblog 86910 - - addr 185.242.226.22 listed by domain zen.spamhaus.org as 127.0.0.3 postfix/postscreen 86907 - - DNSBL rank 2 for [185.242.226.22]:49012 postfix/postscreen 86907 - - HANGUP after 0.8 from [185.242.226.22]:49012 in tests after SMTP handshake postfix/postscreen 86907 - - DISCONNECT [185.242.226.22]:49012 My syslogd (and system as a whole) is far from busy. Postfix 3.8.4 on FreeBSD 13.2-RELEASE-p8 -- Cheers, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: Strange dnsblog lookup errors
Saturday, January 13, 2024, 12:31:27 AM, Wietse Venema via Postfix-users wrote: > Phil Biggs via Postfix-users: >> postfix/dnsblog 17448 - - warning: dnsblog_query: lookup error for DNS query >> 137.52.152.104.list.dnswl.org: Host or domain name not found. Name service >> error for name=137.52.152.104.list.dnswl.org type=A: Host not found, try >> again >> >> As later lookups returned valid results, I had just put that down to some >> glitch with dnswl's servers. > Wietse: >> I suspect packet loss somewhere on the path between your system and >> list.dnswl.org. I had a few of the above type of error in my maillog >> files in the months from June to December 2022, for list.dnswl.org >> and zen.spamhaus.org, and some for both. > Phil Biggs: >> It just seemed strange to me that zen disappeared completely from these logs >> right after I added dnswl. > And does it come back when you remove dnswl? Is this reproducible? > Is something rate-limiting your DNS? Postfix can't do that. > Wietse > ___ > Postfix-users mailing list -- postfix-users@postfix.org > To unsubscribe send an email to postfix-users-le...@postfix.org I'll monitor this but it may take a while until one of these logs again. No rate limiting. Well, not that I'm aware of. The Postfix server runs its own FreeBSD local-unbound resolver. I reversed the order of dnswl and zen to see whether that has any effect. If it doesn't, I'll take dnswl out and monitor from that point. Thank you. -- Cheers, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: Strange dnsblog lookup errors
Friday, January 12, 2024, 11:26:33 AM, Wietse Venema via Postfix-users wrote: > Phil Biggs via Postfix-users: >> >> Back in June of 2023 I added list.dnswl.org to postscreen. >> >> Over time I've noticed that I get the occasional lookup error like this: >> >> postfix/dnsblog 17448 - - warning: dnsblog_query: lookup error for DNS query >> 137.52.152.104.list.dnswl.org: Host or domain name not found. Name service >> error for name=137.52.152.104.list.dnswl.org type=A: Host not found, try >> again >> >> As later lookups returned valid results, I had just put that down to some >> glitch with dnswl's servers. > I suspect packet loss somewhere on the path between your system and > list.dnswl.org. I had a few of the above type of error in my maillog > files in the months from June to December 2022, for list.dnswl.org > and zen.spamhaus.org, and some for both. > Wietse > ___ > Postfix-users mailing list -- postfix-users@postfix.org > To unsubscribe send an email to postfix-users-le...@postfix.org Thanks, Wietse. It just seemed strange to me that zen disappeared completely from these logs right after I added dnswl. -- Cheers, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Strange dnsblog lookup errors
Back in June of 2023 I added list.dnswl.org to postscreen. Over time I've noticed that I get the occasional lookup error like this: postfix/dnsblog 17448 - - warning: dnsblog_query: lookup error for DNS query 137.52.152.104.list.dnswl.org: Host or domain name not found. Name service error for name=137.52.152.104.list.dnswl.org type=A: Host not found, try again As later lookups returned valid results, I had just put that down to some glitch with dnswl's servers. Yesterday I got this error for my ISP's outbound server, which I know is listed with dnswl. I thought I'd have a look at historical logs. Up to the date when I added list.dnswl.org, I had only zen.spamhaus.org in my postscreen_dnsbl_sites. Searching through my logs I see that, up until June last year, I had those same error logs but only for zen. (To be expected, given that it was the only one in use.) After that date, though, every logged error is for list.dnswl.org and there are none for zen.spamhaus.org. Just wondering why that might be. My postscreen config: postscreen_cache_map = btree:/var/db/postfix/postscreen_cache postscreen_greet_action = enforce postscreen_denylist_action = enforce postscreen_dnsbl_allowlist_threshold = -1 postscreen_dnsbl_sites = list.dnswl.org*-6, zen.spamhaus.org*2 postscreen_dnsbl_action = enforce postscreen_dnsbl_threshold = 2 -- Thanks, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: The SMTP HELP command
Friday, December 29, 2023, 9:59:41 AM, John Levine via Postfix-users wrote: > Today's topic is the HELP command. The current spec says that it is > mandatory to implment it. By chance, I was reading RFC 5321 when your email came in. Where do see the "mandatory" requirement? Section 4.1.1.8 says: SMTP servers SHOULD support HELP without arguments and MAY support it with arguments. Section 4.5.1 doesn't include HELP in its list of required commands. I suppose the question about why Postfix doesn't implement it is valid but I assume it would have something to do with the discussion in Section 7.5. -- Cheers, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: SMTP smuggling
Thursday, December 21, 2023, 10:05:41 AM, Wietse Venema via Postfix-users wrote: > Viktor Dukhovni via Postfix-users: >> smtpd_data_restrictions=reject_unauth_pipelining. > That will, as Viktor observes, on port 25 mitigate the published attack. Will postscreen's opportunistically enabled pipelining test also have the same effect? With smtpd_forbid_unauth_pipelining in place, is an entry of reject_unauth_pipelining in smtpd_*_restrictions redundant? -- Thanks, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: read postscreen database?
Wednesday, November 1, 2023, 4:38:13 AM, Michael W. Lucas via Postfix-users wrote: > On Tue, Oct 31, 2023 at 12:56:23PM -0400, Wietse Venema via Postfix-users > wrote: >> Michael W. Lucas via Postfix-users: >> > Hi, >> > >> > Is there a way to dump the postscreen database, showing which >> > addresses are cached and why? >> > >> > Running postfix 3.8 on FreeBSD. >> >> postmap -s >> > # ./postmap -s /var/db/postfix/postscreen_cache > Still hung. > Am I missing something obvious here? > Thanks, > ==ml Problem was a missing 'btree:' file_type, as in: # postmap -s btree:/var/db/postfix/postscreen_cache -- Cheers, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: Address family for hostname not supported?
Monday, September 18, 2023, 10:01:51 AM, Viktor Dukhovni via Postfix-users wrote: > On Mon, Sep 18, 2023 at 09:38:49AM +1000, Phil Biggs via Postfix-users wrote: >> > https://lists.freebsd.org/archives/freebsd-net/2022-October/002556.html >> >> Ah, just saw this but it's getting way beyond my skill level :-) >> >> Does that invalidate the bug report? > The change in error number and message was intentional. If you strongly > feel it is worse than the original, you could still file a bug report, > but your case would need to be strong, given the change in behaviour is > not inadvertent. Thanks, Viktor. It has no impact on the systems I run and I don't have a view that would be worthy of consideration in this. >From what I could understand, it seems the recommendation was to return the same value as Linux. Is that something postfix would need to take into account? It also seems to be informational only. -- Cheers, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: Accepting mail from old Dell iDRAC
Wednesday, August 2, 2023, 3:26:43 PM, Charles Sprickman via Postfix-users wrote: > Hi all, > I'm having a heck of a time figuring out how to see just what this Dell is > offering when speaking to Postfix... > It's an "iDRAC7", which is just a little management card. > I want it to be able to send some email alerts, but I keep getting warnings > about > a cipher mismatch. > With some debugging I think there's some hints here, but OpenSSL seems to not > really provide much info on the "cipher mismatch" (including perhaps, > what cipher the remote end is using). > How can I troubleshoot this a bit more? > Thanks, > Charles > ___ > Postfix-users mailing list -- postfix-users@postfix.org > To unsubscribe send an email to postfix-users-le...@postfix.org I read somewhere recently that alert encryption is only supported on the iDRAC9 and later and only after a firmware update. -- Cheers, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: postscreen question
Saturday, April 29, 2023, 5:40:19 PM, Ken Peng via Postfix-users wrote: > Hello > When I enabled postscreen, why even gmail's sender IP was greylisted? > The log says: > Apr 29 15:35:35 mxin postfix/postscreen[59408]: NOQUEUE: reject: RCPT from > [209.85.160.53]:50219: 450 4.3.2 Service currently unavailable; > from=, to=, proto=ESMTP, > helo= > And this is my configuration for postscreen: > # postscreen > postscreen_access_list = permit_mynetworks > cidr:/etc/postfix/postscreen_access.cidr > postscreen_blacklist_action = drop > postscreen_greet_action = enforce > postscreen_dnsbl_threshold = 2 > postscreen_dnsbl_action = enforce > postscreen_dnsbl_sites = zen.spamhaus.org*2 > postscreen_dnsbl_whitelist_threshold = -2 > # postscreen protocol test > postscreen_pipelining_enable = yes > postscreen_pipelining_action = enforce > postscreen_non_smtp_command_enable = yes > postscreen_non_smtp_command_action = enforce > postscreen_bare_newline_enable = yes > postscreen_bare_newline_action = enforce > Thank you > Ken > ___ > Postfix-users mailing list -- postfix-users@postfix.org > To unsubscribe send an email to postfix-users-le...@postfix.org I'm not sure if these things will solve your problem with gmail but... You don't need the things listed in your "# postscreen protocol test" block. See the lines in the README that say: "This test is opportunistically enabled when postscreen(8) has to use the built-in SMTP engine anyway. This is to make postscreen(8) logging more informative." You should have: postscreen_dnsbl_whitelist_threshold = -1 (not -2) -- Cheers, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: postscreen question
Saturday, April 29, 2023, 10:15:41 AM, Ken Peng via Postfix-users wrote: > Sorry i have a question to postscreen. > I saw many people use postscreen for RBL checks. > But postfix itself have the RBL checks already: > smtpd_recipient_restrictions = >... >reject_rbl_client zen.spamhaus.org, >reject_rbl_client bl.spamcop.net > So what's the difference between them? > Regards. > ___ > Postfix-users mailing list -- postfix-users@postfix.org > To unsubscribe send an email to postfix-users-le...@postfix.org This may help: http://www.postfix.org/POSTSCREEN_README.html -- Cheers, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: Question to reject_rbl_client zen.spamhaus.org
Sunday, April 9, 2023, 12:02:20 PM, tom--- via Postfix-users wrote: > I have this setting in main.cf: > smtpd_recipient_restrictions = > permit_mynetworks, > permit_sasl_authenticated, > reject_unauth_destination, > check_policy_service unix:private/policyd-spf, > reject_rbl_client zen.spamhaus.org, > reject_rbl_client bl.spamcop.net > When I sent message from a Spamhaus Zen listed IP (this IP not in my > whitelist), the message still came into system. > it seemsreject_rbl_client zen.spamhaus.org has no effect. > Where should i debug it? > Thanks > Tom. > ___ > Postfix-users mailing list -- postfix-users@postfix.org > To unsubscribe send an email to postfix-users-le...@postfix.org Sorry, accidentally replied off-list before Hi Tom, I can’t answer your question but I use postscreen for DNSBL: postscreen_cache_map = btree:/var/db/postfix/postscreen_cache postscreen_greet_action = enforce postscreen_denylist_action = enforce postscreen_dnsbl_allowlist_threshold = -1 postscreen_dnsbl_sites = zen.spamhaus.org*2 postscreen_dnsbl_action = enforce postscreen_dnsbl_threshold = 2 You may want to have a look at that. -- Cheers, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: postscreen logs MIA
Saturday, March 18, 2023, 4:48:02 PM, Phil Biggs via Postfix-users wrote: > Saturday, March 18, 2023, 4:39:36 PM, Bill Cole via Postfix-users wrote: >> On 2023-03-18 at 01:28:42 UTC-0400 (Sat, 18 Mar 2023 16:28:42 +1100) >> Phil Biggs via Postfix-users >> is rumored to have said: >>> I have just finished building a new server for a friend and, after >>> installing >>> the postfix FreeBSD package and restoring his main.cf, I see no >>> postscreen logs >>> at all. >>> >>> I have updated his FreeBSD to 13.1-RELEASE-P6 and the postfix-sasl pkg >>> version installed is 3.7.4,1, which is the latest and the same as on >>> my server. >>> >>> His main.cf and mine are almost identical apart from the obvious >>> domain >>> changes but the postscreen logs are absent on his server. Nothing in >>> any logs >>> to indicate problems. >> Whether or not postscreen is enabled depends on configuration in >> master.cf. It's not enabled by default on FreeBSD, so he probably has a >> line like this at the top of master.cf: >> smtp inet n - n - - smtpd >> To enable postscreen, that should be replaced with: >> smtp inet n - n - 1 postscreen >> smtpd pass - - n - - smtpd >> You can get a clean look at your master.cf settings with 'postconf -Mf' > Many thanks, Bill. > That could well be the problem but I have never had to modify master.cf > before. Perhaps something changed with the pkg - his being a new install and > mine having been upgraded over time. > I'll fix up his main.cf and see how it goes. > - > Cheers,, > Phil > ___ > Postfix-users mailing list -- postfix-users@postfix.org > To unsubscribe send an email to postfix-users-le...@postfix.org Yep, his master.cf was completely different from mine. Copied mine over to his system and all good. Thanks again, Bill -- Cheers, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: postscreen logs MIA
Saturday, March 18, 2023, 4:39:36 PM, Bill Cole via Postfix-users wrote: > On 2023-03-18 at 01:28:42 UTC-0400 (Sat, 18 Mar 2023 16:28:42 +1100) > Phil Biggs via Postfix-users > is rumored to have said: >> I have just finished building a new server for a friend and, after >> installing >> the postfix FreeBSD package and restoring his main.cf, I see no >> postscreen logs >> at all. >> >> I have updated his FreeBSD to 13.1-RELEASE-P6 and the postfix-sasl pkg >> version installed is 3.7.4,1, which is the latest and the same as on >> my server. >> >> His main.cf and mine are almost identical apart from the obvious >> domain >> changes but the postscreen logs are absent on his server. Nothing in >> any logs >> to indicate problems. > Whether or not postscreen is enabled depends on configuration in > master.cf. It's not enabled by default on FreeBSD, so he probably has a > line like this at the top of master.cf: > smtp inet n - n - - smtpd > To enable postscreen, that should be replaced with: > smtp inet n - n - 1 postscreen > smtpd pass - - n - - smtpd > You can get a clean look at your master.cf settings with 'postconf -Mf' Many thanks, Bill. That could well be the problem but I have never had to modify master.cf before. Perhaps something changed with the pkg - his being a new install and mine having been upgraded over time. I'll fix up his main.cf and see how it goes. - Cheers,, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] postscreen logs MIA
I have just finished building a new server for a friend and, after installing the postfix FreeBSD package and restoring his main.cf, I see no postscreen logs at all. I have updated his FreeBSD to 13.1-RELEASE-P6 and the postfix-sasl pkg version installed is 3.7.4,1, which is the latest and the same as on my server. His main.cf and mine are almost identical apart from the obvious domain changes but the postscreen logs are absent on his server. Nothing in any logs to indicate problems. Any ideas where to look for problems would be appreciated. postconf -nf: address_verify_negative_expire_time = 1d alias_database = hash:/etc/mail/aliases alias_maps = hash:/etc/mail/aliases bounce_queue_lifetime = 1d compatibility_level = 3.6 disable_vrfy_command = yes inet_interfaces = 10.214.2.2 inet_protocols = ipv4 local_recipient_maps = message_size_limit = 3000 myhostname = mail.hisdomain.com mynetworks = 10.214.1.0/24 10.214.2.0/24 172.23.33.0/24 notify_classes = postscreen_access_list = permit_mynetworks, cidr:/usr/local/etc/postfix/cal_cidr postscreen_cache_retention_time = 90d postscreen_denylist_action = enforce postscreen_disable_vrfy_command = yes postscreen_dnsbl_action = enforce postscreen_dnsbl_allowlist_threshold = -1 postscreen_dnsbl_sites = zen.spamhaus.org*2 postscreen_dnsbl_threshold = 2 postscreen_greet_action = enforce relayhost = mail.aussiebroadband.com.au smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/usr/local/etc/postfix/mail.abb.com.au smtp_sasl_security_options = noanonymous, noplaintext smtp_tls_CAfile = /usr/local/share/certs/ca-root-nss.crt smtp_tls_loglevel = 1 smtp_tls_security_level = may smtp_tls_session_cache_database = btree:/var/db/postfix/smtp_scache smtpd_client_connection_count_limit = 20 smtpd_client_connection_rate_limit = 60 smtpd_client_restrictions = permit_mynetworks, check_client_access cidr:/usr/local/etc/postfix/cal_cidr, reject_unknown_client_hostname, reject_unauth_pipelining, permit smtpd_delay_reject = yes smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, reject_unknown_helo_hostname, permit smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unverified_recipient, permit smtpd_relay_restrictions = permit_mynetworks, reject_unauth_destination, permit smtpd_sender_restrictions = permit_mynetworks, check_sender_access hash:/usr/local/etc/postfix/sender_access, reject_non_fqdn_sender, reject_unknown_sender_domain, permit strict_rfc821_envelopes = yes tls_random_source = dev:/dev/urandom unverified_recipient_reject_code = 550 virtual_mailbox_domains = hisdomain.com virtual_transport = lmtp:unix:/var/spool/postfix/private/dovecot-lmtp -- Thanks, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: [P-U] Re: The joke writes itself.
Friday, March 10, 2023, 5:54:02 PM, Viktor Dukhovni via Postfix-users wrote: > Sorry, I wasn't at all concerned about that, rather the less horizontal > space any tag takes, more subject I see without horizonal scrolling in > one-message per line mailbox presentations. I was also quite happy with > no tags at all. Likewise, To keep my mail client's threaded view sane I resorted to using header_checks: /^Subject: \[pfx\] (.*)$/ REPLACE Subject: $1 Probably not an intended use and horribly efficient but it works for me. (Assuming the [P-U] will fade away eventually.) -- Cheers, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[P-U] Re: The joke writes itself.
Friday, March 10, 2023, 9:09:02 AM, Wietse Venema via Postfix-users wrote: > Peter via Postfix-users: >> On 10/03/23 10:04, Dan Mahoney via Postfix-users wrote: >> > I know that P-U stands for postfix users. I get it that a short subject >> > tag was desired, but would [postfix] have been that much more distracting, >> > without adding the obvious third-grader label that might better be held by >> > qmail? >> >> Indeed, please consider changing it. > There are three tags because there are three lists: postfix-users, > postfix-devel, and postfix-announce. > I am subscribed to several mailing lists that have [uppercase > abbreviation] as their tag, and that works well. None of those tags > are more than 5 characters long. If I'd change anything I would > delete the '-' in the middle of the current tag. > Wietse Maybe it's just me but the tag seems to really confuses a threaded view that expects "Re: " to be first thing in the subject. -- Regards, Phil ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org