Hm, there must be a disconnect.
I did read it, it sounded logical, I implemented it, and then my tests
worked.
I have:
smtpd_sender_login_maps = mysql:/etc/postfix/mysql_sender_login_maps.cf
smtpd_recipient_restrictions =
reject_sender_login_mismatch,
permit_mynetworks,
permit_sasl_
Le 31/01/2011 01:17, Daniel Bromberg a écrit :
> Brilliant, reject_sender_login_mismatch is the perfect level of
> flexibility and is working now. I can add whatever authorizations I
> need to my virtual user table in the DB, in a separate column if need
> be. (right now I'm using the trivial matc
Noel, Thanks again, points acknowledged. I can't figure out how to edit
the From: in Thunderbird without simultaneously changing the envelope
value, but that's just one client among many.
Re: the From:/Reply-To cases: It seems one can write a better regexp
then given by mouss, such as includin
2011/1/31 varad gupta :
>
> But then, is postfix not running the same risk as "sendmail" ?
Sendmail is not a security risk. These are old horror stories. Why use big
companies like IBM or Red Hat still sendmail when postfix is supposed to be so
much safer? Why is sendmail the default MTA on Sola
On Jan 30, 2011, at 6:50 PM, Chris Tandiono wrote:
> On 30 Jan 2011, at 18:46 , Victor Duchovni wrote:
>
>> On Mon, Jan 31, 2011 at 08:02:28AM +0530, varad gupta wrote:
>>
>>> Thanx for all the replies - I now understand the reason for master
>>> daemon to run with superuser privileges. They we
On 1/30/2011 6:17 PM, Daniel Bromberg wrote:
Conceivably, someone could hack a non-standard e-mail client
to use the SASL name in the MAIL FROM, but tweak the 'From: '
line to anything they like (although the MAIL FROM would
appear in the Return-Path / Sender fields), and this is harder
to stop,
On 30 Jan 2011, at 18:46 , Victor Duchovni wrote:
> On Mon, Jan 31, 2011 at 08:02:28AM +0530, varad gupta wrote:
>
>> Thanx for all the replies - I now understand the reason for master
>> daemon to run with superuser privileges. They were really helpful.
>>
>> But then, is postfix not running th
Varad,
I may be talking out of turn as I am fairly new to Postfix, but I think
we need to distinguish between a *practical* risk and a *theoretical* risk.
Theoretically, any software that runs as root, sufficiently attacked,
could be used to compromise an entire system. The sufficient attack
On Mon, Jan 31, 2011 at 08:02:28AM +0530, varad gupta wrote:
> Thanx for all the replies - I now understand the reason for master
> daemon to run with superuser privileges. They were really helpful.
>
> But then, is postfix not running the same risk as "sendmail" ?
No.
> Does it mean, that unle
On Sun, Jan 30, 2011 at 05:36:00PM -0500, Wietse Venema wrote:
> The following is the simplest example that uses virtual_alias_maps
> to deflect unknown users to the MS Exchange mailserver, and that
> uses reject_unverified_recipient to find out if those users exist.
> Postfix 2.7 and later automa
Thanx for all the replies - I now understand the reason for master
daemon to run with superuser privileges. They were really helpful.
But then, is postfix not running the same risk as "sendmail" ?
As a student, I was told that sendmail is a single monolithic binary,
performing all its functions a
Port 587 has been invented for this very purpose ;)
On 30/01/11 21:31, Daniel Bromberg wrote:
Hi,
I've recently started using postfix several weeks ago to run my e-mail
services. Using spamassassin/spamd, greylists/SQLgrey, several RBLs,
multiple domains, virtual users against MySQL tables in
Brilliant, reject_sender_login_mismatch is the perfect level of
flexibility and is working now. I can add whatever authorizations I
need to my virtual user table in the DB, in a separate column if need
be. (right now I'm using the trivial match of = login name>)
Importantly, if it's not a SA
Le 30/01/2011 22:31, Daniel Bromberg a écrit :
> Hi,
>
> I've recently started using postfix several weeks ago to run my e-mail
> services. Using spamassassin/spamd, greylists/SQLgrey, several RBLs,
> multiple domains, virtual users against MySQL tables in multiple
> domains, so somewhat knowledge
Le 31/01/2011 00:09, Steve Jenkins a écrit :
> On Sat, Jan 29, 2011 at 1:23 PM, mouss wrote:
>> Le 29/01/2011 22:19, David Touzeau a écrit :
>>> Dear
>>>
>>> I would like to tune postfix smtp sender according specific destination
>>> domains eg number of connexions, number of email per seconds, qu
Steve Jenkins:
> So for example, let's say I wanted to limit outgoing mail to yahoo.com
> to 10 simultaneous connections and 20 emails per second. In master.cf
> I'm presuming I put:
>
> yahoosmtp ? ? ?unix ?- ? ? ? - ? ? ? n ? ? ? - ? ? ? - ? ? ? smtp
To limit the concurrency to 10:
/etc/postfi
On Sat, Jan 29, 2011 at 1:23 PM, mouss wrote:
> Le 29/01/2011 22:19, David Touzeau a écrit :
>> Dear
>>
>> I would like to tune postfix smtp sender according specific destination
>> domains eg number of connexions, number of email per seconds, queue life
>> time
>>
>> Is there any documentation on
On 1/30/2011 3:31 PM, Daniel Bromberg wrote:
Hi,
I've recently started using postfix several weeks ago to run
my e-mail services. Using spamassassin/spamd,
greylists/SQLgrey, several RBLs, multiple domains, virtual
users against MySQL tables in multiple domains, so somewhat
knowledgeable, but mo
Dominik Schulz:
> Hi,
>
> I'm currently planning to migrate an Exim mailserver to Postfix due to
> performance issues and security concerns.
>
> The only remaining open issue is something I'd like to call selective relaying
> - please provide a more apt name if there is one.
I can try, if you c
On 1/30/2011 3:57 PM, Dominik Schulz wrote:
Hi,
I'm currently planning to migrate an Exim mailserver to Postfix due to
performance issues and security concerns.
The only remaining open issue is something I'd like to call selective relaying
- please provide a more apt name if there is one.
The
Hi,
I'm currently planning to migrate an Exim mailserver to Postfix due to
performance issues and security concerns.
The only remaining open issue is something I'd like to call selective relaying
- please provide a more apt name if there is one.
The Exim mailserver is configured to handle seve
Hi,
I've recently started using postfix several weeks ago to run my e-mail
services. Using spamassassin/spamd, greylists/SQLgrey, several RBLs,
multiple domains, virtual users against MySQL tables in multiple
domains, so somewhat knowledgeable, but mostly not.
One of the companies I administ
On Sun, Jan 30, 2011 at 05:22:39PM +0530, varad gupta wrote:
> Is it not a risk running master as root (the same reason for running
> other processes as unprivileged) ?
No, quite the opposite. It takes privileges to "drop" privileges. A well
designed system (such as Postfix) is *more* secure by
jason hirsh:
> my mistake i was cutting and paste from some some advise and copies
> the typo
>
> spaces are bad in postfix
>
> now to see if postgre wil actually learn this time so far no
As configured, postgrey is not used for clients in "mynetworks"
or for clients that use SASL authenticat
my mistake i was cutting and paste from some some advise and copies
the typo
spaces are bad in postfix
now to see if postgre wil actually learn this time so far no
Begin forwarded message:
From: Wietse Venema
Date: January 30, 2011 12:41:56 PM AST
To: jason hirsh
Cc: postfix-users@postfi
jason hirsh:
> smtpd_recipient_restrictions = permit
Right, all mail passes because you have "permit" first.
Wietse
OK after some work I have postgrey running but it doesn't appear to be
doing "mail stuff" with postfix
I am running postfix 2.8 clamav amavid-new dovecot
my rc.conf
postgrey_enable="YES"
postgrey_pidfile="/var/run/postgrey.pid"
postgrey_flags="--pidfile=${postgrey_pidfile} --inet=127.0.0.1:
On Sun, 30 Jan 2011 07:19:48 +0200, Jaques Cochet
wrote:
> I'm currently using qmail with ezmlm maillist manager. I intent to
> move to postfix, and i'm looking for a mail list manager that stores
> maillists subscribers in mysql databse, includes posting permissions,
> and can handle several hun
On Sun, 30 Jan 2011 07:19:48 +0200, Jaques Cochet
wrote:
I'm currently using qmail with ezmlm maillist manager. I intent to
move to postfix, and i'm looking for a mail list manager that stores
maillists subscribers in mysql databse, includes posting permissions,
and can handle several hund
varad gupta:
> Hi
>
> A colleague asked me a question to which I had not given much thought before.
>
> We all know that most postfix daemons/services run as unpriviliged
> users (apart from local and virtual) but the master daemon runs with
> root privileges?
>
> Is it not a risk running master
Jerrale G:
> -- Well it seems if we cant UNDERSTAND the man pages completely that we
> shouldnt expect clarification. PCRE is NOT perl even though it uses
> perl; therefore, we cannot use it and require your man pages to do so.
Pcre does not use Perl code.
> Since your man pages give NO exampl
On Sun, 30 Jan 2011 07:19:48 +0200, Jaques Cochet
wrote:
> I'm currently using qmail with ezmlm maillist manager. I intent to
> move to postfix, and i'm looking for a mail list manager that stores
> maillists subscribers in mysql databse, includes posting permissions,
> and can handle several hun
* varad gupta :
> Hi
>
> A colleague asked me a question to which I had not given much thought before.
That happens from time to time :)
> We all know that most postfix daemons/services run as unpriviliged
> users (apart from local and virtual) but the master daemon runs with
> root privileges?
Hi
A colleague asked me a question to which I had not given much thought before.
We all know that most postfix daemons/services run as unpriviliged
users (apart from local and virtual) but the master daemon runs with
root privileges?
Is it not a risk running master as root (the same reason for r
34 matches
Mail list logo
