Hi,
I would like to introduce mail gopher, a new all-in-one, MIT-licensed
mail filter.
Mopher is designed to be lightweight, modular and extensible, has
several unique features and uses a very flexible and customizable
configuration syntax that is very similar to the common firewall
rule-lists
Alternative/additional approach:
smtp_fallback_relay_threshold_time (compare to
smtp_pix_workaround_threshold_time)
How long a message must be queued before the Postfix SMTP client
passes the mail to the smtp_fallback_relay.
A threshold would work, with the default of 0 meaning
forgot LDAP support?
suomi
On 2013-06-14 08:50, Manuel Badzong wrote:
Hi,
I would like to introduce mail gopher, a new all-in-one, MIT-licensed
mail filter.
Mopher is designed to be lightweight, modular and extensible, has
several unique features and uses a very flexible and customizable
On Fri, Jun 14, 2013 at 08:50:42AM +0200, Manuel Badzong wrote:
I would like to introduce mail gopher, a new all-in-one, MIT-licensed
mail filter.
How does it relate to Postfix? Postfix already does this with a bit of
help.
Mopher can:
+ tarpit hosts
Bad idea in userspace. Bad idea in
Hi,
currently we are experiencing problems with an incoming SMTP/TLS
connection. Remote side is an Ironport device, we are using postfix
2.8.13 on solaris 10. The problem exists only for incoming mails
(ironport to postfix), the other direction works fine. It happens for
both opportunistic (which
Jan P. Kessler:
Jun 14 10:24:47 rv-smtpext-101 postfix/smtpd[5847]: [ID 947731
mail.warning] warning: TLS library problem: 5847:error:0D0C50A1:asn1
encoding routines:ASN1_item_verify:unknown message digest
algorithm:a_verify.c:146:
Jun 14 00:31:58 rv-smtpext-201 postfix/smtpd[22673]: [ID
On Fri, Jun 14, 2013 at 12:08:00PM +0200, Bastian Blank wrote:
On Fri, Jun 14, 2013 at 08:50:42AM +0200, Manuel Badzong wrote:
I would like to introduce mail gopher, a new all-in-one, MIT-licensed
mail filter.
How does it relate to Postfix?
It's a milter that some people on this list
On Fri, Jun 14, 2013 at 12:24:39PM +0200, Jan P. Kessler wrote:
currently we are experiencing problems with an incoming SMTP/TLS
connection. Remote side is an Ironport device, we are using postfix
2.8.13 on solaris 10.
Please show postconf -n.
Jun 14 10:24:47 rv-smtpext-101
On Fri, Jun 14, 2013 at 11:55:27AM +0200, postfix wrote:
forgot LDAP support?
Yes. And probably other items too. It's really an open-end list..
Petar Bogdanovic
On Fri, Jun 14, 2013 at 12:37:11PM +0200, Petar Bogdanovic wrote:
On Fri, Jun 14, 2013 at 12:08:00PM +0200, Bastian Blank wrote:
On Fri, Jun 14, 2013 at 08:50:42AM +0200, Manuel Badzong wrote:
I would like to introduce mail gopher, a new all-in-one, MIT-licensed
mail filter.
How does it
Bastian Blank skrev den 2013-06-14 12:08:
+ PSL (by Mozilla, see http://publicsuffix.org/)
What is the use for this? This all is focused on web.
patch postfix to not accept mails with dns A/ records, there is
ignorants everywhere
--
senders that put my email into body content will
Jun 14 10:24:47 rv-smtpext-101 postfix/smtpd[5847]: [ID 197553
mail.info] certificate verification failed for
mail.dgverlag.de[145.253.80.6]: untrusted issuer
/C=IE/O=Baltimore/OU=CyberTrust/CN=Baltimore CyberTrust Root
Why do you check client certificates?
Because we authenticate/whitelist
On Fri, Jun 14, 2013 at 12:48:51PM +0200, Bastian Blank wrote:
On Fri, Jun 14, 2013 at 12:37:11PM +0200, Petar Bogdanovic wrote:
It's a milter that some people on this list might find useful.
So it only supports what the milter server can do.
Mopher is a milter (or mail filter) and the
On Fri, Jun 14, 2013 at 12:24:39PM +0200, Jan P. Kessler wrote:
Jun 14 10:24:47 rv-smtpext-101 postfix/smtpd[5847]: [ID 197553
mail.info] mail.dgverlag.de[145.253.80.6]: Untrusted:
subject_CN=DGVDEX.DGVERLAG.DE, issuer=VR IDENT SSL CA 2011,
Hello,
this is Semi-OT but since a lot of people run Postfix before Exchange I
hope to find some knowledge here. Also heads-up :-)
We have a couple of Exchange customers behind our frontend MX servers.
We don't turn them up until they have configured their HBT servers to
reject unknown
Signature Algorithm: sha256WithRSAEncryption
It looks your OpenSSL library does not enable this via
OpenSSL_add_ssl_algorithms().
The use of certificates with signature algorithms other than MD5
and SHA-1 is supposed to be negotiated via TLSv1.2, plain SSLv3/TLSv1
do not have a way to
On 14 June 2013 17:44, c cc sub...@gmail.com wrote:
Hi,
For the last few days, I noticed that our postfix server had crawl to a halt
due to some kind of email attack. As you can see below, there were a lot of
smtp connections. I was wondering if there is a way to stop this from
Postfix?
On Fri, Jun 14, 2013 at 05:53:03PM +0200, Jan P. Kessler wrote:
I would have expected SHA-2 support as of OpenSSL 1.0.0a.
Ok, so the problem seems to be clear. The system uses an ancient
openssl version (sunfreeware package):
libssl.so.0.9.8 = /usr/local/ssl/lib/libssl.so.0.9.8
On Fri, Jun 14, 2013 at 06:00:37PM +0200, Simon B wrote:
On 14 June 2013 17:44, c cc sub...@gmail.com wrote:
Hi,
For the last few days, I noticed that our postfix server had crawl to a halt
due to some kind of email attack. As you can see below, there were a lot of
smtp connections.
On Fri, 14 Jun 2013 17:10:16 +0200, Bernhard Schmidt be...@birkenwald.de
wrote:
This gets even worse when the mail has two recipients
... doesnotexist@ does not exist, t1@ does...
mail from: t...@test.de
250 2.1.0 Sender OK
rcpt to: doesnotex...@test.customer.de
250 2.1.5 Recipient OK
Am 14.06.2013 18:00, schrieb Simon B:
On 14 June 2013 17:44, c cc sub...@gmail.com wrote:
Hi,
For the last few days, I noticed that our postfix server had crawl to a halt
due to some kind of email attack. As you can see below, there were a lot of
smtp connections. I was wondering if there
Bernhard Schmidt:
This gets even worse when the mail has two recipients ... doesnotexist@
does not exist, t1@ does...
mail from: t...@test.de
250 2.1.0 Sender OK
rcpt to: doesnotex...@test.customer.de
250 2.1.5 Recipient OK
rcpt to: t...@test.customer.de
250 2.1.5 Recipient OK
data
wrt: mail_version = 2.10.0
I am trying to understand the cause/causes of these log lines:
1) postfix/postscreen[]: fatal: error [-30986] seeking
/var/lib/postfix/postscreen_cache.db: Success
2) postfix/master[4070]: warning: process
/usr/libexec/postfix/postscreen pid 4366 exit status 1
Robert Lopez:
I am trying to understand the cause/causes of these log lines:
1) postfix/postscreen[]: fatal: error [-30986] seeking
/var/lib/postfix/postscreen_cache.db: Success
Your Berkeley DB is screwed up.
Code fragment from src/util/dict_db.c:
/*
* Database lookup.
Hey All,
Please excuse my loose terminology in the following description as I barely
know what I'm doing.
I have a strange problem where I'm unable to send some mail from mailman using
a postfix installation on the same host.
I have postfix mail_version 2.8.4 I have users authenticating and
On 06/14/2013 11:08 PM, Ben Greenfield wrote:
Hey All,
Please excuse my loose terminology in the following description as I barely
know what I'm doing.
I have a strange problem where I'm unable to send some mail from mailman using
a postfix installation on the same host.
I have postfix
Simon B skrev den 2013-06-14 18:00:
/etc/postfix $netstat -plan | grep ':25' | grep ESTAB
tcp0 0 xx.xx.xx.xx:25 181.66.192.196:11798
ESTABLISHED
17329/smtpd
tcp0 0 xx.xx.xx.xx:25 77.42.140.151:54112
ESTABLISHED -
tcp0 0 xx.xx.xx.xx:25
On Fri, Jun 14, 2013 at 3:09 PM, Wietse Venema wie...@porcupine.org wrote:
Robert Lopez:
I am trying to understand the cause/causes of these log lines:
1) postfix/postscreen[]: fatal: error [-30986] seeking
/var/lib/postfix/postscreen_cache.db: Success
Your Berkeley DB is screwed up.
Hi everyone,
I just setup postfix on my server but I'm having a problem with TLS. I
have TLS configured, there are no errors in the log, but the server does
not announce TLS support.Here is the output relevant output from
'postconf -n', the full output is at the end of the message:
Ravindra Gupta // Viva skrev den 2013-06-13 21:02:
So how we will resolve the issue. Please let me know for your
valuable suggestion.
http://www.postfix.org/ADDRESS_VERIFICATION_README.html#Recipient
address verification
frontend accept and bounce problems
--
senders that put my email
wie...@porcupine.org skrev den 2013-06-13 21:32:
Ravindra Gupta // Viva:
Jun 12 20:29:27 ems31 postfix/smtp[1816]: CC78D22400E:
to=test.example.com, relay=imap.eemail.example.com[10.0.0.125]:25,
delay=0.86, delays=0.01/0/0.42/0.42, dsn=5.0.0, status=bounced (host
Robert Lopez:
1) postfix/postscreen[]: fatal: error [-30986] seeking
/var/lib/postfix/postscreen_cache.db: Success
Wietse:
Your Berkeley DB is screwed up.
Code fragment from src/util/dict_db.c:
status =
dict_db-cursor-c_get(dict_db-cursor, db_key, db_value,
db_function);
Nabil Alsharif skrev den 2013-06-15 01:57:
please disable html
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtp_ is for sending
smtpd_banner = $myhostname ESMTP
smtpd_recipient_restrictions = permit_mynetworks
reject_unauth_destination
smtpd_tls_CAfile =
Nabil Alsharif:
Hi everyone,
I just setup postfix on my server but I'm having a problem with TLS. I
have TLS configured, there are no errors in the log, but the server does
not announce TLS support.Here is the output relevant output from
'postconf -n', the full output is at the end of
wie...@porcupine.org skrev den 2013-06-15 02:36:
My advice is to avoid installing multiple Berkeley DB copies, and
to use the Berkeley DB that comes with the operating system.
locate postfix/postscreen
ldd result-path
will show the problem why it fails
under gentoo its ldd
On 06/15/2013 02:38 AM, Benny Pedersen wrote:
Nabil Alsharif skrev den 2013-06-15 01:57:
please disable html
My bad..
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtp_ is for sending
Ok so these two options are telling Postfix to check if STARTTLS is
offered by the peer and
On 06/15/2013 02:39 AM, Wietse Venema wrote:
Have you looked at all the warning messages in the maillog file?
Yes I have, there are no errors or warnings. 'postfix check' doesn't
return any warnings or errors either.
On Sat, Jun 15, 2013 at 01:57:12AM +0200, Nabil Alsharif wrote:
I just setup postfix on my server but I'm having a problem with
TLS. I have TLS configured, there are no errors in the log, but
the server does not announce TLS support.Here is the output
relevant output from 'postconf -n', the
Nabil Alsharif skrev den 2013-06-15 02:59:
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtp_ is for sending
Ok so these two options are telling Postfix to check if STARTTLS is
offered by the peer and use TLS if available, right?
correct
smtpd_banner = $myhostname ESMTP
/dev/rob0 skrev den 2013-06-15 03:22:
What you showed us should have announced STARTTLS. I would guess the
problem is related to the single file certificate+key+CAs. Since you
mentioned upthread that no errors are logged, check your syslogd (try
restarting it.) These errors would be logged.
Am Samstag, 15. Juni 2013, 03:45:02 schrieb Benny Pedersen:
Nabil Alsharif skrev den 2013-06-15 02:59:
smtpd_tls_auth_only = yes
this disable starttls since we already is using ssl/tls now
huh? This part I don't quite understand. How are we disabling TLS?
Where was it enabled
Jan Kohnert skrev den 2013-06-15 03:58:
Well, no, it disables AUTH without tls/ssl but not STARTTLS, IIRC.
starttls have nothing to do with auth or not
auth users can still send plain passwords over unsecured smtpd client
connections, starttls just secure there passwords, so tcpdumpers cant
On Sat, Jun 15, 2013 at 03:45:02AM +0200, Benny Pedersen wrote:
Nabil Alsharif skrev den 2013-06-15 02:59:
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtp_ is for sending
Ok so these two options are telling Postfix to check if STARTTLS
is offered by the peer and use TLS if
/dev/rob0 skrev den 2013-06-15 05:27:
I think the OP will have to fix the logging problem before we can
solve this issue.
it would be more relative simple to use more default settings, if OP is
unsure what to do
sorry if i write it such it could be missunderstandelble :(
--
senders that
44 matches
Mail list logo
