access map fallthrough - prevent lookup of IP address

Hi list! I'm trying to do some complicated things with a postfix access map, of the regexp type: ... check_client_access regexp:/etc/postfix/maps/client.regexp ... When a connection is made, first the client hostname and then the client IP address are looked up in the map. If on the f

Re: Mails rejected due to SPF?

Am 31.05.2016 um 21:03 schrieb A. Schulze: Am 31.05.2016 um 19:09 schrieb Johannes Bauer: Hello list, I know this is a bit off-topic, but I'm not sure if I misconfigured Postfix to result in this: Just today, an email of mine was rejected due to SPF reasons: host mx-ha03.web.de[212.227.15

Re: postscreen whitelist

On Tue, May 31, 2016 at 7:24 PM, Michael Orlitzky wrote: > On 05/31/2016 08:16 PM, Terry Barnum wrote: > > > > Since web.com probably has a fleet of mail servers, do I need to find > and enter all their IPs into my postscreen_access.cidr? Is there an easier > way? > > > > That's generally what yo

Re: postscreen whitelist

On 05/31/2016 08:16 PM, Terry Barnum wrote: > > Since web.com probably has a fleet of mail servers, do I need to find and > enter all their IPs into my postscreen_access.cidr? Is there an easier way? > That's generally what you have to do. Postscreen is meant to catch the most obvious offenders

postscreen whitelist

I have a subcontractor who uses web.com as his email provider. Some of their outgoing servers are listed on sorbs.net and postscreen (correctly) rejects this emails but I would like to be able to receive his email. May 31 15:16:40 mail postfix/postscreen[36888]: NOQUEUE: reject: RCPT from [209.

Re: postfix password authorisation not working

* Zalezny Niezalezny : > Hi, > > I just woudl like to know what I`m doing wrong. > I read postfix documentation several times and I configured SASL > authentication exacly as it was described. But even with this I do not see > in the telnet output lines similar to this > > 250-AUTH DIGEST-MD5 PLA

postfix password authorisation not working

Hi, I just woudl like to know what I`m doing wrong. I read postfix documentation several times and I configured SASL authentication exacly as it was described. But even with this I do not see in the telnet output lines similar to this 250-AUTH DIGEST-MD5 PLAIN CRAM-MD5 This is my telnet output:

Re: Mails rejected due to SPF?

Am 31.05.2016 um 19:09 schrieb Johannes Bauer: Hello list, I know this is a bit off-topic, but I'm not sure if I misconfigured Postfix to result in this: Just today, an email of mine was rejected due to SPF reasons: host mx-ha03.web.de[212.227.15.17] said: 550-Requested action not taken: mai

Re: Is there a Check my IPv6 Email server out there anywhere?

Thanks everyone, I'm on the hunt for what I've done wrong. I seem to be getting conflicting IPv6 addresses which isn't helping Thanks Robert Sent from my iPad On 31 May 2016, at 19:40, Steve Wardle wrote: >> On 31 May 2016, at 14:36, Robert Chalmers wrote: >> >> I have a message for en.inte

Re: Is there a Check my IPv6 Email server out there anywhere?

> On 31 May 2016, at 14:36, Robert Chalmers wrote: > > I have a message for en.internet.nl advising me that > “Modern internet address? Not reachable or improvements possible (IPv6)” > -> > "Unfortunately, this e-mail domain can not be reached by senders using modern > IPv6 addresses or there

Re: Mails rejected due to SPF?

I too face this problem, though all rejected mail comes back from gmail accounts. Something to do with spf and ipv6, I'm still trying to track down the problem. Robert - From my iPhone. > On 31 May 2016, at 6:09 pm, Johannes Bauer wrote: > > Hello list, > > I know this is a bit off-top

Mails rejected due to SPF?

Hello list, I know this is a bit off-topic, but I'm not sure if I misconfigured Postfix to result in this: Just today, an email of mine was rejected due to SPF reasons: host mx-ha03.web.de[212.227.15.17] said: 550-Requested action not taken: mailbox unavailable 550-Reject due to SPF policy. 550-

Re: Config Delivery ?

Olivier CALVANO: > Hi > > on logs of postfix, we have: > > 2016 May 31 17:50:10 spam postfix/error[5341]: 6E33430568A1: to=<...>, > relay=none, delay=0.18, delays=0.14/0.01/0/0.03, dsn=4.4.1, status=deferred > (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: > Connection re

SV: Different SMTP AUTH options and credentials for different clients

You would need to use a firewall for this. Use master.cf to define 3 different SMTP servers, that implements the 3 different rulesets and different credentials files. So for example, you set up 3 servers, One at port 26 that allows relaying without authentication. One at port 27 that allows AUTH P

Re: Different SMTP AUTH options and credentials for different clients

On Tue, May 31, 2016 at 05:04:33PM +0100, Rob Maidment wrote: > How can I implement this in the Postfix SMTP server? > > For certain client IP addresses no authentication is required and the > EHLO response should not advertise the AUTH option. smtpd_discard_ehlo_keyword_address_maps (au

Different SMTP AUTH options and credentials for different clients

How can I implement this in the Postfix SMTP server? For certain client IP addresses no authentication is required and the EHLO response should not advertise the AUTH option. For a second set of client IP addresses authentication is required and the EHLO response should advertise AUTH PLAIN. For

Config Delivery ?

Hi on logs of postfix, we have: 2016 May 31 17:50:10 spam postfix/error[5341]: 6E33430568A1: to=<...>, relay=none, delay=0.18, delays=0.14/0.01/0/0.03, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused) Where is the config val

Re: Is there a Check my IPv6 Email server out there anywhere?

On 2016-05-31 15:36, Robert Chalmers wrote: I have a message for en.internet.nl [1] advising me that “Modern internet address? Not reachable or improvements possible (IPv6)” -> "Unfortunately, this e-mail domain can NOT be reached by senders using modern IPv6 addresses or there is an error in i

Re: how to replicate Sendmail TLS certificate validation

> On May 31, 2016, at 10:16 AM, Viktor Dukhovni > wrote: > >main.cf: > smtpd_client_restrictions = > cidr = cidr:${config_directory}/ > check_client_access ${cidr}clnt-access Oops, bad syntax, that should be: main.cf: cidr = cidr:${config_directory}/

Re: how to replicate Sendmail TLS certificate validation

> On May 31, 2016, at 10:01 AM, Rob Maidment wrote: > > I have clients where I'd like to replace Sendmail with Postfix however > they have incoming mail requirements that prevent this, as far as I > can tell. These are not so much to do with certificate validation but > more fundamentally wheth

Re: how to replicate Sendmail TLS certificate validation

Thank you Wietse and Viktor for your in-depth responses. It seems to me that the Postfix SMTP client has all the TLS options of Sendmail and then some, however the Postfix SMTP server does not offer the same level of granularity as Sendmail when it comes to applying TLS to incoming connections. I

Is there a Check my IPv6 Email server out there anywhere?

I have a message for en.internet.nl advising me that “Modern internet address? Not reachable or improvements possible (IPv6)” -> "Unfortunately, this e-mail domain can not be reached by senders using modern IPv6 addresses or there is an error in its configuration. It is

Re: Postfix Ignoring Exit Status Code

Brad S Konia: > The last line in the myrelay script is an exit command, either > exit(0) or exit(77), etc... I also tried outputting an enhanced > status code like 5.X.X prior to the exit statement, but it seemed > to make no difference. As documented in the pipe(8) manpage: In the case of a N