On 2/17/2017 1:24 PM, Marek Kozlowski wrote:
> On 02/17/2017 08:09 PM, Noel Jones wrote:
>> On 2/17/2017 12:53 PM, Marek Kozlowski wrote:
>>> When smithj authenticates via SASL to my server and sends e-mail from
>>> `smi...@something.com' locally or remotely I'd like to replace it to
>>> `j.sm...@s
> On Feb 17, 2017, at 5:33 PM, Chris Green wrote:
>
> OK, so the older version is using SMTP STARTTLS which runs on port 587
This is how TLS has worked in MTA-to-MTA SMTP for the last > 15 years.
https://tools.ietf.org/html/rfc3207
> and the newer (>=3) version is using TLS directly o
On Fri, Feb 17, 2017 at 05:24:54PM -0500, Viktor Dukhovni wrote:
>
> > On Feb 17, 2017, at 10:43 AM, Chris Green wrote:
> >
> > Ah, I've maybe just spotted the reason, smtp_tls_wrappermode is new in
> > postfix 3, is that what makes the difference?
>
> Yes.
>
> > I'd still like a simple explan
> On Feb 17, 2017, at 10:43 AM, Chris Green wrote:
>
> Ah, I've maybe just spotted the reason, smtp_tls_wrappermode is new in
> postfix 3, is that what makes the difference?
Yes.
> I'd still like a simple explanation though! :-)
That's the simple explanation. SMTP directly over TLS requires
On 2017-02-17 (12:38 MST), "Fazzina, Angelo" wrote:
>
> I thought the master.cf file is where you config what protocol to listen for ?
He is SENDING outbound mail to his upstream, not listening for incoming mail.
As for the original post, 587 is the right port to use anyway, so ignore your
ISP
On 17/02/17 12:46, L.P.H. van Belle wrote:
> Hai,
Hi, Louis.
> It all depends all in what you need and want.
>
> After monitoring for about a year on with or without encryption.
> I have 0 unecrypted mail servers found and a handfull of SSLv2 or V3.
> Which i simply dont allow anymore. ( T
On Fri, Feb 17, 2017 at 07:35:42PM +, Chris Green wrote:
> [snip long message]
>
> Sorry about the duplicate, you can see I really am having trouble with
> my E-Mail! :-)
>
... and I'm talking rubbish anyway, I've got two subscriptions! Aarrgghh!!
--
Chris Green
On 17 February 2017 at 19:38, Fazzina, Angelo wrote:
> Hi,
> I thought the master.cf file is where you config what protocol to listen for ?
>
> Submission or SMTPS
>
> I'm no expert either, just curious what your setup is.
> -ALF
>
> -Angelo Fazzina
> Operating Systems Programmer / Analyst
> Univ
Hi,
I thought the master.cf file is where you config what protocol to listen for ?
Submission or SMTPS
I'm no expert either, just curious what your setup is.
-ALF
-Angelo Fazzina
Operating Systems Programmer / Analyst
University of Connecticut, UITS, SSG, Server Systems
860-486-9075
-Or
[snip long message]
Sorry about the duplicate, you can see I really am having trouble with
my E-Mail! :-)
--
Chris Green
I am running postfix 3.1.0 on an xubuntu 16.04 system and postfix 2.9.6
on a Raspberry Pi running Debian.
They seem to act very differently as regards the use of ports 465 and
587 and I'd like things clarified so I can understand better.
I use both postfix installations to send outgoing E-Mail (i
On 02/17/2017 08:09 PM, Noel Jones wrote:
> On 2/17/2017 12:53 PM, Marek Kozlowski wrote:
>> When smithj authenticates via SASL to my server and sends e-mail from
>> `smi...@something.com' locally or remotely I'd like to replace it to
>> `j.sm...@sth.com'. But if mail form `smi...@something.com' is
On 2/17/2017 12:53 PM, Marek Kozlowski wrote:
> When smithj authenticates via SASL to my server and sends e-mail from
> `smi...@something.com' locally or remotely I'd like to replace it to
> `j.sm...@sth.com'. But if mail form `smi...@something.com' is received
> from remote SMTP hosts any address
On 02/17/2017 07:41 PM, Noel Jones wrote:
> On 2/17/2017 12:04 PM, Marek Kozlowski wrote:
>> I'm searching for a possibbility of rewriting (senders') addresses only
>> for all mail originating from my system - no matter if it is local or
>> remote delivery. I mean: rewriting sender's address for ma
> On Feb 17, 2017, at 1:04 PM, Marek Kozlowski
> wrote:
>
> I'm searching for a possibbility of rewriting (senders') addresses only
> for all mail originating from my system - no matter if it is local or
> remote delivery. I mean: rewriting sender's address for mail from SASL
> authenticated us
On 2/17/2017 12:04 PM, Marek Kozlowski wrote:
> I'm searching for a possibbility of rewriting (senders') addresses only
> for all mail originating from my system - no matter if it is local or
> remote delivery. I mean: rewriting sender's address for mail from SASL
> authenticated users and leaving
:-)
"The optional generic(5) table specifies an address mapping that applies
when mail is delivered. This is the opposite of canonical(5) mapping,
which applies when mail is received."
(http://www.postfix.org/generic.5.html)
Nice...
"With the smtp_generic_maps parameter you can specify generic
On Fri, Feb 17, 2017 at 12:44:35PM -0300, Daniel Bareiro wrote:
Do not confuse opportunistic TLS in SMTP with browser to webserver
TLS in HTTPS. In the name of improving security such settings make
your MTA less secure. There are still many systems that can only
do TLS 1.0 and not TLS 1.1 or TLS
Nikolaos Milas:
> On 17/2/2017 4:12 ??, Wietse Venema wrote:
>
> > You missed the preceding warning that says why.
> >
> > - The server greets with the same hostname (in the 220 line)
> > as the client wants to use (in the EHLO cdommand).
> >
> > - The server IP address matches $mydestination or $
* Nikolaos Milas 2017.02.17 15:59:
>hesperia-space.eu relay:[vmail.noa.gr]
>
> line, but even when I added it and restarted postfix (service postfix
> restart), it wouldn't work.
transport_maps = hash:/etc/postfix/transportmap
You need to run postmap on a hashed map for it to take effect
Hai,
It all depends all in what you need and want.
After monitoring for about a year on with or without encryption.
I have 0 unecrypted mail servers found and a handfull of SSLv2 or V3.
Which i simply dont allow anymore. ( The sslv2/v3 )
Due to the dutch "Privacy laws" users are oblgated to
On 17/02/17 11:43, Fazzina, Angelo wrote:
> Hi,
Hi, Angelo.
Thanks for your prompt reply.
> Here is how I am dealing with "weak ciphers"
> You may be able to do the same type of config ?
>
>
> In /etc/postfix/main.cf
>
>
> # -ALF 2016-09-07
> # disable RC4 ciphers with TLS connections.
> #
On 17 February 2017 at 14:43, Fazzina, Angelo wrote:
> Hi,
> Here is how I am dealing with "weak ciphers"
> You may be able to do the same type of config ?
>
>
> In /etc/postfix/main.cf
>
>
> # -ALF 2016-09-07
> # disable RC4 ciphers with TLS connections.
> #smtpd_tls_exclude_ciphers = RC4, aNULL
On 17/2/2017 4:12 μμ, Wietse Venema wrote:
You missed the preceding warning that says why.
- The server greets with the same hostname (in the 220 line)
as the client wants to use (in the EHLO cdommand).
- The server IP address matches $mydestination or $proxy_interfaces.
Thanks Wietse,
I di
Hi,
Here is how I am dealing with "weak ciphers"
You may be able to do the same type of config ?
In /etc/postfix/main.cf
# -ALF 2016-09-07
# disable RC4 ciphers with TLS connections.
#smtpd_tls_exclude_ciphers = RC4, aNULL
# -ALF 2017-01-09
# disable weak ciphers, and RC4 ciphers
smtpd_tls_excl
Hi all!
I'm using Debian GNU/Linux Jessie 8.7 with Postfix 2.11.3-1.
I would like to know what you think of the security settings suggested
here [1] for Postfix.
I have tested it against this [2] site, but it seems that fails to
discard other ciphers; on "Weak ciphers" I get "supported
RSA_WITH_
Nikolaos Milas:
> Hello,
>
> I have been using the following config without problems, but after I
> added the domain: hesperia-space.eu, mail to the new domain becomes
> undelivered with the error (example from one attempt to send mail):
>
> Feb 17 15:21:38 mailgw3 postfix/smtpd[17664]: NOQUEUE
On 12/02/17 15:06, Wietse Venema wrote:
> Last month it was 20 years ago that I started writing Postfix code.
> After coming to IBM research in November 1996, I spent most of
> December and January making notes on paper. I knew that writing a
> mail system was more work than any of my prior projec
Hello,
I have been using the following config without problems, but after I
added the domain: hesperia-space.eu, mail to the new domain becomes
undelivered with the error (example from one attempt to send mail):
Feb 17 15:21:38 mailgw3 postfix/smtpd[17664]: NOQUEUE: reject: RCPT from
mail-wr
29 matches
Mail list logo
