Re: Issue with SASL authentication

Hi again. On 24/05/17 17:46, Daniel Bareiro wrote: > Maybe this question is not 100% about Postfix, but it is related. I am > configuring a Postifx server with SASL authentication. > > When I do a test to authenticate, I get an error: > >

Re: Relay access denied

> On May 24, 2017, at 5:05 PM, alexvojproc wrote: > > smtpd_tls_cert_file=/etc/letsencrypt/live/REDACTED/fullchain.pem > smtpd_tls_key_file=/etc/letsencrypt/live/REDACTED/privkey.pem > smtpd_use_tls=yes The non-obsolete setting is: smtpd_tls_security_level

Multiple recipients in BCC will not relay if it contains one bad email address.

Hi Everyone first time posting, I am hoping you can help me. We have an issue when an email sent to multiple emails via BCC is deleted if an invalid email address is in the list. The email is discarded all together and I don't see any logs other then the bounces. They need to send via BCC for

Re: Relay access denied

I forgot to add log info (although there's nothing particularly useful): May 24 19:39:22 server postfix/smtpd[2506]: connect from REDACTED May 24 19:39:22 server postfix/smtpd[2506]: NOQUEUE: reject: RCPT from REDACTED: 454 4.7.1 : Relay access denied;

Relay access denied

I have a Google Compute VM that I would like to use as a mail server. However, outgoing ports 25, 465, and 587 are blocked so I must use a third-party mail service. I followed the instructions for Mailjet , but I changed inet_interfaces to all. I have

Issue with SASL authentication

Hi all! Maybe this question is not 100% about Postfix, but it is related. I am configuring a Postifx server with SASL authentication. When I do a test to authenticate, I get an error: -- root@server2:~# saslpasswd2 -c daniel

Re: TLS warning

Viktor, LazyG This is not nonsense, as I learned something from it. Now I will go and check whether it is enabled. And thanks for mentioning foundations and family etc. That is also useful. Maybe we should be a bit more polite to other folks in the list, we are mostly 'in the same boat'.

Re: Why am I accepting this email?

D'Arcy Cain: > On 2017-05-24 11:11 AM, Wietse Venema wrote: > >> I still don't understand why I accepted the email anyway. The user > >> didn't exist. > > > > Because relay recipients are blocked only when relay_recipient_maps > > lists the 'valid' recipients; this is not a required setting. >

Re: Why am I accepting this email?

> On May 24, 2017, at 11:17 AM, D'Arcy Cain wrote: > >> Because relay recipients are blocked only when relay_recipient_maps >> lists the 'valid' recipients; this is not a required setting. > > So would this setting make sense? > > relay_recipient_maps = $virtual_maps,

Re: TLS warning

> On May 24, 2017, at 5:41 AM, li...@lazygranch.com wrote: > > ‎You shouldn't be accepting sslv3 due to the poodle attack. > > https://en.m.wikipedia.org/wiki/POODLE > > A search should indicate what to change to reject sslv3. > > Of course there still could be other things that need fixing.

Re: Why am I accepting this email?

--On May 24, 2017 at 9:25:30 AM -0400 D'Arcy Cain wrote: The following is in my logs. I have no server called nan.vex.net and no user called aida.wanda. I don't see anything in main.cf that looks like a wild card entry. Can anyone suggest why I would be accepting this message

Re: Why am I accepting this email?

D'Arcy Cain skrev den 2017-05-24 17:17: On 2017-05-24 11:11 AM, Wietse Venema wrote: I still don't understand why I accepted the email anyway. The user didn't exist. Because relay recipients are blocked only when relay_recipient_maps lists the 'valid' recipients; this is not a required

Re: Why am I accepting this email?

On 2017-05-24 11:11 AM, Wietse Venema wrote: I still don't understand why I accepted the email anyway. The user didn't exist. Because relay recipients are blocked only when relay_recipient_maps lists the 'valid' recipients; this is not a required setting. So would this setting make sense?

Re: Why am I accepting this email?

D'Arcy Cain: > On 2017-05-24 09:53 AM, Wietse Venema wrote: > > D'Arcy Cain: > >> On 2017-05-24 09:30 AM, Benny Pedersen wrote: > >>> D'Arcy Cain skrev den 2017-05-24 15:25: > The following is in my logs. > >>> > >>> provide postconf -n to get more help > >> > >> I knew I forgot something. >

Re: Why am I accepting this email?

On 2017-05-24 09:53 AM, Wietse Venema wrote: D'Arcy Cain: On 2017-05-24 09:30 AM, Benny Pedersen wrote: D'Arcy Cain skrev den 2017-05-24 15:25: The following is in my logs. provide postconf -n to get more help I knew I forgot something. Postfix before 3.0 by default accepts for relay

Re: Why am I accepting this email?

D'Arcy Cain: > On 2017-05-24 09:30 AM, Benny Pedersen wrote: > > D'Arcy Cain skrev den 2017-05-24 15:25: > >> The following is in my logs. > > > > provide postconf -n to get more help > > I knew I forgot something. Postfix before 3.0 by default accepts for relay all domains listed in

Re: Why am I accepting this email?

On 2017-05-24 09:30 AM, Benny Pedersen wrote: D'Arcy Cain skrev den 2017-05-24 15:25: The following is in my logs. provide postconf -n to get more help I knew I forgot something. -- D'Arcy J.M. Cain System Administrator, Vex.Net http://www.Vex.Net/ IM:da...@vex.net VoIP: sip:da...@vex.net

Re: Why am I accepting this email?

D'Arcy Cain skrev den 2017-05-24 15:25: The following is in my logs. provide postconf -n to get more help

Why am I accepting this email?

The following is in my logs. I have no server called nan.vex.net and no user called aida.wanda. I don't see anything in main.cf that looks like a wild card entry. Can anyone suggest why I would be accepting this message in the first place? I really don't want to back-scatter. May 22 20:11:59

Recipient Restrictions

Hi all, is it possible to have restrictions that apply to certain users only with postfix ? For example I want some users not to be able to send or receive messages more than 2MB in size . Can it be done ? George

Re: TLS warning

The industry/market/whatever decided the best practice was to stop using ssl3.   This wasn't my call.  Postfix conf file instructions here as well as more information why to stop using it. http://disablessl3.com/   Original Message   From: Bastian Blank Sent: Wednesday, May 24, 2017 5:55 AM

Re: TLS warning

Hi Lists On Wed, May 24, 2017 at 02:41:01AM -0700, li...@lazygranch.com wrote: > ‎You shouldn't be accepting sslv3 due to the poodle attack. > https://en.m.wikipedia.org/wiki/POODLE Please explain how exactly SMTP is exploitable using POODLE? Bastian -- Worlds are conquered, galaxies

Re: TLS warning

‎You shouldn't be accepting sslv3 due to the poodle attack. https://en.m.wikipedia.org/wiki/POODLE A search should indicate what to change to reject sslv3. Of course there still could be other things that need fixing. ;-)   Original Message   From: Rick Leir Sent: Wednesday, May 24, 2017 2:31

TLS warning

Hi All Should this TLS warning worry me? cheers -- Rick Warnings smtpd (total: 1) 1 TLS library problem: error:14094416:SSL routines:SSL3_READ_BYTE... mail.log: May 23 11:35:42 myHostName postfix/smtpd[6619]: connect from