Re: [Partially solved] Re: Address rewriting not working

On Fri, 4 Jan 2019 15:20:08 -0500 Viktor Dukhovni wrote: > > On Jan 4, 2019, at 2:56 PM, Celejar wrote: > > > > And I'm using 3.1.8, where the rewriting isn't acceptable to my mail > > provider, and this feature isn't available ;) So I guess I'm stuck, > > unless I can upgrade Postfix? > > You

Re: Turn off command pipelining for a domain

On 6/1/2019 4:48 π.μ., John Fawcett wrote: Only thing is that you'll have to specify ip addresses not domain names, since dns lookups are not available for these maps. The remote servers of yahoo is mostly the problem. I rarely see this issue with any other servers but it usually applies to th

Re: Turn off command pipelining for a domain

On 06/01/2019 03:24, Lefteris Tsintjelis wrote: > Is there a possible way to turn off command pipelining completely for > a whole domain based on DNS? The pipelining-firewalling of yahoo.com > seems to be broken quite often. > > Something like: > > yahoo.com    pipelining I think you're looking fo

Re: Turn off command pipelining for a domain

Lefteris Tsintjelis skrev den 2019-01-06 03:24: Is there a possible way to turn off command pipelining completely for a whole domain based on DNS? The pipelining-firewalling of yahoo.com seems to be broken quite often. Something like: yahoo.com pipelining no logs, no problem :)

Turn off command pipelining for a domain

Is there a possible way to turn off command pipelining completely for a whole domain based on DNS? The pipelining-firewalling of yahoo.com seems to be broken quite often. Something like: yahoo.com pipelining

Re: SMTP filter using geo-localization

Hello, Another solution is to use reject_rbl_client. Dnsbl.bit.nl maintains a RBL by country code that is updated weekly. GeoIP data is sometimes unreliable and can become stale. See also: https://noc.bit.nl/dnsbl/ascc/ "This zone contains data regarding the ISO3166 countrycode and BGP Aut

Re: SMTP filter using geo-localization

On 05/01/2019 22:26, Philippe - Forums wrote: > Hello, > > I would like to filter SMTP access using geo-localization. > > I have installed geoip-bin on my mailserver. > > This tool works like nslookup with an IP (geoiplookup @IP) and give > geographic informations about this IP and especially the c

Re: SMTP filter using geo-localization

Hello, A simpler solution would be using a cidr access map from that match netblocks you allow in master.cf for submission (or smtps if using the legacy SMTPS service on port 465) service with smtpd_client_restrictions, eg.: Long form for postfix >

SMTP filter using geo-localization

Hello, I would like to filter SMTP access using geo-localization. I have installed geoip-bin on my mailserver. This tool works like nslookup with an IP (geoiplookup @IP) and give geographic informations about this IP and especially the country (FR, DE,...). My purpose is to filter IPs out o

Re: bypass policy server in recipient_restrictions when subject contains string

> On Jan 5, 2019, at 8:08 AM, Stefan Bauer wrote: > > tls_whitelist_check unix- - n - - smtp >-o header_checks= >-o smtp_header_checks= >-o smtpd_recipient_restrictions=check_policy_service,unix:private/policy >-o sender_dependent_default_t

Re: Content filter - reijnect message back into queue

> On Jan 5, 2019, at 11:12 AM, Rafael Azevedo wrote: > > this is what I'm trying to figure out: how to re-inject. Working re-injection examples are shown in FILTER_README. If you don't too creative with ad-hoc multiple instances, and "postfix -c", they work as documented, but reading the book sh

Re: Content filter - reijnect message back into queue

> it can be any port, but it has to be configured not to send mail back > to the filter not to create a loop. this is what I'm trying to figure out: how to re-inject. I'm reading The Book of Postfix as Viktor suggested. Hope to find some answers soon. Thanks!

Re: Slowness after upgrading from postfix 2.x to 3.1.8

Christopher R. Gabriel skrev den 2019-01-04 15:23: postfix01 data/spool are on tmpfs. its unsafe to use tmpfs for spool dirs in postfix, tmpfs is okay only for content-filters, not in generic postfix

Re: How to configure an infinite-retry for relay

Jan P. Kessler skrev den 2019-01-05 13:10: maximal_queue_lifetime = 30d if that time is gone on backup mx, what should postfix then do ?, hopefully not make a bounce

Re: bypass policy server in recipient_restrictions when subject contains string

Thank you. That explains it! Am Sa., 5. Jan. 2019 um 15:03 Uhr schrieb Benny Pedersen : > Stefan Bauer skrev den 2019-01-05 14:08: > > > tls_whitelist_check unix- - n - - > > smtp > >-o header_checks= > >-o smtp_header_checks= > >-o > > smtpd_recipient

Re: bypass policy server in recipient_restrictions when subject contains string

Stefan Bauer skrev den 2019-01-05 14:08: tls_whitelist_check unix- - n - - smtp -o header_checks= -o smtp_header_checks= -o smtpd_recipient_restrictions=check_policy_service,unix:private/policy -o sender_dependent_default_transport_maps= -o smtpd_r

Re: policy server, TLS only exeptions and restrictions

Stefan Bauer skrev den 2019-01-04 14:44: master.cf [1] (snippet): finance unix - - n - - smtp smtp_tls_policy_maps=hash:/etc/postfix/tls/finance add -o before smtp_tls

Re: bypass policy server in recipient_restrictions when subject contains string

Seems to have no effect for unknown reasons. policy service is not called. Tried: master.cf tls_whitelist_check unix- - n - - smtp -o header_checks= -o smtp_header_checks= -o smtpd_recipient_restrictions=check_policy_service,unix:private/policy -o

Re: How to configure an infinite-retry for relay

On Sat, 5 Jan 2019, Jan P. Kessler wrote: Hi, I have a situation where my primary/final MX server will be down for an indefinite period of time, possibly up to a week.  During that time I would like to have the secondary MX server to keep every message queued, and keep on retrying, without eve

Re: How to configure an infinite-retry for relay

Hi, > I have a situation where my primary/final MX server will be down for > an indefinite period of time, possibly up to a week.  During that time > I would like to have the secondary MX server to keep every message > queued, and keep on retrying, without ever "timing out" and without > sending a

Re: Content filter - reijnect message back into queue

On 05.01.19 08:37, Rafael Azevedo wrote: Can the reinjection port be other than 10025 ? it can be any port, but it has to be configured not to send mail back to the filter not to create a loop. there are other recommended options for such port, documented in filter readme. -- Matus UHLAR - fa

Re: Content filter - reijnect message back into queue

Can the reinjection port be other than 10025 ?

Re: bypass policy server in recipient_restrictions when subject contains string

Understood. Would it be possible to have header_checks in main.cf that send mails with special subject with FILTER to smtp process that did not have policy service as option and all other mails (/.*/) also with FILTER to smtp process with policy service? this way i can bypass policy service with