Maildirs in AWS EFS?

Hello, AWS released one month ago a EFS system with administered life cycle, which means that files not accessed in the last 30 days are moved to a lower cost storage tier. Currently I hold my e-mail, delivered to Maildir++ folders by postfix and retrieved with Dovecot, in standard EBS volume

Re: Permanent store of incoming mail.

On 20 Mar 2019, at 15:40, Patrick Ben Koetter wrote: > Or, if you use dovecot as storage, create a second dovecot instance and dsync > messages from first to second instance. This is a much better solution in terms of features and making that alternate mailspool available. Mine is better in term

Re: Permanent store of incoming mail.

* @lbutlr : > On 20 Mar 2019, at 15:06, Homer Wilson Smith > wrote: > >Pointers to RTFM > > > >Running Centos 7.x, latest postfix. > > > >What is the best way to keep a permanent store for > > incgoing e-mail. Doesn't have to be forever. 1 year perhaps. > > I use recipient_bcc_ma

Re: Understanding the importance of submission

On 20 Mar 2019, at 11:01, Yassine Chaouche wrote: Dear postfix, I don't seem to get the idea of submission, I know I must be wrong, b/c so many articles out there preach to use a different port for submission, but I hope to find some argument in your replies that will make me change my mind.

Re: Permanent store of incoming mail.

On 20 Mar 2019, at 15:06, Homer Wilson Smith wrote: >Pointers to RTFM > >Running Centos 7.x, latest postfix. > >What is the best way to keep a permanent store for > incgoing e-mail. Doesn't have to be forever. 1 year perhaps. I use recipient_bcc_maps -- 'The trouble with my f

Permanent store of incoming mail.

Pointers to RTFM Running Centos 7.x, latest postfix. What is the best way to keep a permanent store for incgoing e-mail. Doesn't have to be forever. 1 year perhaps. Presently rsyncing main server:/home to backup server:/home without --delete, so copied mail just accrues in c

Re: Understanding the importance of submission

* Viktor Dukhovni: > That's one of the common misperceptions of of the IETF standards > process. Proposed standards are IETF standards. I intrepret https://tools.ietf.org/html/rfc7127#section-3 differently: Proposed Standards are of such quality that implementations can be deployed in the In

Re: Understanding the importance of submission

On 3/20/19 4:18 PM, Patrick Ben Koetter wrote: Access providers may block outbound TCP/25 connections, because infected enduser devices try to transport messages on that port to remote MTAs. They won't block TCP/597 because submission requires SMTP AUTH, which requires the sender to possess login

Re: Understanding the importance of submission

> On Mar 20, 2019, at 11:51 AM, Ralph Seichter wrote: > > As far as I can see, RFC 8314 is only in the proposed standards stage, > so no, the use of port 587 is not deprecated. That's one of the common misperceptions of of the IETF standards process. Proposed standards are IETF standards. Full

Re: Understanding the importance of submission

On Wed, Mar 20, 2019 at 04:01:24PM +0100, Yassine Chaouche wrote: > I don't seem to get the idea of submission, I know I must be wrong, b/c > so many articles out there preach to use a different port for > submission, but I hope to find some argument in your replies that will > make me change m

Re: Understanding the importance of submission

On Wed, Mar 20, 2019 at 08:26:47AM -0700, Alice Wonder wrote: > Note that submission on Port 587 is deprecated, it is now "official" to > use Port 465 with implicit TLS. That's mostly wishful (and perhaps even slightly misguided) thinking on the part of the authors of one particular IETF RFC. I

Re: Howto reject only one recipient and not drop entire email?

On 3/20/2019 6:53 AM, Otto Kekäläinen wrote: 1. Try adding "unknown_address_reject_code = 553" in main.cf. This is a wise choice in any case. 2. Use a better mail client which handles multiple recipient mail more robustly. Thanks for the pointers! I added the 553 reject code, but unfortunately

Re: Understanding the importance of submission

Am 20.03.19 um 16:18 schrieb Patrick Ben Koetter: > Use submission on TCP/587 for MUA to MTA traffic. Btw: RFC 8314 describe Implicit TLS for POP3, IMAP and Submission on ports 995, 993 and 465. Works fine the usual modern MUAs and eliminate the opportunity for downgrades while talking plainte

Re: Understanding the importance of submission

On 3/20/2019 11:39 AM, Ralph Seichter wrote: > * Yassine Chaouche: > >> So the only thing that I need submission port for seems to be to force >> TLS connexions, right ? > > You already mentioned having different policies, so the possibilities > are numerous. Having the dedicated submission port

Re: Understanding the importance of submission

* Alice Wonder: > Note that submission on Port 587 is deprecated, it is now "official" to > use Port 465 with implicit TLS. As far as I can see, RFC 8314 is only in the proposed standards stage, so no, the use of port 587 is not deprecated. -Ralph

Re: Understanding the importance of submission

* Yassine Chaouche: > So the only thing that I need submission port for seems to be to force > TLS connexions, right ? You already mentioned having different policies, so the possibilities are numerous. Having the dedicated submission port allows me to easily force encryption, force authenticati

Re: Understanding the importance of submission

On 3/20/19 4:26 PM, Alice Wonder wrote: [...]Note that submission on Port 587 is deprecated, it is now "official" to use Port 465 with implicit TLS. [...] Oh, I thought it was the other way arround and most people now are dropping 465 in favor of 587 with STARTTLS to support old/odd clients

Re: Understanding the importance of submission

On 3/20/19 8:18 AM, Patrick Ben Koetter wrote: * Yassine Chaouche : Dear postfix, I don't seem to get the idea of submission, I know I must be wrong, b/c so many articles out there preach to use a different port for submission, but I Use submission on TCP/587 for MUA to MTA traffic. Use smtp

Re: Understanding the importance of submission

On 3/20/19 4:18 PM, Patrick Ben Koetter wrote: [...] Use submission on TCP/587 for MUA to MTA traffic. Why ? [...] Run authenticated MUA friendly policies on Submission. Run MTA policies on smtp port. What kind ? Access providers may block outbound TCP/25 connections, because infected enduse

Re: Understanding the importance of submission

* Yassine Chaouche : > Dear postfix, > > I don't seem to get the idea of submission, I know I must be wrong, b/c so > many articles out there preach to use a different port for submission, but I Use submission on TCP/587 for MUA to MTA traffic. Use smtp on TCP/25 for MTA to MTA traffic. Run auth

Understanding the importance of submission

Dear postfix, I don't seem to get the idea of submission, I know I must be wrong, b/c so many articles out there preach to use a different port for submission, but I hope to find some argument in your replies that will make me change my mind. If I understand correctly, submission is a means fo

Re: "Chunk exceeds message size limit"

On 19 Mar 2019, at 13:00, Viktor Dukhovni wrote: > Note that, perhaps unintentionally, the treatment of "message_size_limit > = 0" is not documented to mean "no limit". Perhaps we should also > address that. By forbidding a setting of 0? -- 'They're the cream!' Rincewind sighed. 'Cohen, they

Re: Howto reject only one recipient and not drop entire email?

On 20.03.19 13:53, Otto Kekäläinen wrote: I added the 553 reject code, but unfortunately it does not seem to help. My client is msmtp and the SMTP session looks like this: cat mail.txt | msmtp -a default -X mail.log --debug -t --> RCPT TO: --> RCPT TO: --> DATA <-- 250 2.1.0 Ok <-- 250 2.1.5

Re: Howto reject only one recipient and not drop entire email?

On 20 Mar 2019, at 7:53, Otto Kekäläinen wrote: So if the blame is on the client, what replacements for msmtp do you recommend? Both the real sendmail and the Postfix sendmail do the right thing. -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.sccon

Re: Howto reject only one recipient and not drop entire email?

> 1. Try adding "unknown_address_reject_code = 553" in main.cf. This is a > wise choice in any case. > 2. Use a better mail client which handles multiple recipient mail more > robustly. Thanks for the pointers! I added the 553 reject code, but unfortunately it does not seem to help. My client is

Re: Docker Postfix logging

Hi Matthias, > since i don't want to mount /dev/log into a postfix container, i created > a small tool in golang to create a syslog unix socket and print all logs > to stdout, > the command `postfix start-fg` is wrapped. > > https://github.com/mschneider82/postfixstdoutlogger/ Alternately, here's

Re: Docker Postfix logging

Hi, Nice one, albeit you can use this since 3.4 - I have it set to the value '/dev/stdout'. Yours, Tamás On 3/20/19 11:10 AM, Matthias Schneider wrote: > Hi, > > since i don't want to mount /dev/log into a postfix container, i > created a sma

Docker Postfix logging

Hi, since i don't want to mount /dev/log into a postfix container, i created a small tool in golang to create a syslog unix socket and print all logs to stdout, the command `postfix start-fg` is wrapped. Just want to share this with the community: https://github.com/mschneider82/postfixstdou

Re: "Chunk exceeds message size limit"

Viktor Dukhovni, 19.3.2019 20:00 +0100: > Note that, perhaps unintentionally, the treatment of "message_size_limit > = 0" is not documented to mean "no limit". Perhaps we should also > address that. I asked about that some years ago and Wietse told me that it is intentionally not documented: > h