Thank you. Interesting possibilities & tech.
I’m going to think this over, i.e. I think it will be easier in my case to
create a special mail user for this in dovecot (drop the alias/rewrite-outgoing
apporach and use an extra mail account for these messages). But reading about
multi instance po
Hi
I have a small SMTP server for around 35 users in the company I work .
The last 3 -4 days I'm being bombed with backstatter mails from all
over the world .
I have found out the abusing IP who sends the messages as one of my
accounts but
I cant find out how to stop bombing my server wi
I have been recently debugging some corner cases in OpenSSL's
SSL_shutdown call in sendmail (I ask your forgiveness) and now that
I seem to have it right there I have decided to look at other mailers
for similar issues.
A discussion with the OpenSSL folks on how to properly shut down a
connectio
>>
>> Before I pollute the mailing list with all the gory details. Is this a
>> known/expected/ever seen behaviour?
>
> SRS rewriting should not operate on ANY header addresses. It is designed,
> like SPF, to operate on the SMTP envelope sender.
>
> It is normal for automated messages such as
On Tue, Feb 02, 2021 at 05:26:52AM -0800, Leo Bicknell wrote:
> I have been recently debugging some corner cases in OpenSSL's
> SSL_shutdown call in sendmail (I ask your forgiveness) and now that
> I seem to have it right there I have decided to look at other mailers
> for similar issues.
There i
Before I pollute the mailing list with all the gory details. Is this a
known/expected/ever seen behaviour?
SRS rewriting should not operate on ANY header addresses. It is
designed, like SPF, to operate on the SMTP envelope sender.
It is normal for automated messages such as bounces to have a
In a message written on Tue, Feb 02, 2021 at 09:23:56AM -0500, Viktor Dukhovni
wrote:
> There is no issue, because SMTP is self-framing. The SMTP transaction
> is cleanly terminated via QUIT or RSET at the application layer. There
> is no need for the transport protocol to provide end-of-stream
On Tue, Feb 02, 2021 at 06:49:31AM -0800, Leo Bicknell wrote:
> In a message written on Tue, Feb 02, 2021 at 09:23:56AM -0500, Viktor
> Dukhovni wrote:
> > There is no issue, because SMTP is self-framing. The SMTP transaction
> > is cleanly terminated via QUIT or RSET at the application layer.
In a message written on Tue, Feb 02, 2021 at 10:15:49AM -0500, Viktor Dukhovni
wrote:
> There is no problem, both sides send a "close_notify" alert when closing
> their "write side" of the transmission channel. So neither reader will
> ever see an abuptly lost connection. However, keep in mind t
On 2 Feb 2021, at 9:49, Leo Bicknell wrote:
Perhaps Postfix does not support returning to clear text from a
STARTTLS
session and doing futher protocol operations. I have not looked. But
if it
does, I believe the proper shutdown behavior is a MUST.
No SMTP server should ever support downgra
On 2 Feb 2021, at 10:15, Viktor Dukhovni wrote:
If someone writes a draft to define a "STOPTLS" ESMTP
extension, then
... there will be a chorus of responses denouncing it as useless and
even harmful. :)
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@bill
Jumping in as an observer with 25 years of admin experience with public facing
equipment and servers. this problem seems more of a problem with the tls
libraries. it’s not up to the app to close the tls connection. that layer is
below the application layer. when the application terminates its
On Tue, Feb 02, 2021 at 07:27:27AM -0800, Leo Bicknell wrote:
> I won't attempt you change your mind, as you've clearly made it up.
It appears we have reciprocity.
> However, in my role as an admin, you just gave me excellent
> justification to never run Postfix. The shutdown aspects of protoco
In a message written on Tue, Feb 02, 2021 at 10:44:34AM -0500, Curtis Maurand
wrote:
> Jumping in as an observer with 25 years of admin experience with
> public facing equipment and servers. this problem seems more of a
> problem with the tls libraries.
I violently agree with this statement.
htt
In a message written on Tue, Feb 02, 2021 at 10:56:04AM -0500, Viktor Dukhovni
wrote:
> well-intentioned work. Fair enough, but ... the reality of the
> situation is that what you perceive to be a bug is a carefully
> considered feature, that optimises for keeping the MTAs limited
> resources ava
On 2 Feb 2021, at 8:46, Tim Coote wrote:
Before I pollute the mailing list with all the gory details. Is this
a known/expected/ever seen behaviour?
SRS rewriting should not operate on ANY header addresses. It is
designed, like SPF, to operate on the SMTP envelope sender.
It is normal for
On Tue, Feb 02, 2021 at 08:09:54AM -0800, Leo Bicknell wrote:
> Maybe you run your servers at 99.99% load, and that extra
> 0.01 will put them over the edge. I can only tell you that I,
> as one admin, would absolutely take the extra load to get proper
> shutdown behavior.
>
> If I need
You’re not doin’ well son…quit diggin’ and go back to rethink
your approach. I dare say at least a majority on this list, including
myself, will trust Viktor et al a far bit more than someone coming in
from the cold who freely admits the are not “well versed” in the
app, nor a key protocol use
On Tue, Feb 02, 2021 at 10:44:34AM -0500, Curtis Maurand wrote:
> Jumping in as an observer with 25 years of admin experience with
> public facing equipment and servers. This problem seems more of a
> problem with the tls libraries.
The SSL_shutdown() behaviour in sufficiently recent OpenSSL vers
In a message written on Tue, Feb 02, 2021 at 04:54:18PM +, Antonio Leding
wrote:
>You're not doin' well son...quit diggin' and go back to rethink your
>approach. I dare say at least a majority on this list, including
>myself, will trust Viktor et al a far bit more than someone comi
George Papas:
> Hi
>
> I have a small? SMTP server for around 35 users in the company I work .
>
> The last 3 -4 days I'm being bombed with backstatter? mails from all
> over the world .
>
> I have found out the abusing IP who sends the messages as one of my
> accounts but
>
> I cant find out
On Tue, Feb 02, 2021 at 09:39:22AM -0800, Leo Bicknell wrote:
> I have found many opinions of the severity or urgency, but I have yet
> in any previous community had anyone argue that dropping the TLS
> connection was a good behavior.
Postfix is NOT dropping the TLS connection, it sends a close n
Leo Bicknell:
> In a message written on Tue, Feb 02, 2021 at 04:54:18PM +, Antonio Leding
> wrote:
> >You're not doin' well son...quit diggin' and go back to rethink your
> >approach. I dare say at least a majority on this list, including
> >myself, will trust Viktor et al a far bi
Begin forwarded message:
> From: jason hirsh
> Date: February 2, 2021 at 2:07:20 PM AST
> To: postfix-users@postfix.org
> Subject: error 550
>
> I can not seem to get massages through to earthlink/mindspring. I get the
> following error
> 550 5.7.1 Connection refused - OXSUS0001_304 (in re
On Tue, Feb 02, 2021 at 12:27:40PM +0200, George Papas wrote:
> # Do not indent the patterns between "if" and "endif".
> if /^[> ]*Received:/
> /^[> ]*Received: +from +ip53\.ip-139-99-176\.net /
> reject forged sender name in Received: header: $1
> endif
The above syntax is wrong. The "reject ..
On 2/2/2021 12:09 PM, Jason Hirsh wrote:
I can not seem to get massages through to earthlink/mindspring. I
get the following error
550 5.7.1 Connection refused - OXSUS0001_304 (in reply to MAIL FROM
Googling the error message suggests earthlink has blocked your IP
and suggests what yo
Thanks guys in the mean time I found the way to do it by trial and error
and works OK now
On 2/2/21 8:12 PM, Viktor Dukhovni wrote:
On Tue, Feb 02, 2021 at 12:27:40PM +0200, George Papas wrote:
# Do not indent the patterns between "if" and "endif".
if /^[> ]*Received:/
/^[> ]*Received: +from
Postfix Version: 3.1.1
header_checks = pcre:/etc/postfix/conf/custom_header_checks
Hello List!
According to the header_checks document, it states for the BCC Action, "The
number of BCC addresses that can be added is limited only by the amount of
available storage space."
http://www.postfix.or
Rick King:
> Postfix Version: 3.1.1
>
> header_checks = pcre:/etc/postfix/conf/custom_header_checks
>
> Hello List!
>
> According to the header_checks document, it states for the BCC Action, "The
> number of BCC addresses that can be added is limited only by the amount of
> available storage s
On Tue, Feb 02, 2021 at 02:54:00PM -0500, Rick King wrote:
> However, I haven't been able get BCC to multiple recipients to work; so far
> I've tried...
>
> /^From:(.*)<(.*)@externaldomain.tld>(.*)/ BCC us...@internaldomain.tld,
> us...@internaldomain.tld
BCC recipients are subject to virtua
Thank you very much Wietse!
Best Regards,
--
Rick King
- On Feb 2, 2021, at 1:45 PM, Wietse Venema wie...@porcupine.org wrote:
Rick King:
> Postfix Version: 3.1.1
>
> header_checks = pcre:/etc/postfix/conf/custom_header_checks
>
> Hello List!
>
> According to the header_checks document
Ahh! Makes sense Viktor, thank you very much!
Best Regards,
--
Rick King
- On Feb 2, 2021, at 1:48 PM, Viktor Dukhovni postfix-us...@dukhovni.org
wrote:
On Tue, Feb 02, 2021 at 02:54:00PM -0500, Rick King wrote:
> However, I haven't been able get BCC to multiple recipients to work; so fa
Dear Gurus
I'm having a problem configuring Postfix on Ubuntu server 20.04, to
perform as follows:
I want to accept mail for several domains, let's say: d1.tld,
d2.tld, with 'd1.tld' being 'mydomain'.
Mail for some specific destinations are supposed to be delivered
locally to designated
Did you happen to try putting the catch-all addresses at the TOP of
the virtualusers hashmap file? Just a guess.
It's been a long time since I've manually setup Postfix...
On Tue, Feb 2, 2021 at 6:53 PM david wrote:
>
> Dear Gurus
>
> I'm having a problem configuring Postfix on Ubuntu server 20.0
On Tue, Feb 02, 2021 at 07:02:02PM -0500, Bryan L. Gay wrote:
> Did you happen to try putting the catch-all addresses at the TOP of
> the virtualusers hashmap file? Just a guess.
> It's been a long time since I've manually setup Postfix...
The order of entries makes no difference.
--
Viktor.
david wrote:
> To accomplish this, I set values in /etc/postfix/main.cf:
>
> mydomain = d1.tld
> mydestination = localhost.$mydomain localhost $mydomain
> virtual_alias_domains = d2.tld
> virtual_alias_maps = hash:/etc/postfix/virtualusers
>
> The file /etc/aliases contains:
> root: owner_d1
At 06:07 PM 2/2/2021, Viktor Dukhovni wrote:
On Tue, Feb 02, 2021 at 06:46:32PM -0700, Bob Proulx wrote:
> >
> > a...@d1.tldd1_a
> > b...@d1.tldd1_b
> > @d1.tld owner_d1
> > @d2.tld owner_d2
>
> I don't see anything wrong as such with the above. Seems like it
> should work. And
On Tue, Feb 02, 2021 at 06:46:32PM -0700, Bob Proulx wrote:
> >
> > a...@d1.tld d1_a
> > b...@d1.tld d1_b
> > @d1.tld owner_d1
> > @d2.tld owner_d2
>
> I don't see anything wrong as such with the above. Seems like it
> should work. And for me I have a very similar arrangement here. So
On Tue, Feb 02, 2021 at 06:12:01PM -0800, david wrote:
> At 06:07 PM 2/2/2021, Viktor Dukhovni wrote:
> >On Tue, Feb 02, 2021 at 06:46:32PM -0700, Bob Proulx wrote:
> >
> > > >
> > > > a...@d1.tldd1_a
> > > > b...@d1.tldd1_b
> > > > @d1.tld owner_d1
> > > > @d2.tld owner_d2
> > >
>
Quoting Viktor Dukhovni :
On Tue, Feb 02, 2021 at 06:12:01PM -0800, david wrote:
At 06:07 PM 2/2/2021, Viktor Dukhovni wrote:
>On Tue, Feb 02, 2021 at 06:46:32PM -0700, Bob Proulx wrote:
>
> > >
> > > a...@d1.tldd1_a
> > > b...@d1.tldd1_b
> > > @d1.tld owner_d1
> > > @d2.tld
On Wed, Feb 03, 2021 at 03:33:01PM +1100, Mike Guelfi wrote:
> > This is an easy question, that I was hoping someone else would field for
> > a change.
> >
> > 1. Rewriting via virtual(5) is recursive, with recursion stopping
> >either when there's no result, or a key maps to itself.
>
At 08:33 PM 2/2/2021, you wrote:
Quoting Viktor Dukhovni :
On Tue, Feb 02, 2021 at 06:12:01PM -0800, david wrote:
At 06:07 PM 2/2/2021, Viktor Dukhovni wrote:
>On Tue, Feb 02, 2021 at 06:46:32PM -0700, Bob Proulx wrote:
>
> > >
> > > a...@d1.tldd1_a
> > > b...@d1.tldd1_b
> > > @d1.tl
david wrote:
> To accomplish this, I set values in /etc/postfix/main.cf:
>
> mydomain = d1.tld
> mydestination = localhost.$mydomain localhost $mydomain
> virtual_alias_domains = d2.tld
> virtual_alias_maps = hash:/etc/postfix/virtualusers
>
> The file /etc/aliases contains:
> root: owner_d1
>
david wrote:
> 1) mydomain = d1.tld
> 2) mydestination= localhost.$mydomain localhost $mydomain
> 3) virtual_alias_domains= d2.tld
> 4) virtual_alias_maps = hash:/etc/postfix/virtualusers
What's the value of myorigin for you? I expect it will be the s
44 matches
Mail list logo
