[pfx] Re: new waves of connect/disconnect from *.outlook.com; any add'l pfx configs useful for further remediation?

2023-10-17 Thread Viktor Dukhovni via Postfix-users
On Tue, Oct 17, 2023 at 12:42:39PM -0400, Viktor Dukhovni via Postfix-users wrote: > > [...] it took a while to realize that the above "STARTTLS,QUIT" > > behaviour is due to the fact that said outbound systems do not like to come > > across non-matching TLSA entries (for other certificates used

[pfx] Re: new waves of connect/disconnect from *.outlook.com; any add'l pfx configs useful for further remediation?

2023-10-17 Thread Viktor Dukhovni via Postfix-users
On Tue, Oct 17, 2023 at 05:47:11PM +0200, Markus Ueberall via Postfix-users wrote: > On 17.08.23, 01:48 Viktor Dukhovni wrote via Postfix-users: > > So far, the pattern of Microsoft's outbound systems disconnecting > > immediately after a completed TLS handshake strongly correlates with a > > bro

[pfx] Re: new waves of connect/disconnect from *.outlook.com; any add'l pfx configs useful for further remediation?

2023-10-17 Thread Markus Ueberall via Postfix-users
On 17.08.23, 01:48 Viktor Dukhovni wrote via Postfix-users: So far, the pattern of Microsoft's outbound systems disconnecting immediately after a completed TLS handshake strongly correlates with a broken TLSA setup. For the record: I stumbled across this a couple of days ago when I received a

[pfx] Re: can't read SMFIC_OPTNEG

2023-10-17 Thread natan via Postfix-users
Hi Thenx problem solved - problem was trivial (existing process with port 10028) W dniu 17.10.2023 o 17:37, Wietse Venema via Postfix-users pisze: natan via Postfix-users: Hi I have a some problem with setup opendkim+opendmarc+amavisd-milter main.cf--- smtpd_milters = inet:localhost:

[pfx] Re: can't read SMFIC_OPTNEG

2023-10-17 Thread Wietse Venema via Postfix-users
natan via Postfix-users: > Hi > I have a some problem with setup > opendkim+opendmarc+amavisd-milter > > > main.cf--- > smtpd_milters = > inet:localhost:10028,inet:localhost:10027,inet:localhost:10029 > > > When I try local telnet 25 i get many many logs like: > .. > Oct 17 13:59:

[pfx] Re: milter SMFIC_ABORT instead of SMFIC_QUIT

2023-10-17 Thread mailmary--- via Postfix-users
thank you for the explanation, I'll adjust my code accordingly :) On Tue, 17 Oct 2023 10:02:33 -0400 (EDT) Wietse Venema via Postfix-users wrote: > mailmary--- via Postfix-users: > > > > Hello everyone, > > > > I'm coding a milter and I noticed an issue with postfix. Once postfix is > >

[pfx] can't read SMFIC_OPTNEG

2023-10-17 Thread natan via Postfix-users
Hi I have a some problem with setup opendkim+opendmarc+amavisd-milter main.cf--- smtpd_milters = inet:localhost:10028,inet:localhost:10027,inet:localhost:10029 When I try local telnet 25 i get many many logs like: .. Oct 17 13:59:01 mail2 postfix/10028/smtpd[6]: connect from

[pfx] Re: milter SMFIC_ABORT instead of SMFIC_QUIT

2023-10-17 Thread Wietse Venema via Postfix-users
mailmary--- via Postfix-users: > > Hello everyone, > > I'm coding a milter and I noticed an issue with postfix. Once postfix is done > communicating with the milters, instead of sending a SMFIC_QUIT, it sends > SMFIC_ABORT. > > abort all milters > milter8_abort: abort milter inet:127.0.0.1:889

[pfx] milter SMFIC_ABORT instead of SMFIC_QUIT

2023-10-17 Thread mailmary--- via Postfix-users
Hello everyone, I'm coding a milter and I noticed an issue with postfix. Once postfix is done communicating with the milters, instead of sending a SMFIC_QUIT, it sends SMFIC_ABORT. abort all milters milter8_abort: abort milter inet:127.0.0.1:8891 milter8_abort: abort milter inet:127.0.0.1:889