- Message from Viktor Dukhovni via Postfix-users
-
Date: Mon, 8 Jan 2024 12:40:49 -0500
From: Viktor Dukhovni via Postfix-users
Reply-To: postfix-users@postfix.org, Viktor Dukhovni
Subject: [pfx] Re: recipient_bcc_maps clarification.
To: postfix-users@postfix.org
Also on-line at https://www.postfix.org/false-smuggling-claims.html
and linked from https://www.postfix.org/smtp-smuggling.html
I expect to do a stable release update in a week or so, that will
include non-emergency fixes that I wanted to release in December,
and that silences false vulnerability
Viktor Dukhovni via Postfix-users wrote:
>
> On Mon, Jan 08, 2024 at 07:36:37PM +0100, Michael Grimm via Postfix-users
> wrote:
>> But will that work, once a mail has been deferred and is sitting in the
>> queue already?
>> Meaning, if a 'postqueue -f' will retry with smtpv4, instead sticking
On Mon, Jan 08, 2024 at 07:36:37PM +0100, Michael Grimm via Postfix-users wrote:
> >smtp unix - - n - - smtp
> >smtpv4 unix - - n - - smtp
> >-o inet_protocols=ipv4
> >smtpv6 unix - - n
Viktor Dukhovni via Postfix-users wrote:
> On Mon, Jan 08, 2024 at 04:02:48PM +0100, Michael Grimm via Postfix-users
> wrote:
>> Sometimes outgoing mail is deferred due to "reputational issues" at
>> the receiving side. These "reputational issues" mostly concerned my
>> IP6 addresses, thus I rem
On Mon, Jan 08, 2024 at 10:24:15AM +0530, anant--- via Postfix-users wrote:
> For specific 2 recipients of our domain, we don't want always_bcc to be
> implemented. ie. if a mail is addressed to a...@xx.com (our domain only),
> mail should not be Bcc to zz...@xx.com. similarly if mail recipient
John Fawcett via Postfix-users skrev den 2024-01-08 18:09:
#/etc/postfix/regexp_recipient_bcc
a...@xx.com devnull
d...@xx.com devnull
@xx.com zz...@xx.com
Postfix will still generate bcc messages for emails to abc and def but
they won't actually get sent out.
this is why always_bcc
On 08/01/2024 05:54, anant--- via Postfix-users wrote:
Hello,
We have in main.cf always_bcc = zz...@xx.com and our domain is xx.com
For specific 2 recipients of our domain, we don't want always_bcc to
be implemented. ie. if a mail is addressed to a...@xx.com (our domain
only), mail should
On Mon, Jan 08, 2024 at 04:02:48PM +0100, Michael Grimm via Postfix-users wrote:
> Sometimes outgoing mail is deferred due to "reputational issues" at
> the receiving side. These "reputational issues" mostly concerned my
> IP6 addresses, thus I removed IP6 mailing completely. But now, I do
> want
Wietse Venema via Postfix-users wrote:
> Michael Grimm via Postfix-users:
>>> Postfix has a "rule based language" for receiving mail, but there
>>> is no such thing for outbound deliveries.
>>
>> I am only curious of how much functionality would be needed for
>> that?
>
> There is zero code, so
Michael Grimm via Postfix-users:
> > Postfix has a "rule based language" for receiving mail, but there
> > is no such thing for outbound deliveries.
>
> I am only curious of how much functionality would be needed for
> that?
There is zero code, so that would be a lot of work. To give an
example,
Wietse Venema via Postfix-users wrote:
> Michael Grimm via Postfix-users:
>> Sometimes outgoing mail is deferred due to "reputational issues"
>> at the receiving side. These "reputational issues" mostly concerned
>> my IP6 addresses, thus I removed IP6 mailing completely. But now,
>> I do want to
Michael Grimm via Postfix-users:
> [FreeBSD 14-STABLE, postfix 3.8.4, dovecot 2.3.21, rspamd 3.7.5]
>
> Hi
>
> Sometimes outgoing mail is deferred due to "reputational issues"
> at the receiving side. These "reputational issues" mostly concerned
> my IP6 addresses, thus I removed IP6 mailing comp
[FreeBSD 14-STABLE, postfix 3.8.4, dovecot 2.3.21, rspamd 3.7.5]
Hi
Sometimes outgoing mail is deferred due to "reputational issues" at the
receiving side. These "reputational issues" mostly concerned my IP6 addresses,
thus I removed IP6 mailing completely. But now, I do want to give it a try,
Hi
Yest this is e-mails body from test - only when sender domain have SPF
set ~all or SPF not exist
W dniu 8.01.2024 o 15:08, Damian via Postfix-users pisze:
SMUGGLING WORKS with '\r\n\x00.\r\n' as "fake" end-of-data sequence!
SMUGGLING WORKS with '\r.\r\n' as "fake" end-of-data sequence!
SMUG
SMUGGLING WORKS with '\r\n\x00.\r\n' as "fake" end-of-data sequence!
SMUGGLING WORKS with '\r.\r\n' as "fake" end-of-data sequence!
SMUGGLING WORKS with '\r.\r' as "fake" end-of-data sequence!
SMUGGLING WORKS with '\r.\n' as "fake" end-of-data sequence!
Are those really standalone emails with subj
Dear Viktor, dear Wietse,
thanks again for your vigilant eyes.
On 2024-01-05 19:31:35 +0100, Viktor Dukhovni via Postfix-users wrote:
On Fri, Jan 05, 2024 at 06:46:01PM +0100, Peter Wienemann via Postfix-users
wrote:
RFC 2033 says: "The LMTP protocol is identical to the SMTP protocol [SMTP]
[
I'm running on Ubuntu 22 which ships postfix 3.6.4 .
I've tried the short term solution, but this test tool still can send forged
emails:
$ postconf -n | grep -E "smtpd_data_restrictions|smtpd_discard_ehlo_keywords"
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_discard_ehlo_keywords
W dniu 8.01.2024 o 13:35, Damian via Postfix-users pisze:
I create test VPS (outside my infrastructure) and install all for
python3 for testing
root@hanz:~# python3 smtp_smuggling_scanner.py --sender-domain
gmail.com piot...@mydomain.ltd
Don't use a sender-domain you don't have control over. T
I create test VPS (outside my infrastructure) and install all for
python3 for testing
root@hanz:~# python3 smtp_smuggling_scanner.py --sender-domain
gmail.com piot...@mydomain.ltd
Don't use a sender-domain you don't have control over. The default
should be good enough for basic smuggling tests
Hi
Sorry for stupid question but I dont realy undarstand
I create test VPS (outside my infrastructure) and install all for
python3 for testing
root@hanz:~# python3 smtp_smuggling_scanner.py --sender-domain gmail.com
piot...@mydomain.ltd
[*] Getting MX record for domain: xx
[*] Running SMTP
21 matches
Mail list logo
