Wietse Venema via Postfix-users:
Fixed with Postfix 3.8.3, 3.7.8, 3.6.12, 3.5.22:
that's all right. thank you Wietse.
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
On 5/28/24 10:11 PM, Viktor Dukhovni via Postfix-users wrote:
On Wed, May 29, 2024 at 11:58:31AM +1000, Viktor Dukhovni via Postfix-users
wrote:
You might in fact want to reject XBL IPs early, before they even
attempt authentication. So I have:
465inet n - n
On Tue, May 28, 2024 at 10:03:05PM -0400, John Hill via Postfix-users wrote:
> Mail all works but I still can't block these SASL attempt.
To block SASL authentication attempts (rather than mail transactions),
you need to do the RBL check in "smtpd_client_restrictions", and have
On Wed, May 29, 2024 at 11:58:31AM +1000, Viktor Dukhovni via Postfix-users
wrote:
> You might in fact want to reject XBL IPs early, before they even
> attempt authentication. So I have:
>
> 465inet n - n - - smtpd
> -o smtpd_delay_reject=no
>
On 5/28/24 9:58 PM, Viktor Dukhovni via Postfix-users wrote:
On Tue, May 28, 2024 at 09:32:29PM -0400, John Hill via Postfix-users wrote:
On 5/28/24 9:23 PM, Viktor Dukhovni via Postfix-users wrote:
-o { smtpd_recipient_restrictions =
reject_rbl_client
On Tue, May 28, 2024 at 09:32:29PM -0400, John Hill via Postfix-users wrote:
> On 5/28/24 9:23 PM, Viktor Dukhovni via Postfix-users wrote:
> >-o { smtpd_recipient_restrictions =
> > reject_rbl_client zen.spamhaus.org=127.0.0.4,
> > reject_sender_login_mismatch,
> >
On 5/28/24 9:23 PM, Viktor Dukhovni via Postfix-users wrote:
-o { smtpd_recipient_restrictions =
reject_rbl_client zen.spamhaus.org=127.0.0.4,
reject_sender_login_mismatch,
permit_sasl_authenticated,
reject }
I had experimented and came
On Tue, May 28, 2024 at 08:18:06PM -0400, John Hill via Postfix-users wrote:
> -o
> smtpd_recipient_restrictions=permit_sasl_authenticated,reject_rbl_client=zen.spamhaus,org=127.0.0.4,reject
>
> > I added and = after reject_rbl_client=
That's wrong, in multiple ways.
0. The RBL check
On 29/05/2024 02:18, John Hill via Postfix-users wrote:
On 5/28/24 8:10 PM, John Hill via Postfix-users wrote:
On 5/28/24 8:00 PM, Bill Cole via Postfix-users wrote:
On 2024-05-28 at 19:18:10 UTC-0400 (Tue, 28 May 2024 19:18:10 -0400)
John Hill via Postfix-users
is rumored to have said:
On 29/05/2024 01:11, Bill Cole via Postfix-users wrote:
On 2024-05-28 at 18:50:11 UTC-0400 (Wed, 29 May 2024 00:50:11 +0200)
John Fawcett via Postfix-users
is rumored to have said:
[...]
Hi John
I think you are missing the following in master.cf for the submission
service
-o
On 5/28/24 8:10 PM, John Hill via Postfix-users wrote:
On 5/28/24 8:00 PM, Bill Cole via Postfix-users wrote:
On 2024-05-28 at 19:18:10 UTC-0400 (Tue, 28 May 2024 19:18:10 -0400)
John Hill via Postfix-users
is rumored to have said:
[...
On 5/28/24 7:13 PM, Bill Cole via Postfix-users wrote:
On 2024-05-28 at 19:23:19 UTC-0400 (Tue, 28 May 2024 19:23:19 -0400)
John Hill via Postfix-users
is rumored to have said:
[...]
Dovecot log
May 28 19:00:45 proteus.noach.com dovecot[504384]: lmtp(504721):
Connect from local
May 28 19:00:58 proteus.noach.com dovecot[504384]: auth: Error:
On 5/28/24 8:00 PM, Bill Cole via Postfix-users wrote:
On 2024-05-28 at 19:18:10 UTC-0400 (Tue, 28 May 2024 19:18:10 -0400)
John Hill via Postfix-users
is rumored to have said:
[...
On 5/28/24 7:13 PM, Bill Cole via Postfix-users wrote:
On 2024-05-28 at 19:04:37 UTC-0400 (Tue, 28 May 2024
Northwind via Postfix-users:
> Hello,
>
> Is it possible to set mail.log for recording sasl login usernames?
>
> May 29 06:52:45 mx postfix/smtps/smtpd[3022855]: warning:
> unknown[138.185.193.64]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
> May 29 06:52:57 mx postfix/smtpd[3023133]:
On 2024-05-28 at 19:18:10 UTC-0400 (Tue, 28 May 2024 19:18:10 -0400)
John Hill via Postfix-users
is rumored to have said:
[...
On 5/28/24 7:13 PM, Bill Cole via Postfix-users wrote:
On 2024-05-28 at 19:04:37 UTC-0400 (Tue, 28 May 2024 19:04:37 -0400)
John Hill via Postfix-users
is rumored to
On 5/28/24 7:18 PM, John Hill via Postfix-users wrote:
On 5/28/24 7:13 PM, Bill Cole via Postfix-users wrote:
On 2024-05-28 at 19:04:37 UTC-0400 (Tue, 28 May 2024 19:04:37 -0400)
John Hill via Postfix-users
is rumored to have said:
On 5/28/24 6:54 PM, Bill Cole via Postfix-users wrote:
-o
On 5/28/24 7:13 PM, Bill Cole via Postfix-users wrote:
On 2024-05-28 at 19:04:37 UTC-0400 (Tue, 28 May 2024 19:04:37 -0400)
John Hill via Postfix-users
is rumored to have said:
On 5/28/24 6:54 PM, Bill Cole via Postfix-users wrote:
-o {
On 2024-05-28 at 19:04:37 UTC-0400 (Tue, 28 May 2024 19:04:37 -0400)
John Hill via Postfix-users
is rumored to have said:
On 5/28/24 6:54 PM, Bill Cole via Postfix-users wrote:
-o { smtpd_client_restrictions=permit_mynetworks,reject_rbl_client
On 2024-05-28 at 18:50:11 UTC-0400 (Wed, 29 May 2024 00:50:11 +0200)
John Fawcett via Postfix-users
is rumored to have said:
[...]
Hi John
I think you are missing the following in master.cf for the submission
service
-o smtpd_delay_reject=no
Without that the smtpd_client_restrictions will
On 5/28/24 6:54 PM, Bill Cole via Postfix-users wrote:
-o { smtpd_client_restrictions=permit_mynetworks,reject_rbl_client
xbl.spamhaus,org=127.0.0.4,permit_sasl_authenticated,reject }
tried to rspond
Sending of the message failed.
An error occurred while sending mail. The mail server
Hello,
Is it possible to set mail.log for recording sasl login usernames?
May 29 06:52:45 mx postfix/smtps/smtpd[3022855]: warning:
unknown[138.185.193.64]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
May 29 06:52:57 mx postfix/smtpd[3023133]: warning:
unknown[49.156.148.93]: SASL LOGIN
On 2024-05-28 at 18:27:05 UTC-0400 (Tue, 28 May 2024 18:27:05 -0400)
John Hill via Postfix-users
is rumored to have said:
[...]
11 -o
{smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_rbl_client
xbl.spamhaus,org=127.0.0.4, reject}
reject_rbl_client doing
On 29/05/2024 00:27, John Hill via Postfix-users wrote:
On 5/28/24 4:50 PM, John Hill via Postfix-users wrote:
On 5/28/24 4:43 PM, Benny Pedersen via Postfix-users wrote:
John Hill via Postfix-users skrev den 2024-05-28 22:12:
On 5/28/24 3:38 PM, Benny Pedersen via Postfix-users wrote:
On 5/28/24 4:50 PM, John Hill via Postfix-users wrote:
On 5/28/24 4:43 PM, Benny Pedersen via Postfix-users wrote:
John Hill via Postfix-users skrev den 2024-05-28 22:12:
On 5/28/24 3:38 PM, Benny Pedersen via Postfix-users wrote:
John Hill via Postfix-users skrev den 2024-05-28 21:14:
I
On 5/28/24 4:43 PM, Benny Pedersen via Postfix-users wrote:
John Hill via Postfix-users skrev den 2024-05-28 22:12:
On 5/28/24 3:38 PM, Benny Pedersen via Postfix-users wrote:
John Hill via Postfix-users skrev den 2024-05-28 21:14:
I had dumped the configs but here is what I had.
John Hill via Postfix-users skrev den 2024-05-28 22:12:
On 5/28/24 3:38 PM, Benny Pedersen via Postfix-users wrote:
John Hill via Postfix-users skrev den 2024-05-28 21:14:
I had dumped the configs but here is what I had.
submission inet n - y - - smtpd
-o
On 5/28/24 3:38 PM, Benny Pedersen via Postfix-users wrote:
John Hill via Postfix-users skrev den 2024-05-28 21:14:
I had dumped the configs but here is what I had.
submission inet n - y - - smtpd
-o smtpd_tls_security_level=encrypt
-o
John Hill via Postfix-users skrev den 2024-05-28 21:14:
I had dumped the configs but here is what I had.
submission inet n - y - - smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_delay_reject=no
-o {
John Hill via Postfix-users:
>
> On 5/28/24 11:48 AM, Wietse Venema via Postfix-users wrote:
> > postconf -Mf submission/inet".
>
>
> May 28 10:51:07 proteus.noach.com postfix/submission/smtpd[57120]:
> warning: malformed map specification: '{ reject_rbl_client
> xbl.spamhaus.org }'
There is
On 5/28/24 11:48 AM, Wietse Venema via Postfix-users wrote:
postconf -Mf submission/inet".
May 28 10:51:07 proteus.noach.com postfix/submission/smtpd[57120]:
warning: malformed map specification: '{ reject_rbl_client
xbl.spamhaus.org }'
May 28 10:51:07 proteus.noach.com
Wietse Venema via Postfix-users:
> Adam Weremczuk via Postfix-users:
> > I've tried your suggestion.
> >
> > SERVER1 is still trying to deliver test email locally rather than
> > forward to SERVER2:
According to your postfinger output, you did not confihgure
virtual_alias_maps on server1 to
John Hill via Postfix-users:
> Not working had recipient instead of client. Fixed that and then is says
> its not a map.
We need:
- The complete error message, exactly as logged.
- Output from "postconf -Mf submission/inet".
Wietse
>
> On 5/28/24 10:36 AM, John Hill via Postfix-users
Not working had recipient instead of client. Fixed that and then is says
its not a map.
On 5/28/24 10:36 AM, John Hill via Postfix-users wrote:
Here is what IS NOT causing postfix to dump, not sure if it will work.
main.cf
submission_recipient_restrictions = reject_rbl_client
Adam Weremczuk via Postfix-users:
> I've tried your suggestion.
>
> SERVER1 is still trying to deliver test email locally rather than
> forward to SERVER2:
>
> : host
> mx0.myLANdomain.com[/var/run/cyrus/socket/lmtp] said: 550-Mailbox
> unknown. Either there is no mailbox associated
I've tried your suggestion.
SERVER1 is still trying to deliver test email locally rather than
forward to SERVER2:
: host
mx0.myLANdomain.com[/var/run/cyrus/socket/lmtp] said: 550-Mailbox
unknown. Either there is no mailbox associated with this 550-name
or you
do not have
Here is what IS NOT causing postfix to dump, not sure if it will work.
main.cf
submission_recipient_restrictions = reject_rbl_client xbl.spamhaus.org
master.cf
submission
-o
smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,{
$submission_recipient_restrictions },reject
I have yet to get a proper configuration to add xbl.spamhaus.org to
submission.
-o
smtpd_client_restrictions=permit_mynetworks,permit_sasl_authenticated,reject
Everything I try fails.
I have researched the list but can't find the answer.
I'm still getting hammered by SASL failures.
I
Adam Weremczuk via Postfix-users:
> Sorry, I'm still struggling to get anywhere with that.
>
> Just to recap what I'm trying to achieve:
>
> SERVER1 is a fully blown Postfix+Cyrus stack operating over the internet
> and serving multiple domains.
>
> SERVER2 is a small VM on a local LAN (same
On Tue, May 28, 2024 at 6:49 AM Wietse Venema via Postfix-users <
postfix-users@postfix.org> wrote:
> In recent experience with my personal porcupine.org email address,
> they not only want SPF or DKIM, they *also* want a DMARC policy
> with p=quarantine or p=reject.
We have run p=reject for
Sorry, I'm still struggling to get anywhere with that.
Just to recap what I'm trying to achieve:
SERVER1 is a fully blown Postfix+Cyrus stack operating over the internet
and serving multiple domains.
SERVER2 is a small VM on a local LAN (same LAN as SERVER1) that runs
Bugzilla.
Both
On 5/28/24 5:39 AM, Christophe Kalt via Postfix-users wrote:
smtpd_delay_reject to no
I had it at yes.
Changed it.
--john
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to
Greg Sims via Postfix-users:
> > On Mon, May 27, 2024 at 3:40?AM Viktor Dukhovni via Postfix-users <
> postfix-users@postfix.org> wrote:
>
> > You really should have posted "collate" output, which would have shown
> > the envelope sender address in the "qmgr active" log entry. Perhaps
> > the
I do see the "qmgr active" active with the from=<>. I added
mail01.raystedman.org SPF to DNS as a result.
Thanks again, Greg
>
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
> On Mon, May 27, 2024 at 3:40 AM Viktor Dukhovni via Postfix-users <
postfix-users@postfix.org> wrote:
> You really should have posted "collate" output, which would have shown
> the envelope sender address in the "qmgr active" log entry. Perhaps
> the actual domain used did not have the
On 28/05/2024 11:39, Christophe Kalt via Postfix-users wrote:
On Sun, May 26, 2024 at 5:57 AM John Fawcett via Postfix-users
wrote:
For submission I only use xbl (return code 127.0.0.4) excluding
other other data contained in zen like pbl that lists isp dynamic
ip ranges from
On Sun, May 26, 2024 at 5:57 AM John Fawcett via Postfix-users <
postfix-users@postfix.org> wrote:
For submission I only use xbl (return code 127.0.0.4) excluding other
other data contained in zen like pbl that lists isp dynamic ip ranges from
which you would normally expect to get connections
On Sun, May 26, 2024 at 5:57 AM John Fawcett via Postfix-users <
postfix-users@postfix.org> wrote:
> For submission I only use xbl (return code 127.0.0.4) excluding other
> other data contained in zen like pbl that lists isp dynamic ip ranges from
> which you would normally expect to get
postscreen_dnsbl_sites = zen.spamhaus.org=127.0.0.[2..11]
John Hill via Postfix-users:
Is this the same thing?
On 25.05.24 15:54, Wietse Venema via Postfix-users wrote:
See https://www.spamhaus.org/faqs/dnsbl-usage/#200 for a table
with the purpose of different lookup results.
To block
48 matches
Mail list logo