as failing
CAUTION: This email was sent from an external sender. Do not click links or
open attachments unless you recognize the sender and know the content is safe.
On 24.07.23 16:03, Gomes, Rich via Postfix-users wrote:
>Clarification below:
I see no clarification, just added disclai
Clarification below:
From: Gomes, Rich via Postfix-users
Sent: Monday, July 24, 2023 11:27 AM
To: postfix-users@postfix.org
Subject: [pfx] messages passing DMARC are being rejected as failing
CAUTION: This email was sent from an external sender. Do not click links or
open attachments unless
Asking the hive mind to see if anyone has seen this behavior.
Application server sends reservation emails to postfix server running OpenDKIM,
postfix sends directly to O365.
Our DMARC policy is in REJECT mode.
Messages are signed and the NAT is in our SPF record. Message headers state
that the
We have a requirement to sign outbound messages with DKIM keys. I have seen
discussions on this list for people using dkim-milter as well as opendkim.
dkim-milter hasn't been updated since 2009 while opendkim hasn't been updated
since 2015. dkimpy is more actively maintained but hasn't been
Does anyone have a good way of reporting on this?
I see a great deal in the maillog with either an incorrect format (no @ symbol)
or just completely blank ( message-id=<>).
We would like to be able to do the following:
Have a WARN message written to the log so we can report and investigate.
I
file?
CAUTION: This email was sent from an external sender. Do not click links or
open attachments unless you recognize the sender and know the content is safe.
On 8/5/2021 12:07 PM, Gomes, Rich wrote:
> Good day
>
> I have a newly built postfix server which is ignoring it's t
Good day
I have a newly built postfix server which is ignoring it's transport file and
is querying DNS for MX records instead.
I have googled the issue but only come up with "how to use transport file"
articles.
The /etc/postfix directory was copied from our Production relay and is working
as
the sender and know the content is safe.
On Thu, Aug 22, 2019 at 05:19:37PM +, Gomes, Rich wrote:
> I am seeing a lot of Temporary lookup failure errors in the maillog.
> At first I thought it was an issue related to reverse DNS lookups as
> each of the sending servers had no rever
I am seeing a lot of Temporary lookup failure errors in the maillog. At first I
thought it was an issue related to reverse DNS lookups as each of the sending
servers had no reverse record in DNS (this is an internal only relay).
But when I added verbose logging, it appears to be related to LDAP
, 2017 2:43 PM
To: Postfix users <postfix-users@postfix.org>
Subject: Re: dict_ldap_lookup questions
> On Feb 10, 2017, at 2:27 PM, Gomes, Rich <gomes-r...@aramark.com> wrote:
>
> The reason the query is setup like that is we have several internal
> domains and a user m
done | time postmap -q - ldap:/table/file.cf
-Original Message-
From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org]
On Behalf Of Gomes, Rich
Sent: Friday, February 10, 2017 2:49 PM
To: Postfix users <postfix-users@postfix.org>
Subject: RE: dict_ldap_loo
fix-users@postfix.org>
Subject: Re: dict_ldap_lookup questions
> On Feb 10, 2017, at 2:27 PM, Gomes, Rich <gomes-r...@aramark.com> wrote:
>
> The reason the query is setup like that is we have several internal
> domains and a user may have an alias for one
t 1:15 PM, Gomes, Rich <gomes-r...@aramark.com> wrote:
>
> domain = first.com, second.com, third.com, fourth.com, fifth.com,
> sixth.com server_host = pool.internal.domain.com search_base =
> dc=internal, dc=domain, dc=com version = 3
>
> # Filter
> query_filter = (&
i
Sent: Friday, February 10, 2017 12:49 PM
To: postfix-users@postfix.org
Subject: Re: dict_ldap_lookup questions
On Fri, Feb 10, 2017 at 05:37:36PM +0000, Gomes, Rich wrote:
> It's going against MS AD, I am sure indexing is configured correctly there.
That rather depends on what query you're se
10, 2017 12:33 PM
To: postfix-users@postfix.org
Subject: Re: dict_ldap_lookup questions
On Fri, Feb 10, 2017 at 05:21:18PM +, Gomes, Rich wrote:
> Can you point me in the right direction for indexing?
> All I can find is adding this line to the config:
> result_attribute = m
...@postfix.org]
On Behalf Of Viktor Dukhovni
Sent: Friday, February 10, 2017 12:09 PM
To: Postfix users <postfix-users@postfix.org>
Subject: Re: dict_ldap_lookup questions
> On Feb 10, 2017, at 12:01 PM, Gomes, Rich <gomes-r...@aramark.com> wrote:
>
> warning: dict_ldap_lookup: Searc
I've started to see a lot of these errors, albeit intermittently:
warning: dict_ldap_lookup: Search error -5: Timed out
Followed by these:
NOQUEUE: reject: RCPT from unknown[x.x.x.x]: 451 4.3.0
: Temporary lookup failure
This server is functioning as an
ve IPs in a client access file
On 15 Nov 2016, at 13:07, Gomes, Rich wrote:
> Just a quick question since I have not found a way in my Googling.
>
> We are replacing some of our internal Exchange relays with postfix.
> Currently we have other internal postfix relays which utilize
Just a quick question since I have not found a way in my Googling.
We are replacing some of our internal Exchange relays with postfix.
Currently we have other internal postfix relays which utilize a client access
file to allow relaying.
The file contains all single IPs, no ranges.
The
That worked!
Thank you!
-Original Message-
From: Wietse Venema [mailto:wie...@porcupine.org]
Sent: Tuesday, May 24, 2016 8:42 AM
To: Gomes, Rich <gomes-r...@aramark.com>
Cc: Postfix users <postfix-users@postfix.org>
Subject: Re: postfix ignoring access file?
Gomes, Rich:
...@postfix.org [mailto:owner-postfix-us...@postfix.org]
On Behalf Of Wietse Venema
Sent: Tuesday, May 24, 2016 6:23 AM
To: Postfix users <postfix-users@postfix.org>
Subject: Re: postfix ignoring access file?
Gomes, Rich:
> Please Help
>
> I have implemented this method but it has ha
smtpd restrictions) the issue
remains
-Original Message-
From: Gomes, Rich
Sent: Thursday, May 19, 2016 4:10 PM
To: Postfix users <postfix-users@postfix.org>
Subject: RE: postfix ignoring access file?
I like this method.
And it's working as expected.
Thanks to all
-Original Messa
ct: Re: postfix ignoring access file?
On 19 May 2016, at 13:53, Gomes, Rich wrote:
> Ok, this looks close.
>
> So the reject at the end is the only way to replicate the "if not in
> the "allow list", you are not authorized to "relay"?
One other way woul
, 2016 2:12 PM
To: Gomes, Rich <gomes-r...@aramark.com>
Subject: RE: postfix ignoring access file?
Yup. The 0.0.0.0/0 and ::/0 lines are wildcard addresses (as noted in the
example). They match *any* IP address. Thus, as Wietse mentions, you list
your valid hosts or subnets first with an OK,
tse Venema
Sent: Thursday, May 19, 2016 1:51 PM
To: Postfix users <postfix-users@postfix.org>
Subject: Re: postfix ignoring access file?
Gomes, Rich:
> Ok, my apologies. It seems some of the answers focused on "it doesn't
> work like that"
>
> What I need is t
]
On Behalf Of Noel Jones
Sent: Thursday, May 19, 2016 1:46 PM
To: postfix-users@postfix.org
Subject: Re: postfix ignoring access file?
On 5/19/2016 11:46 AM, Gomes, Rich wrote:
>
> What I need is to have any IPs listed in the /etc/postfix/access file
> with a directive of "OK" be a
@postfix.org
Subject: Re: postfix ignoring access file?
On 5/19/2016 10:35 AM, Gomes, Rich wrote:
> Postfix is the corporate standard so this has been a bit of a learning curve
> for me.
> I'd like to keep it pretty simple, so there must be a way to have the access
> file behave in
: Tuesday, May 17, 2016 3:09 PM
To: Postfix users <postfix-users@postfix.org>
Subject: Re: postfix ignoring access file?
On 16 May 2016, at 18:44, Gomes, Rich wrote:
> True, but I have always set up Sendmail that way, using the access
> file like an allow list.
>
>
> I would lik
, 2016 5:40 PM
To: postfix-users@postfix.org
Subject: RE: postfix ignoring access file?
> Date: Monday, May 16, 2016 19:38:56 +
> From: "Gomes, Rich" <gomes-r...@aramark.com>
>
> Thank you.
>
> My goal is for any IPs in the access file to be allow
Yes
: )
-Original Message-
From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org]
On Behalf Of Phil Stracchino
Sent: Monday, May 16, 2016 4:44 PM
To: postfix-users@postfix.org
Subject: Re: postfix ignoring access file?
On 05/16/16 14:31, Gomes, Rich wrote:
>
fix-users@postfix.org>
Subject: Re: Exclude a sub domain from LDAP?
Gomes, Rich:
> Thanks
>
> I am using 2.6.6 so I will use the second method
>
> What should 'whatever' be in this example
>
>/etc/postfix/wildcard_relay_recipients:
> @idaho.sal
]
On Behalf Of /dev/rob0
Sent: Monday, May 16, 2016 3:30 PM
To: postfix-users@postfix.org
Subject: Re: postfix ignoring access file?
On Mon, May 16, 2016 at 07:09:46PM +, Gomes, Rich wrote:
> So is there a way to have anything NOT in the access file rejected or
> will I need some kind o
by the use of LDAP.
-Original Message-
From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org]
On Behalf Of Wietse Venema
Sent: Monday, May 16, 2016 3:01 PM
To: Postfix users <postfix-users@postfix.org>
Subject: Re: Exclude a sub domain from LDAP?
Gomes, Rich:
: Monday, May 16, 2016 3:05 PM
To: Gomes, Rich <gomes-r...@aramark.com>
Cc: postfix-users@postfix.org
Subject: Re: postfix ignoring access file?
Gomes, Rich:
> I added this to my main.cf file:
>
> smtpd_client_restrictions = hash:/etc/postfix/access
>
>
> And it "works
o: postfix-users@postfix.org
Subject: Re: postfix ignoring access file?
On Mon, May 16, 2016 at 05:39:12PM +0000, Gomes, Rich wrote:
> My postfix servers are configured to read the access file when
> connections are made but I have found that machines not in the access
> file or even thos
in LDAP. (but they are on the application server it is being routed to)
-Original Message-
From: Wietse Venema [mailto:wie...@porcupine.org]
Sent: Monday, May 16, 2016 1:57 PM
To: Gomes, Rich <gomes-r...@aramark.com>
Cc: Postfix users <postfix-users@postfix.org>
Subject: Re: E
To: Postfix users <postfix-users@postfix.org>
Subject: Re: Exclude a sub domain from LDAP?
Gomes, Rich:
> I have postfix performing LDAP verification and it is working out great.
> Except... I am running into an issue with a subdomain that should be
> excluded from the LDAP veri
I have encountered another issue with my postfix config. I was hoping this
would be a common issue but I haven't been able to find anything on it.
My postfix servers are configured to read the access file when connections are
made but I have found that machines not in the access file or even
I have postfix performing LDAP verification and it is working out great.
Except... I am running into an issue with a subdomain that should be excluded
from the LDAP verification.
It is a sub-domain of one of the domains I am doing lookups on.
Is there a way to exclude this specific domain from
Good day,
What is the best way to accomplish the following:
We want to block emails bound for the Internet, we have domain based rules
already setup in the transport file for our internal domains.
But would like email bound for any domains other than those, to go either
/dev/null or to a local
...@postfix.org [mailto:owner-postfix-us...@postfix.org]
On Behalf Of Gomes, Rich
Sent: Tuesday, January 05, 2016 10:28 PM
To: postfix users <postfix-users@postfix.org>
Subject: RE: ldap validate
It's not so much what is missing as there is no in between Smtpd -v just gives
so much per trans
ostfix.org
Subject: Re: ldap validate
On 1/4/2016 3:37 PM, Gomes, Rich wrote:
> So I should change the config to use relay domains instead of virtual mailbox?
You previously wrote that these domains were defined in relay_domains (which
they should be).
Don't define domains in more than one add
-us...@postfix.org]
On Behalf Of Noel Jones
Sent: Tuesday, January 05, 2016 3:04 PM
To: postfix-users@postfix.org
Subject: Re: ldap validate
On 1/5/2016 1:50 PM, Gomes, Rich wrote:
> Ok, my bad that does work in fact.
> I had shut off smtpd -v in master.cf so I was not seeing the ful
/2016 2:32 PM, Gomes, Rich wrote:
>
> I'll also need to see if I can filter the logs, smtpd -v gives way too
> much while without the -v gives way too little
I can't remember the last time I needed verbose logging, even to debug a
problem.
What is missing from the normal logging
?
Or somewhere else?
-Original Message-
From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org]
On Behalf Of Noel Jones
Sent: Tuesday, January 05, 2016 2:33 PM
To: postfix-users@postfix.org
Subject: Re: ldap validate
On 1/5/2016 1:22 PM, Gomes, Rich wrote:
> Does this im
: Re: ldap validate
On 12/30/2015 12:35 PM, Gomes, Rich wrote:
> My postfix install is quite vanilla.
> Other than inet_interfaces, and the ldap config, I change the following:
>
> Mydomain
> Myorigin
> Relayhost
>
>
Carefully study the following, especially the part
Message-
From: Gomes, Rich
Sent: Monday, January 04, 2016 1:48 PM
To: postfix-users@postfix.org
Subject: RE: ldap validate
I have read over the suggested documentation and I have some questions. But
perhaps it would be good to break down my goals here first.
First by the postfix\relaying part
Subject: Re: ldap validate
On 1/4/2016 3:11 PM, Gomes, Rich wrote:
> Ok, I have LDAP working in stream although still have a few bugs.
>
> I found this article:
>
> http://www.experts-exchange.com/questions/28251757/How-to-configure-LD
> AP-Authentication-for-Incoming
I have a couple of question about LDAP verification.
I followed this guide as I am using AD as LDAP source:
http://blog.yenlo.com/nl/using-postfix-ldap-search-against-active-directory
This works perfectly until I am sending mail to the postfix server, then it
accepts the mail and passes with
: Wednesday, December 30, 2015 12:53 PM
To: postfix-users@postfix.org
Subject: Re: ldap validate
On 12/30/2015 11:22 AM, Gomes, Rich wrote:
> I have a couple of question about LDAP verification.
>
> I followed this guide as I am using AD as LDAP source:
>
> http://blog.yenlo.com/n
, December 30, 2015 1:28 PM
To: postfix-users@postfix.org
Subject: Re: ldap validate
On 12/30/2015 11:56 AM, Gomes, Rich wrote:
> Thanks, not using address rewrites
>
> I am not sure which question you are answering when you listed the following:
>
> users in local domains defined in
Good day,
I am making the switch from running Sendmail as an internal relay to using
Postfix.
With Sendmail, I can restrict relaying by IP using the /etc/mail/access file.
I cannot seem to find an equivalent of this in Postfix.
I have read about using
smtpd_client_restrictions =
Sent: Monday, December 28, 2015 4:21 PM
To: postfix-users@postfix.org
Subject: Re: allow by IP?
On 12/28/2015 3:08 PM, Gomes, Rich wrote:
> Good day,
>
> I am making the switch from running Sendmail as an internal relay to using
> Postfix.
> With Sendmail, I can restrict relay
53 matches
Mail list logo