[pfx] Re: SMTP Smuggling, workarounds and fix

Am 30.12.23 um 18:42 schrieb Mike via Postfix-users: On 12/30/2023 12:08 PM, Wietse Venema via Postfix-users wrote: "Hakon Alstadheim wrote: Just FYI, I got postfix 3.7.9-0+deb12u1 from bookworm-updates (i.e. Debian) today. Scott Kitterman: For those still using Debian Bullseye (oldstable),

[pfx] Re: 25 years today

Am 14.12.23 um 14:20 schrieb Wietse Venema via Postfix-users: As a few on this list may recall, it is 25 years ago today that the "IBM secure mailer" had its public beta release. This was accompanied by a nice article in the New York Times business section. There is some literature at

[pfx] Re: The joke writes itself.

Am 10.03.23 um 17:12 schrieb Marvin Renich via Postfix-users: Additionally, every MUA that I know of recognizes a subject beginning with "Re:" or "RE:" and when replying avoids duplicating this in the reply subject. While I have used mutt exclusively for a long time to send email, I

[pfx] Re: The joke writes itself.

Am 10.03.23 um 11:07 schrieb Jaroslaw Rafa via Postfix-users: Dnia 10.03.2023 o godz. 18:18:50 Phil Biggs via Postfix-users pisze: Likewise, To keep my mail client's threaded view sane I resorted to using header_checks: /^Subject: \[pfx\] (.*)$/ REPLACE Subject: $1 What a mail client has

Re: "Best" way to stop postfix from sending any DSN

Am 31.12.22 um 05:29 schrieb Sean Hennessey: I'm doing some testing and am trying to figure out a way to set up postfix so that it won't ever send a DSN. What is the use case for that other than bulk sending of unsolicited e-mail? Normally operators will want to know what addresses to remove

Re: Spammer succeeded in relaying through my server

Am 24.12.22 um 03:28 schrieb Samer Afach: Dear Raf: That's actually what I do on all the bare-metal machines, but from my understanding of how docker works, every container is made to run exactly one service, and somehow default Linux images disable system services. They can be re-enabled, but

Re: Spammer succeeded in relaying through my server

a whole other monster that need resources and management and introduce their own problems. I have not implied that they were, but they are ONE means to implement an inside/outside testing setup without actually exposing things to the unfriendly world. Cheers, Sam On 23/12/2022 1:51 PM, Matthias A

Re: Spammer succeeded in relaying through my server

Am 23.12.22 um 03:19 schrieb Samer Afach: Dear Matthias, I think there's a misunderstanding here. The server is already shutdown. I thought you meant that I should shutdown the server permanently and move on with my life because I'm incapable of running a server, which seems to have been the

Re: Spammer succeeded in relaying through my server

with predecessor versions. I would really appreciate if people in general learned BEFORE putting systems live. Cheers, Matthias Cheers, Sam On 21/12/2022 10:21 PM, Matthias Andree wrote: Am 21.12.22 um 09:45 schrieb Samer Afach: Thank you for these hints, Benny. I wanna point out that I'm

Re: Spammer succeeded in relaying through my server

Am 21.12.22 um 09:45 schrieb Samer Afach: Thank you for these hints, Benny. I wanna point out that I'm, in no way, an expert in any of this, and my configuration is based on online research and some copy/paste. Then with all due respect, please shut down your mail server and do not start it

Re: PCRE2 error

Am 17.02.22 um 10:10 schrieb Carlos Velasco: Hi, Trying to test latest postfix 3.7.0 with PCRE2 I have found a problem in building documentation. According to PCRE_README (http://www.postfix.org/PCRE_README.html), pcre2-config is used: "AUXLIBS_PCRE=`pcre2-config --libs`" But "pcre2-config"

Re: Some README files are not included in the postfix-files

Am 21.01.22 um 00:06 schrieb Wietse Venema: Jaroslav Skarvada: Hi, it seems the following README files are not included in the conf/postfix-files: BDAT_README MAILLOG_README POSTSCREEN_3_5_README SMTPUTF8_README Is it intended? Yikes, these are all "new" files added with Postfix 3.x. I'll

Re: No current announcement for Postfix 3.6.4

ouncements. Unless you want to provoke losing quick mirrors, that is. Now please keep calm and move on, there is nothing to see here. Thanks in advance. Regards, Matthias Andree (who has been using Postfix since long before it was called 1.0, 23-ish years now, just sayin' I have been around for a while)

Re: TLS and Android clients

Am 15.12.21 um 23:35 schrieb Benny Pedersen: On 2021-12-15 23:04, raf wrote: How could I get an Android client and a Postfix server work together please? It's just a guess, but maybe the problem is ECDSA. If you add an RSA key as well, it might work. Does that sound plausible? or simply

Re: Postfix Maildir problems, with maildrop

Am 29.12.19 um 00:01 schrieb Richard Rasker: > Hello Wietse, > > Op 28-12-19 om 23:54 schreef Wietse Venema: >> Richard Rasker: >>> Yes, I have specified the use of Maildir in main.cf: >>> >>> home_mailbox = Maildir/ >> That Postfix setting has no effect on /usr/bin/maildrop, because >>

Re: SCRAM

Am 08.09.19 um 07:29 schrieb - Neustradamus -: > For a better security, look the RFC6331: Moving DIGEST-MD5 to > Historic: https://tools.ietf.org/html/rfc6331 > . > > It is about DIGEST-MD5 (and CRAM-MD5 in the same time). > > You must to inform that

Re: Fetchmail final delivery problem

Am 27.12.18 um 02:05 schrieb Andrey Repin: > Greetings, Wietse Venema! > >> Andrey Repin: >>> Greetings, All! >>> I think I just broke my mail system. I'd like a quick help if possible. I have a remote server that accepts the mail for domain right now. The mail is retrieved from it

Re: Berkeley DB reads DB_CONFIG from cwd

Am 11.06.2017 um 20:50 schrieb Wietse Venema: > Philip Paeps: >> On 2017-06-11 14:07:36 (-0400), Wietse Venema wrote: >>> Oh, and it will of course open a DB_CONFIG file in whatever happens to >>> be the super-user's cwd when they invoke the postmap or postalias >>>

Re: Postfix 20 years ago

Am 12.02.2017 um 19:06 schrieb Wietse Venema: > Last month it was 20 years ago that I started writing Postfix code. > After coming to IBM research in November 1996, I spent most of > December and January making notes on paper. I knew that writing a > mail system was more work than any of my prior

Re: Make smtp client talk through SSH tunnel?

Am 04.01.2017 um 12:47 schrieb Wietse Venema: > > You need to make smtp(8) talk to a TCP port (or UNIX-domain port), > an arrange for a little daemon that listens on that port, and that > invokes ssh when a connection is established to that port. Then > the little daemon shuttles bits up and down.

Make smtp client talk through SSH tunnel?

Greetings and a happy new year, I still am in a situation where I occasionally need to have an SMTP client (preferable Postfix's) talk through an SSH tunnel. I know we have the smtp(8) client, and we have the pipe(8) client for injecting RFC5322 stuff into commands, but what I need is some form

Re: Why does postfix continue to try to deliver mail after getting a 554?

Am 26. Oktober 2016 12:33:48 MESZ, schrieb Julian Kippels : >Hi, > >I was just wondering why my postfix was continuing to try to deliver a >mail to another server after getting a 554 response the first time. >Shouldn't the delivery stop right then and there and the sender be

Re: No logs between Apr 25 - 27. What happened?

Am 3. Mai 2016 06:15:55 MESZ, schrieb "tswmmeejsdad ." : >Hi All, > >Anyone know what I should check for to determine why logging to >/var/log/mail stopped suddenly between Apr 25-27? I can see mail logs >before and after those dates but nothing was logged between those

Re: PATCH: Postfix / OpenSSL signal 11 on delivery from ebay

Am 22.03.2015 um 22:00 schrieb Viktor Dukhovni: On Sun, Mar 22, 2015 at 09:34:12PM +0100, Matthias Andree wrote: The strange thing is, on my system the mysqlclient library appears to include system zlib (10.1-RELEASE amd64): $ pkg which /usr/local/lib/mysql/libmysqlclient.so.18 /usr/local

Re: PATCH: Postfix / OpenSSL signal 11 on delivery from ebay

Am 22.03.2015 um 23:25 schrieb Matthias Andree: Nothing else relating to zlib or libz. Full poudriere 3.1.1 build log uploaded to http://people.freebsd.org/~mandree/mysql55-client-5.5.42.log.xz There is some local /etc/make.conf stuff in the build but nothing obviously related to zlib

Re: PATCH: Postfix / OpenSSL signal 11 on delivery from ebay

Am 22.03.2015 um 20:46 schrieb Wietse Venema: Ignore the patch. The crashes are the result of a name conflict with the non-system zlib implementation that is bundled with MySQL. The fix is to build mysql with the system zlib implementation. The strange thing is, on my system the mysqlclient

Re: PATCH: Postfix / OpenSSL signal 11 on delivery from ebay

Am 22.03.2015 um 23:33 schrieb Viktor Dukhovni: Indeed external referefences would have been U rather T. So your build is different. The machine OP gave me access to had the 5.6 MySQL client. The builds may well be different. The MySQL documentation:

Re: Postfix / OpenSSL signal 11 on delivery from ebay

Am 21.03.2015 um 00:13 schrieb Wietse Venema: Viktor Dukhovni: I am curious what: ldd /usr/local/lib/libssl.so.8 reports and whether there are headers and or shared objects for libz in ports? In a FreeBSD 10.1 testvm: # ldd -a /usr/local/lib/libssl.so.8

Re: localhost.com

Am 28.09.2014 um 08:23 schrieb Ruben Safir: That will work. Another solution is setting append_dot_mydomain=no, so that user@localhost will become u...@localhost.com. Yes - I am confused by this a little bit. Why would postfix want to add a dot com to any outgoing email? Because it

Re: Thanks: Input requested: append_dot_mydomain default change

Am 24.09.2014 um 16:29 schrieb Wietse Venema: The implementation will probably be a compatibility_level parameter that is 1 for installations that pre-date this feature, that is 2 for new installations, and that is incremented by 1 for each compatibility break. People who don't care can set

Re: localhost.com

Am 21.09.2014 um 11:11 schrieb Ruben Safir: Ah - thank you. I thought you ment that, but I was being dense. When I ran fetchmail through verbose I saw that it connected to localhost on port 25 so I figured that maybe postfix was attaching a .com to that. I just wanted to make double sure

Re: *canonical_classes not behaving as expected with local mail submission

Am 01.09.2014 um 06:57 schrieb Valdemar Jakobsen: Dear Postfix-Users, I’m using sender_canonical_maps to ensure that my envelope addresses comply with SPF policies and also allow for a valid bounce address in the event of non-delivery. My gateway mail servers are configured using

Re: Postfix removes content from a file

Am 07.08.2014 um 19:23 schrieb Ramesh: It is not a problem with quotes, all these days it was working fine, since yesterday receiving messages without content. 1. you showed a shell command that had broken quoting, and apparently from a shell that does not properly complain about mixing quotes

Re: Postfix Dovecot Maildir

Am 28.07.2014 um 18:43 schrieb nobody73: Sending mail to u...@domain.of.mine i get a positive response from mail logs ... status=sent (delivered to maildir) these are permissions for mail spool: ls -la /var/mail/ total 12K drwxrwsrwx 2 root mail 4.0K Jul 27 22:41 . drwxr-xr-x 12

Re: Berkeley DB6 and Postfix

Am 12.05.2014 00:18, schrieb Jerry: I have been using Postfix on an old FreeBSD server for years without problems. I just updated to a new machine and installed the latest version of FreeBSD along with Berkeley DB6. I wanted to install the newest version of Postfix available in the ports

Re: Berkeley DB6 and Postfix

Am 16.05.2014 01:27, schrieb Jerry: Using version 6 on a FreeBSD machine is not really a necessity anyway. All I wanted to do was eliminate having multiple version numbers of the same program on my machine. In any case, unless the FreeBSD port maintainer chooses to modify the Postfix port to

Re: Messages still in queue even after 5xx reply

Am 16.11.2013 11:21, schrieb Erik Grøtnes: Hi. In my postfix queue I can see messages with return code 5xx which are still in queue for delivery. I find this strange, as the RFC 2821 states that codes starting with 5xx is a permanent failure, and “The SMTP client is discouraged from

Re: Is it time for 2.x.y - x.y?

Am 31.05.2013 22:56, schrieb Wietse Venema: After the confusion that Postfix 2.10 is not Postfix 2.1, maybe it is time to change the release numbering scheme. Glad you are asking. No, it is not the time to join in brainless version numbering races. Tell people those are independent numbers

Re: Is it time for 2.x.y - x.y?

Am 01.06.2013 14:34, schrieb Patrick Ben Koetter: I wouldn't go as far to say that if they don't understand major.minor.patch they shouldn't be using the software at all. Reminding how I started and all the stuff I had to learn, I'd find that pose rather arrogant and not helpful in becoming a

Re: qmail forward to postfix on the same machine ?

Am 21.03.2013 13:09, schrieb Frank Bonnet: Hello I'm in trouble with an old Qmail server that runs on an also old server. The problem is I cannot modify the existing configuration of this machine because of inhouse developped applications that use qmail. Qmail ( which i know very few

Re: Learning how to respecth REPLY-TO headers

Am 11.01.2013 15:33, schrieb Robert Moskowitz: On 01/11/2013 09:07 AM, Wietse Venema wrote: Robert, please configure your mail reader to respect the REPLY-TO header. I have asked you this before, and I think I will ignore your email until you play by the same rules as everyone else. Sorry

Re: postfix apprently uses mboxo format with local(8), which irrecoverably corrupts mail

Am 29.10.2012 00:46, schrieb Christoph Anton Mitterer: I just stumbled across this issue with mboxo recently and it seems that most users are not familiar with it (or that there are actually several mbox formats). Well, if you'd looked at the date of your sources, you'd have known that others

Re: postfix apprently uses mboxo format with local(8), which irrecoverably corrupts mail

Am 29.10.2012 22:05, schrieb Christoph Anton Mitterer: Hey Matthias. On Mon, 2012-10-29 at 21:45 +0100, Matthias Andree wrote: Well, if you'd looked at the date of your sources, you'd have known that others have failed establishing alternatives to what DJB or Rahul Dhesi or whoever dubbed

Re: Postfix talking smtp through stdio command?

Am 07.09.2011 19:05, schrieb Jeroen Geilman: On 2011-09-07 00:55, Matthias Andree wrote: The firewall block is deliberate. Then I suggest you talk to some people and tell them you need email access... I find it rather quaint that you would be trying to set up SMTP connectivity on a system

Re: Postfix talking smtp through stdio command?

Am 07.09.2011 19:13, schrieb Bastian Blank: On Tue, Sep 06, 2011 at 08:59:20PM +0200, Matthias Andree wrote: Can you describe the problem instead of the solution? There may be other solutions than the ones you have in mind. The problem is this: - I *can* (and am permitted to) connect

Re: Postfix talking smtp through stdio command?

Am 06.09.2011 19:30, schrieb Ansgar Wiechers: On 2011-09-06 Matthias Andree wrote: I am in a situation where I would like to achieve either of these solutions: Alternative A: - have Postfix's smtp client talk through a command via stdin/stdout (instead of a TCP stream). That command

Postfix talking smtp through stdio command?

Greetings, I am in a situation where I would like to achieve either of these solutions: Alternative A: - have Postfix's smtp client talk through a command via stdin/stdout (instead of a TCP stream). That command would be ssh -W mailhub:25, with a user-specified password and possibly some sort

Re: Postfix talking smtp through stdio command?

Am 06.09.2011 19:30, schrieb Wietse Venema: Matthias Andree: Greetings, I am in a situation where I would like to achieve either of these solutions: Alternative A: - have Postfix's smtp client talk through a command via stdin/stdout (instead of a TCP stream). Can you describe

Re: Postfix talking smtp through stdio command?

Am 06.09.2011 22:04, schrieb Peter Blair: You could hack up a local perl SMTP listener on you local system, which when it receives all of the SMTP back and forth, and then the ., it executes a SSH subshell, formatting the recipient/sender etc via the gateway, and pipes the DATA portion over

Re: Postfix talking smtp through stdio command?

Am 06.09.2011 22:41, schrieb /dev/rob0: On Tuesday 06 September 2011 13:59:20 Matthias Andree wrote: Am 06.09.2011 19:30, schrieb Wietse Venema: Matthias Andree: Greetings, I am in a situation where I would like to achieve either of these solutions: Alternative A: - have Postfix's smtp

Re: With soft_bounce set to no, we are seeing a lot of send failures that look like they should be permanent 554's being handled as temporary.

Am 20.07.2011 05:15, schrieb Michael Orlitzky: And a trickier one: * smtp_dns_resolver_options = res_defnames, in postfix = 2.8 That would be 2.8. Append the current domain name to single-component names (those that do not contain a . character). This can produce incorrect

Re: reinjection via unix socket

Am 19.07.2011 17:02, schrieb Lars Täuber: Hi Wietse, the unix socket can't be used by other users than root or postfix. Is there a way to configure ownership and/or permissions for the socket? I thought under Linux the filesystem permissions reflect the permissions to the unix socket.

Re: AUTH LOGIN without 250 AUTH?

Am 08.07.2011 13:30, schrieb Zólyomi Szabolcs: Dear all, I am a newbie here and in postfix too. After searching the web and browsing some forums, I still haven't got a solution for a problem I struggle with. If you have the time, please help me. Our corporate mail server

Re: Port 587 Per RFC 4409

Am 21.06.2011 16:26, schrieb Carlos Mennens: On Tue, Jun 21, 2011 at 10:23 AM, Reindl Harald h.rei...@thelounge.net wrote: please provide configuration and NOT netstat [root@testserver:/buildserver/autotest/parts/ffmpeg]$ cat /etc/postfix/master.cf | grep submission submission inet

Re: Milter does not process from postfix 2.7.1-1 (Debian Squeeze)

JKL: The server, with the three milters, was running perfectly well until a few weeks ago. All milters sockets are inside a place where Debian postfix can get to. Am 15.06.2011 21:27, schrieb Wietse Venema: When something stops working, then something has changed. You need to find out

Re: Cyrus SASL Auth

Am 30.05.2011 13:49, schrieb M. Rodrigo Monteiro: Hi! I'm trying to setup an SMTP Gateway, with Postfix authenticating in Cyrus SASL. # postconf mail_version mail_version = 2.8.2 # postconf -a cyrus dovecot # /usr/local/cyrus-sasl/sbin/saslauthd -l -n 10 -a rimap -O imap_server

Re: postfix not happy with libmysqlclient.so.18

, check the output of: find /usr/local -name libmysqlclient\* For shared library issues, running ldconfig can also help. -- Matthias Andree

Re: postfix not happy with libmysqlclient.so.18

Also, be sure to double check you don't have a different Postfix installation in different paths, possibly with different PREFIX from past experiments. -- Matthias Andree

Re: localhost pitfall in resolver/solving Host or domain name not found. Name service error for name=localhost type=A: Host not found (also type=AAAA)

Am 05.05.2011 04:11, schrieb Matthias Andree: Now, possible workarounds: - be sure that /etc/resolv.conf contains a search list where at least one of the listed domains has a direct localhost resolving to 127.0.0.1 and/or ::1. Say, if you have search example.com another.example, at least

Re: localhost pitfall in resolver/solving Host or domain name not found. Name service error for name=localhost type=A: Host not found (also type=AAAA)

# on FreeBSD/DragonflyBSD /* try-resolv.c - a program to demonstrate a GNU libc resolver bug triggered by stripping RES_DEFSEARCH from _res.options. */ /* (C) 2011 Matthias Andree, MIT license, see http://opensource.org/licenses/mit-license */ #include sys/types.h #include netinet/in.h #include

Re: localhost pitfall in resolver/solving Host or domain name not found. Name service error for name=localhost type=A: Host not found (also type=AAAA)

Am 05.05.2011 17:33, schrieb Victor Duchovni: On Thu, May 05, 2011 at 03:49:35PM +0200, Matthias Andree wrote: Executive summary: We are facing a massive bug in the GNU glibc 2.11 and eglibc 2.13 resolvers which fails to even attempt a query for a name without dots if RES_DEFNAMES is unset

Re: localhost pitfall in resolver/solving Host or domain name not found. Name service error for name=localhost type=A: Host not found (also type=AAAA)

Am 05.05.2011 18:23, schrieb Victor Duchovni: You know exactly what you mean when you use [localhost] as a nexthop, why not say so? What's the point of jumping through a pile of indirection and shared libraries just to arrive at an address that every administrator knows in advance. In fact,

Re: localhost pitfall in resolver/solving Host or domain name not found. Name service error for name=localhost type=A: Host not found (also type=AAAA)

Am 05.05.2011 20:46, schrieb Victor Duchovni: On Thu, May 05, 2011 at 08:37:01PM +0200, Matthias Andree wrote: I had checked the Postfix 2.8 release notes immediately, but they bore no references to this particular HISTORY entry: It is in the 2.8 release notes: Major changes - dns

lmtp/smtpd incompatible WRT XFORWARD in 2.7.0?

Greetings, I seem to have XFORWARD troubles with Postfix 2.7.0 lmtp - smtpd interoperability. Amavisd-new is in the game, too, but looks innocent. Looks like the XFORWARD code in Postfix's lmtp client generates attributes (PORT=unknown) that the smtpd doesn't permit. Is this a Postfix bug in

Re: lmtp/smtpd incompatible WRT XFORWARD in 2.7.0?

Am 04.05.2011 19:54, schrieb Victor Duchovni: On Wed, May 04, 2011 at 07:45:32PM +0200, Matthias Andree wrote: Greetings, I seem to have XFORWARD troubles with Postfix 2.7.0 lmtp - smtpd interoperability. Amavisd-new is in the game, too, but looks innocent. Looks like the XFORWARD code

Re: lmtp/smtpd incompatible WRT XFORWARD in 2.7.0?

Bug report requesting backport: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/777356 (This is a regression in Ubuntu lucid (10.04 LTS) from 8.04 LTS.)

Re: qmgr warning

upgrade-configuration set-permissions just to be sure that there are no more surprises later. This should've been in their RPM %post sections for a while, but isn't. I'd seen that a couple of days ago and filed a bug, no response yet: https://bugzilla.novell.com/show_bug.cgi?id=684302 -- Matthias

Re: problem using postfix and mailman

Am 07.04.2011 10:15, schrieb Daniel Bromberg: On 4/7/2011 4:11 AM, deconya wrote: Hi list I have diferent mailman lists mounted and I detected a problem making tests to access, If I use telnet using other mailserver (mailserver.es) I receive this information: telnet mail.mydomain.com 25

Re: problem using postfix and mailman

Am 07.04.2011 10:11, schrieb deconya: Hi list I have diferent mailman lists mounted and I detected a problem making tests to access, If I use telnet using other mailserver (mailserver.es http://mailserver.es/) I receive this information: telnet mail.mydomain.com http://mail.mydomain.com/

Re: bcc: header

should add -oi so that lines with dots get byte-stuffed (escaped) properly. -- Matthias Andree

Re: [SPAM] - Re: Address Tagging in Postfix? - Bayesian Filter detected spam

Am 22.03.2011 22:53, schrieb Simon Brereton: The number of javascript email input validations that wouldn't allow + as a valid character (particularly the banks) forced me to change [recipient_delimiter] to - without any dire consequences... Possibly not but some environments are fond of

Re: Replace Message-Id with header_checks

Am 23.03.2011 14:19, schrieb Andrea Di Mario: Hi, I've a relay server that receives emails from some other. For some of these servers, that have a particular prefix, i wrote some header_checks' rules to change header, now i want rewrite the Message-Id header and i wrote: if /^Message-Id:

Re: bcc: header

Am 23.03.2011 20:55, schrieb Jeroen van Aart: I tried the following in telnet session, but for some reason the email is only sent to the rcpt to: address. None of the Bcc'ed addresses receive a copy. Am I missing something obvious? Yes - you seem to be misunderstanding how SMTP works. See

Re: bcc: header

Am 23.03.2011 21:38, schrieb Jeroen van Aart: How come that postfix treats multiple rcpt to: commands differently depending on the presence of a bcc: header in the data section? I don't believe that it does that. It's likely some component further down the delivery path - check the logs.

Re: bcc: header

Am 23.03.2011 21:35, schrieb Jeroen van Aart: Matthias Andree wrote: Yes - you seem to be misunderstanding how SMTP works. See RFC5321 [1] for an explanation; for delivery, it matters ONLY what's in the I don't misunderstand in as much that I just barely ever had the need to use bcc

Re: postfix performance

Am 23.03.2011 23:06, schrieb Jeroen van Aart: I am curious if postfix would be able to send out 30 emails in one hour, to different recipients of course. Taking into account http://www.postfix.org/TUNING_README.html and other such performance tuning guides. This would only happen once a

Re: Postfix und SSL client problem.

can't guarantee that, and someone else can hook a password sniffing application to port 10465 transparently. Setting up a system in a way that it can safely run stunnel is very hard, because the system must prevent stunnel users from running/starting if stunnel isn't up. -- Matthias Andree

Re: mysql GPL/postfix IPL incompatibility

Am 28.02.2011 23:57, schrieb Quanah Gibson-Mount: The main issue I see at the moment really is the inability to legally link Postfix to MySQL, removing a valuable piece of Postfix functionality. Not a loss. If MySQL and Postfix turn out to be incompatible license-wise, this prevents one

Re: [PATCH] postfix won't build on FREEBSD 7.2+

Am 26.02.2011 00:52, schrieb Sahil Tandon: On Fri, 2011-02-25 at 10:50:45 +0100, kristof.vans...@telenet.be wrote: This problem exist in the 2.7 and 2.8 branch: In file included from attr_clnt.c:77: /usr/include/unistd.h:329: error: conflicting types for 'closefrom' ./sys_defs.h:1399:

Re: [PATCH] postfix won't build on FREEBSD 7.2+

Am 27.02.2011 20:41, schrieb Sahil Tandon: On Sun, 2011-02-27 at 18:33:39 +0100, Matthias Andree wrote: Am 26.02.2011 00:52, schrieb Sahil Tandon: On Fri, 2011-02-25 at 10:50:45 +0100, kristof.vans...@telenet.be wrote: This problem exist in the 2.7 and 2.8 branch: In file included from

Re: [PATCH] postfix won't build on FREEBSD 7.2+

Am 25.02.2011 10:50, schrieb kristof.vans...@telenet.be: This problem exist in the 2.7 and 2.8 branch: In file included from attr_clnt.c:77: /usr/include/unistd.h:329: error: conflicting types for 'closefrom' ./sys_defs.h:1399: error: previous declaration of 'closefrom' was here *** Error

Re: warning: truncate before-queue filter speed-adjust log: Permission denied

On Fri, 18 Feb 2011, Wietse Venema wrote: Please file a ZFS bug reportug. As per POSIX, when the O_CREAT is specified to open(), The third argument does not affect whether the file is open for reading, writing or for both. In other words, read/write access is controlled with the

Re: FreeBSD tuning for a dovecot + postfix server ?

access to the machine. Any of you guys has some pointer to give ? What's the question again? What's the problem you're trying to solve? -- Matthias Andree

Re: message tracking logging request

BTW), there is no ID either because there is no queue file. HTH -- Matthias Andree

Re: problem with added spaces in the message body

mail? -- Matthias Andree

Re: Load issues with Postfix on FreeBSD

to research maildirs to see if that makes more sense. I think we should first figure out why your software is spending so much time in kernel space. -- Matthias Andree

Re: Understanding TLS

. Only 25. Thanks to anybody who might like to bring light into dark for me :-) Check TLS_README (or .html or whatever you have aounrd) for the server-side TLS settings, you need to add some smtpd_tls_* and tls_* options. -- Matthias Andree

Re: no plain text subject

Am 18.11.2010 01:28, schrieb Stan Hoeppner: Subject: =?iso-8859-1?Q?Le_invitamos_a_asistir_a_la_Presentaci=F3n_de_la_Oportunid?= =?iso-8859-1?Q?ad_de_negocio_en_ACN_Marketing_y_Servicios_de_Telecomunica?= =?iso-8859-1?Q?ciones?= Does anyone have a header_checks pcre that would

openSUSE chroot setup for TLS workaround

the copy-unsafe-links. I don't currently have time to do a formal bug report against SuSEconfig.postfix, and I'm unsure if they or I care enough. Perhaps Carsten Höger reads this? Best -- Matthias Andree

Re: Fetchmail/Postfix

, and logs. See http://www.fetchmail.info/fetchmail-FAQ.html#G3 for the fetchmail side. is it possible to configure postfix to relay mail to the domain mx if it cant find the users on the system? Yes. -- Matthias Andree

Re: Fetchmail/Postfix

be answered on the list. If your mailer doesn't have a list reply button, get a better mailer or for the nonce use reply to all. Redirecting to the list. -- Matthias Andree

Re: Fetchmail/Postfix

(To be fair, J C Potter provided a pastebin snippet with postconf -n, and the smtpd reject log line, but I'm not forwarding those to the list so as not to breach privacy.) -- Matthias Andree

[PATCH] Re: OpenSSL 0.9.8 - 1.0.0 CApath (in)compatibility

openssl application first in the path or point the environment variable OPENSSL to it. CRL hashing hasn't been tested, let me know how it goes. If it works, I'll submit it for OpenSSL 1.0.0a. -- Matthias Andree openssl-c_rehash-both.patch Description: Binary data Patch *for perusal* (if it fails

Re: postfix unavailable at 5 minutes after the hour?

;-) ] -- Matthias Andree

Postfix 2.5.1 cleanup(8) Date: issue?

smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks -o local_header_rewrite_clients= -- end of postfinger output -- -- Matthias Andree

[SOLVED] Re: Postfix 2.5.1 cleanup(8) Date: issue?

Wietse Venema wrote on 2010-03-29: Matthias Andree: and timezone are wrong, timezone name is missing). Interestingly, the time logged in Received: is correct. I would have hoped that the Date: header produces the same timestamp as in the Received: header. ... Return-Path: X-Original

documentation for owner-* companion aliases (was: Re: Message with 300,000+ recips via alias_maps)

), generic(5), or canonical(5) - the best you find is that owner-* and *-request are treated special and, in a different place (postconf 5) that these bypass splitting if recipient_delimiter is -. Am I missing documentation or is documentation on this feature too terse? TIA -- Matthias Andree

Re: Postfix local privilege escalation via hardlinked symlinks

On Tue, 19 Aug 2008, Wietse Venema wrote: Matthias Andree: If Postfix (or qmail[1], or whatever application) claims to support a particular operating system (Linux, Solaris - rather than POSIX), then it has to make proper assumptions to work in that possibly different environment

Re: postfix 2.5.1: smtp_sasl_tls_verified_security_options non-functional?

Victor Duchovni [EMAIL PROTECTED] writes: On Tue, Jul 29, 2008 at 08:21:09PM +0200, Matthias Andree wrote: smtp_sasl_tls_verified_security_options apparently stopped working after the upgrade. There has never been an official release where this feature is fully implemented