ct".
since you only need to allow specific IPs, you apparently don't need that.
I'd would set it anyway - to avoid wondering if you put "reject" there why
it doesn't work.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail ad
signed, so of course they will fail.
which means, if you use DMARC and not DKIM, don't post to mailing lists.
btw, DKIM defined very shitty canonicalication, which makes it very easy to
break messages by using some common formating techniques.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
, as always: what are you trying to achieve?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Silvester Stallone: Father of the RISC concept.
track
of them (deliverable or not) which is useful for cases where you can not use
local_recipient_maps
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek
.
This can be done by either providing postfix with list of existing addresses
in provided domains, or by using recipient verification for those domains,
and also sender verificatiom, when we're here.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish
,
reject_unauth_destination,
try adding "reject_unlisted_recipient", although
smtpd_reject_unlisted_recipient=yes (default) shoult take care of that.
permit
The problem is that a rejected recipient produces a mailer-daemon reply.
only if you accept mail for such recipient.
--
Matus UHLAR
On 09.07.21 08:38, Matus UHLAR - fantomas wrote:
you can add info to reject messages by configuring e.g.:
smtpd_reject_footer_maps=regexp:/etc/postfix/reject_footes_maps
but nobody will guarantee that the sending MTA will put that info to a
bounce.
However, if it helps, please report
HTTP error messages"
was on), making error messages useless.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Windows 2000: 64
.
All above mentioned ports are allowed in and out of the firewall on both the
NAT and endpoint computer.
I just need to know what settings would be best to avert the timeout. And yes,
I tried relaying and it also times out.
have you tried port 25?
--
Matus UHLAR - fantomas, uh
On 08-07-2021 12:05, Matus UHLAR - fantomas wrote:
Hans van Zijst:
I'm trying to get Postfix to send its bounce notices to a different
address than "postmaster", so I configured
notify_classes = resource, software, bounce, 2bounce
bounce_notice_recipient = bou...@e
bounces can
result into being listed in DNS blocklists.
I recommmend refusing those mails and solve reason why mails to nonexistent
addresses are sent to you.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
V
his check to
postfix.
domains can have their SPF records that say who is allowed to use their
names in HELO (or mail from of course). You can use SPF to refuse such
clients, although you need external policy server or milter to do that.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas
this it's mostly safe to put
smtpd_tls_protocols=!SSLv2,!SSLv3
smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3,!TLSv1
or even
smtpd_tls_protocols=!SSLv2,!SSLv3
smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3,!TLSv1,!TLSV1.1
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning
>>Matus UHLAR - fantomas:
>>>I was curious if I could do a script that would do the same, with the same
>>>possible issues.
>>>
>>>I can do perl, but it looks neither python nor perl have interface to postfix
>>>what could e.g. expand maps wi
Matus UHLAR - fantomas:
I was curious if I could do a script that would do the same, with the same
possible issues.
I can do perl, but it looks neither python nor perl have interface to postfix
what could e.g. expand maps without calling external commands.
On 01.07.21 22:49, Kevin N. wrote
external commands.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
He who laughs last thinks slowest.
authenticated or in mynetworks)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Posli tento mail 100 svojim znamim - nech vidia aky si idiot
/
and
http://www.open-spf.org/FAQ/
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Chernobyl was an Windows 95 beta test site.
Le 24/06/2021 à 17:04, Matus UHLAR - fantomas a écrit :
On 24.06.21 16:55, Matus UHLAR - fantomas wrote:
relayhost = [mail.'external host']:587
http://www.postfix.org/postconf.5.html#relayhost
and apparently configure SMTP Authentication by using:
smtp_sasl_password_maps = hash:/etc
On 24.06.21 16:55, Matus UHLAR - fantomas wrote:
post 25 is the default. You can configure alternative port by using:
"port 25"
relayhost = [mail.'external host']:587
http://www.postfix.org/postconf.5.html#relayhost
and apparently configure SMTP Authenticatio
'[mail.'external host'] user:password'
into /etc/postfix/sasl_passwd
http://www.postfix.org/postconf.5.html#smtp_sasl_password_maps
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem
it's there. We discovered this about 10
minutes before Matus responded and mentioned it.
you should switch iptables from iptables-legacy to iptables-nft by using
update-alternatives
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail
in X-Envelope-To:
header or other header your ISP uses for delivering to multidrop mailboxes.
However, yes - if you already receive the same mail multiple times, you only
can try to deduplicate it after that.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT
UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Nothing is fool-proof to a talented fool.
_client_restrictions=permit_sasl_authenticated,reject
dfilt unix - n n - - pipe
flags=Rq user=filter argv=/usr/local/etc/postfix/disclaimer -f ${sender} --
${recipient}
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish N
_authenticated,reject
dfilt unix - n n - - pipe
flags=Rq user=filter argv=/usr/local/etc/postfix/disclaimer -f ${sender} --
${recipient}
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail adverti
ult: empty)
The SMTP TLS security level for the Postfix SMTP server; when a
non-empty value is specified, this overrides the obsolete parameters
smtpd_use_tls and smtpd_enforce_tls. This parameter is ignored with
"smtpd_tls_wrappermode = yes".
--
Matus UHLAR - fantoma
guess he wants to replace the "too many connections from" with customized
text.
this seems to be hardcoded in sources and I think it's not wise to replace
it.
however it can be enhanced with smtpd_reject_footer e.g. to provide
localized message:
http://www.postfix.org/postconf.5.html#
:
# smtpd_sender_restrictions=$mua_sender_restrictions
- sender/recipient restrictions are the same for all clients
All just to provide proper error messsages to those clients, after I noticed
that unauthenticated client get rejection message for invalid EHLO/HELO.
--
Matus UHLAR - fantomas, uh...@fantomas.sk
ain enough?
Isn't there any possibility that you are replying to a spammer?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Spam is for
Matus UHLAR - fantomas:
Can I provide "530 5.7.0 Authentication Required." error in
smtpd_client_restrictions/smtpd_helo_restrictions somehow?
I can think of using:
mua_client_restrictions = permit_sasl_authenticated, check_client_access
static:{"530 5.7.0 Authenti
On 31.05.21 16:48, Matus UHLAR - fantomas wrote:
looking at postfix logs I found out that with standard restrictions
inherited from main.cf at ports 465/587, the client gets error message like:
May 30 12:05:04 mail postfix/submission/smtpd[22649]: NOQUEUE: reject: RCPT from unknown[192.0.2.1
eply to RCPT TO command))
they refuse smpty senders. That's violation of RFCs, which say that empty
envelope from must not be rejected.
you can try listing them in rfc-clueless.org list.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail
r z19sm15110351wmk.8
- gsmtp
530 5.7.57 Client not authenticated to send mail.
and I think "530 5.7.0 Authentication Required." would be better message on
those ports.
what's the cleanest way to force this error?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
not define more than 1 address.
But would 2 addresses work using a combination of always_bcc AND
recipient_bcc_maps?
Or does one of these options render the other one unusable?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to th
if there was a previous warning or not.
I think guys here mentioned a script that parsed and reorders matching log
lines,
unfortunately I forgot its name...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address
browser, safe mode or contact them different way.
not a postfix problem though
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I intend
in header_checks and PREPEND in policy filter, which makes sure
the header you use will be deleted from input stream.
but still explaining what you want could lead to better solution for your
problem.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e
want to do when delivering mail from different users?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
LSD will make your ECS screen
t IP address into the brackets.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux - It's now safe to turn on your computer.
Linux - Teraz mozete pocitac bez obav zapnut.
ess - look at your milters' docs.
If users are sending mail over ports 465/587, those ports can have different
settings, e.g. disable milters - look at master.cf.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to th
On 05-18-2021 2:12 pm, Matus UHLAR - fantomas wrote:
so, you have multiple instances?
On 18.05.21 14:37, post...@ptld.com wrote:
No, i don't have multiple instances of a postfix install. Postfix has
multiple instances as in:
in your other mail you still refer to them as two separate servers
destination for that To: domain otherwise bounce
as user unknown.
Easy on two server setup, so far only suggestion to do this on single
server setup is by multi-instance setup.
You have already said above that you have multiple instances.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
On 05-18-2021 11:17 am, Matus UHLAR - fantomas wrote:
So, you want postfix X to deliver mail to whatever server is MX for the
recipient domain.
On 18.05.21 11:45, post...@ptld.com wrote:
Yes, and postfix X is not the MX server for the recipient domain.
no mailservers I know care about MX
to be delivered locally.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
10 GOTO 10 : REM (C) Bill Gates 1998, All Rights Reserved!
allow this address
(you can get blacklisted if you refuse it).
The point of empty envelope from is to allow notifications about mail, which
should not be replied to.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this a
rejected due to: SPF fail - not authorized. Please
see
http://www.openspf.net/Why?s=mfrom;id=recruit...@kncareers.com;ip=208.185.23
5.45;r=;
from= to= proto=ESMTP helo=
Isn't ld4prd5.mx.csod.com[208.185.235.45] your backup MX ?
you should whitelist those from SPF checks
--
Matus UHLAR
to
be able to send from >1 name (all @mydomain) but using 1 login. I
think I want 'reject_unlisted_sender_domain' (which does not exist).
On 13/05/2021 12:26, Matus UHLAR - fantomas wrote:
you can allow logins/senders with smtpd_sender_login_maps and after that
disable sender - only what
need to
be able to send from >1 name (all @mydomain) but using 1 login. I
think I want 'reject_unlisted_sender_domain' (which does not exist).
you can allow logins/senders with smtpd_sender_login_maps and after that
disable sender - only what you allow as sender will be accepted.
--
Matus UH
"best practices" for this kind of situation?
If you accept mail from anyone and pass it further, using different server
may be good in case they cause spam outbreak - it will be another server
that's flooded off, slow to accept and process mail, getting to blacklists.
--
Matus UHLAR - fa
should run with option
"-m /var/spool/postfix/var/run/saslauthd"
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
You have the ri
e customers have their
own NS.
"check_recipient_mx_access" option looked promising.
On 2021-05-06 12:42, Matus UHLAR - fantomas wrote:
this applies for incoming mail, not outgoing.
On 06.05.21 14:07, Vytenis Adm wrote:
Outbound (SMTP-AUTH) Postfix instance receives mail from our users, so
it'
g at transport_maps ?
http://www.postfix.org/postconf.5.html#transport_maps
you should be able to configure where to send mail to different domains, and
"relayhost" would only be applied for default mail
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to recei
d mail?
If so, try
http://www.postfix.org/postconf.5.html#sender_dependent_relayhost_maps
note that sender_dependent_relayhost_maps use sender mail address, not
sending IP.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail adver
tried to only reroute the mails coming from
localhost. I couldn't manage to implement both options.
What's different on hosts in 192.168.1.0/24 that you want to avoid
everything you want to apply for localhost?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning:
]
instead of
connect from zg-0416b-243.stretchoid.com[192.241.220.141]
The IP has DNS record, so even when reverse does not work, I would like
to see the hostname that is connecting
can this be configured?
On 2021-04-29 10:25, Matus UHLAR - fantomas wrote:
no. There's no poing in trusting
poing their reverse DNS to any domain they don't own.
Get proper reverse/forward name, possibly not generic.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT
=XXX.XXX.XXX.XXX
are you sure you are supposed to send mail to outside through port 25?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Fighting
that the client
is connecting to the server.
ask for their clients' logs. Ask for screenshot of their setup. They
apparently don't use your server or their connections are redirected.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail
submssion from incoming mail and use proper
ports for that.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Saving Private Ryan...
Private R
and real email users on different domains. Why is
localhost not allowed, seems like special case might be an answer.
Also trying to figure out what configuration to change postfixadmin or postfix.
Thanks in advance for your help.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk
d people running mailservers and/or
spamfilters NOT to use forwarding DNS.
perhaps you should use non-forwarding server/view for postfix/spamfilter
resolution and forwarding server/view for other resolution.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT t
deliver unchanged mail to always_bcc address,
when the always_bcc happens AFTER the mail is changed.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Spam is for losers who can't get business any other way.
ngs
-o local_header_rewrite_clients=
I recomment doing no_address_mappings on port 10025 when receiving mail from
amavis, and not globally in the main.cf.
On 21.04.21 12:49, Alex wrote:
This actually doesn't appear to have made any difference. What could I
be doing wrong?
what difference? W
nds me, I have simply added the address in always_bcc to an alias
where such mail is redirected.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu pos
.
the only more efficient solution is afaik nullrouting them with rp_filter,
but that disables all packets from such IP
I have configured fail2ban with ipset and found it very efficient and easy
to maintain with other firewalling system.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk
to actually work as expected, as well
as, I believe, sasl_type?
you should better put sasl options to main.cf, unless you are going to use
different SASL types on different ports.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail
tput from "postconf -M smtps".
this looks like you are running plaintext SMTP on ssl port.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklam
disable it)
and still you reject part of spam.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
M$ Win's are shit, do not use it !
, dsn=2.0.0, status=sent (250 2.0.0
gDnmAMdadGBUTgAA7aWK2g Saved)
... and?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I wonder ho
each mail can be
spamassassin-scanned multiple times (once per recipient), which may hugely
increase system load.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT
ive_override_options=no_address_mappings
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The 3 biggets disasters: Hiroshima 45, Tschernobyl 86, Windows 95
They are... well, just strange, doing everything differently.
looks like they are going to stop communicating with part of the world.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tut
On 2021-04-08 14:16, Matus UHLAR - fantomas wrote:
in addition to this, you can whitelist outlook's IP ranges at
postscreen
level, as they "likely" aren't what postscreen is supposed to stop -
bots.
On 08.04.21 15:31, Benny Pedersen wrote:
there is bots at microsoft, there server
ikely" aren't what postscreen is supposed to stop - bots.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
10 GOTO 10 : REM (C) Bill Gates
to hold sender's session so you
can reject mail during SMTP transaction.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I intend to live forever
(requires amavis). That can
refuse spam at SMTP level.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
WinError #9: Out of error messages.
- - - 1 postscreen
-o content_filter=spamassassin
I think content_filter is not option for postscreen.
try using spamass-milter or amavisd-milter instead of content_filter.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising
UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Fucking windows! Bring Bill Gates! (Southpark the movie)
comes from problematic source
(e.g. spam-friendly company/ISP or company/isp who doesn't care).
postscreen is here to handle multiple listings.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na t
the local part.
On Wed, Mar 24, 2021 at 12:14 PM Matus UHLAR - fantomas
wrote:
yes, because by adding IP to mynetworks, you usually allow the sending IP
to relay mail.
the ! has still special meaning as UUCP address.
do you really need UUCP addressing?
--
Matus UHLAR - fantomas, uh...
ple.com" means that you want the receiving
server (MX for "example.com" domain) to forward the mail via UUCP to the
machine it knows as "joe" and deliver it to user "b" on that machine :)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warn
users before
checking check_recipient_access
- you don't want zthis.
one of my friends stated that fake "user doesn't exist" rejections/bounces
helped him get rid of many spams years ago
- It won't be the case nowadays.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
page for spamc, you will see that there is no
specification for a -f flag at all.
note that it applies for the "-f" in spamc part, not the "-f" in the
sendmail part.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receiv
, or is
check_recipient_access processed first?
you can keep it in reject_unlisted_recipient.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Save the whales
append_dot_mydomain and relay_domains, have set
compatibility_level to 0, and will monitor for messages.
mynetworks_style is not used if you have configured mynetworks.
if you have configured all options needed, or you don't care of their
values, you can set compatibility_level=2
--
Matus UHLAR - fantomas, u
tly configyre "mynetworks" to your local subnets.
and using only relay_domains makes sense if you are relay for anyone.
With those set, all services in master.cf explicitly chroot=n, and
compatibility_level set to 99
don't do this. You never know what changes in the future and
also entered a bug in bugs.centos.org requesting clarification on
the decision to disable CHUNKING.
wouldn't is be better to enable chunking by setting it to empty?
smtpd_discard_ehlo_keywords =
especially when you want to have BDAT working...
--
Matus UHLAR - fantomas, uh...@fantomas.sk
On Tue, Mar 16, 2021 at 05:51:07PM +0100, Matus UHLAR - fantomas wrote:
>When the Postfix TLS security level requires authentication (mandatory
>TLS stronger than just "encrypt"), Postfix automatically disables the
>aNULL ciphers internally. You never need to do explicitly,
is blocked via dnsbl.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
There's a long-standing bug relating to the x86 architecture that
allows you
c-dfgh.co.in to /etc/postfix/access, you don't need
pcre for that.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I wonder how much de
How can it be? Does ubuntu broke postfix?
I guess the option is there to warn of remote servers that have TLS
disabled, but they support TLS.
Since you haven't disabled TLS for google servers, there's nothing to say.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas
Hello,
>On Fri, Jan 29, 2021 at 06:53:09PM +0100, Matus UHLAR - fantomas wrote:
>> yes, but when the policy is encryption required for client-server
>> connections, aNULL would break that IIUC
>> - please correct me if I'm wrong
On 29.01.21 15:09, Viktor Dukhovni
t get rate-limited.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Fighting for peace is like fucking for virginity...
level). We also accept email from the LAN and localhost
networks.
We recently started accepting email from the single WAN address and added the
IP to mynetworks. This likely has something to do with the configuration issue.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk
, all mail related activity is
logged in /var/log/mail.log. Is that log all I need to help determine
where the duplicate emails are coming from? If so I can study that and
probably figure this out.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive
ant alias expantion, canonical mapping, and
automatic BCC (at least if you configure any of those).
http://www.postfix.org/postconf.5.html#receive_override_options
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this addr
On 04.03.21 06:42, Steve Dondley wrote:
OK, yeah, I got spam assassin installed and have this line in
master.cf for smtp:
-o content_filter=spamassassin
the question is, how does spamassassin push mail back to postfix.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
rom filter as described
in amavis docs:
https://www.ijs.si/software/amavisd/README.postfix.html#basics_smtpd-daemon
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT
mp; * + - _ = / ? | { }
That said, I don't recall seeing email addresses with # & or % in the local
part.
But you should be able to setup a simple map that rejects them:
csmtpd_helo_restrictions = reject_invalid_helo_hostname
check_helo_access pcre:/etc/postfix/helo_checks.pcre permit
helo_checks.pcre:
/^\
601 - 700 of 1318 matches
Mail list logo
