Viktor Dukhovni:
>
>
> > On May 31, 2018, at 8:04 AM, Dirk St?cker wrote:
> >
> > Even after years of UNIX experience there are commands and syntaxes I've
> > newer seen before. That <(...) is surely helpful elsewhere, when I can
> > remember it...
>
> It is of course a "bashism" and not a P
> On May 31, 2018, at 8:04 AM, Dirk Stöcker wrote:
>
> Even after years of UNIX experience there are commands and syntaxes I've
> newer seen before. That <(...) is surely helpful elsewhere, when I can
> remember it...
It is of course a "bashism" and not a POSIX-shell feature, so you
won't f
On Tue, 29 May 2018, Wietse Venema wrote:
This is a task which I need something to change a vendor supplied main.cf
into the better understandable minimum configuration which does not
contain legacy settings.
Could "postconf" get a new "-N" paramater for that maybe ;-)
My Postfix cycles are c
@lbutlr:
> I do have one question that I've never noticed before. The settings for =
> mydomain and myhostname show that they are at the default values. Where =
> is postfix getting the defaults for this and does it mean the settings =
> really aren't needed unless your hostname is, for some reason
On Tue, 2018-05-29 at 13:57 -0400, Viktor Dukhovni wrote:
> > On May 29, 2018, at 1:54 PM, Jim P. wrote:
> >
> > It's more of a language "feature". This works:
> >
> > LANG=C comm -1 -2 <(postconf -n) <(postconf -d)
> >
> > this doesn't:
> >
> > LANG=en_US comm -1 -2 <(postconf -n) <(postconf
On 29 May 2018, at 11:57, Viktor Dukhovni wrote:
> The collation rules for "en_US" are abominable. I always set:
>
> LC_CTYPE=en_US.UTF-8 LANG=C
Yep, strongly agree with this. I foolishly had LANG=en_US some time back
thinking it was sensible. It is not. Everything breaks.
> On May 29, 2018, at 1:54 PM, Jim P. wrote:
>
> It's more of a language "feature". This works:
>
> LANG=C comm -1 -2 <(postconf -n) <(postconf -d)
>
> this doesn't:
>
> LANG=en_US comm -1 -2 <(postconf -n) <(postconf -d)
The collation rules for "en_US" are abominable. I always set:
L
On Tue, 2018-05-29 at 13:32 -0400, Viktor Dukhovni wrote:
> > On May 29, 2018, at 12:28 PM, Jim P. wrote:
> >
> > FWIW, I had to use this:
> >
> > comm -1 -2 <(postconf -n|sort) <(postconf -d|sort)
>
> That'd only be needed if you have a funny collation locale.
> Try:
>
> env -i "PATH=$PA
> On May 29, 2018, at 12:28 PM, Jim P. wrote:
>
> FWIW, I had to use this:
>
> comm -1 -2 <(postconf -n|sort) <(postconf -d|sort)
That'd only be needed if you have a funny collation locale.
Try:
env -i "PATH=$PATH" LANG=C LC_COLLATE=C bash -c '
comm -1 -2 <(postconf -n) <(post
On Tue, 2018-05-29 at 10:49 +0200, Stefan Förster wrote:
> * Dirk Stöcker :
> > On Mon, 28 May 2018, Viktor Dukhovni wrote:
> >
> > > > It might be useful, but probably not, to have a version of
> > > > postconf -n that showed the default value along sinde the
> > > > changed value:
> > >
> > > j
On 2018-05-29 (02:35 MDT), Dirk Stöcker wrote:
>
> Do you maybe also have a command to show only changed parameters?
This is doable, but it takes a bit more processing than a single line.
Basically, a shell script that parses the output of
join <(postconf -n) <(postconf -d | sed 's/=/(default
Dirk St?cker:
> On Mon, 28 May 2018, Viktor Dukhovni wrote:
>
> >> It might be useful, but probably not, to have a version of postconf -n
> >> that showed the default value along sinde the changed value:
> >
> > join <(postconf -n) <(postconf -d | sed 's/=/(default:/; s/$/)/')
>
> Do you maybe a
* Dirk Stöcker :
On Mon, 28 May 2018, Viktor Dukhovni wrote:
It might be useful, but probably not, to have a version of postconf -n that
showed the default value along sinde the changed value:
join <(postconf -n) <(postconf -d | sed 's/=/(default:/; s/$/)/')
Do you maybe also have a comman
On Mon, 28 May 2018, Viktor Dukhovni wrote:
It might be useful, but probably not, to have a version of postconf -n that
showed the default value along sinde the changed value:
join <(postconf -n) <(postconf -d | sed 's/=/(default:/; s/$/)/')
Do you maybe also have a command to show only cha
On 2018-05-28 (11:26 MDT), Viktor Dukhovni wrote:
>
> join <(postconf -n) <(postconf -d | sed 's/=/(default:/; s/$/)/')
That's nifty!
--
"you'd think you could trust a horde of hungarian barbarians"
> On May 28, 2018, at 1:26 PM, Viktor Dukhovni
> wrote:
>
> join <(postconf -n) <(postconf -d | sed 's/=/(default:/; s/$/)/')
I should mention that this is "bash" syntax. Other shells require
temp files. On at least some FreeBSD systems bash by default does
not assume the existence of /dev
> On May 28, 2018, at 11:35 AM, @lbutlr wrote:
>
> It might be useful, but probably not, to have a version of postconf -n that
> showed the default value along sinde the changed value:
join <(postconf -n) <(postconf -d | sed 's/=/(default:/; s/$/)/')
--
Viktor.
On 26 May 2018, at 12:59, Benny Pedersen wrote:
> just kidding, i would like to see main.cf smaller, so postconf -n gives more
> settings as default from -d
>
> as it is now setting is more or less random default from main.cf
>
> keep main.cf minimal is good sense
I’m not sure what you mean, t
/dev/rob0 skrev den 2018-05-26 18:59:
Just a thought. This particular misunderstanding is pretty common.
Of course "instead of actual settings" should be a clue. It might
help if the OP tells us what he was thinking when reading that
passage about "-d". Reading too fast?
postconf -d output
On Sat, May 26, 2018 at 12:56 PM, Viktor Dukhovni <
postfix-us...@dukhovni.org> wrote:
>
>
> > On May 26, 2018, at 8:30 AM, Sean Son
> wrote:
> >
> > Also, if I set smtpd_tls_ciphers" and/or "smtp_tls_ciphers" to "high" ,
> won't that conflict with opportunistic TLS.
>
> Only for senders that do
On 2018-05-26 (10:59 MDT), /dev/rob0 wrote:
> Perhaps this could be reworded to be less confusing? Since "-d"
> doesn't look at main.cf, s/main.cf/"Postfix internal"/?
I dunno, I think "Print main.cf default parameter settings instead of actual
settings." is very clear.
--
We will fight for
On Sat, May 26, 2018 at 01:11:00PM -0400, Viktor Dukhovni wrote:
> > On May 26, 2018, at 12:59 PM, /dev/rob0 wrote:
> >
> >> Man postconf:
> >> -d Print main.cf default parameter settings instead of
> >> actual settings. Specify -df to fold long lines
> >> fo
> On May 26, 2018, at 12:59 PM, /dev/rob0 wrote:
>
>> Man postconf:
>> -d Print main.cf default parameter settings instead of
>> actual settings. Specify -df to fold long lines
>> for human readability (Postfix 2.9 and later).
>
> Perhaps this could be rew
On Sat, May 26, 2018 at 06:51:33AM -0600, @lbutlr wrote:
> On 26 May 2018, at 06:30, Sean Son
> wrote:
> > postconf -d | egrep '^[^ ]*mtpd?_tls.*_protocols' . but it still
> > shows me the old settings
>
>
> The output of postconf -d will never change.
>
> Man postconf:
>-d Print
> On May 26, 2018, at 8:30 AM, Sean Son
> wrote:
>
> Also, if I set smtpd_tls_ciphers" and/or "smtp_tls_ciphers" to "high" , won't
> that conflict with opportunistic TLS.
Only for senders that don't support any of the modern ciphersuites.
> You had mentioned that adding those settings wou
On 26 May 2018, at 06:30, Sean Son wrote:
> postconf -d | egrep '^[^ ]*mtpd?_tls.*_protocols' . but it still shows me
> the old settings
The output of postconf -d will never change.
Man postconf:
-d Print main.cf default parameter settings instead of actual set-
ti
On Mon, May 21, 2018 at 5:21 PM, Viktor Dukhovni wrote:
>
>
> > On May 21, 2018, at 5:16 PM, Sean Son
> wrote:
> >
> > lmtp_tls_mandatory_protocols = !SSLv2
> > lmtp_tls_protocols = !SSLv2
> > smtp_tls_mandatory_protocols = !SSLv2
> > smtp_tls_protocols = !SSLv2
> > smtpd_tls_mandatory_protocols
> On May 21, 2018, at 5:16 PM, Sean Son
> wrote:
>
> lmtp_tls_mandatory_protocols = !SSLv2
> lmtp_tls_protocols = !SSLv2
> smtp_tls_mandatory_protocols = !SSLv2
> smtp_tls_protocols = !SSLv2
> smtpd_tls_mandatory_protocols = !SSLv2
> smtpd_tls_protocols =
>
> i was informed by our security te
On Mon, May 21, 2018 at 2:08 PM, Viktor Dukhovni wrote:
>
>
> > On May 21, 2018, at 1:16 PM, Sean Son
> wrote:
> >
> > Hello all
> >
> > I have opportunistic TLS (offering STARTLS) configured in my main.cf
> file. I have been tasked to disable SSLv2 and SSLv3 as well as disable
> medium streng
> On May 21, 2018, at 1:16 PM, Sean Son
> wrote:
>
> Hello all
>
> I have opportunistic TLS (offering STARTLS) configured in my main.cf file.
> I have been tasked to disable SSLv2 and SSLv3 as well as disable medium
> strength ciphers (to use high strength ones instead) in my postfix serv
On 21 May 2018, at 13:16 (-0400), Sean Son wrote:
Hello all
I have opportunistic TLS (offering STARTLS) configured in my main.cf
file. I have been tasked to disable SSLv2 and SSLv3 as well as
disable
medium strength ciphers (to use high strength ones instead) in my
postfix
server. If I wa
Hello all
I have opportunistic TLS (offering STARTLS) configured in my main.cf
file. I have been tasked to disable SSLv2 and SSLv3 as well as disable
medium strength ciphers (to use high strength ones instead) in my postfix
server. If I was to add the following to my main.cf:
smtpd_tls_mandat
32 matches
Mail list logo
