Shawn Heisey:
> On 5/19/2011 10:13 AM, Wietse Venema wrote:
> > Shawn Heisey:
> >> helo mcp.example.com
> >> mail from: postmas...@mcp.example.com
> >> quit
> >>
> >> Here's what this looks like in context:
> >>
> >> mcp:/usr/src# telnet ns2 25
> >> Trying 10.8.0.22...
> >> Connected to ns2.example
On 5/19/2011 10:13 AM, Wietse Venema wrote:
Shawn Heisey:
helo mcp.example.com
mail from: postmas...@mcp.example.com
quit
Here's what this looks like in context:
mcp:/usr/src# telnet ns2 25
Trying 10.8.0.22...
Connected to ns2.example.com.
Escape character is '^]'.
220 nexus2.example.com ESMTP
Shawn Heisey:
> helo mcp.example.com
> mail from: postmas...@mcp.example.com
> quit
>
> Here's what this looks like in context:
>
> mcp:/usr/src# telnet ns2 25
> Trying 10.8.0.22...
> Connected to ns2.example.com.
> Escape character is '^]'.
> 220 nexus2.example.com ESMTP Postfix (Debian/GNU)
> h
On 05/19/2011 05:44 PM, Shawn Heisey wrote:
>
> On 5/18/2011 10:30 PM, Noel Jones wrote:
>> On 5/18/2011 8:11 PM, Shawn Heisey wrote:
>>> monitor.example.com[10.2.1.39]: 503 5.5.1 Error: send
>>> HELO/EHLO first
>>
>> But that's a different error message. For this, you need to set
>>
>> # main.cf
Shawn Heisey:
> For the world at large, I want to require correct pipelining, but have a
> mechanism to bypass it for certain hosts. I might end up using
You need to repeat my examples that show that permit_mynetworks
and reject_unauth_pipelining work as documented.
Wietse
On 5/18/2011 10:30 PM, Noel Jones wrote:
On 5/18/2011 8:11 PM, Shawn Heisey wrote:
monitor.example.com[10.2.1.39]: 503 5.5.1 Error: send
HELO/EHLO first
But that's a different error message. For this, you need to set
# main.cf
smtpd_helo_required = no
(which is the default). This setting
Shawn Heisey:
> May 18 18:49:21 nexus2 postfix/smtpd[24852]: >
> monitor.example.com[10.2.1.39]: 503 5.5.1 Error: send HELO/EHLO first
First, you need to learn to speak SMTP correctly.
Second, you need to repeat my examples from yesterday that demonstrate
that permit_mynetworks followed by rejec
On 5/18/2011 8:11 PM, Shawn Heisey wrote:
monitor.example.com[10.2.1.39]: 503 5.5.1 Error: send
HELO/EHLO first
But that's a different error message. For this, you need to set
# main.cf
smtpd_helo_required = no
(which is the default). This setting is not affected by
permit_mynetworks, nor
On 5/18/2011 6:27 PM, Wietse Venema wrote:
In master.cf you have "smtpd_delay_reject = no". With this, Postfix
will apply smtpd_sender_restrictions when it receives the MAIL FROM
command, instead of waiting until the RCPT TO command.
In your log, Postfix rejects the MAIL FROM command. This means
Wietse Venema:
> With my own system, permit_mynetworks does override
> reject_unauth_pipelining, so I guess you either aren't matching
> mynetworks, or you have given incorrect confguration info, or the
> Debian maintainer introduced an error.
>
> Below are examples for Postfix versions 2.9 (the l
Shawn Heisey:
> On 5/18/2011 5:09 PM, Wietse Venema wrote:
> > This applies restrictions before RCPT TO, so you reported
> > the wrong Postfix configuration, or you have parameter
> > settings in master.cf that you should also report about.
...
> I actually do hope that this is a mistake on my part
On 5/18/2011 5:09 PM, Wietse Venema wrote:
This applies restrictions before RCPT TO, so you reported
the wrong Postfix configuration, or you have parameter
settings in master.cf that you should also report about.
It's the right configuration. Just in case, I made sure I was on the
right serve
Shawn Heisey:
> smtpd_delay_reject = yes
This will apply the client, helo, and sender restrictions
AFTER Postfix receives the RCPT TO command.
In other words, Postfix never applies restrictions when the
client connects, when the client send EHLO, or when the
client sends the MAIL FROM command.
>
Wietse Venema:
> Shawn Heisey:
> > smtpd_data_restrictions = permit_mynetworks,
> > reject_unauth_pipelining, reject_multi_recipient_bounce
>
> permit_mynetworks has NO EFFECT in smtpd_data_restrictions,
> because SMTP is a multi-recipient protocol.
Sorry, that is bogus.
Wietse
Shawn Heisey:
> smtpd_data_restrictions = permit_mynetworks,
> reject_unauth_pipelining, reject_multi_recipient_bounce
permit_mynetworks has NO EFFECT in smtpd_data_restrictions,
because SMTP is a multi-recipient protocol.
Wietse
On 5/18/2011 2:57 PM, Noel Jones wrote:
On 5/18/2011 3:39 PM, Shawn Heisey wrote:
I am having a problem that IMHO should be solved by the
following in main.cf. I am using version 2.7.1 in Debian squeeze:
smtpd_data_restrictions =
permit_mynetworks,
reject_unauth_pipelining,
reject_multi_recipie
On 5/18/2011 3:39 PM, Shawn Heisey wrote:
I am having a problem that IMHO should be solved by the
following in main.cf. I am using version 2.7.1 in Debian squeeze:
smtpd_data_restrictions =
permit_mynetworks,
reject_unauth_pipelining,
reject_multi_recipient_bounce
This says to me that if the ho
I am having a problem that IMHO should be solved by the following in
main.cf. I am using version 2.7.1 in Debian squeeze:
smtpd_data_restrictions =
permit_mynetworks,
reject_unauth_pipelining,
reject_multi_recipient_bounce
This says to me that if the host is listed in mynetworks, it s
18 matches
Mail list logo
