What exactly are the prerequisites for preferring EDH ciphers in
Postfix?
* Do I need ECC (and thus OpenSSL = 1.0.0) or not?
* Do I need tls_preempt_cipherlist = yes, and thus Postfix 2.8.0 or not?
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz
* lst_ho...@kwsoft.de lst_ho...@kwsoft.de:
* Do I need tls_preempt_cipherlist = yes, and thus Postfix 2.8.0 or not?
This let the *server* (Postfix) choose a cipher suggested by the
client, so it depends. If the client has no DH ciphers it doesn't
help, if the client list DH ciphers later in
* Alfonso Alejandro Reyes Jiménez are...@ibossmonitor.com:
Hi Everyone.
Is there some way to keep the exchange format on postfix?
Postfix does not alter the body of an email in any way.
I have a postfix that gets exchange emails, the problem is that the
exchange format is removed and all
The thing is that if you send an email on the same exchange
everything looks fine, if you send an email thru the postfixs
distribution list
What is postfixs distribution list? Please elaborate!
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der
* Alfonso Alejandro Reyes Jiménez are...@ibossmonitor.com:
Thanks but the mailing list is on the postfix, the postfix is
striping the images according to our tests. :(
How is the mailing list implemented?
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669
Sep 11 09:21:22 mail2 postfix/cleanup[23372]: 3cZZKZ2WvdzBt9C:
message-id=f0cdc3dbf712aa448525e5dddc62b6f4039fe69d4...@exchange31.charite.de
Sep 11 09:21:22 mail2 postfix/qmgr[10759]: 3cZZKZ2WvdzBt9C:
from=sen...@charite.de, size=36991, nrcpt=1 (queue active)
Sep 11 09:31:23 mail2
* Paul Hoffman p...@flo.org:
On Wed, Sep 11, 2013 at 10:19:19AM +0200, Ralf Hildebrandt wrote:
Sep 11 09:21:22 mail2 postfix/cleanup[23372]: 3cZZKZ2WvdzBt9C:
message-id=f0cdc3dbf712aa448525e5dddc62b6f4039fe69d4...@exchange31.charite.de
Sep 11 09:21:22 mail2 postfix/qmgr[10759
* Wietse Venema postfix-users@postfix.org:
Delivery fails to the primary MX host (mail.vivantes.de) and then
it succeeds to the secondary MX host. Why should Postfix wait when
it switches from primary to secondary MX?
PEBCAK (on my side here).
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90
* Frank Bonnet frank.bon...@esiee.fr:
Hello
Anyone has tested such server in real life ?
http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/
I finally got around reading this.
I wonder if it should be more strict regaring the used ciphers (both
in Postfix and Dovecot), given
* Viktor Dukhovni postfix-users@postfix.org:
On Wed, Sep 11, 2013 at 01:26:25PM +0200, Ralf Hildebrandt wrote:
Anyone has tested such server in real life ?
http://sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/
I finally got around reading this.
I wonder if it should
* Louis-David Mitterrand vindex+lists-postfix-us...@apartia.org:
Hi,
I have a virtual_alias_maps with a pcre entry like
/^(info|contact|etc)@/ localuser
and it delivers i...@anydomain.com to localuser even though
'anydomain.com' is not in virtual_alias_domains, is that normal?
* Louis-David Mitterrand vindex+lists-postfix-us...@apartia.org:
On Thu, Oct 24, 2013 at 10:42:07AM +0200, Ralf Hildebrandt wrote:
* Louis-David Mitterrand vindex+lists-postfix-us...@apartia.org:
Hi,
I have a virtual_alias_maps with a pcre entry like
/^(info|contact|etc
I'm seeing this in my log:
2013-11-12T03:12:45.129959+01:00 mail postfix/smtpd[13775]: 3dJXXs0vySz10tc:
client=mail.r0.3dz.com[5.9.40.9]
2013-11-12T03:12:47.707119+01:00 mail postfix/cleanup[27219]: warning:
3dJXXs0vySz10tc: unreasonable virtual_alias_maps map nesting for
i...@example.com --
* Ralf Hildebrandt r...@sys4.de:
I'm seeing this in my log:
2013-11-12T03:12:45.129959+01:00 mail postfix/smtpd[13775]: 3dJXXs0vySz10tc:
client=mail.r0.3dz.com[5.9.40.9]
2013-11-12T03:12:47.707119+01:00 mail postfix/cleanup[27219]: warning:
3dJXXs0vySz10tc: unreasonable virtual_alias_maps
* Dave Johnsom da...@wsnet.co.za:
It's either this:
check_policy_service inet:127.0.0.1:,
or this:
check_policy_service inet:127.0.0.1:10031,
Find out what's listening on port and 10031:
% sudo netstat -tulpen |egrep :(|10031)
(which are both listed TWICE in your config!)
--
* Roland Plüss rol...@rptd.ch:
Do I have to bother about this list or is it a crappy blacklist I should
not care about?
I personally don't see rejections based on this.
mail.python.org got listed once for spamming. Looking at the
evidence I found that somebody subscribed (using double opt
* Viktor Dukhovni postfix-users@postfix.org:
It is far easier to enable fast delay notices, or set a very short
maximal queue lifetime if fast failure is more appropriate than
eventual success for the messages being sent.
Yes, but the delay notice is (probably!) too cryptic for the end-user.
* Wietse Venema wie...@porcupine.org:
Yes, but the delay notice is (probably!) too cryptic for the end-user.
Nonsense. It is the exact same error message that you want Postfix
to send in a bounce email.
None of the users actually read this :(
--
[*] sys4 AG
http://sys4.de, +49 (89) 30
The error mesage being one of:
TLS is required, but host %s refused to start TLS: %s
TLS is required, but was not offered by host %s
TLS is required, but our TLS engine is unavailable
%s: TLS is required but unavailable, don't know why
TLS is required, but unavailable
* li...@rhsoft.net li...@rhsoft.net:
that may also be the MUA
in case of a iPhone you can reject with whatever status code
you like in case of sending without authentication and the
device will try to do the same every 5 minutes
i had a customer doing this for the same message of *3
* jmct tune...@gmail.com:
I've looked around online quite a bit and have seen that you can block
specific types of files - and even found a forum post here
(http://postfix.1071664.n5.nabble.com/blocking-all-attachments-td14552.html),
but unfortunately, this solution did not work for me. When
* jmct tune...@gmail.com:
Thanks for the quick reply!
Correct. This file does exist in /etc/postfix.
Postfix tends to disagree. Fix that. You probably typoed something
somewhere.
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der
* jmct tune...@gmail.com:
Thanks for the quick reply!
Correct. This file does exist in /etc/postfix. The contents are that of the
same in the previous forum post I linked.
/etc/postfix/mime_header_checks != /etc/postfix/mime_header_check
(note the extra s at the end)
--
[*] sys4 AG
* Tim Smith tcsmith1...@googlemail.com:
That's fine and I totally understand why they do that but is there a
way that Postfix can flag the message so that Google understands
that we are just forwarding the message and that we are not the
originator of the spam?
You could filter out the spam
* Viktor Dukhovni postfix-users@postfix.org:
On Thu, Mar 27, 2014 at 03:24:14PM +0200, Bogdan Enache wrote:
A user is trying to send email to a domain, tn.odessa.ua which has 3 MX
servers. One of them is clearly not working,
notes.uptel.net[195.138.170.139], which has a priority of 30.
header_checks is not designed for such things
it's just limited basic functionality
consider to use a policy-daemon with more features
Rather: a milter. A policy-daemon doesn't see the mails' contents.
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669
Jun 25 15:12:23 albatross postfix/smtp[16480]: Untrusted TLS connection
established to mail.lastmikoi.net[212.83.147.35]:25: TLSv1.2 with cipher
ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Jun 25 15:12:23 albatross postfix/smtp[16480]: 3gz3jG3v0Mz7LjZ:
to=...@lastmikoi.net,
* Ralf Hildebrandt r...@sys4.de:
Jun 25 15:12:23 albatross postfix/smtp[16480]: Untrusted TLS connection
established to mail.lastmikoi.net[212.83.147.35]:25: TLSv1.2 with cipher
ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Jun 25 15:12:23 albatross postfix/smtp[16480]: 3gz3jG3v0Mz7LjZ
* Viktor Dukhovni postfix-users@postfix.org:
On Mon, Jun 30, 2014 at 01:45:19PM +0200, Ralf Hildebrandt wrote:
Jun 25 15:12:23 albatross postfix/smtp[16480]: Untrusted TLS
connection established to mail.lastmikoi.net[212.83.147.35]:25:
TLSv1.2 with cipher ECDHE-RSA-AES256-GCM
I used to build Postfix like this:
make tidy
CCARGS='-Wl,--as-needed -I/usr/include/sasl -DHAS_CDB -DUSE_TLS -DHAS_PCRE
-DUSE_SASL_AUTH -DUSE_CYRUS_SASL' \
AUXLIBS=-Wl,--as-needed -lpcre -lssl -lcrypto -lcdb -lsasl2 -lnsl -lresolv
make makefiles \
time make -j
postfix stop; make -j upgrade
* Wietse Venema postfix-users@postfix.org:
Try without -Wl,--as-needed.
That was the culprit!
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc
After my initial (ultimately successful) attempts with shared=yes, I
gave dynamicmaps=yes a spin, like this:
make tidy
CCARGS=`pkg-config --cflags openssl libpcre libcdb` -DUSE_TLS -DHAS_PCRE
-DHAS_CDB -DHAS_LDAP \
AUXLIBS=`pkg-config --libs openssl` -lnsl \
AUXLIBS_CDB=`pkg-config --libs
* Wietse Venema wie...@porcupine.org:
Ralf Hildebrandt:
-DUSE_DYNAMIC_LIBS -DUSE_DYNAMIC_MAPS -g -O -I. -I../../include -DLINUX3
-Wl,-rpath,/usr/lib/postfix -o master master.o master_conf.o
master_ent.o master_sig.o master_avail.o master_spawn.o master_service.o
master_status.o
* Ralf Hildebrandt r...@sys4.de:
First, build without any extras. If that works, start adding
extras until it stops building.
Will do.
Current build status: It builds with TLS, CDB, PCRE.
Adding LDAP now
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669
* Ralf Hildebrandt r...@sys4.de:
Current build status: It builds with TLS, CDB, PCRE.
Adding LDAP now
Building with LDAP alone: works ok
Building with TLS, CDB, PCRE: works ok
Building with TLS, CDB, PCRE and LDAP together:
gcc -Wmissing-prototypes -Wformat -Wno-comment -I. -I../../include
* Wietse Venema postfix-users@postfix.org:
Ralf Hildebrandt:
I then replaced ld (a symlink to ld.bfd) with gold (ld.gold), and
everything would build happily.
1) Do you have a (pointer to a) description of the difference between
these programs?
http://wiki.gentoo.org/wiki/Gold
http
* Ralf Hildebrandt r...@sys4.de:
I then replaced ld (a symlink to ld.bfd) with gold (ld.gold), and everything
would
build happily.
Running, though, is another issue:
Jul 8 14:01:15 mail postfix/master[6676]: daemon started -- version
2.12-20140703, configuration /etc/postfix
Jul 8 14:01
* Viktor Dukhovni postfix-users@postfix.org:
On Tue, Jul 08, 2014 at 02:04:12PM +0200, Ralf Hildebrandt wrote:
Running, though, is another issue:
No idea what gentoo is up to, however try the following patch,
perhaps the shared object dependencies need to be explicit.
To test make
In my test on Ralf's system the above fixes the problem. Not
surprising, since with versioned symbols the shared objects need
to record the right symbol names at link time.
Shared objects generally need to record their dependencies explicitly,
rather than attempt to inherit them from the
* Viktor Dukhovni postfix-users@postfix.org:
On Thu, Jul 10, 2014 at 11:08:40AM +0200, Ralf Hildebrandt wrote:
Wietse wanted to avoid $(SYSLIBS) when linking the shared libraries,
and removed them from SHLIB_LD line, but they are indeed not optional
in many cases.
But when
* Patrick Ben Koetter postfix-users@postfix.org:
If you don't see it, you resolver cannot authenticated DNSSEC enabled domains.
Then you need to change that.
One solution would be to install unbound as local caching resolver
and then let resolv.conf point to 127.0.0.1
--
[*] sys4 AG
* tejas sarade tejas.a.sar...@gmail.com:
Hello,
I am trying to interpret two different MX lookup errors.
1) In first case Postfix generated NDR immediately and error message as
follows
dsn=5.4.4, status=bounced (Host or domain name not found. Name service
error for name=aaa-rus.ru
Is the Address verification functionality callable via an invocation
of the sendmail compatability binary?
Background: I'd like to use the existing functionality of
reject_unverified_recipient to verify recipient addresses from teh
command line.
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46
* A. Schulze s...@andreasschulze.de:
Benny Pedersen:
Ralf Hildebrandt skrev den 2014-09-19 11:20:
Is the Address verification functionality callable via an invocation
of the sendmail compatability binary?
sendmail -bv root
sure, simple :-)
but would be nice to simply get
I'm rebuilding 20140922 20140907 like this:
CCARGS=-DUSE_TLS -DHAS_PCRE -DHAS_CDB -DHAS_LDAP \
AUXLIBS=-lssl -lcrypto -lnsl \
AUXLIBS_CDB=-lcdb \
AUXLIBS_PCRE=-lpcre \
AUXLIBS_LDAP=-lldap -llber \
make makefiles shared=yes dynamicmaps=yes
make
While 20140907 ist building OK, I'm getting an
Currently I'm using smtp_fallback_relay but I don't want Address
verification probes to take that particular path.
How can I disable smtp_fallback_relay for the address verification
probes?
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der
* Viktor Dukhovni postfix-users@postfix.org:
On Mon, Sep 29, 2014 at 12:00:04PM +0200, Ralf Hildebrandt wrote:
Currently I'm using smtp_fallback_relay but I don't want Address
verification probes to take that particular path.
How can I disable smtp_fallback_relay for the address
Yes, but it also says:
Probe messages are like normal mail, except that they are never
delivered, deferred or bounced
Wait what?
- and -
Postfix assumes that an address is undeliverable when the nearest
MTA for the address rejects the probe, regardless of the reason for
rejection
* Wietse Venema postfix-users@postfix.org:
Robert Schetterer:
Am 29.09.2014 um 13:45 schrieb Noel Jones:
Is smtp_fallback_relay even used with a verification probe? I would
expect the probe to fail before it tries the fallback.
hm...
Since my upgrade to 2.12-20141013, I'm getting an unusual amount of those in my
mailq output:
3jHGY70x2gzBs34 3230 Tue Oct 14 14:39:39 sen...@charite.de
(TLS is required, but unavailable)
* Ralf Hildebrandt r...@sys4.de:
Since my upgrade to 2.12-20141013, I'm getting an unusual amount of those in
my mailq output:
With 2.12-20141001 (same config!)
Oct 15 11:05:34 mail2 postfix/smtp[5903]: Host offered STARTTLS:
[smtp.entelnet.bo]
Oct 15 11:05:35 mail2 postfix/smtp[5903
* A. Schulze s...@andreasschulze.de:
Ralf Hildebrandt:
When I have more time I can test other versions in between.
you may force problematic destination to plaintext (smtp_tls_policy_maps) or
ignore the STARTTLS announcement (smtp_discard_ehlo_keyword_address_maps)
Well yes.
both
* Ralf Hildebrandt r...@sys4.de:
* Ralf Hildebrandt r...@sys4.de:
Since my upgrade to 2.12-20141013, I'm getting an unusual amount of those
in my mailq output:
With 2.12-20141001 (same config!)
I *JUST* found that the change was introduced between
postfix-2.12-20141009 (working
* Christian Rößner c...@roessner-network-solutions.com:
Hi,
simple question:
at which point adds Postfix the Return-Path header? Which component is doing
that?
I think the LDA (pipe/local)
Is it also possible to see this header in a milter? In my tests on a
submission connector, I do
Something along the lines of:
smtp_tls_policy_maps = cdb:/etc/postfix/tls-policy
but for smtpd (if a connection comes in from $HOST, then require
encrypt, reject otherwise)
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München,
* Francis SOUYRI francis.sou...@apec.fr:
Hello,
On our postfix 2.10.1 we have some mails sent (?) with in the log
the code 250 Queued! and not 250 OK what does it mean ?
Please show the entire log line. Some OTHER server might say 250
Queued etc. - as long as it says 250 SOMETHING it's OK!
* J. Echter j.ech...@echter-kuechen-elektro.de:
Jun 22 10:26:38 mule postfix/smtp[6901]: fatal: unknown service: smtp/tcp
postfix check
is reporting what?
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht
* Postfix User postfix-users@postfix.org:
I hope this isn't too stupid of a question. I have been finding this event
logged in maillog for the past several days:
Jul 16 08:50:38 scorpio postfix/smtpd[69563]: connect from
localhost[127.0.0.1]
Jul 16 08:50:38 scorpio postfix/smtpd[69563]:
* Ray r...@toolfactory.net:
Hello,
we are a travel agency and have lot's of outbound email (confirmations,
vouchers, etc.). What I want to integrate now is DSN report information in
our backend management software. We want the agent in the callcenter be able
to see an email has been
> I’m seeing this in the mail.log
>
> warning: cidr map /usr/local/etc/postfix/msft_whitelist.cidr, line 36:
> non-null host address bits in "207.68.169.173/30", perhaps you should use
> "207.68.169.172/30" instead: skipping this rule
> Nov 26 11:39:25 zeus postfix/postscreen[29402]: warning:
* Jack Bates :
> LOCAL(8) DELIVERY RIGHTS says: "Deliveries to external files and
> external commands are made with the rights of the receiving user on
> whose behalf the delivery is made."
>
> So I put "nottheoilrig: /mnt/nottheoilrig/" in /etc/aliases (alias_maps)
>
* Ralf Hildebrandt <r...@sys4.de>:
> * Jack Bates <vgn...@nottheoilrig.com>:
> > LOCAL(8) DELIVERY RIGHTS says: "Deliveries to external files and
> > external commands are made with the rights of the receiving user on
> > whose behalf the delivery is made.&
>From my log:
Jul 23 03:58:52 mail-cbf postfix/postscreen[36326]: NOQUEUE: reject: RCPT from
[106.10.151.33]:58305: 450 4.3.2 Service currently
unavailable; from=, to=,
proto=ESMTP, helo=
Jul 23 03:58:53 mail-cbf postfix/postscreen[36326]:
The complete log for 106.10.151.33:
> Jul 23 03:58:49 mail-cbf postfix/postscreen[36326]: CONNECT from
> [106.10.151.33]:58305 to [193.175.73.208]:25
> Jul 23 03:58:50 mail-cbf postfix/tlsproxy[56082]: CONNECT from
> [106.10.151.33]:58305
> Jul 23 03:58:51 mail-cbf postfix/tlsproxy[56082]:
* Wietse Venema :
> > What's odd here, is that the host always makes two parallel TLS
> > connections (you must have some "late" tests enabled to get all
> > the way to STARTTLS), with the first connection logging tempfailed
> > recipients and logging "PASS NEW", and
* Ralf Hildebrandt <r...@sys4.de>:
> * li...@lazygranch.com <li...@lazygranch.com>:
> > body { font-family: "Calibri","Slate
> > Pro",sans-serif,"sans-serif"; color:#262626 } > lang="en-US">I've got this
> > RB
* li...@lazygranch.com :
> body { font-family: "Calibri","Slate
> Pro",sans-serif,"sans-serif"; color:#262626 } lang="en-US">I've got this
> RBLhttps://spamrl.com/;that claims my server is
> doing a dictionary search. I see nothing in the maillog. I have checked for
* Matthew McGehrin :
> Hello.
>
> I would check your local system to see if you have any rogue perl
> processes running. These are generally the cause of being blacklisted
> for a dictionary attack, which implies that a script is running on your
> local server.
>
>
> : host smx1.web-hosting.com[209.188.21.38] said: 550
> The
> sending IP (my dotted quad) is listed on https://spamrl.com as a source of
> dictionary attacks. (in reply to end of DATA command)
That would mean that something tried logins against a POP/IMAP/SMTP
* li...@lazygranch.com :
> This is probably more of a freebsd question, but it seems to me that Postfix
> should be hogging (bound) to the mail ports, so if something is sending
> email, it has to be using Postfix.
No. Sending can be done by other processes as well, since
* Matthew McGehrin :
> Hello.
>
> Your assuming that port 25 needs to be open on the local side to send
> mail. this is not the case. There are two possibilities here.
>
> 1. A dirty IP was assigned to your server, and that the previous owner
> had a spam issue.
* Mark Van Crombrugge :
> At this point I receive the above e-mail.
>
> In the e-mail details below, I can find that the message is sent by
> ironp...@ucr.ac.cr but even adding this e-mail address to the Postfix
> blacklist has no effect.
Why not block the
* Wietse Venema :
> Last month it was 20 years ago that I started writing Postfix code.
> After coming to IBM research in November 1996, I spent most of
> December and January making notes on paper. I knew that writing a
> mail system was more work than any of my prior
* Alex Hall :
> I just sent a test message to my work address. The log is below. Following
> that, I'll post postconf -n. Obviously, I've changed the server name to
> just 'server' and our domain to 'domain.com'. After I send this, I'm going
> to enable debug-level logging and
* Nikolaos Milas :
> On 24/10/2016 5:15 μμ, Fazzina, Angelo wrote:
>
> > Can't you use REGEX to write a rule to catch them, and then decide what you
> > want to do with those emails ?
>
> Would the following be valid?
>
> smtpd_recipient_restrictions =
> ...
>
* Jack Raats :
> Hi everyone,
>
>
>
> Please help me!!!
>
>
>
> Since last tuesday my mailservers cann’t deliver email to an outlook.com
> controlled domain. Before tuesday everything was ok.
>
> Accoording to microsoft my postfix server doesn’t comply with the several
* Florian Piekert :
> Nov 3 08:50:30 blueberry postfix/tlsproxy[8057]: SSL_accept:unknown state
I checked my logs and couldn't find any log entries like the one above.
Hm, I am not using smtp(d)_tls_loglevel=2, but 1.
> smtp_tls_loglevel = 2
> smtpd_tls_loglevel = 2
--
* Ralf Hildebrandt <r...@sys4.de>:
> * Zalezny Niezalezny <zalezny.niezale...@gmail.com>:
> > As I see here header_checks can do it. There is only one problem. This rule
> > searching for a subject with string [MASSMAIL] and replacing complete
> > subject line wit
* Zalezny Niezalezny :
> As I see here header_checks can do it. There is only one problem. This rule
> searching for a subject with string [MASSMAIL] and replacing complete
> subject line with word "test".
>
> /^Subject:.*[MASSMAIL].*/ REPLACE Subject: test
* Mario Theodoridis :
> Hi everyone,
>
> i'm having a curious issue with our postfix instance.
>
> It seems it is sending emails to a domain's A record when no MX is found.
>
> Is that standard?
Yes.
> If so, can i disable this somewhere?
No.
> connect to
* Sean Son :
> Hello all
>
> We have over a thousand messages from a certain user that are stuck in our
> mail queue. Is there a way to move those messages to the HOLD queue for
> now? I want to move all messages from that specific sender, to the HOLD
> queue.
* Ralf Hildebrandt <r...@sys4.de>:
> In my log I found this:
>
> Jul 21 07:23:09 mail-cvk postfix/smtp[7329]: 3xDK0Z6RBRz1Z1wy: enabling PIX
> workarounds: disable_esmtp delay_dotcrlf for mail.unimed.de[62.154.176.144]:25
>
> According to
> http://www.electric
In my log I found this:
Jul 21 07:23:09 mail-cvk postfix/smtp[7329]: 3xDK0Z6RBRz1Z1wy: enabling PIX
workarounds: disable_esmtp delay_dotcrlf for mail.unimed.de[62.154.176.144]:25
According to
http://www.electric-spoon.com/doc/postfix/html/postconf.5.html#smtp_pix_workaround_maps
"By default,
postconf complains:
/usr/sbin/postconf: warning: ldap:/etc/postfix/laborberlin.com.cf: unused
parameter: start_tls=yes
according to http://www.postfix.org/ldap_table.5.html
STARTTLS can be turned on with the start_tls parameter:
start_tls = yes
Both forms require LDAP protocol version 3,
* Ralf Hildebrandt <r...@sys4.de>:
> postconf complains:
> /usr/sbin/postconf: warning: ldap:/etc/postfix/laborberlin.com.cf: unused
> parameter: start_tls=yes
>
> according to http://www.postfix.org/ldap_table.5.html
postfix-3.3-20170716 is complaining,
postfix-3.3-201706
> Here is my configuration: https://pastebin.com/EKHvEveC
postconf -n
would be more appropriate, I think
--
[*] sys4 AG
https://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München
Sitz der Gesellschaft: München, Amtsgericht
* Davide Marchi :
> Hello friends,
> On Debian Jessie I would like to enable OpenDKIM on my two Postfix
> servers.
For signing when sending out mails?
> My question is how to behave with the secondary backup server.
> Enable it as on the first and then I copy the key from first
* @lbutlr :
> [This message bounced because the words "c h a n g e" and "a d d r e s s"
> were on the same line.]
>
> I currently have recipient_bcc.pcre:
>
> if !/backup.*@/
> /^([^+_]*).*@(.*)/ backup+${1}.${2}@localdomain.tld
> endif
>
> I would like to change
> this
* Wietse Venema <postfix-users@postfix.org>:
> Ralf Hildebrandt:
> > % postconf -h queue_directory
> >
> > gives me a lot of LDAP related warnings:
> >
> > postconf: warning: ldap:/etc/postfix/laborberlin.com.cf: unused parameter:
> > query_filter=(
% postconf -h queue_directory
gives me a lot of LDAP related warnings:
postconf: warning: ldap:/etc/postfix/laborberlin.com.cf: unused parameter:
query_filter=(proxyAddresses=smtp:%s)
postconf: warning: ldap:/etc/postfix/laborberlin.com.cf: unused parameter:
start_tls=yes
postconf: warning:
* Wietse Venema :
> Postfix snapshot 20180617, released a few minutes ago, introduces
> Postfix SMTP client support for multiple deliveries per TLS-encrypted
> connection.
Testing here.
--
[*] sys4 AG
https://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München
> 84A19B389 1256 Wed Jun 13 16:03:45 byrn...@harte-lyne.ca
> (delivery temporarily suspended: connect to
> inet07.hamilton.harte-lyne.ca[216.185.71.27]:25: Can't assign
> requested address)
...
> smtp_bind_address = 127.0.31.1
That's why. I think.
--
[*] sys4 AG
https://sys4.de, +49
* Wietse Venema :
> Ralf Hildebrandt:
> > * Ralf Hildebrandt :
> >
> > > Error inducing change was introduced between postfix-3.4-20180603 and
> > > postfix-3.4-20180605-nonprod
> >
> > I also tried postfix-3.4-20180603-nonprod which seems to be
* Ralf Hildebrandt :
> Error inducing change was introduced between postfix-3.4-20180603 and
> postfix-3.4-20180605-nonprod
I also tried postfix-3.4-20180603-nonprod which seems to be working
ok! So I guess it must have been between postfix-3.4-20180603-nonprod
and postfix-3.4-20180605-n
> Also released as postfix-3.4-20180618.
postfix-3.4-20180618. Is crashing for me:
Jun 19 09:39:10 mail postfix/qmgr[12033]: warning: private/smtp socket:
malformed response
Jun 19 09:39:10 mail postfix/qmgr[12033]: warning: transport smtp failure --
see a previous warning/fatal/panic logfile
* Ralf Hildebrandt :
> > Also released as postfix-3.4-20180618.
>
> postfix-3.4-20180618. Is crashing for me:
>
> Jun 19 09:39:10 mail postfix/qmgr[12033]: warning: private/smtp socket:
> malformed response
> Jun 19 09:39:10 mail postfix/qmgr[12033]: warning: transpor
* Ralf Hildebrandt :
> > Also released as postfix-3.4-20180618.
>
> postfix-3.4-20180618. Is crashing for me:
>
> Jun 19 09:39:10 mail postfix/qmgr[12033]: warning: private/smtp socket:
> malformed response
> Jun 19 09:39:10 mail postfix/qmgr[12033]: warning: transpor
> > Jan 15 00:42:42 mailrelay postfix/qmgr[5601]: 8EF0980973:
> > from=<...@oconee.k12.sc.us>, size=2408, nrcpt=1 (queue
> >
* Mario :
> Mar 18 17:21:25 jessie postfix/proxymap[873]: warning: connect to mysql
> server localhost: Can't connect to local MySQL server through socket
> '/var/run/mysqld/mysqld.sock' (2 "No such file or directory")
a) is the mysql server running?
b) does
* Viktor Dukhovni :
> Ralf, please try just this patch against the stock 20180618 snapshot,
> and check as many of the below as you can:
>
> * The crashes are gone
> * DANE is still used when expected
> * TLS connection re-use happens under sustained load
>
> We might want to log some
1201 - 1300 of 1367 matches
Mail list logo