DevHeads.net

Postings by =?windows-1252?Q?L.P.H._van_Belle?=

question about envelop from.

Hai,
 
Im reading through rfc's but the following is still not clear for me.
 
E-mail is rejected base on the envelop-from adres from a mail-daemon with postfix + postfix-policyd-spf
 
I saw the following in the postfix logs.

request improved logging for postfix.

Hello,

 

After the message from yesterday, im asking if the postfix logging can be changed.

To improve the loggings and a better more clear reject message.

 

A small change maybe, i dont know, i’ll show what i mean below.

Maybe im totaly incorrect here so correct me if needed.

 

Now, Im running Debian Wheezy, postfix ( debian backport ) 2.11.2-1~bpo70+1.

DNS round robin on helo?

Hello,

 

I couldnt find this on the internet and is was thinking, the postfix list wil know this.

Customer send email which are rejected by my server.  I thinks that is correctly rejected.

 

Now i digged into this and i found the following but i dont know if this is allowed by RFC.

To me this should not be done but if someone can conform this, that would make me happy.

Re: permit after all

paul, check if there are messages still in queue. 

i had a comprimized account also and same as you it didnt stop. it did after clearing up the queue list.

the user in question has used its email and pass om a website which was  omprimized, at least thats what i think. 

i my case i allow my users only from specific countries for smtp, 
limited by firewalling.

postfix sasl auth required

Hai,

 

Im testing out my servers and i noticed the following

 

telnet localhost 587

Trying ::1...

Connected to localhost.

Escape character is '^]'.

220 mail.mydomain.tld ESMTP Ready

ehlo localhost

250-mail.mydomain.tld

250-PIPELINING

250-SIZE 15360000

250-VRFY

250-ETRN

250-STARTTLS

250-ENHANCEDSTATUSCODES

250-8BITMIME

250 DSN

 

 

Im missing my

250-AUTH here after starttls.

Or is this because the :  "smtpd_tls_auth_only = yes" 

 

I cant figure out what i missed, of if by default if : "smtpd_tls_auth_only = yes". Is set no auth is offered?

FW: SSL Renegotiation Attack "Disabling reneotiation"

Hai,

As far as i know, no.

Unless you are forceing all clients to use SSLv2 only (since that doesn't support renegotiation).
Are you sure you want to disable it and not just prevent old clients from
using the vulnerable renegotiation methods? If it's the last
you'll need to upgrade to 2.8+ to get access to tls_disable_workarounds.

you have 2 problems.
- One is the vulnerable methods
- the other is renegotiation is considered a denial of service vulnerability..

You really dont have any option to upgrade..
Whats the os your running?

SOLVED.. FW: ldap virtual split domain and forwarding.

Finaly i did found the problem.

In the end i did add the ldap ldap://etc/postfix/zarafa-ads-*-aliases.cf in the aliases_map
and all the redirects in the virtual_alias_maps

and now i did some testing with an e-mail address, .. which did not have any typos in the email adres in ldap.
that was where my error was.

Greetz,

Van: <a href="mailto: ... at bazuin dot nl"> ... at bazuin dot nl</a> [mailto:owner-postfix- ... at postfix dot org] Namens L.P.H.

ldap virtual split domain and forwarding.

Hai,

Im new to the list, so tell me if im do-ing something wrong..
in advance, .. sorry for my english, and sorry for the long explanation..
better to much than to little imo.

Im having the following setup.

Debian Jessie 8.1 with packages, running a zarafa mail server samba 4 AD domain,
I have amost all info i want in the AD, but im having problems with some e-mail aliases and forwarding of these.