summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Alex Dehnert [Sun, 11 Jun 2023 18:53:03 +0000 (14:53 -0400)]
Stop referencing IPs we haven't had for years
Possibly also stop being an open relay for a small corner of AWS...
Alex Dehnert [Mon, 22 Aug 2022 21:35:51 +0000 (17:35 -0400)]
Permanently reject unknown recipients
I think the setup is stable enough that immediate bounces are useful.
Alex Dehnert [Sun, 10 Jul 2022 23:08:39 +0000 (19:08 -0400)]
spam: Enable DKIM processing
- Add OpenDKIM as a milter to do signing and verification
- Switch to after-queue filtering (content_filter), because apparently
smtpd_proxy_filter prevents milters from getting the message DATA[1]. This
means if the spam filter rejects the message, we need to send a bounce,
rather than returning it in the same session, but I don't think I currently
have SpamAssassin rejecting anything, so that seems okay.
[1] https://mailing.postfix.users.narkive.com/8CT5J48q/milter-and-smtpd-proxy-filter
Alex Dehnert [Sun, 10 Jul 2022 17:56:50 +0000 (13:56 -0400)]
Allow IPv6 localhost in mynetworks
Otherwise, if a local sender (eg, mailman) happens to pick IPv6 instead of IPv4
to send over, it'll get relay access denied.
Alex Dehnert [Wed, 25 Aug 2021 19:03:40 +0000 (15:03 -0400)]
Allow bigger messages
This is bigger than GMail allows sending (25MB,
https://support.google.com/mail/answer/6584?hl=en&co=GENIE.Platform%3DDesktop#zippy=%2Cattachment-size-limit),
but smaller than they allow receiving (50MB,
https://support.google.com/a/answer/
1366776?hl=en).
Alex Dehnert [Sat, 26 Sep 2020 20:31:40 +0000 (16:31 -0400)]
Ignore makedefs.out
Alex Dehnert [Thu, 27 Jun 2019 06:13:22 +0000 (02:13 -0400)]
Disable sender transport map while we don't have extra IPs
Since olinda-local and olinda-forward IPs don't work now, there's not much
point to having the sender-dependent map to determine which outgoing IP to use.
Alex Dehnert [Mon, 6 May 2019 05:38:38 +0000 (01:38 -0400)]
Changes from Bionic (Ubuntu 18.04)
Alex Dehnert [Sun, 5 May 2019 09:20:42 +0000 (05:20 -0400)]
New configs for Xenial (16.04)
Alex Dehnert [Wed, 10 Oct 2018 07:36:48 +0000 (03:36 -0400)]
Only allow relaying from olinda, not all ET-net machines
Alex Dehnert [Sat, 11 Nov 2017 00:38:44 +0000 (19:38 -0500)]
Bump mailbox size limit to 512MB
This should hopefully eliminated errors like:
root@olinda:/etc/postfix# head /var/log/mail/dovecot-deliver.log
2017-11-01 06:43:39 lda(alex): Error: pwrite_full() failed with file /home/alex/.maildir/dovecot.index.cache: File too large (process was started with ulimit -f limit)
2017-11-01 06:58:13 lda(alex): Error: pwrite_full() failed with file /home/alex/.maildir/.Junk.server/dovecot.index.cache: File too large (process was started with ulimit -f limit)
2017-11-01 06:58:13 lda(alex): Error: pwrite_full() failed with file /home/alex/.maildir/.Junk.server/dovecot.index.cache: File too large (process was started with ulimit -f limit)
2017-11-01 07:19:39 lda(alex): Error: pwrite_full() failed with file /home/alex/.maildir/.Junk.server/dovecot.index.cache: File too large (process was started with ulimit -f limit)
2017-11-01 07:19:39 lda(alex): Error: pwrite_full() failed with file /home/alex/.maildir/.Junk.server/dovecot.index.cache: File too large (process was started with ulimit -f limit)
2017-11-01 07:20:45 lda(alex): Error: pwrite_full() failed with file /home/alex/.maildir/.Junk.server/dovecot.index.cache: File too large (process was started with ulimit -f limit)
2017-11-01 07:20:45 lda(alex): Error: pwrite_full() failed with file /home/alex/.maildir/.Junk.server/dovecot.index.cache: File too large (process was started with ulimit -f limit)
2017-11-01 07:31:56 lda(alex): Error: pwrite_full() failed with file /home/alex/.maildir/.Junk.server/dovecot.index.cache: File too large (process was started with ulimit -f limit)
2017-11-01 07:31:56 lda(alex): Error: pwrite_full() failed with file /home/alex/.maildir/.Junk.server/dovecot.index.cache: File too large (process was started with ulimit -f limit)
2017-11-01 07:38:38 lda(alex): Error: pwrite_full() failed with file /home/alex/.maildir/.Junk.server/dovecot.index.cache: File too large (process was started with ulimit -f limit)
See also https://wiki.dovecot.org/LDA/Postfix
Alex Dehnert [Wed, 1 Nov 2017 07:59:37 +0000 (03:59 -0400)]
Try to route outgoing messages through diff IPs depending on trust
Ideally, if there was auth on a message (kerberos/password remotely, or
legitimately sourced locally -- mailman messages dubiously count), we'd use one
IP, and forwarded messages (eg, mail to jim@ being forwarded to GMail) would
use another. That way, when GMail decided to hate the latter, the (more
important) former would still go through. I'm not quite sure how to decide
based on auth, so instead, I just whitelisting a few envelope senders, but it's
better than nothing.
See
https://serverfault.com/questions/663979/virtual-alias-domains-how-to-use-different-ip-addresses-when-forwarding-mail,
http://www.postfix.org/postconf.5.html#smtp_bind_address, and
http://www.postfix.org/postconf.5.html#sender_dependent_default_transport_maps
for some relevant docs.
Alex Dehnert [Sat, 20 May 2017 19:08:20 +0000 (15:08 -0400)]
New ET network, post-FSILG-renumbering
Alex Dehnert [Sun, 7 Aug 2016 07:10:02 +0000 (03:10 -0400)]
Stock postfix files?
Not sure what they are, but I guess I should commit them.
Alex Dehnert [Sun, 7 Aug 2016 07:08:48 +0000 (03:08 -0400)]
Add spamassassin support(?)
The master.cf change dates from Aug 22 2013, so I don't really remember...
Alex Dehnert [Sun, 7 Aug 2016 07:08:14 +0000 (03:08 -0400)]
Move cert to new local-certs directory
Alex Dehnert [Mon, 27 Aug 2012 05:37:36 +0000 (01:37 -0400)]
(old) Add localhost.dehnerts.com to mydestination
No, I don't know why this was necessary...
Alex Dehnert [Mon, 27 Aug 2012 05:29:00 +0000 (01:29 -0400)]
Add sqlite support
I strongly suspect this is upstream's fault, because I can't imagine
having cared...
Alex Dehnert [Thu, 30 Dec 2010 23:16:09 +0000 (18:16 -0500)]
Reduce the number of spampd processes
Alex Dehnert [Thu, 14 Oct 2010 06:27:51 +0000 (02:27 -0400)]
Bump various limits
Bumped spam filter related limits. Separately, increased
process limit in /etc/default/spampd.
Alex Dehnert [Fri, 30 Apr 2010 10:12:09 +0000 (06:12 -0400)]
Reduce connection limit
Alex Dehnert [Sat, 17 Apr 2010 03:39:52 +0000 (23:39 -0400)]
Punt SMTP line again
Alex Dehnert [Sat, 17 Apr 2010 03:23:33 +0000 (23:23 -0400)]
Enable spam filtering (hopefully?)
Alex Dehnert [Sat, 17 Apr 2010 03:10:14 +0000 (23:10 -0400)]
Permit TLS
Alex Dehnert [Wed, 3 Mar 2010 15:14:41 +0000 (10:14 -0500)]
Update mydestination
I don't understand why this is needed, but
previously I was getting errors about
alex@localdomain.localdomain not having an A
record. This seems to solve it...?
Alex Dehnert [Mon, 1 Mar 2010 02:15:27 +0000 (02:15 +0000)]
Update mydestination and mynetworks
* Allow all of ET to send mail (mynetworks)
* Add olinda{.mit.edu,.dehnerts.com,.dehnert.arctic.org} to mydestination
Alex Dehnert [Mon, 1 Mar 2010 02:08:50 +0000 (02:08 +0000)]
Grab copan's main.cf
root [Mon, 1 Mar 2010 02:06:11 +0000 (02:06 +0000)]
Add commented spam-killing config from copan
Alex Dehnert [Mon, 1 Mar 2010 01:59:56 +0000 (01:59 +0000)]
Stock Postfix install
projects / sysconfig / postfix.git / log