I'm trying to remove greylisting all together in my setup as I only see it breaking stuff for me.
I can't find out how to do this though. Anyone have instructions on how to do this?
I'm trying to remove greylisting all together in my setup as I only see it breaking stuff for me.
I can't find out how to do this though. Anyone have instructions on how to do this?
Are you talking about postscreen?
https://wiki.zimbra.com/wiki/Zimbra_Collaboration_Postscreen
https://community.zextras.com/what-is-zimbra-postscreen/
I'm trying to remove greylisting all together in my setup as I only see it breaking stuff for me.
I can't find out how to do this though. Anyone have instructions on how to do this?
Are you talking about postscreen?
https://wiki.zimbra.com/wiki/Zimbra_Collaboration_Postscreen
Actually I don't know what part of zimbra does the greylisting part. Might be postscreen.
All I know is greylisting is a problem when getting emails from some providers or MFA codes or password reset links that needs to be done in a short time.
Right now I have services I can not reset password for or login to as the link or code takes to long to come through that the longin/reset time timeouts.
Thats why I need to remove greylisting all together. Not sure how to do this, I have googled but I can not find a real answer for it.
I'm trying to remove greylisting all together in my setup as I only see it breaking stuff for me.
I can't find out how to do this though. Anyone have instructions on how to do this?
Are you talking about postscreen?
https://wiki.zimbra.com/wiki/Zimbra_Collaboration_Postscreen
Actually I don't know what part of zimbra does the greylisting part. Might be postscreen.
All I know is greylisting is a problem when getting emails from some providers or MFA codes or password reset links that needs to be done in a short time.
Right now I have services I can not reset password for or login to as the link or code takes to long to come through that the longin/reset time timeouts.
Thats why I need to remove greylisting all together. Not sure how to do this, I have googled but I can not find a real answer for it.
As zimbra run the following syntax :
zmprov mcf zimbraMtaPostscreenAccessList 'permit, permit_mynetworks'
After that restart mta
Finally verify if postfix config is correctly rewritten:
postconf |grep postscreen_access_list
If nothing has changed probably is defined at server level, then you need to modify by modifyServer zmprov comand.
Remember that postscreen is something that help you to fight spam and bot system, there are different way to fix sending delay ( example whitelist ip etc etcc.. )
I suggest you to read/study postscreen manual https://www.postfix.org/POSTSCREEN_README.html
I'm trying to remove greylisting all together in my setup as I only see it breaking stuff for me.
I can't find out how to do this though. Anyone have instructions on how to do this?
Are you talking about postscreen?
https://wiki.zimbra.com/wiki/Zimbra_Collaboration_Postscreen
Actually I don't know what part of zimbra does the greylisting part. Might be postscreen.
All I know is greylisting is a problem when getting emails from some providers or MFA codes or password reset links that needs to be done in a short time.
Right now I have services I can not reset password for or login to as the link or code takes to long to come through that the longin/reset time timeouts.
Thats why I need to remove greylisting all together. Not sure how to do this, I have googled but I can not find a real answer for it.
As zimbra run the following syntax :
zmprov mcf zimbraMtaPostscreenAccessList 'permit, permit_mynetworks'After that restart mta
Finally verify if postfix config is correctly rewritten:
postconf |grep postscreen_access_listIf nothing has changed probably is defined at server level, then you need to modify by modifyServer zmprov comand.
Remember that postscreen is something that help you to fight spam and bot system, there are different way to fix sending delay ( example whitelist ip etc etcc.. )
I suggest you to read/study postscreen manual https://www.postfix.org/POSTSCREEN_README.html
Will this not allow everyone to send through my server?
Can you explain to me exactly what this does before I implement it?
Right now the config is: postscreen_access_list = permit_mynetworks
Regards
Daniel
@daz This will disable postscreen analysis because this told postscreen to trust every connection from internet... postscreen is not postfix .
i suggest you to study postfix : https://www.postfix.org/postconf.5.html#mynetworks
After that try to send an email using telnet and see what happen.
@daz This will disable postscreen analysis because this told postscreen to trust every connection from internet... postscreen is not postfix .
i suggest you to study postfix : https://www.postfix.org/postconf.5.html#mynetworks
After that try to send an email using telnet and see what happen.
But I don't want to trust all networks, I just want to turn off greylisting and still keep all other filters active. Greylisting creates too much problems than it fixes now.
@daz Postscreen = Greylist , the only way to disable it is to whitelist all the network. Please re-read all the topics and manual before proceeding to ask same things.
@daz Postscreen = Greylist , the only way to disable it is to whitelist all the network. Please re-read all the topics and manual before proceeding to ask same things.
Postscreen is so much more than greylisting.It's also DNSBL and I do not want to remove that part of the filters.
@daz Dnsbl can be used directly to postfix, i suggest you to read postfix or zimbra documentation, here an example:
zmprov ms `zmhostname` +zimbraMtaRestriction 'RBL type you want'
Postscreen was implement as first layer of test and protect postfix ( useful if you have a lot of email traffic, small server not need at all ... )
If you want to continue to test postscreen configuration i suggest to try to disable all the postscreen feature https://community.zextras.com/how-to-use-zimbra-postscreen/ and set zimbraMtaPostscreen.*Action to ignore and then enable one at time and test it.
I hope that you can find a good solution for your server.