New #blog post: "Signing sieve vacation auto-reply messages with dkim using postfix for deliverability"
I start my holiday, during which I intend to do less computer-touching, but doing some holiday-related computer-touching with my mailserver.
@marcuwekling Großartige Idee! Ich bin (eh schon) dabei! 
#dutgemacht #ididit
Hier was ich derzeit schon so nutze:
- Eigener Mailserver #postfix #clamav #rspamd #roundcubemail #dovecot
- Notebooks auf #Linux
- #pfsense Firewall
- #thunderbird
Selber gehostete freie Dienste/Software derzeit:
- #Nextcloud
- #PaperlessNGX
- #Peertube
- #HomeAssistant
- #Mastodon
- #Matrix
- #Wordpress
Fremdgehostete freie Dienste:
- #pixelfed
- #bigbluebutton
- #letsencrypt
Leider kann ich meinen Windowsrechner noch nicht loswerden #gamer - aber das kommt bestimmt auch noch irgendwann... 
because running a mail server wasn’t fun enough: the Dovecot 2.3 → 2.4 update has tons of breaking config changes
(h/t to https://willem.com/blog/2025-06-04_breaking-changes/ for the exhaustive breakdown of the changes)
I have succeeded in configuring both Cyrus IMAP and Postfix to authenticate using an LLDAP server. Please clap.
I have a #SysAdmin question: is it okay to use a local, loopback-only SMTP server (#mailutils + #postfix) to allow a local web app to send mails directly? Without any login/passwd?
This works fine:
echo [boty] | mail -s [subject] [dest]
But I can’t make it work from my app (#ApacheAnswer), even though it does have an unauthenticated mode for SMTP. What am I missing?
Sending newsletters in bulk
Full post here. https://rene.seindal.dk/2025/06/17/sending-newsletters-in-bulk/
I have a newsletter — Venetian Stories about the history of Venice — with a couple of hundred recipients.
For some time, I have managed that with a free WordPress plugin. One of those with a PRO version, and every update shifted some functionality over to the paid version.
When I wanted to move the newsletter from my History Walks Venice site to a dedicated domain, there was no way of migrating the plugin data without moving to the PRO version. Several functions I had used for a long time, were no only available for payment.
Confronted with these futile complications, I decided to return to basics.
The newsletters would be sent from my mail application of choice, as HTML emails, with all the recipients in the BCC field.
#NerdSpeak Some mail senders are exposing internal, non-resolving host names in the EHLO/HELO phase when sending mails, causing my mail server to (correctly) refuse them. However, in some cases I have to begrudgingly accept their broken config as the mails they send are actually legitimate and important. Looking at you, Drillisch Online. Fix your shit. Anyway, here's how I did it on my #postfix server: https://codeberg.org/jwildeboer/gists/src/branch/main/2025/20250615HELOAllowlistPostfix.md
1/3
Against all odds I have configured a test Cyrus IMAP + Postfix server that both sends and receives email. 
It's jank as heck, and absolutely not a useful production setup, but it does "work", and only took 3 hours.
Any #postfix users know how to configure smtp_tls_wrappermode = yes for sending via a single relay, but not use it for others? I have things set up to relay via my outbound SMTP server to a few mail servers that all want STARTTLS over port 587, but now I want to add one that wants SMTPS over port 465. If I don't set smtp_tls_wrappermode = yes, it refuses to connect to the new server. If I do set it, it refuses to connect to the existing ones. There are some hints in the documentation that you can use transport_maps in some way, but I can't figure out how.
Y-en-a-t-il parmi vous qui ont mis en place dans #postfix un système de liste blanche de correspondants par utilisateur.
On a des clients qui utilisent Mailinblack et qui apprécient le système de captcha envoyé automatiquement en réponse aux expéditeurs inconnus.
Il doit y avoir moyen de faire quelque chose de similaire avec milter et/ou sieve
Nos boites mails sont administrées avec ISPConfig
Just going through the logs of my own mail server (Thanks, @mwl !) to extend my #postfix #fail2ban #regexp to ban hosts with too many unsuccesful login attempts. Knowing the user name pattern (example.com only letters, others with at least one dot) I came up with
'warning: .*\[<HOST>\]: SASL LOGIN authentication failed: .*sasl_username=<F-USER>(?:[^.]*@(?!example\.com)|[^.]*\.[^.]*@(?:example\.com))</F-USER>'
This works great.
This weekend's project:
Replaced my #Postfix #MTA #mailserver with a new one. I had been running a #Ubuntu based one since 2020, and it didn't deal well with an in-place upgrade.
New machine set up on #Debian 12, with a bunch of tips stolen from @mwl 's book Run Your Own Mail Server and from https://workaround.org/ispmail-bookworm/
Why can't I get a Docker container (using docker-compose) to access Postfix running on the host on port 25? 
I must be missing something, obviously 
Any takers?
@mavu We use #postfix in #chatmail setup, and so does @doncow
It is well-documented and in our setup at https://github.com/chatmail/server there are only two small postfix configs.
#fedihelp , please: I'm #selfhosting #dovecot and #postfix and running out of disk space with my mails reaching back into last century. I'd like to remove the oldest ones and keep an archive of any kind on a different host. What would be the easiest way to achieve that?
Maybe just imap-sync to some special maildir?
Edit:typo
Software that just works: #monit has been running for years, only sending me messages when something has triggered. I had forgotten it uses #postfix to deliver mail. I didn't know I had a mail server anymore :-). #Apache2 needed a restart after 8 years or so (haven't checked, maybe it is just 5), there was a memory leak somewhere.
Postfix 3.10 released with support for OpenSSL 3.5 post-quantum cryptography and for the TLSRPT protocol, logging changes
