From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-132130-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1RY64c-0003YY-90
	for garchives@archives.gentoo.org; Wed, 07 Dec 2011 01:13:26 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id E7F7921C0EB;
	Wed,  7 Dec 2011 01:13:16 +0000 (UTC)
Received: from svr-us4.tirtonadi.com (svr-us4.tirtonadi.com [69.65.43.212])
	by pigeon.gentoo.org (Postfix) with ESMTP id 4496C21C034
	for <gentoo-user@lists.gentoo.org>; Wed,  7 Dec 2011 01:11:41 +0000 (UTC)
Received: from mail-bw0-f53.google.com ([209.85.214.53])
	by svr-us4.tirtonadi.com with esmtpsa (TLSv1:RC4-SHA:128)
	(Exim 4.69)
	(envelope-from <pandu@poluan.info>)
	id 1RY62u-003DUM-VE
	for gentoo-user@lists.gentoo.org; Wed, 07 Dec 2011 08:11:41 +0700
Received: by bkbzu5 with SMTP id zu5so14635bkb.40
        for <gentoo-user@lists.gentoo.org>; Tue, 06 Dec 2011 17:11:36 -0800 (PST)
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Received: by 10.180.85.162 with SMTP id i2mr20507246wiz.22.1323220296876; Tue,
 06 Dec 2011 17:11:36 -0800 (PST)
Received: by 10.223.103.70 with HTTP; Tue, 6 Dec 2011 17:11:36 -0800 (PST)
Received: by 10.223.103.70 with HTTP; Tue, 6 Dec 2011 17:11:36 -0800 (PST)
In-Reply-To: <CAN0CFw3hwhiqk9vAOtrzLpBC90qs3DScDyP9Ey_wLCQpsSUz3Q@mail.gmail.com>
References: <CAN0CFw11Fh48TzBLst=TWz5ccDpEdOgmQKfr50ZRX8T8nTmrQg@mail.gmail.com>
	<4EDAA89F.3090308@orlitzky.com>
	<CAA2qdGV1NXgAB5AM4WA5uugnq-Bg0JBxED7jmAxkfrB23Rn_LA@mail.gmail.com>
	<4EDAD845.4010402@orlitzky.com>
	<CAN0CFw2oS5s6PrVPhYB7U58wR+m--q8hAzN4vcuF+PKFuO8f0Q@mail.gmail.com>
	<CAA2qdGU4=NQcUrFhyGrs5Qqh3dz=ooXucwmQWsA2OESUpWVr5g@mail.gmail.com>
	<4EDD6749.8030301@orlitzky.com>
	<CAN0CFw2XKj_J9KhMM9TKn3ee_5YgtoPmF7zKUfSn0e=Miaj8tw@mail.gmail.com>
	<4EDD9D88.7080407@orlitzky.com>
	<CAN0CFw3ET1dxx2gjVpHwDZhwkGA0827Oe4voOstCS-O-h_taNg@mail.gmail.com>
	<4EDE4CC1.1000808@orlitzky.com>
	<CAN0CFw3hwhiqk9vAOtrzLpBC90qs3DScDyP9Ey_wLCQpsSUz3Q@mail.gmail.com>
Date: Wed, 7 Dec 2011 08:11:36 +0700
Message-ID: <CAA2qdGUPPw+WnusOfN6CTcj5W3QnztSxvuAWWJFimWWuW5LpRA@mail.gmail.com>
Subject: Re: [gentoo-user] clamav and spamassassin
From: Pandu Poluan <pandu@poluan.info>
To: gentoo-user@lists.gentoo.org
Content-Type: multipart/alternative; boundary=f46d0444e9cbc140e004b3763b64
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - svr-us4.tirtonadi.com
X-AntiAbuse: Original Domain - lists.gentoo.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - poluan.info
X-Archives-Salt: c9588a80-1356-4776-80c0-5c9edaabca24
X-Archives-Hash: 609f9d36fe117969363fa657c36f93b8

--f46d0444e9cbc140e004b3763b64
Content-Type: text/plain; charset=UTF-8

On Dec 7, 2011 8:01 AM, "Grant" <emailgrant@gmail.com> wrote:
>
> > That will disable postgrey, but isn't enough to enable postscreen. There
> > are a couple of daemons you have to enable in master.cf (steps 2
through 6):
> >
> >  http://www.postfix.org/POSTSCREEN_README.html#enable
> >
> > That README refers to lines that are commented-out in master.cf; of
> > course, if you've upgraded from an earlier of postfix, you won't have
them.
>
> Don't you let etc-update add them for you?
>
> > What I did was to untar the latest postfix release under my home
> > directory, and find the master.cf that ships with it. Then, I
> > copy/pasted the lines mentioned in the README over to my real master.cf.
> >
> > After a restart, you should see lines like this in your mail log:
> >
> >  Dec  6 03:13:46 mx1 postfix/postscreen[2810]: CONNECT from ...
> >
> > that let you know its' working.
>
> Working now, thanks a lot.  I should only need the tlsproxy line if my
> users connect to port 25 to send mail, correct?
>

I've perused the relevant documentation, and to my knowledge you need to
enable tlsproxy if you want to use TLS, be it through port 25 or 587.

Don't forget to test it using openssl s_client.

Rgds,

--f46d0444e9cbc140e004b3763b64
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<p><br>
On Dec 7, 2011 8:01 AM, &quot;Grant&quot; &lt;<a href=3D"mailto:emailgrant@=
gmail.com">emailgrant@gmail.com</a>&gt; wrote:<br>
&gt;<br>
&gt; &gt; That will disable postgrey, but isn&#39;t enough to enable postsc=
reen. There<br>
&gt; &gt; are a couple of daemons you have to enable in <a href=3D"http://m=
aster.cf">master.cf</a> (steps 2 through 6):<br>
&gt; &gt;<br>
&gt; &gt; =C2=A0<a href=3D"http://www.postfix.org/POSTSCREEN_README.html#en=
able">http://www.postfix.org/POSTSCREEN_README.html#enable</a><br>
&gt; &gt;<br>
&gt; &gt; That README refers to lines that are commented-out in <a href=3D"=
http://master.cf">master.cf</a>; of<br>
&gt; &gt; course, if you&#39;ve upgraded from an earlier of postfix, you wo=
n&#39;t have them.<br>
&gt;<br>
&gt; Don&#39;t you let etc-update add them for you?<br>
&gt;<br>
&gt; &gt; What I did was to untar the latest postfix release under my home<=
br>
&gt; &gt; directory, and find the <a href=3D"http://master.cf">master.cf</a=
> that ships with it. Then, I<br>
&gt; &gt; copy/pasted the lines mentioned in the README over to my real <a =
href=3D"http://master.cf">master.cf</a>.<br>
&gt; &gt;<br>
&gt; &gt; After a restart, you should see lines like this in your mail log:=
<br>
&gt; &gt;<br>
&gt; &gt; =C2=A0Dec =C2=A06 03:13:46 mx1 postfix/postscreen[2810]: CONNECT =
from ...<br>
&gt; &gt;<br>
&gt; &gt; that let you know its&#39; working.<br>
&gt;<br>
&gt; Working now, thanks a lot. =C2=A0I should only need the tlsproxy line =
if my<br>
&gt; users connect to port 25 to send mail, correct?<br>
&gt;</p>
<p>I&#39;ve perused the relevant documentation, and to my knowledge you nee=
d to enable tlsproxy if you want to use TLS, be it through port 25 or 587.<=
/p>
<p>Don&#39;t forget to test it using openssl s_client. </p>
<p>Rgds, <br>
</p>

--f46d0444e9cbc140e004b3763b64--