Search results

Which previous threads? One thing that is related and changed with PMG 8.2 was that you can now set the admin-from address in the GUI https://pmg.proxmox.com/wiki/index.php/Roadmap#Proxmox_Mail_Gateway_8.2 https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#_options This should fix the...

allgemein: bitte text output als text pasten in code-blocks - aus screenshots laesst sich schwer pasten... ansonsten - sieht das komisch aus - vielleicht eine firewall am pmg-host (iptables, nftables) die connections auf 127.0.0.1 unterbindet?

naja - der screenshot weiter oben zeigt, dass `127.0.0.1` als DNS Server eingetragen ist - 127.0.0.1 ist localhost und somit das PMG... Normalerweise läuft auf dem PMG aber kein DNS-Server außer er wurde vom Admin eingerichtet z.B. dem pmg-wiki folgend...

10GbE will most likely be a bottle-neck for ceph - I can recommend checking out our Ceph Benchmark paper from 2023/2024 - this should give you a good starting point: https://www.proxmox.com/images/download/pve/docs/Proxmox-VE-Ceph-Benchmark-202312-rev0.pdf I hope this helps!

Wie sehen da die logs aus? Nur der Vollständigkeit halber: Wenn ein DNS-Resolver auf dem PMG läuft wuerde ich den auch verwenden - Google DNS sind für Mail Verarbeitung nicht gut geeignet (da sie bei den allermeisten DNSBL über sämtlichen Limits sind).

wenn die Auflösung prinzipiell funktioniert (wonach der screenshot aussieht) dann wird as mit dem timeout bei ping wahrscheinlich an einer firewall liegen, die das verbietet. Hängt PMG direkt am Internet - oder gibt es noch anderes Equipment/Firewalls/Proxies davor - die vl. auch die mail...

ist auf 127.0.0.1 (sprich auf dem PMG selbst) auch wirklich ein DNS-Server konfiguriert ? funktioniert dns-aufloesung (auf der commandline vom pmg einfach mal `ping -c 4 google.com` versuchen und schauen ob es innerhalb von 1 Sekunde antworten gibt)?...

T_SPF_TEMPERROR kann auf eine Problem bei der Konfiguration der DNS-Server hindeuten - also das mal überprüfen... ansonsten - bitte die logs zu den mails teilen - vl. zeigen die wo das Problem ist.

then you need to install jq - `apt install jq`

which threads are you referring to? in general for selective deletion of postfix queue - I can recommend combining `postqueue -j` (JSON-output) with a `jq` filter e.g.: postqueue -j |jq -r 'select( .sender == "address@of.hacked.sender" )|.queue_id' check the outputs before and make sure that...

If possible please share the complete logs as text (either attached or in a code-block) - it makes looking through them much faster/more comfortable. not sure if the screenshot captures everything - or if smtpd had an error regarding TLS configuration before - but the only thing that we see...

That's odd - and I haven't encountered this until now - the directory on a few test-instances here is < 100M ... I'd check the postgresql log, and the journal for any potential issues that might explain this. do you have any modifications in place? - did you adapt the postgresql configuration?

please share the logs of your PMG2 (after restarting postfix) when the error occurs - this might help to find the issue.

the PMG cluster-stack does not use postgresql replication to synchronize the rules, so this should not be the cause for the files in the pg_wal directory. * How did you come to the conclusion that the PMG cluster stack is the reason? * Why are the files problematic?

Greylisting works by sending a temporary error-code (4xx) to the sender - all sensible mail-servers will try to resend that mail after a short while (5 minutes) - and then it will pass (and the triple sender-email,recipient-email,sender-ip will not be delayed again for 30 days). That's because...

Which DNSBL's are you referring to? - if the mails are blocked by postscreen in the mail-proxy this is the earliest where PMG offers such blocking. The mail filter/rule system always runs in pmg-smtp-filter and will always use some resources (mails are first evaluated for the from/to/what/when...

Why would this be nice? - At least in my experience it's nothing too common - and it does not help if you chose to change e-mail providers either While dated - and maybe not too current - I still think the points in https://www.ietf.org/rfc/rfc1912.txt have some merit. Apart from that I still...

Why do you need more than 5 domains? - Keep in mind that it is not necessary to have all domains that are sending/receiving mail through a PMG listed in the certificate! * usually you point the MX record of the domain to the hostname of PMG - so it should be enough to list that * additionally...

The matches for Who Objects (the default Blacklist rule has a Who object with the same name) does not match subdomains for domain-objects. You can use a Regular Expression object for this: `.*xxxx.com` will match everything ending with xxxx.com (including xxxx.com itself). I hope this helps!

please share the complete journal - not just the beginning - probably better to attach it instead of pasting .... the part you shared shows nothing special/problematic - but is only the start of a normal boot (with an older kernel pointing to an outdated Proxmox VE version)....