Sangeeta Joneja wrote: >> On 11/9/06, Kenneth Gonsalves <[EMAIL PROTECTED]> wrote: >>> >>> On 09-Nov-06, at 10:29 AM, Sangeeta Joneja wrote: >>> >>>> We are running Ubuntu 5.10 / Kolab 2.0 on our mail server whose IP >>> which ISP? static IP or dynamic IP? >>> >>> >> It's static IP. > > > We have a broad band connection (DSL) from Airtel with static IP. On router > we have opened the ports 993 (IMAP/SSL), 995 (POP3/SSL), 465 (SMTP/SSL). I > am hereby giving you the configuration parameters for postfix. Output of > postconf -n > > alias_database = hash:/kolab/etc/postfix/aliases > alias_maps = hash:/kolab/etc/postfix/aliases > broken_sasl_auth_clients = yes > canonical_maps = hash:/kolab/etc/postfix/canonical > command_directory = /kolab/sbin > config_directory = /kolab/etc/postfix > content_filter = smtp-amavis:[127.0.0.1]:10024 > daemon_directory = /kolab/libexec/postfix > default_privs = kolab-n > local_recipient_maps = $virtual_maps > mail_owner = kolab > mailbox_transport = kolabmailboxfilter > masquerade_domains = $mydomain > masquerade_exceptions = root > message_size_limit = 20971520 > mydestination = $mydomain example.com example1.com > mydomain = example.com > myhostname = example.com > mynetworks = 127.0.0.0/8 our local network(x.0.0.0)/8 > myorigin = $mydomain > queue_directory = /kolab/var/postfix > recipient_delimiter = + > relay_domains = > relayhost = > relocated_maps = hash:/kolab/etc/postfix/relocated > setgid_group = kolab-r > smtpd_recipient_restrictions = > permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination, > reject_unlisted_recipient, check_policy_service > unix:private/kolabpolicy,reject_rbl_client > sbl-xbl.spamhaus.orgreject_rbl_client > spamcop.net > smtpd_sasl_auth_enable = yes > smtpd_sasl_local_domain = > smtpd_sasl_security_options = noanonymous > smtpd_sender_restrictions = check_sender_access > hash:/kolab/etc/postfix/restricted_senders > smtpd_starttls_timeout = 300s > smtpd_timeout = 300s > smtpd_tls_auth_only = yes > smtpd_tls_cert_file = /kolab/etc/kolab/cert.pem > smtpd_tls_key_file = /kolab/etc/kolab/key.pem > smtpd_tls_received_header = no > smtpd_tls_session_cache_timeout = 3600s > smtpd_use_tls = yes > tls_random_source = dev:/dev/urandom > transport_maps = hash:/kolab/etc/postfix/transport, ldap:ldaptransport > >
<rant>CBL sux, its a complete and total waste of time and people's resources. Someone should walk over and give them a solid whack on their head!</rant> Is your machine claiming to be something that it isnt ? eg. if you say that you are 'example.com' does example.com resolve back to your IP ? ( well, MX for example.com that is ). Even claiming to be localhost.localdomain wont work. To see what you are calling yourself, "telnet <yourpublic IP> 25", that should give you a good idea. Easiest workaround, just disable the greeter from showing any domain name. Thats what the spammers do, and it effectively renders cbl useless. The other thing is to just firewall off the cbl netblock, so they can never check your :25 at all. <further rant>Whlie you are out whacking the CBL guys, make sure you get a good whack at all the idiots who actually use CBL to score against </further rant> -- Karanbir Singh : http://www.karan.org/ : [EMAIL PROTECTED] _______________________________________________ ilugd mailinglist -- [email protected] http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/[email protected]/
