Re: Incorrect rewrite on senders address
On Tue, Jan 17, 2023 at 11:29:51AM +0700, Olivier wrote: > recipient_canonical_maps = ldap:$config_directory/ldap_user_uncanonical, > ldap:$config_directory/ldap_deleted_uncanonical > sender_canonical_maps = ldap:$config_directory/ldap_canonical The most likely problem table is "sender_canonical_maps". By the way I strongly don't recommend using different settings in the sender and recipient canonical mappings, who's a header sender and who's a header recipient is in the eye of the beholder (consider what happens in replies). Making these different has poor semantics. > I have several rewrittings, all using LDAP, for example: > > more ldap_canonical > > # Rewrite user into firstname.lastname > server_host= ldaps://ldap.cs.ait.ac.th/ > search_base= ou=People,ou=csim,dc=cs,dc=ait,dc=ac,dc=th > query_filter = (&(mail=%s)(csimAccountPermission=mail)) > result_attribute= csimFullName > scope= one > version= 3 This uses "%s" (full address with domain), so should touch remote addresses. You could however configure a list of domains: domain = foo.example, bar.example, ... which are the only ones to look up in LDAP. On the other hand, what is this table doing, "csimFullName" does not sound like a mail address. Are you trying to include/update display names in the canonical table??? That can't work. > Jan 17 10:18:06 mail postfix/cleanup[32377]: warning: 873DF89283: > multi-valued sender_canonical_maps entry for olivier2...@gmail.com Something is not right here, that address should presumably not be listed in your > The rewritting is occuring because in the LDAP entry for user > olivier.nic...@cs.ait.ac.th, there is the value olivier2553@gmail > defined as an forwarding alias in the attribute mail (attribute used in > the canonical rule above). Your LDAP schema/data is broken. The "mail" attribute needs: - To be single-valued - To be the primary address of the user - MUST NOT be used for forwarding addresses, use a different attribute for that. > I have to dig in deeper and understand how to limit the rewritting of > the sender to outgoing messages. Your LDAP schema is a mess, you need to solve the problem at a different layer. See some of the examples in LDAP_README. -- Viktor.
Re: Incorrect rewrite on senders address
Thank you. Bill Cole writes: > On 2023-01-16 at 22:14:15 UTC-0500 (Tue, 17 Jan 2023 10:14:15 +0700) > Olivier > is rumored to have said: > >> Hello, >> >> This is a preliminary request before I gather all needed informations. >> >> I have a problem with rewriting: I received an email from an outside >> person and that person happens to have the same name as one of my >> user. The sender's address has been rewritten to that of my user. >> >> ie: j...@gmail.com sent me an email, I have a user joe on my system, >> the >> mail delivered in my mailbox was bearing the address from: >> j...@cs.ait.ac.th >> >> TYhis must be a mistake in my configuration of Postfix, but reading >> through the documentation I cannot find what I am doing wrong. What >> should I provide to get help? > > The output of "postconf -nf" and "postconf -Mf", the log lines relevant > to the message (i.e. mentioning the queue ID) and the headers of the > message, if possible. If you have canonical or generic rewriting > configured, the relevant content of those maps would be essential as > well. > > Note that it is not necessarily the case that Postfix did any rewriting. > The From header of a message and the envelope sender address frequently > have different addresses, particularly for mailing lists and spam. postconf -nf alias_maps = hash:/etc/aliases, ldap:$config_directory/ldap_user_alias, ldap:$config_directory/ldap_deleted_alias, ldap:$config_directory/ldap_user_alias_fullname, ldap:$config_directory/ldap_deleted_alias_fullname, ldap:$config_directory/ldap_alias anvil_rate_time_unit = 60s anvil_status_update_time = 600s command_directory = /usr/local/sbin content_filter = smtp-amavis:[localhost]:10024 daemon_directory = /usr/local/libexec/postfix data_directory = /var/db/postfix debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5 default_destination_concurrency_limit = 5 home_mailbox = Maildir/ html_directory = /usr/local/share/doc/postfix inet_interfaces = $myhostname, localhost inet_protocols = ipv4 lmtp_send_xforward_command = yes local_destination_concurrency_limit = 1 local_destination_recipient_limit = 1 local_header_rewrite_clients = permit_mynetworks, permit_sasl_authenticated local_recipient_maps = unix:passwd.byname, $alias_maps, ldap:$config_directory/ldap_local_recipient mail_owner = postfix mailbox_command = /usr/local/bin/procmail -a $HOME mailq_path = /usr/local/bin/mailq manpage_directory = /usr/local/man masquerade_domains = cs.ait.ac.th masquerade_exceptions = root message_size_limit = 41943940 mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain, mail.$mydomain, ufo.$mydomain, banyan.$mydomain, ldap.$mydomain, door.$mydomain, firewall.$mydomain, dns.$mydomain, amanda.$mydomain, database.$mydomain, sysl.$mydomain, mailback.$mydomain, csim.ait.asia mydomain = cs.ait.ac.th mynetworks = 192.41.170.0/24, 203.159.32.0/32 myorigin = $mydomain newaliases_path = /usr/local/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/local/share/doc/postfix recipient_canonical_maps = ldap:$config_directory/ldap_user_uncanonical, ldap:$config_directory/ldap_deleted_uncanonical recipient_delimiter = + relay_domains = cs.ait.ac.th, vgl-vforge.cs.ait.ac.th, ait.ac.th, dec.ait.ac.th, interlab.ait.ac.th, mail.cs.ait.ac.th sample_directory = /usr/local/etc sender_canonical_maps = ldap:$config_directory/ldap_canonical sendmail_path = /usr/local/sbin/sendmail setgid_group = maildrop smtp_tls_loglevel = 2 smtp_tls_security_level = may smtp_tls_session_cache_database = btree:/var/run/postfix/smtp_scache smtp_tls_session_cache_timeout = 3600s smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) smtpd_client_auth_rate_limit = 3 smtpd_client_restrictions = check_client_access cidr:$config_directory/amavis_bypass smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_policy_service inet:127.0.0.1:10023 smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_tls_CAfile = /usr/local/ssl/ca/mail.cs.ait.ac.th.ca smtpd_tls_auth_only = yes smtpd_tls_cert_file = /usr/local/ssl/crt/mail.cs.ait.ac.th.crt smtpd_tls_key_file = /usr/local/ssl/key/mail.cs.ait.ac.th.key smtpd_tls_loglevel = 1 smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:/var/run/postfix/smtpd_scache smtpd_tls_session_cache_timeout = 3600s smtputf8_enable = yes tls_daemon_random_bytes = 32 tls_random_bytes = 32 tls_random_exchange_name = /var/run/postfix/prng_exch tls_random_prng_update_period = 3600s tls_random_reseed_period = 3600s tls_random_source = dev:/dev/urandom transport_maps = hash:/usr/local/etc/transport unknown_local_recipient_reject_code = 550 postconf -Mf smtp inet n -
Re: Incorrect rewrite on senders address
On 2023-01-16 at 22:14:15 UTC-0500 (Tue, 17 Jan 2023 10:14:15 +0700) Olivier is rumored to have said: Hello, This is a preliminary request before I gather all needed informations. I have a problem with rewriting: I received an email from an outside person and that person happens to have the same name as one of my user. The sender's address has been rewritten to that of my user. ie: j...@gmail.com sent me an email, I have a user joe on my system, the mail delivered in my mailbox was bearing the address from: j...@cs.ait.ac.th TYhis must be a mistake in my configuration of Postfix, but reading through the documentation I cannot find what I am doing wrong. What should I provide to get help? The output of "postconf -nf" and "postconf -Mf", the log lines relevant to the message (i.e. mentioning the queue ID) and the headers of the message, if possible. If you have canonical or generic rewriting configured, the relevant content of those maps would be essential as well. Note that it is not necessarily the case that Postfix did any rewriting. The From header of a message and the envelope sender address frequently have different addresses, particularly for mailing lists and spam. -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Not Currently Available For Hire
Incorrect rewrite on senders address
Hello, This is a preliminary request before I gather all needed informations. I have a problem with rewriting: I received an email from an outside person and that person happens to have the same name as one of my user. The sender's address has been rewritten to that of my user. ie: j...@gmail.com sent me an email, I have a user joe on my system, the mail delivered in my mailbox was bearing the address from: j...@cs.ait.ac.th TYhis must be a mistake in my configuration of Postfix, but reading through the documentation I cannot find what I am doing wrong. What should I provide to get help? Best regards, Olivier --
Re: SPF fail and domain fail, why?
On January 17, 2023 2:25:34 AM UTC, raf wrote: >On Mon, Jan 16, 2023 at 08:01:10PM +0100, Maurizio Caloro >wrote: > >> Hello >> >> Please one more thing about Opendmarc, if send any email to any where >> i see in log SPF fail, domain.ch fail ? >> >> Jan 16 19:43:39 nmail opendkim[16490]: B6090404C3: DKIM-Signature field >> added (s=nmail, d=caloro.ch) >> Jan 16 19:43:39 nmail opendmarc[16483]: B6090404C3: SPF(mailfrom): caloro.ch >> fail >> Jan 16 19:43:39 nmail opendmarc[16483]: B6090404C3: caloro.ch fail >> >> if recieve any mail from any where, any thing pass >> Jan 16 19:37:10 nmail opendkim[13804]: 10003404C3: mailc-bb.linkedin.com >> [A.B.C.D] not internal >> Jan 16 19:37:10 nmail opendkim[13804]: 10003404C3: not authenticated >> Jan 16 19:37:10 nmail opendkim[13804]: 10003404C3: message has signatures >> from linkedin.com, mailc.linkedin.com >> Jan 16 19:37:10 nmail opendkim[13804]: 10003404C3: signature=muv88Rcz >> domain=linkedin.com selector=d2048-201806-01 result="no signature error"; >> signature=IKaXoyzS domain=mailc.linkedin.com selector=proddkim1024 >> result="no signature error" >> Jan 16 19:37:10 nmail opendkim[13804]: 10003404C3: DKIM verification >> successful >> Jan 16 19:37:10 nmail opendkim[13804]: 10003404C3: s=d2048-201806-01 >> d=linkedin.com SSL >> Jan 16 19:37:10 nmail opendmarc[15095]: 10003404C3 ignoring >> Authentication-Results at 2 from nmail.caloro.ch >> Jan 16 19:37:10 nmail opendmarc[15095]: 10003404C3: SPF(mailfrom): >> bounce.linkedin.com pass >> Jan 16 19:37:10 nmail opendmarc[15095]: 10003404C3: linkedin.com pass >> >> -- >> on the header from any mail that i send will appair following >> Authentication-Results-Original: caloro.ch, calm-ness.ch; spf=fail >> >> # cat opendmarc.conf >> AuthservID caloro.ch, calm-ness.ch >> AuthservIDWithJobID false >> AutoRestart false >> AutoRestartRate 10/1h >> Background true >> DNSTimeout 5 >> HistoryFile /var/spool/postfix/opendmarc/opendmarc.dat >> IgnoreAuthenticatedClients true >> IgnoreHosts /etc/opendmarc/ignore.hosts >> PidFile /var/run/opendmarc/opendmarc.pid >> RejectFailures false >> RequiredHeaders true >> PublicSuffixList /etc/opendmarc/effective_tld_names.dat >> Socket inet:8892@127.0.0.1 >> SoftwareHeader true >> SPFSelfValidate true >> SPFIgnoreResults false >> Syslog true >> SyslogFacility mail >> # TrustedAuthservIDs nmail.caloro.ch, nmail.calm-ness.ch >> TrustedAuthservIDs caloro.ch, calm-ness.ch >> UMask 077 >> UserID opendmarc:opendmarc >> >> if checking online dmarc, dkim, spf from domain appair anything correct! >> please why me email will fail? >> >> thanks for any hint >> Mauri > >I could be wrong, but I suspect that the problem is >that you haven't configured OpenDMARC to not check >locally originating mail. According to the first >Received: header, the mail is coming from 37.120.190.188 >(which is mentioned in multiple ways in the SPF record), >but your mail server at that IP address shouldn't be >performing this check on outgoing mail. > >Perhaps you need to add this to your /etc/opendmarc.conf: > > IgnoreAuthenticatedClients true > >Unfortunately, the code doing the SPF check doesn't >explain why it failed. Some do. For example, the package on debian would >probably show the IP address that caused the failure. >Maybe it's 127.0.0.1 (or the IP address of an >authenticated submission client). The internal SPF implementation in OpenDMARC is not a full implementation of the protocol. In general, you are likely to be better off having something SPF specific check SPF and then have OpenDMARC consume that result for it's DMARC processing. If you are inclined towards Perl, then postfix-policyd-spf-perl is a good choice. SPF Engine supports either a milter (pyspf-milter) or policy server (postfix-policyd-spf-python) interface with Postfix, depending on which you prefer, if you're up for a Python based solution. Scott K
Re: SPF fail and domain fail, why?
On Mon, Jan 16, 2023 at 08:01:10PM +0100, Maurizio Caloro wrote: > Hello > > Please one more thing about Opendmarc, if send any email to any where > i see in log SPF fail, domain.ch fail ? > > Jan 16 19:43:39 nmail opendkim[16490]: B6090404C3: DKIM-Signature field > added (s=nmail, d=caloro.ch) > Jan 16 19:43:39 nmail opendmarc[16483]: B6090404C3: SPF(mailfrom): caloro.ch > fail > Jan 16 19:43:39 nmail opendmarc[16483]: B6090404C3: caloro.ch fail > > if recieve any mail from any where, any thing pass > Jan 16 19:37:10 nmail opendkim[13804]: 10003404C3: mailc-bb.linkedin.com > [A.B.C.D] not internal > Jan 16 19:37:10 nmail opendkim[13804]: 10003404C3: not authenticated > Jan 16 19:37:10 nmail opendkim[13804]: 10003404C3: message has signatures > from linkedin.com, mailc.linkedin.com > Jan 16 19:37:10 nmail opendkim[13804]: 10003404C3: signature=muv88Rcz > domain=linkedin.com selector=d2048-201806-01 result="no signature error"; > signature=IKaXoyzS domain=mailc.linkedin.com selector=proddkim1024 > result="no signature error" > Jan 16 19:37:10 nmail opendkim[13804]: 10003404C3: DKIM verification > successful > Jan 16 19:37:10 nmail opendkim[13804]: 10003404C3: s=d2048-201806-01 > d=linkedin.com SSL > Jan 16 19:37:10 nmail opendmarc[15095]: 10003404C3 ignoring > Authentication-Results at 2 from nmail.caloro.ch > Jan 16 19:37:10 nmail opendmarc[15095]: 10003404C3: SPF(mailfrom): > bounce.linkedin.com pass > Jan 16 19:37:10 nmail opendmarc[15095]: 10003404C3: linkedin.com pass > > -- > on the header from any mail that i send will appair following > Authentication-Results-Original: caloro.ch, calm-ness.ch; spf=fail > > # cat opendmarc.conf > AuthservID caloro.ch, calm-ness.ch > AuthservIDWithJobID false > AutoRestart false > AutoRestartRate 10/1h > Background true > DNSTimeout 5 > HistoryFile /var/spool/postfix/opendmarc/opendmarc.dat > IgnoreAuthenticatedClients true > IgnoreHosts /etc/opendmarc/ignore.hosts > PidFile /var/run/opendmarc/opendmarc.pid > RejectFailures false > RequiredHeaders true > PublicSuffixList /etc/opendmarc/effective_tld_names.dat > Socket inet:8892@127.0.0.1 > SoftwareHeader true > SPFSelfValidate true > SPFIgnoreResults false > Syslog true > SyslogFacility mail > # TrustedAuthservIDs nmail.caloro.ch, nmail.calm-ness.ch > TrustedAuthservIDs caloro.ch, calm-ness.ch > UMask 077 > UserID opendmarc:opendmarc > > if checking online dmarc, dkim, spf from domain appair anything correct! > please why me email will fail? > > thanks for any hint > Mauri I could be wrong, but I suspect that the problem is that you haven't configured OpenDMARC to not check locally originating mail. According to the first Received: header, the mail is coming from 37.120.190.188 (which is mentioned in multiple ways in the SPF record), but your mail server at that IP address shouldn't be performing this check on outgoing mail. Perhaps you need to add this to your /etc/opendmarc.conf: IgnoreAuthenticatedClients true Unfortunately, the code doing the SPF check doesn't explain why it failed. Some do. For example, the postfix-policyd-spf-perl package on debian would probably show the IP address that caused the failure. Maybe it's 127.0.0.1 (or the IP address of an authenticated submission client). cheers, raf
Re: relay transport ignore
On Fri, Jan 13, 2023 at 02:25:06PM +0100, Matteo Cazzador wrote: > Hi, i 've question, i need to migrate a virtual domain from 2 server (with > postfix). > > On the new server i define mail users and domain but it'isnt in production > now dns record defined. > > On the same new soerver i've other virtual domain. > > I want that , for a few days, if one user of other domain hosted on the same > new server send an email to the new migrate domain it will be relayed to the > orld server and not locally delivered. > > I try with transport without success. > > Can someone plese help me? > > Thanks Perhaps it would be best to show what you tried by sending the output of "postconf -n" and your transport table on the new host. Someone might be able to see what's wrong with it. cheers, raf
Re: postfix/pickup question
Scott Kitterman skrev den 2023-01-16 16:29: On January 16, 2023 2:13:42 PM UTC, Wietse Venema wrote: Maurizio Caloro: The option that was cause: -failurereports -failureReportssendby emailaddress DO NOT run milters as the 'postfix' user. Only Postfix programs should use that userid. FYI, Since this appears to be a Debian system, the Debian package for opendmarc runs as it's own dedicated user (I double checked). All the other packaged milters I'm aware of do the same. what is in opendmarc.conf then ? is it openrc or systemd ? don't run opendmarc milter in pickup i will take my fuglu hat off now :)
SPF fail and domain fail, why?
Hello Please one more thing about Opendmarc, if send any email to any where i see in log SPF fail, domain.ch fail ? Jan 16 19:43:39 nmail opendkim[16490]: B6090404C3: DKIM-Signature field added (s=nmail, d=caloro.ch) Jan 16 19:43:39 nmail opendmarc[16483]: B6090404C3: SPF(mailfrom): caloro.ch fail Jan 16 19:43:39 nmail opendmarc[16483]: B6090404C3: caloro.ch fail if recieve any mail from any where, any thing pass Jan 16 19:37:10 nmail opendkim[13804]: 10003404C3: mailc-bb.linkedin.com [A.B.C.D] not internal Jan 16 19:37:10 nmail opendkim[13804]: 10003404C3: not authenticated Jan 16 19:37:10 nmail opendkim[13804]: 10003404C3: message has signatures from linkedin.com, mailc.linkedin.com Jan 16 19:37:10 nmail opendkim[13804]: 10003404C3: signature=muv88Rcz domain=linkedin.com selector=d2048-201806-01 result="no signature error"; signature=IKaXoyzS domain=mailc.linkedin.com selector=proddkim1024 result="no signature error" Jan 16 19:37:10 nmail opendkim[13804]: 10003404C3: DKIM verification successful Jan 16 19:37:10 nmail opendkim[13804]: 10003404C3: s=d2048-201806-01 d=linkedin.com SSL Jan 16 19:37:10 nmail opendmarc[15095]: 10003404C3 ignoring Authentication-Results at 2 from nmail.caloro.ch Jan 16 19:37:10 nmail opendmarc[15095]: 10003404C3: SPF(mailfrom): bounce.linkedin.com pass Jan 16 19:37:10 nmail opendmarc[15095]: 10003404C3: linkedin.com pass -- on the header from any mail that i send will appair following Authentication-Results-Original: caloro.ch, calm-ness.ch; spf=fail # cat opendmarc.conf AuthservID caloro.ch, calm-ness.ch AuthservIDWithJobID false AutoRestart false AutoRestartRate 10/1h Background true DNSTimeout 5 HistoryFile /var/spool/postfix/opendmarc/opendmarc.dat IgnoreAuthenticatedClients true IgnoreHosts /etc/opendmarc/ignore.hosts PidFile /var/run/opendmarc/opendmarc.pid RejectFailures false RequiredHeaders true PublicSuffixList /etc/opendmarc/effective_tld_names.dat Socket inet:8892@127.0.0.1 SoftwareHeader true SPFSelfValidate true SPFIgnoreResults false Syslog true SyslogFacility mail # TrustedAuthservIDs nmail.caloro.ch, nmail.calm-ness.ch TrustedAuthservIDs caloro.ch, calm-ness.ch UMask 077 UserID opendmarc:opendmarc if checking online dmarc, dkim, spf from domain appair anything correct! please why me email will fail? thanks for any hint Mauri
Re: postfix/pickup question
Scott Kitterman: > On January 16, 2023 2:13:42 PM UTC, Wietse Venema > wrote: > >Maurizio Caloro: > >> The option that was cause: > >> -failurereports > >> -failureReportssendby emailaddress > > > >DO NOT run milters as the 'postfix' user. Only Postfix programs > >should use that userid. > > FYI, > > Since this appears to be a Debian system, the Debian package for > opendmarc runs as its own dedicated user (I double checked). All > the other packaged milters I'm aware of do the same. Thanks for getting this right. Wietse
Re: postfix/pickup question
On January 16, 2023 2:13:42 PM UTC, Wietse Venema wrote: >Maurizio Caloro: >> The option that was cause: >> -failurereports >> -failureReportssendby emailaddress > >DO NOT run milters as the 'postfix' user. Only Postfix programs >should use that userid. FYI, Since this appears to be a Debian system, the Debian package for opendmarc runs as it's own dedicated user (I double checked). All the other packaged milters I'm aware of do the same. Scott K
Re: postfix/pickup question
Maurizio Caloro: > The option that was cause: > -failurereports > -failureReportssendby emailaddress DO NOT run milters as the 'postfix' user. Only Postfix programs should use that userid. Wietse
Re: postfix/pickup question
> Am 16.01.2023 um 13:45 schrieb Wietse Venema : > > Maurizio Caloro: >>> Am 16.01.2023 um 00:53 schrieb Wietse Venema: >>> What is the name for uid 109? >>> >>>Wietse >> >> postfix:x:109:115::/var/spool/postfix:/bin/false >> Debian-exim:x:104:109::/var/spool/exim4:/bin/false > > And what are you using to submit mail to Postfix? Anywhere 2 world > Some program > is using the postfix userid. Thats true, and i want excuse me for this topic. The app that causing this was opendmarc. I will update this, this evening to release 1.4.2 The option that was cause: -failurereports -failureReportssendby emailaddress > >Wietse Meny meny thanks, Regards Mauri
Re: block domain
natan skrev den 2023-01-16 11:28: /etc/postfix/sender_checks.pcre ... /emailll\.org/ DISCARD Too many fake spam2 /surdeu\.de/ DISCARD Too many fake spam you accept payload to /dev/null with it, its more simple to use reject, msg after discard is not seen in the sender client
Re: block domain
natan: > Hi > Is there any chance to reject domain (incomming) via postscreen ? postscreen does not know the sender email addres when it allows or denies a client. It logs the sender address only after it has already decided to deny a client. > I get many e-mails from one domain (from diferent IP) Use spamhaus to block spammy IP addresses. Wietse
Re: postfix/pickup question
Maurizio Caloro: > Am 16.01.2023 um 00:53 schrieb Wietse Venema: > > What is the name for uid 109? > > > > Wietse > > postfix:x:109:115::/var/spool/postfix:/bin/false > Debian-exim:x:104:109::/var/spool/exim4:/bin/false And what are you using to submit mail to Postfix? Some program is using the postfix userid. Wietse
Re: block domain
Hi I mean /etc/postfix/sender_checks.pcre ... /emailll\.org/ DISCARD Too many fake spam2 /surdeu\.de/ DISCARD Too many fake spam ... W dniu 16.01.2023 o 11:03, natan pisze: Hi Is there any chance to reject domain (incomming) via postscreen ? I get many e-mails from one domain (from diferent IP) NOQUEUE: discard: RCPT from vc-gp-n-105-244-68-222.umts.vodacom.co.za[105.244.68.222]: : Sender address Too many fake spam; from= to= proto=ESMTP helo= I reject in smtpd_sender_restrictions = permit_mynetworks check_sender_access pcre:/etc/postfix/sender_checks.pcre . /etc/postfix/sender_checks.pcre ... /emailll\.org/ DISCARD Too many fake spam2 ... Is there a faster method ? I thinking about postscreen ? -- --
block domain
Hi Is there any chance to reject domain (incomming) via postscreen ? I get many e-mails from one domain (from diferent IP) NOQUEUE: discard: RCPT from vc-gp-n-105-244-68-222.umts.vodacom.co.za[105.244.68.222]: : Sender address Too many fake spam; from= to= proto=ESMTP helo= I reject in smtpd_sender_restrictions = permit_mynetworks check_sender_access pcre:/etc/postfix/sender_checks.pcre . /etc/postfix/sender_checks.pcre ... /emailll\.org/ DISCARD Too many fake spam2 ... Is there a faster method ? I thinking about postscreen ? --