[pfx] Re: Is there a way to just quickly deliver "everything" to a file somewhere
> On Apr 2, 2024, at 10:52, Viktor Dukhovni via Postfix-users > wrote: > > On Tue, Apr 02, 2024 at 04:14:29AM -0400, Dan Mahoney via Postfix-users wrote: >> Hey there all, >> >> I’m setting up a staging version of dayjob’s ticket system, and we’d >> basically like postfix to still function, but instead of touching the >> internet at all, just deliver everything to a single file (or a maildir, I >> suppose), regardless of if a file is invoked via sendmail, or a port 25 >> connection. I’d like nothing to leave the box. >> >> Is there some kind of transport hack I can use for this? > ># No local(8) delivery ># >alias_database = >mydestination = >local_transport = error:5.1.2 Mailbox unavailable > ># No locally hosted domains, but you may want to set one of these ># non-empty to accept mail over SMTP, if mail comes in from outside, ># but this could also be via submission, permit_mynetworks, ... ># >relay_domains = >virtual_alias_domains = >virtual_mailbox_domains = > ># Collapse all recipients to a single address, delivered to a single ># maildir. ># >enable_original_recipient = no >virtual_alias_maps = static:allmail@$mydomain >default_transport = virtual >virtual_mailbox_maps = static:/var/spool/virtual/allmail/ >virtual_uid_maps = static:12345 >virtual_gid_maps = static:12345 I guess I missed something. — I also want it to null route (or route to a maildir) all *outbound* mail — so we can examine what our ticket system *would* send, is there something in here to do that, or is the above only for inbound? -Dan ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: reliable RBL
On 10/04/24 22:50, Matus UHLAR - fantomas via Postfix-users wrote: On 10.04.24 17:46, Mr. Peng via Postfix-users wrote: I have been using spamhaus, spamcop, sorbs as the RBL providers for antispam. But some of the customers speak to me about the FP issues caused by RBL. Do you think the three RBL above are reliable in a practical system? I use them on many servers. I just use postscreen which supports scoring and only block when more than one blocklist hits. For the benefit of those of us following-along with the conversation and hoping to learn 'nuggets' of good-practice, would you mind sharing the settings related to the combination of RBLs and postscreen, please? Yes slightly OT, but relates to getting the best from postfix! -- Regards, =dn ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: reliable RBL
Dnia 10.04.2024 o godz. 10:22:52 Bill Cole via Postfix-users pisze: > I have been using spamhaus, spamcop, sorbs as the RBL providers for > antispam. > But some of the customers speak to me about the FP issues caused by RBL. > Do you think the three RBL above are reliable in a practical system? Those are three of the best, but you have to understand that they are complicated and may not fit YOUR needs. Spamhaus offers multiple DNSBLs which each has a vey specific definition, [...] SpamCop is based on actual feeds of spam from many sources, and when they list an IP, you can be certain that it recently sent spam. They do not [...] SORBS is also informed by multiple sources of spam, and like SpamCop they do not exempt mixed sources. Like Spamhaus, they have both independent DNSBLs and an aggregated list that uses distinct return values for each [...] You really need to look at your DNSBL choices carefully and with an understanding of your users and their needs. You may want to consider On 10.04.24 17:39, Jaroslaw Rafa via Postfix-users wrote: Myself, I use Spamcop, SBL-XBL list from Spamhaus (only this one), Why not zen? In includes PBL.. for SORBS, I use only their "Dynamic IP" list. sorbs dyna is supposed to contain the same IP addresses as spamhaus PBL -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Chernobyl was an Windows 95 beta test site. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: reliable RBL
Dnia 10.04.2024 o godz. 10:22:52 Bill Cole via Postfix-users pisze: > > I have been using spamhaus, spamcop, sorbs as the RBL providers for > > antispam. > > But some of the customers speak to me about the FP issues caused by RBL. > > Do you think the three RBL above are reliable in a practical system? > > Those are three of the best, but you have to understand that they are > complicated and may not fit YOUR needs. > > Spamhaus offers multiple DNSBLs which each has a vey specific definition, [...] > > SpamCop is based on actual feeds of spam from many sources, and when they > list an IP, you can be certain that it recently sent spam. They do not [...] > > SORBS is also informed by multiple sources of spam, and like SpamCop they > do not exempt mixed sources. Like Spamhaus, they have both independent > DNSBLs and an aggregated list that uses distinct return values for each [...] > > You really need to look at your DNSBL choices carefully and with an > understanding of your users and their needs. You may want to consider Myself, I use Spamcop, SBL-XBL list from Spamhaus (only this one), and as for SORBS, I use only their "Dynamic IP" list. That combination seems to work very well for me. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: reliable RBL
On 2024-04-10 at 05:46:36 UTC-0400 (Wed, 10 Apr 2024 17:46:36 +0800) Mr. Peng via Postfix-users is rumored to have said: > I have been using spamhaus, spamcop, sorbs as the RBL providers for > antispam. > But some of the customers speak to me about the FP issues caused by RBL. > Do you think the three RBL above are reliable in a practical system? Those are three of the best, but you have to understand that they are complicated and may not fit YOUR needs. Spamhaus offers multiple DNSBLs which each has a vey specific definition, which they aggregate in the "Zen" list which uses reply value to indicate which component an address listing belongs to. Not all component lists of Zen are appropriate for all MTAs. Spamhaus is extremely careful about making each list reliably represent what they claim it represents. They act quickly on the rare occasions when they inadvertently list sources of legitimate email. SpamCop is based on actual feeds of spam from many sources, and when they list an IP, you can be certain that it recently sent spam. They do not exempt major mailbox providers who are also major spam emitters. If you use the SpamCop list as an absolute test, you will reject some legitimate mail which shares an outbound MTAQ with spam. Reliably. SORBS is also informed by multiple sources of spam, and like SpamCop they do not exempt mixed sources. Like Spamhaus, they have both independent DNSBLs and an aggregated list that uses distinct return values for each component list, so you need to take that into account when using it, to fit the different sorts of listings to different interfaces. Like SpamCop, some of the SORBS components intermittently list major mixed sources. You really need to look at your DNSBL choices carefully and with an understanding of your users and their needs. You may want to consider using them in a more complex filtering tool like SpamAssassin where it is possible to weight the impact of different DNSBLs to fit your needs and to make explicit direct exemptions if you like. -- Bill Cole b...@scconsult.com or billc...@apache.org (AKA @grumpybozo and many *@billmail.scconsult.com addresses) Not Currently Available For Hire ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] header_checks.pcre
You should use check_reverse_client_hostname_access I have the following pcre map entry: /\.googleusercontent\.com$/ REJECT policy forbids MTA with generic PTRs ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] header_checks.pcre
Hi I try block all bc.googleusercontent.com but some adress allow Is this make sense ? cat /etc/postfix/header_checks.pcre #allow /^Received:.from.mg.gitlab.com.*bc.googleusercontent.com/ DUNNO #reject /^Received:.from.*bc.googleusercontent.com/ REJECT spam/scam/419 detected I blocked beacuse I get many many spam from *.bc.googleusercontent.com -- ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: reliable RBL
On 10.04.24 17:46, Mr. Peng via Postfix-users wrote: I have been using spamhaus, spamcop, sorbs as the RBL providers for antispam. But some of the customers speak to me about the FP issues caused by RBL. Do you think the three RBL above are reliable in a practical system? I use them on many servers. I just use postscreen which supports scoring and only block when more than one blocklist hits. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I don't have lysdexia. The Dog wouldn't allow that. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] reliable RBL
It is kind of off topic, but to my opinion there is no FP-less RBL available. Consider moving to scoring system to not rely on listing at only one blocklist. -- Send unsolicited bulk email to carl...@at.encryp.ch ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] reliable RBL
I have been using spamhaus, spamcop, sorbs as the RBL providers for antispam. But some of the customers speak to me about the FP issues caused by RBL. Do you think the three RBL above are reliable in a practical system? Thanks ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org