subject:"gmail servers on blacklists\?"

Re: gmail servers on blacklists?

2017-03-18 Thread Christian Kivalo


On 2017-03-17 22:47, David Mehler wrote:

Hello,

Thank you.

Hi

Please reply to the list


I have postwhite running, not sure if it's updating?

Do you run postwhite and if so do you have an update procedure so you
always have the updated postwhite?
I use it but doing updates manually. Doing it automatically is on a todo 
list ;)

Thanks.
Dave.

On 3/17/17, Christian Kivalo  wrote:



On 2017-03-17 22:12, David Mehler wrote:

Hello,

I'm starting to see blocks on my messages to my mail server. For some
reason postscreen is not letting any gmail servers send mail, it's
blocking them.

Has anyone got an idea or have you seen this?

You could use postwhite https://github.com/stevejenkins/postwhite to
whitelist gmail.
The map is created by postwhite from gmails spf records.

--
  Christian Kivalo



--
 Christian Kivalo

Re: gmail servers on blacklists?

2017-03-17 Thread David Mehler

Hi,

Much thanks. Lost ahbl, and glad to see it go.

Thanks.
Dave.


On 3/17/17, /dev/rob0  wrote:
> On Fri, Mar 17, 2017 at 05:12:07PM -0400, David Mehler wrote:
>> I'm starting to see blocks on my messages to my mail server. For some
>> reason postscreen is not letting any gmail servers send mail, it's
>> blocking them.
>>
>> Has anyone got an idea or have you seen this?
>
> Typically you would SHOW LOGS of the blocking when asking for help,
> but in your case it's pretty obvious.
>
>> Here's my postscreen setup:
>>
>> # postscreen(8) settings
>> ### Before-220 tests
>> postscreen_greet_action = enforce
>> postscreen_blacklist_action = enforce
>> postscreen_dnsbl_action = enforce
>> postscreen_access_list = permit_mynetworks
>> cidr:/usr/local/etc/postfix/postscreen_access.cidr
>> postscreen_dnsbl_reply_map =
>> pcre:/usr/local/etc/postfix/postscreen_dnsbl_reply_map.pcre
>> postscreen_dnsbl_sites = zen.spamhaus.org*3
>>  b.barracudacentral.org*2
>>  bl.spameatingmonkey.net*2
>>  dnsbl.ahbl.org*2
>
> Closed as of 2015-01-01 when it began flagging EVERYTHING by means of
> a DNS wildcard.
>
> Read:
>   http://www.ahbl.org/ (click through to the main page) and
>   http://rob0.nodns4.us/postscreen.html
>
> In the latter start with the BIG FAT WARNING and then take special
> note of what it says about AHBL in the "Last Changes" section.
>
>>bl.spamcop.net
>>  dnsbl.sorbs.net
>>  psbl.surriel.com
>>  bl.mailspike.net
>>  swl.spamhaus.org*-4
>>  list.dnswl.org=127.[0..255].[0..255].0*-2
>>  list.dnswl.org=127.[0..255].[0..255].1*-3
>>  list.dnswl.org=127.[0..255].[0..255].[2..255]*-4
>
> These are as I published them but they are wrong.  Better:
>list.dnswl.org=127.0.[2..15].0*-2
>list.dnswl.org=127.0.[2..15].1*-3
>list.dnswl.org=127.0.[2..15].[2..3]*-4
> This corresponds to DNSWL.org's own usage instructions.
>
>> postscreen_dnsbl_threshold = 2
>> postscreen_dnsbl_whitelist_threshold = -2
>
> Looks familiar except you changed these two threshold values.  Just
> stick with what I have:
>   postscreen_dnsbl_threshold = 3
>   postscreen_dnsbl_whitelist_threshold = -1
>
> Your lower postscreen_dnsbl_threshold value caused every single AHBL
> listing (which, in case you didn't understand, now includes the
> entirety of the Internet) to be a rejection unless offset by a
> whitelist entry.
>
> Your higher whitelist threshold makes it more difficult to avoid the
> after-220 tests ...
>
>> ### End of before-220 tests
>> ### After-220 tests
>> ### WARNING -- See "Tests after the 220 SMTP server greeting" in the
>> ### Postscreen Howto and *UNDERSTAND* it *BEFORE* you enable the
>> ### following tests!
>> #postscreen_bare_newline_action = drop
>> #postscreen_bare_newline_enable = yes
>> #postscreen_non_smtp_command_action = drop
>> #postscreen_non_smtp_command_enable = yes
>> #postscreen_pipelining_enable = yes
>> #postscreen_pipelining_action = drop
>> ### ADDENDUM: Any one of the foregoing three *_enable settings may cause
>> ### significant and annoying mail delays.
>
> ... which in your case doesn't matter because you didn't enable them.
>
>> Any assistance appreciated.
>
> Lose AHBL.
> --
>   http://rob0.nodns4.us/
>   Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
>

Re: gmail servers on blacklists?

2017-03-17 Thread /dev/rob0

On Fri, Mar 17, 2017 at 05:12:07PM -0400, David Mehler wrote:
> I'm starting to see blocks on my messages to my mail server. For some
> reason postscreen is not letting any gmail servers send mail, it's
> blocking them.
> 
> Has anyone got an idea or have you seen this?

Typically you would SHOW LOGS of the blocking when asking for help, 
but in your case it's pretty obvious.

> Here's my postscreen setup:
> 
> # postscreen(8) settings
> ### Before-220 tests
> postscreen_greet_action = enforce
> postscreen_blacklist_action = enforce
> postscreen_dnsbl_action = enforce
> postscreen_access_list = permit_mynetworks
> cidr:/usr/local/etc/postfix/postscreen_access.cidr
> postscreen_dnsbl_reply_map =
> pcre:/usr/local/etc/postfix/postscreen_dnsbl_reply_map.pcre
> postscreen_dnsbl_sites = zen.spamhaus.org*3
>  b.barracudacentral.org*2
>  bl.spameatingmonkey.net*2
>  dnsbl.ahbl.org*2

Closed as of 2015-01-01 when it began flagging EVERYTHING by means of 
a DNS wildcard.

Read:
  http://www.ahbl.org/ (click through to the main page) and
  http://rob0.nodns4.us/postscreen.html

In the latter start with the BIG FAT WARNING and then take special 
note of what it says about AHBL in the "Last Changes" section.

>bl.spamcop.net
>  dnsbl.sorbs.net
>  psbl.surriel.com
>  bl.mailspike.net
>  swl.spamhaus.org*-4
>  list.dnswl.org=127.[0..255].[0..255].0*-2
>  list.dnswl.org=127.[0..255].[0..255].1*-3
>  list.dnswl.org=127.[0..255].[0..255].[2..255]*-4

These are as I published them but they are wrong.  Better:
   list.dnswl.org=127.0.[2..15].0*-2
   list.dnswl.org=127.0.[2..15].1*-3
   list.dnswl.org=127.0.[2..15].[2..3]*-4
This corresponds to DNSWL.org's own usage instructions.

> postscreen_dnsbl_threshold = 2
> postscreen_dnsbl_whitelist_threshold = -2

Looks familiar except you changed these two threshold values.  Just 
stick with what I have:
  postscreen_dnsbl_threshold = 3
  postscreen_dnsbl_whitelist_threshold = -1

Your lower postscreen_dnsbl_threshold value caused every single AHBL 
listing (which, in case you didn't understand, now includes the 
entirety of the Internet) to be a rejection unless offset by a 
whitelist entry.

Your higher whitelist threshold makes it more difficult to avoid the 
after-220 tests ...

> ### End of before-220 tests
> ### After-220 tests
> ### WARNING -- See "Tests after the 220 SMTP server greeting" in the
> ### Postscreen Howto and *UNDERSTAND* it *BEFORE* you enable the
> ### following tests!
> #postscreen_bare_newline_action = drop
> #postscreen_bare_newline_enable = yes
> #postscreen_non_smtp_command_action = drop
> #postscreen_non_smtp_command_enable = yes
> #postscreen_pipelining_enable = yes
> #postscreen_pipelining_action = drop
> ### ADDENDUM: Any one of the foregoing three *_enable settings may cause
> ### significant and annoying mail delays.

... which in your case doesn't matter because you didn't enable them.

> Any assistance appreciated.

Lose AHBL.
-- 
  http://rob0.nodns4.us/
  Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:

Re: gmail servers on blacklists?

2017-03-17 Thread Christian Kivalo




On 2017-03-17 22:12, David Mehler wrote:

Hello,

I'm starting to see blocks on my messages to my mail server. For some
reason postscreen is not letting any gmail servers send mail, it's
blocking them.

Has anyone got an idea or have you seen this?
You could use postwhite https://github.com/stevejenkins/postwhite to 
whitelist gmail.

The map is created by postwhite from gmails spf records.

--
 Christian Kivalo

gmail servers on blacklists?

2017-03-17 Thread David Mehler

Hello,

I'm starting to see blocks on my messages to my mail server. For some
reason postscreen is not letting any gmail servers send mail, it's
blocking them.

Has anyone got an idea or have you seen this?

Here's my postscreen setup:

# postscreen(8) settings
### Before-220 tests
postscreen_greet_action = enforce
postscreen_blacklist_action = enforce
postscreen_dnsbl_action = enforce
postscreen_access_list = permit_mynetworks
cidr:/usr/local/etc/postfix/postscreen_access.cidr
postscreen_dnsbl_reply_map =
pcre:/usr/local/etc/postfix/postscreen_dnsbl_reply_map.pcre
postscreen_dnsbl_sites = zen.spamhaus.org*3
 b.barracudacentral.org*2
 bl.spameatingmonkey.net*2
 dnsbl.ahbl.org*2
   bl.spamcop.net
 dnsbl.sorbs.net
 psbl.surriel.com
 bl.mailspike.net
 swl.spamhaus.org*-4
 list.dnswl.org=127.[0..255].[0..255].0*-2
 list.dnswl.org=127.[0..255].[0..255].1*-3
 list.dnswl.org=127.[0..255].[0..255].[2..255]*-4
postscreen_dnsbl_threshold = 2
postscreen_dnsbl_whitelist_threshold = -2
### End of before-220 tests
### After-220 tests
### WARNING -- See "Tests after the 220 SMTP server greeting" in the
### Postscreen Howto and *UNDERSTAND* it *BEFORE* you enable the
### following tests!
#postscreen_bare_newline_action = drop
#postscreen_bare_newline_enable = yes
#postscreen_non_smtp_command_action = drop
#postscreen_non_smtp_command_enable = yes
#postscreen_pipelining_enable = yes
#postscreen_pipelining_action = drop
### ADDENDUM: Any one of the foregoing three *_enable settings may cause
### significant and annoying mail delays.
# For sharing a tempoary whitelist of addresses
postscreen_cache_map = proxy:btree:${data_directory}/postscreen_cache
postscreen_cache_cleanup_interval = 0
   # Rules are evaluated in the order as specified.
   # Blacklist 192.168.* except 192.168.0.1.

# /usr/local/etc/postfix/postscreen_access.cidr 2011-02-27
# A simple combined white/blacklist
# Only "permit", "reject" and "dunno" work on the RHS
# This is a CIDR table, so see cidr_table(5) for LHS syntax

# Permit local clients
127.0.0.0/8 permit

# 2011-05-17 brute force attack
# May 17 05:35:14 cardinal postfix/anvil[3667]: statistics: max
# connection count 47 for (smtpd:66.23.228.27) at May 17 05:31:38
66.23.228.27reject
# a lot from here including some DBL hits
108.62.112.160/29   reject
# 2011-08-09 eWayDirect whitelisted, but hitting spamtraps
# was having PREGREET protocol errors before today
207.45.161.0/24 reject
##
# 2011-11-22 brute force mail attacks, smtp and imap
61.175.253.59   reject
# 2012-09-23 spammer not in DNSBLs
66.7.197.45 reject
# 2012-11-19 hillapex.com spammer
184.173.107.11  reject
# Allow gmail server through
74.125.82.43permit

Any assistance appreciated.

Thanks.
Dave.

Re: gmail servers on blacklists?

Re: gmail servers on blacklists?

Re: gmail servers on blacklists?

Re: gmail servers on blacklists?

gmail servers on blacklists?

5 matches

Site Navigation

Mail list logo

Footer information