Re: [CentOS] Does SMTP Connection Drop When Posfix Reload is Issued ?

[Bob Hoffman]

On 4/25/2012 12:00 PM, m.r...@5-cent.us wrote:
> John Doe wrote:
>
>>   automatically.
>> Why not find out why you get blacklisted instead of trying to bypass it?
>> You seem to imply that it is something that will happen and often...
> It happens. It's certainly happened to me. When you're a hosting co (like
> the host I use), and have tens or hundreds of thousands of clients with
> many domains, and some are businesses or organizations that legitimately
> send out mass emailings, you're trying to catch the idiot whose machine
> got infected, it was uploaded to their hosted site, and voila, spam going
> out of your domain. *AND* the blacklisters *insist* on blocking the
> *entire* address range assigned to the hosting co, rather than the source
> IP.
>
>
I am just now getting into blacklisting by ips, but I would never do it 
that way.
The only time I have added a host to the blacklist is when it is the 
host's actual mail servers spamming me.
I had to to that with only  a few so far (like ovh).

For individuals like you speak of, I would only add their domain, not an 
ip range.

the only ones I have added ipranges for are bulk list spammers like 
constant contact and vocus and the like.

blacklisting ip blocks is fraught with danger, but in the case of an 
individual mail server for a individual person, not so bad.

I think it would be impossible to police clients as a host...I cannot 
see how you could do it. My main reason for never entertaining the idea 
of running a host company.. Give you credit for trying though.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Does SMTP Connection Drop When Posfix Reload is Issued ?

[Adam Tauno Williams]

On Wed, 2012-04-25 at 11:57 +, Prabhpal S. Mavi wrote: 
> Dear Adam Tauno Williams
> thanks for your response, i am not sure what did you advice. could you
> please explain nit more if there is any other way to do it. as sounds in
> your mail.



You can restrict senders and receivers through standard maps.  Those
maps can query just about anything you desire.


signature.asc
Description: This is a digitally signed message part
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Does SMTP Connection Drop When Posfix Reload is Issued ?

[m . roth]

John Doe wrote:
> From: Prabhpal S. Mavi 
>
>> i implemented something that when our smart host would become
>> blacklisted.
>> It will automatic switch to next available smart host (which is ready
>> sitting). that mean it will start relaying message through another smart
>> host automatically.
>
> Why not find out why you get blacklisted instead of trying to bypass it?
> You seem to imply that it is something that will happen and often...

It happens. It's certainly happened to me. When you're a hosting co (like
the host I use), and have tens or hundreds of thousands of clients with
many domains, and some are businesses or organizations that legitimately
send out mass emailings, you're trying to catch the idiot whose machine
got infected, it was uploaded to their hosted site, and voila, spam going
out of your domain. *AND* the blacklisters *insist* on blocking the
*entire* address range assigned to the hosting co, rather than the source
IP.

mark

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Does SMTP Connection Drop When Posfix Reload is Issued ?

[Tilman Schmidt]

Am 25.04.2012 14:14, schrieb John Doe:
> From: Prabhpal S. Mavi 
> 
>> i implemented something that when our smart host would become blacklisted.
>> It will automatic switch to next available smart host [...]
> 
> Why not find out why you get blacklisted instead of trying to bypass it?

That may well prove fruitless. There are blacklists
out there which won't tell you why they list a host
or refuse to remove a host even if their reason for
listing is gone (or was never valid to begin with).

-- 
Tilman Schmidt
Phoenix Software GmbH
Bonn, Germany
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Does SMTP Connection Drop When Posfix Reload is Issued ?

[Earl Ramirez]

On 25 April 2012 07:42, Prabhpal S. Mavi wrote:

> Dear Community Friends Greetings,
>
> i work with ISP, we host email service for almost 500+ companies and 200+
> mail servers relay through my smart host.
>
> i implemented something that when our smart host would become blacklisted.
> It will automatic switch to next available smart host (which is ready
> sitting). that mean it will start relaying message through another smart
> host automatically.
>
> i think i must tell little background as well. it is actually php script
> that perform blacklist check every minute through cron. if it found that
> IP is blacklisted. It will then insert "relay host =" value in main.cf and
> reload postfix service. When IP is no more blacklisted it will then remove
> the same directive from main.cf and reload postfix.
>
> everything is working as expected. i have one question, when we reload
> postfix does it drop active SMTP session?
>
> for example lets say that remote SMTP server is delivering message to my
> postfix that has 8MB attachment. message was not fully transferred. lets
> say that 4MB was transferred. and i issued "postfix reload". will that
> connection drop or continue to deliver the mail?
>
>
> Thanks / Regards
> Prabhpal S. Mavi
>
>
>
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>

Postfix reload will not disrupt any connection and in your example the mail
will continue to be delivered

-- 
Kind Regards
Earl Ramirez
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Does SMTP Connection Drop When Posfix Reload is Issued ?

[John Doe]

From: Bob Hoffman 

> On 4/25/2012 7:42 AM, Prabhpal S. Mavi wrote:
>>  i work with ISP, we host email service for almost 500+ companies and 200+
>>  mail servers relay through my smart host.
>> 
>>  i implemented something that when our smart host would become blacklisted.
>>  It will automatic switch to next available smart host (which is ready
>>  sitting). that mean it will start relaying message through another smart
>>  host automatically.
> well, as someone who has been really fighting spam lately I can say that 
> that system will definitely work out quite well and most bulk spammers 
> use something like that.
> 
> with that many companies and mail servers, I have no idea how you can 
> police them...wow

Talking about spam... the USA lost its spam crown to India...
http://nakedsecurity.sophos.com/2012/04/23/india-becomes-the-king-of-the-spammers-stealing-americas-crown/

JD
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Does SMTP Connection Drop When Posfix Reload is Issued ?

[Bob Hoffman]

On 4/25/2012 7:42 AM, Prabhpal S. Mavi wrote:
> i work with ISP, we host email service for almost 500+ companies and 200+
> mail servers relay through my smart host.
>
> i implemented something that when our smart host would become blacklisted.
> It will automatic switch to next available smart host (which is ready
> sitting). that mean it will start relaying message through another smart
> host automatically.
well, as someone who has been really fighting spam lately I can say that 
that system will definitely work out quite well and most bulk spammers 
use something like that.

with that many companies and mail servers, I have no idea how you can 
police them...wow
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Does SMTP Connection Drop When Posfix Reload is Issued ?

[John Doe]

From: Prabhpal S. Mavi 

> i implemented something that when our smart host would become blacklisted.
> It will automatic switch to next available smart host (which is ready
> sitting). that mean it will start relaying message through another smart
> host automatically.

Why not find out why you get blacklisted instead of trying to bypass it?
You seem to imply that it is something that will happen and often...

JD
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Does SMTP Connection Drop When Posfix Reload is Issued ?

[Prabhpal S. Mavi]

Dear Adam Tauno Williams

thanks for your response, i am not sure what did you advice. could you
please explain nit more if there is any other way to do it. as sounds in
your mail.

Thanks

> On Wed, 2012-04-25 at 11:42 +, Prabhpal S. Mavi wrote:
>> i think i must tell little background as well. it is actually php script
>> that perform blacklist check every minute through cron. if it found that
>> IP is blacklisted. It will then insert "relay host =" value in main.cf
>> and
>> reload postfix service. When IP is no more blacklisted it will then
>> remove
>> the same directive from main.cf and reload postfix.
>
> Why not propely 'out-source' this to a Postfix map rather than modifying
> main.cf.  Dynamic modification of main.cf is *seriously* brain-damaged
> in my opinion.  Point a map at an LDAP DSA or an RDBMS database and have
> the application update *that*.  Then Postfix checks the map.  Nobody
> needs to get constantly hup'd and you aren't touching configuation files
> that *should not be writable* anyway.
>
>> everything is working as expected. i have one question, when we reload
>> postfix does it drop active SMTP session?
>
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>


Thanks / Regards
Prabhpal S. Mavi



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Does SMTP Connection Drop When Posfix Reload is Issued ?

[Adam Tauno Williams]

On Wed, 2012-04-25 at 11:42 +, Prabhpal S. Mavi wrote:
> i think i must tell little background as well. it is actually php script
> that perform blacklist check every minute through cron. if it found that
> IP is blacklisted. It will then insert "relay host =" value in main.cf and
> reload postfix service. When IP is no more blacklisted it will then remove
> the same directive from main.cf and reload postfix.

Why not propely 'out-source' this to a Postfix map rather than modifying
main.cf.  Dynamic modification of main.cf is *seriously* brain-damaged
in my opinion.  Point a map at an LDAP DSA or an RDBMS database and have
the application update *that*.  Then Postfix checks the map.  Nobody
needs to get constantly hup'd and you aren't touching configuation files
that *should not be writable* anyway.

> everything is working as expected. i have one question, when we reload
> postfix does it drop active SMTP session?



signature.asc
Description: This is a digitally signed message part
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos