Re: Temporarily block domain.tld from sending?

2013-10-08 Thread Stan Hoeppner
On 10/8/2013 7:15 PM, li...@sbt.net.au wrote: > On Wed, October 9, 2013 10:41 am, Stan Hoeppner wrote: >> On 10/8/2013 3:08 PM, li...@sbt.net.au wrote: > > Stan, Michael and other who responded, thanks > >> Others responded with some good ideas here, mostly locking down PHP >> itself so it can't

Re: Temporarily block domain.tld from sending?

2013-10-08 Thread lists
On Wed, October 9, 2013 10:41 am, Stan Hoeppner wrote: > On 10/8/2013 3:08 PM, li...@sbt.net.au wrote: Stan, Michael and other who responded, thanks > Others responded with some good ideas here, mostly locking down PHP > itself so it can't use the sendmail binary. But it sounds like this is a >

Re: Temporarily block domain.tld from sending?

2013-10-08 Thread Stan Hoeppner
On 10/8/2013 3:08 PM, li...@sbt.net.au wrote: > On Tue, October 8, 2013 4:44 pm, Stan Hoeppner wrote: ... >> Understood. For a more permanent solution to this script problem, you >> may want to consider locking down or disabling the pickup service, and >> configuring all web applications and MUAs

Re: postfwd2 expericiencies

2013-10-08 Thread Jan P. Kessler
>I've started to runnning postfwd2 on my server, with aproximately > up to 500 mails daily (and 80% spams :) ). I plan to use it to a > domain with 30 000 daily emails. Does anybody have postfwd2 applied > for similar domain ? What about huge dns count for RBL ? I use it since years wit

Re: Temporarily block domain.tld from sending?

2013-10-08 Thread lists
On Tue, October 8, 2013 4:44 pm, Stan Hoeppner wrote: > On 10/7/2013 11:19 PM, li...@sbt.net.au wrote: >> there was a php script uploaded and called >> I've removed the script, I stopped ftp (it seems it was ftp'd) >> at the time I've posted, I was on a 4" mobile, and, I was looking for a >> st

RE: Clarification on smtp_client config settings

2013-10-08 Thread Dominik George
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On a side note: Stop the threadjacking. Thanks! -BEGIN PGP SIGNATURE- Version: APG v1.0.8-fdroid iQFNBAEBCgA3BQJSVFIPMBxEb21pbmlrIEdlb3JnZSAobW9iaWxlIGtleSkgPG5p a0BuYXR1cmFsbmV0LmRlPgAKCRAvLbGk0zMOJaolB/9PgX5yhulip3+5JQFBqAHP GSoZGll0bVjdz

RE: Clarification on smtp_client config settings

2013-10-08 Thread Thomas Moretto
Correct, the last paragraph is the real question: "For example, if I submit one message with the id of 09AE3ZBX addressed 100 different recipients does postfix count that as 1 message submitted or 100?" which I have interpreted from everything i have read and the response i got from the email i

Re: Clarification on smtp_client config settings

2013-10-08 Thread Dominik George
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 wie...@porcupine.org schrieb: >Thomas Moretto: >>Can someone add some clarification to this setting: >> >> smtpd_client_message_rate_limitThe number of >> messages and advisor would be able to send in a 5 minute period >> Does the counter count eac

Re: Clarification on smtp_client config settings

2013-10-08 Thread Wietse Venema
Thomas Moretto: >Can someone add some clarification to this setting: > > smtpd_client_message_rate_limitThe number of > messages and advisor would be able to send in a 5 minute period > Does the counter count each unique postfix id assigned to a message > or does it count to each recipient? As do

Clarification on smtp_client config settings

2013-10-08 Thread Thomas Moretto
Can someone add some clarification to this setting: smtpd_client_message_rate_limitThe number of messages and advisor would be able to send in a 5 minute period Does the counter count each unique postfix id assigned to a message or does it count to each recipient? For example, if I submit one m

Re: restricting few users from sending mails outside domain (mymailsystem.com)

2013-10-08 Thread virtualpostfix
Ohh GREAT Noel! that sorted the issue out .. I was using roundcube to test this but once you specified that its using sendmail instead of smtp it clicked the right button, roundcube by default uses available mta and do not look for smtp auth. I have adjusted roundcube to go for smtp and it worked

Re: restricting few users from sending mails outside domain (mymailsystem.com)

2013-10-08 Thread Noel Jones
On 10/8/2013 5:27 AM, virtualpostfix wrote: > Hi Nik, > > Thanks for quick reply, yes the postfix version is 2.6 : > > [root@posttestbox postfix]# postconf -d mail_version > mail_version = 2.6.6 > > Here is how I tried the suggestion in main.cf : > > smtpd_relay_restrictions = localonly > local

Re: Google rejecting IPv6 mails

2013-10-08 Thread Erinn Looney-Triggs
On 10/8/2013 6:26 AM, Wietse Venema wrote: > Wietse Venema: >> postfix: >>> Mail from our system wasn't accepted oftentimes by Google either. >>> I discovered the following solution: Our mail server has got two IPv6 >>> addresses in the open Internet, one is specific, the other one >>> automatica

Re: Temporarily block domain.tld from sending?

2013-10-08 Thread li...@rhsoft.net
Am 08.10.2013 15:16, schrieb Michael Orlitzky: > On 10/08/2013 01:44 AM, Stan Hoeppner wrote: >> >> Understood. For a more permanent solution to this script problem, you >> may want to consider locking down or disabling the pickup service, and >> configuring all web applications and MUAs to use t

Re: Temporarily block domain.tld from sending?

2013-10-08 Thread Michael Orlitzky
On 10/08/2013 01:44 AM, Stan Hoeppner wrote: > > Understood. For a more permanent solution to this script problem, you > may want to consider locking down or disabling the pickup service, and > configuring all web applications and MUAs to use the submission service > with auth. This will prevent

Re: Successfull mail delivery question

2013-10-08 Thread Wietse Venema
Oleksii Krykun: > If user requests return receipt he receive delivery report about amavis only. > > This is the mail system at host xxx. > > Your message was successfully delivered to the destination(s) listed below. > If the message was delivered to mailbox you will receive no further > notifi

Successfull mail delivery question

2013-10-08 Thread Oleksii Krykun
Hi, I have postfix+amavisd-new installed. My amavis related part of master.cf like following: smtp inet n - n - - smtpd -o content_filter=smtp-amavis:[127.0.0.1]:10024 -o receive_override_options=no_address_mappings ... smtp-amavis unix - -

Re: Google rejecting IPv6 mails

2013-10-08 Thread Wietse Venema
Wietse Venema: > postfix: > > Mail from our system wasn't accepted oftentimes by Google either. > > I discovered the following solution: Our mail server has got two IPv6 > > addresses in the open Internet, one is specific, the other one > > automatically created. The first one was in the DNS, the

Re: Google rejecting IPv6 mails

2013-10-08 Thread John Allen
I ran into this problem a little while ago. I found that the problem was the Postfix binds to a port (25) for sending, Linux links that port to an IP when needed. This means that the address may change each time a send is initiated (This is my imperfect understanding of things). To make sure

postfwd2 expericiencies

2013-10-08 Thread Josef Karliak
Good afternoon, I've started to runnning postfwd2 on my server, with aproximately up to 500 mails daily (and 80% spams :) ). I plan to use it to a domain with 30 000 daily emails. Does anybody have postfwd2 applied for similar domain ? What about huge dns count for RBL ? Thanks and be

Re: Google rejecting IPv6 mails

2013-10-08 Thread Wietse Venema
postfix: > Mail from our system wasn't accepted oftentimes by Google either. > I discovered the following solution: Our mail server has got two IPv6 > addresses in the open Internet, one is specific, the other one > automatically created. The first one was in the DNS, the second one not. > I not

Re: restricting few users from sending mails outside domain (mymailsystem.com)

2013-10-08 Thread virtualpostfix
ohh lol yes! right Charles. Uhh I guess this issue is taking away my head. Thanks Charles. -- View this message in context: http://postfix.1071664.n5.nabble.com/restricting-few-users-from-sending-mails-outside-domain-mymailsystem-com-tp61996p62005.html Sent from the Postfix Users mailing list

Re: restricting few users from sending mails outside domain (mymailsystem.com)

2013-10-08 Thread Charles Marcus
On 2013-10-08 6:27 AM, virtualpostfix wrote: [root@posttestbox postfix]# postconf -d mail_version mail_version = 2.6.6 ? 2.6 is NOT >= 2.10 -- Best regards, */Charles/*

Re: Google rejecting IPv6 mails

2013-10-08 Thread Peter
On 10/08/2013 11:16 PM, postfix wrote: > Mail from our system wasn't accepted oftentimes by Google either. > I discovered the following solution: Our mail server has got two IPv6 > addresses in the open Internet, one is specific, the other one > automatically created. The first one was in the DNS,

Re: restricting few users from sending mails outside domain (mymailsystem.com)

2013-10-08 Thread virtualpostfix
Hi Nik, Thanks for quick reply, yes the postfix version is 2.6 : [root@posttestbox postfix]# postconf -d mail_version mail_version = 2.6.6 Here is how I tried the suggestion in main.cf : smtpd_relay_restrictions = localonly localonly = check_recipient_access hash:/etc/postfix/localdomains, reje

Re: Google rejecting IPv6 mails

2013-10-08 Thread postfix
Mail from our system wasn't accepted oftentimes by Google either. I discovered the following solution: Our mail server has got two IPv6 addresses in the open Internet, one is specific, the other one automatically created. The first one was in the DNS, the second one not. I noticed that many tim

Re: restricting few users from sending mails outside domain (mymailsystem.com)

2013-10-08 Thread Dominik George
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Dominik George schrieb: >-BEGIN PGP SIGNED MESSAGE- >Hash: SHA512 > >Hi, > >>smtpd_recipient_restrictions = check_sender_access > >Are you using Postfix >=2.10? If so, have you tried smtpd_relay_access? smtpd_relay_restrictions, anyway. -

Re: Temporarily block domain.tld from sending?

2013-10-08 Thread li...@rhsoft.net
Am 08.10.2013 11:32, schrieb Manuel Bieling: > On 2013.10.08 09:16:11 +0200, li...@rhsoft.net wrote: >> i never allowed any webserver in the past 10 years to >> use the sendmail binary for a lot of reasons like header >> injections and so on > > Good, but possibly would not have helped. For me

Re: Temporarily block domain.tld from sending?

2013-10-08 Thread Manuel Bieling
On 2013.10.08 09:16:11 +0200, li...@rhsoft.net wrote: > i never allowed any webserver in the past 10 years to > use the sendmail binary for a lot of reasons like header > injections and so on Good, but possibly would not have helped. For me it looks obvious like 'Stealrat' which opens a socket t

Re: restricting few users from sending mails outside domain (mymailsystem.com)

2013-10-08 Thread Dominik George
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi, >smtpd_recipient_restrictions = check_sender_access Are you using Postfix >=2.10? If so, have you tried smtpd_relay_access? Cheers, Nik -BEGIN PGP SIGNATURE- Version: APG v1.0.8-fdroid iQFNBAEBCgA3BQJSU9BkMBxEb21pbmlrIEdlb3JnZSAobW9ia

restricting few users from sending mails outside domain (mymailsystem.com)

2013-10-08 Thread virtualpostfix
Hi, I am trying to block few / selected users from sending mails outside of domain where as other users should be allowed to send mails anywhere. I have followed postfix official documentation of " Restricting what users can send mail to off-site destinations

Re: Temporarily block domain.tld from sending?

2013-10-08 Thread li...@rhsoft.net
Am 08.10.2013 07:44, schrieb Stan Hoeppner: >> I've removed the script, I stopped ftp (it seems it was ftp'd) >> >> at the time I've posted, I was on a 4" mobile, and, I was looking for a >> stop gap measure to 'stop further damage' from that point > > Understood. For a more permanent solution to