Re: header checks not working

2014-09-13 Thread Viktor Dukhovni
On Fri, Sep 12, 2014 at 10:12:38PM -0700, Den wrote: I was just wondering what exactly does the line below do? Could anybody comment / advise, please? It does not actually check and *confirm* that the code, syntax, etc. of any regexp present in /filter/ (example) is 100% correct does it?

Re: Why does EHLO [X.X.X.X] always pass helo restrictions?

2014-09-13 Thread LuKreme
On 12 Sep 2014, at 13:55 , li...@rhsoft.net wrote: Am 12.09.2014 um 21:49 schrieb Philip Prindeville: However, any time I connect via telnet to this server and specify *any* IP address in the form [X.X.X.X], the smtpd_helo_restrictions won't trigger. This is both legal and reasonable. it

Re: Why does EHLO [X.X.X.X] always pass helo restrictions?

2014-09-13 Thread li...@rhsoft.net
Am 13.09.2014 um 15:10 schrieb LuKreme: On 12 Sep 2014, at 13:55 , li...@rhsoft.net wrote: Am 12.09.2014 um 21:49 schrieb Philip Prindeville: However, any time I connect via telnet to this server and specify *any* IP address in the form [X.X.X.X], the smtpd_helo_restrictions won't trigger.

Re: Why does EHLO [X.X.X.X] always pass helo restrictions?

2014-09-13 Thread li...@rhsoft.net
Am 13.09.2014 um 15:10 schrieb LuKreme: On 12 Sep 2014, at 13:55 , li...@rhsoft.net wrote: Am 12.09.2014 um 21:49 schrieb Philip Prindeville: However, any time I connect via telnet to this server and specify *any* IP address in the form [X.X.X.X], the smtpd_helo_restrictions won't trigger.

Re: Why does EHLO [X.X.X.X] always pass helo restrictions?

2014-09-13 Thread LuKreme
On 13 Sep 2014, at 07:35 , li...@rhsoft.net wrote: Am 13.09.2014 um 15:10 schrieb LuKreme: On 12 Sep 2014, at 13:55 , li...@rhsoft.net wrote: Am 12.09.2014 um 21:49 schrieb Philip Prindeville: However, any time I connect via telnet to this server and specify *any* IP address in the form

Re: Why does EHLO [X.X.X.X] always pass helo restrictions?

2014-09-13 Thread li...@rhsoft.net
Am 13.09.2014 um 19:12 schrieb LuKreme: On 13 Sep 2014, at 07:35 , li...@rhsoft.net wrote: Am 13.09.2014 um 15:10 schrieb LuKreme: On 12 Sep 2014, at 13:55 , li...@rhsoft.net wrote: Am 12.09.2014 um 21:49 schrieb Philip Prindeville: However, any time I connect via telnet to this server and

Re: Why does EHLO [X.X.X.X] always pass helo restrictions?

2014-09-13 Thread Wietse Venema
li...@rhsoft.net: and only because people continue to tell it is reasonable instead block such connections It would be a burden on YOU to convince people (well Wietse) that it is not reasonable check_helo_access exists Children, stop quarreling. Postfix already has the ability to

Re: Why does EHLO [X.X.X.X] always pass helo restrictions?

2014-09-13 Thread li...@rhsoft.net
Am 13.09.2014 um 20:19 schrieb Wietse Venema: li...@rhsoft.net: and only because people continue to tell it is reasonable instead block such connections It would be a burden on YOU to convince people (well Wietse) that it is not reasonable check_helo_access exists Children, stop

Re: Postfix and SASL auth on OpenBSD 5.5.

2014-09-13 Thread giacomo
Hello Viktor, On 10.09.14, 22:59, Viktor Dukhovni wrote: On Wed, Sep 10, 2014 at 10:46:43PM +0200, giacomo wrote: So you're using Cyrus SASL, but not showing any details of the SASL configuration, available plugins, ... The configuration of SASL is in

Re: Why does EHLO [X.X.X.X] always pass helo restrictions?

2014-09-13 Thread LuKreme
On 13 Sep 2014, at 11:48 , li...@rhsoft.net wrote: check_helo_access exists Exactly, so what is the problem? You seemed very unhappy that neither reject_non_fqdn_helo_hostname nor reject_unknown_helo_hostname rejected numerical helos and seemed to be taking the position that they should. I

Re: Why does EHLO [X.X.X.X] always pass helo restrictions?

2014-09-13 Thread li...@rhsoft.net
Am 13.09.2014 um 22:42 schrieb LuKreme: On 13 Sep 2014, at 11:48 , li...@rhsoft.net wrote: check_helo_access exists Exactly, so what is the problem? You seemed very unhappy the next time you respond to something read the thread i only commented the reasonable until you stepped in

Re: Why does EHLO [X.X.X.X] always pass helo restrictions?

2014-09-13 Thread Philip Prindeville
On Sep 12, 2014, at 1:55 PM, li...@rhsoft.net wrote: Am 12.09.2014 um 21:49 schrieb Philip Prindeville: However, any time I connect via telnet to this server and specify *any* IP address in the form [X.X.X.X], the smtpd_helo_restrictions won't trigger. This is both legal and reasonable.

Re: Why does EHLO [X.X.X.X] always pass helo restrictions?

2014-09-13 Thread Philip Prindeville
On Sep 13, 2014, at 7:35 AM, li...@rhsoft.net wrote: Am 13.09.2014 um 15:10 schrieb LuKreme: On 12 Sep 2014, at 13:55 , li...@rhsoft.net wrote: Am 12.09.2014 um 21:49 schrieb Philip Prindeville: However, any time I connect via telnet to this server and specify *any* IP address in the form

Re: Why does EHLO [X.X.X.X] always pass helo restrictions?

2014-09-13 Thread Wietse Venema
Philip Prindeville: Who says anything about mail servers? What if it's an MUA doing this? If the MUA connects to the MX service (port25) then it is an issue. If the MUA connects to port 587, then the server should not block HELO, and instead it should require that the client authenticates.

Re: Why does EHLO [X.X.X.X] always pass helo restrictions?

2014-09-13 Thread Philip Prindeville
On Sep 13, 2014, at 7:59 PM, Wietse Venema wie...@porcupine.org wrote: Philip Prindeville: Who says anything about mail servers? What if it's an MUA doing this? If the MUA connects to the MX service (port25) then it is an issue. If the MUA connects to port 587, then the server should