On Apr 28, 2015, at 12:33 PM, Marius Gologan marius.golo...@gmail.com wrote:
Shared DNS as Google's 8.8.8.8 is not accepted by some RBLs such as
spamhaus. They have an ACL in place.
You will lose about 2 points from Spam scoring when you use a public DNS
causing some spam to pass.
Thank
Bill Cole:
Are you are willing to consider changing MILTER_README to more precisely
describe that conditional availability of {i} if I propose specific
wording?
You can draft some text if you like. But, unless the text is really
simple, I don't expect that it is worth the trouble. If a
On Wed, Apr 29, 2015 at 11:18:47AM +1100, J?r?me Alet wrote:
For a few users only, we are planning to have, in addition to
the setup above :
Internet == MX == Server1 == Backend2
Internet == Server1 == Backend2
Where Backend2 is a Debian Wheezy machine hosting Postfix 2.9.6
So
Thank you for your response!
I viewed the some emails in the queue and did not see DKIM signatures in
them. Also, our network guys confirmed, that ASA version is 7.3, which
should be bug-free.
Any other ideas or things I should/could check and test?
Kristjan
On Mon, Apr 27, 2015 at 5:09 PM,
Hello,
As a part of our existing mail setup we've got something like this :
Internet == MX == Server1 == Backend1
Internet == Server1 == Backend1
Backend1 handles SMTP authentication and is used as the end users' SMTP
server in their MUAs whenever they want to send emails to anywhere (even
Hi,
I should have mentioned that I actually did that, once I couldn't
find Stan's site:
https://github.com/stevejenkins/hardwarefreak.com-fqrdns.pcre
For those who are using it, I've replaced it with a version from March
2013 instead of March 2012.
On 28 Apr 2015, at 8:45, Kristjan Nii wrote:
Thank you for your response!
I viewed the some emails in the queue and did not see DKIM signatures
in
them. Also, our network guys confirmed, that ASA version is 7.3, which
should be bug-free.
Perhaps it should be (a slippery English idiom that
Hi again,
On Wed, Apr 29, 2015 at 12:34:35AM +, Viktor Dukhovni wrote:
Replace this (on Server1) with a rewriting configuration:
virtual:
newu...@example.com newu...@backend2.example.com
transport:
example.com relay:[backend1.example.com]
On Wed, Apr 29, 2015 at 04:32:22AM +, Viktor Dukhovni wrote:
On Wed, Apr 29, 2015 at 03:23:20PM +1100, J?r?me Alet wrote:
You've not explained how you intend to manage mailboxes, or shown any
details of your configuration. My advice was correspondingly sketchy.
My bad, sorry.
If you
On Wed, Apr 29, 2015 at 03:53:09PM +1100, J?r?me Alet wrote:
On Wed, Apr 29, 2015 at 04:32:22AM +, Viktor Dukhovni wrote:
On Wed, Apr 29, 2015 at 03:23:20PM +1100, J?r?me Alet wrote:
You've not explained how you intend to manage mailboxes, or shown any
details of your configuration.
Hi, and thanks for your fast answer,
On Wed, Apr 29, 2015 at 12:34:35AM +, Viktor Dukhovni wrote:
On Backend2 mydestination is defined as :
mydestination = example.com, backend2.example.com,
localhost.localdomain, localhost
Looks like you're using local(8)
On Wed, Apr 29, 2015 at 03:23:20PM +1100, J?r?me Alet wrote:
I've tried several combinations of your suggestions, but now
unfortunately delivery doesn't work anymore (it used to, as explained
previously) : newu...@backend2.example.com is always rejected as unknown
in local recipient table.
On 28 Apr 2015, at 23:23, Steve Jenkins st...@stevejenkins.com wrote:
On Tue, Apr 28, 2015 at 2:13 PM, Terry Barnum te...@dop.com
mailto:te...@dop.com wrote:
github URL for curl:
$ curl
https://raw.githubusercontent.com/stevejenkins/hardwarefreak.com-fqrdns.pcre/master/fqrdns.pcre
Kristjan Nii:
Thank you for your response!
I viewed the some emails in the queue and did not see DKIM signatures in
them. Also, our network guys confirmed, that ASA version is 7.3, which
should be bug-free.
Any other ideas or things I should/could check and test?
Other issues may have to do
Postfix v.3.0.0 MILTER_README says:
Sendmail macro emulation
Postfix emulates a limited number of Sendmail macros, as shown in the
table.
Some macro values depend on whether a recipient is rejected (rejected
recipients are available on request by the Milter application).
On Apr 28, 2015, at 1:47 AM, Marius Gologan marius.golo...@gmail.com wrote:
Hi Terry,
I use amavisd-new/spamassassin in post-queue configuration with few
adjustments: increased score for SPF_FAIL, DKIM_ADSP_DISCARD, Bayes_80,
Bayes_95, Bayes_99, Bayes_999 and few others.
Local DNS
On Tue, Apr 28, 2015 at 2:13 PM, Terry Barnum te...@dop.com wrote:
github URL for curl:
$ curl
https://raw.githubusercontent.com/stevejenkins/hardwarefreak.com-fqrdns.pcre/master/fqrdns.pcre
Thanks, Terry. The same URL will also work for a wget, and I recommend
using the -N option for
On Apr 28, 2015, at 1:31 PM, Steve Jenkins st...@stevejenkins.com wrote:
snip
https://github.com/stevejenkins/hardwarefreak.com-fqrdns.pcre/blob/master/fqrdns.pcre
Interesting to click the history button and see that it didn't really change
all that much from 2012-2014.
SteveJ
github
I don't know about others, but Pyzor is quite accurate in my experience. I
think I will increase its score because, for example, most Russian spam
don't include links.
Pyzor is generating a digest key based on the content which is checked
against a database. In return, it gets two values: positive
On Tue, Apr 28, 2015 at 10:50 AM, Quanah Gibson-Mount qua...@zimbra.com
wrote:
Hi Steve,
I had just set this up on March 11, 2015. The version I downloaded at
that time has a timestamp of:
# Postfix PCRE bot spam killer
#
# Updated 10/2/2014
#
Thanks, Quanah. That's actually the
Hi Terry,
I use amavisd-new/spamassassin in post-queue configuration with few
adjustments: increased score for SPF_FAIL, DKIM_ADSP_DISCARD, Bayes_80,
Bayes_95, Bayes_99, Bayes_999 and few others.
Local DNS server - critical for RBL queries.
As for postscreen, I preffer postscreen_greet_action =
--On Monday, April 27, 2015 10:10 PM -0700 Steve Jenkins
st...@stevejenkins.com wrote:
I don't know when Stan did his final update, but if anyone has one newer
than Mar 27 2013, please send it to me off-list and I'll update it.
Hi Steve,
I had just set this up on March 11, 2015. The
On Apr 28, 2015, at 1:04 PM, Terry Barnum te...@dop.com wrote:
On Apr 28, 2015, at 1:47 AM, Marius Gologan marius.golo...@gmail.com wrote:
Hi Terry,
I use amavisd-new/spamassassin in post-queue configuration with few
adjustments: increased score for SPF_FAIL, DKIM_ADSP_DISCARD,
Bill Cole:
Also, the setting smtpd_delay_open_until_valid_rcpt = no assures that
the queue ID is known at RCPT time, making it possible for Postfix to
provide it to milters as the default setting says it will.
This is not the default because it can increase queue activity by
an order of
On 28 Apr 2015, at 13:30, Wietse Venema wrote:
Bill Cole:
Also, the setting smtpd_delay_open_until_valid_rcpt = no assures
that
the queue ID is known at RCPT time, making it possible for Postfix to
provide it to milters as the default setting says it will.
This is not the default because it
On 28 Apr 2015, at 18:04, Alex Regan mysqlstud...@gmail.com wrote:
Hi,
I should have mentioned that I actually did that, once I couldn't
find Stan's site:
https://github.com/stevejenkins/hardwarefreak.com-fqrdns.pcre
For those who are using it, I've replaced it with a
Hello,
I have the following problem.
I configured Postfix 3.0.1 to force SASL auth and permit only a set of
envelope sender addresses for each login
(reject_authenticated_sender_login_mismatch).
I would like to understand why the null envelope sender address ()
is always permitted for
Shared DNS as Google's 8.8.8.8 is not accepted by some RBLs such as
spamhaus. They have an ACL in place.
You will lose about 2 points from Spam scoring when you use a public DNS
causing some spam to pass.
Spamassassin (SA) uses many RBL services checking Domain IP of the Sender;
Domains, IPs and
To be more specific about using a notorious DNS such as Google's
8.8.8.8(4.4):
When many uses that DNS for RBL, Google queries the RBL from different IP
pools (IPv4 and IPv6) and not from 8.8.8.8(4.4) as some might think.
As a result, the popular provider has the feeling of a constant DNS DDoS
On Tue, Apr 28, 2015 at 09:03:51AM +0200, Marco wrote:
I would like to understand why the null envelope sender address () is
always permitted for all logins, even if it doesn't match the
smtpd_sender_login_maps table.
reject_authenticated_sender_login_mismatch works as expected for all other
Hi,
check_client_access uses the verified name, which is more conservative.
I wasn't convinced this was a good idea, so I played it safe.
So check_client_access is performing an additional DNS query on the
hostname to check if it matches the IP?
Right.
Awesome, thanks. I'm learning all
31 matches
Mail list logo
