Re: Spammer rejected, but resends every 10 minutes. Any way to prevent this

2018-03-13 Thread li...@lazygranch.com
On Tue, 13 Mar 2018 23:35:01 -0400 "Bill Cole" wrote: > On 13 Mar 2018, at 22:51 (-0400), li...@lazygranch.com wrote: > > > I'm getting hit every 10 minutes from this spammer. As you can see > > I am > > rejecting the message. I wonder if the

Re: Spammer rejected, but resends every 10 minutes. Any way to prevent this

2018-03-13 Thread Bill Cole
On 13 Mar 2018, at 23:35 (-0400), Bill Cole wrote: OR: if you don't get any legitimate mail from Hunan, Chongqing, or Hong Kong you can probably safely block 113.240.0.0/12 from talking at all to your SMTP port (or just the /13 to limit it to Hunan.) OR: Use the Spamhaus ZEN DNSBL, which has

Re: Spammer rejected, but resends every 10 minutes. Any way to prevent this

2018-03-13 Thread Bill Cole
On 13 Mar 2018, at 22:51 (-0400), li...@lazygranch.com wrote: I'm getting hit every 10 minutes from this spammer. As you can see I am rejecting the message. I wonder if the offending email server doesn't know the message is being rejected? It's not being rejected, it's being deferred. Mar

Re: Spammer rejected, but resends every 10 minutes. Any way to prevent this

2018-03-13 Thread Peter
On 14/03/18 15:51, li...@lazygranch.com wrote: > I'm getting hit every 10 minutes from this spammer. As you can see I am > rejecting the message. I wonder if the offending email server doesn't > know the message is being rejected? > > Mar 13 23:28:58 centos-1gb-sfo1-01 postfix/smtpd[22153]:

Re: Spammer rejected, but resends every 10 minutes. Any way to prevent this

2018-03-13 Thread Benny Pedersen
Kevin A. McGrail skrev den 2018-03-14 03:55: On 3/13/2018 10:51 PM, li...@lazygranch.com wrote: I'm getting hit every 10 minutes from this spammer. As you can see I am rejecting the message. I wonder if the offending email server doesn't know the message is being rejected? Mar 13 23:28:58

Re: Spammer rejected, but resends every 10 minutes. Any way to prevent this

2018-03-13 Thread Kevin A. McGrail
On 3/13/2018 10:51 PM, li...@lazygranch.com wrote: > I'm getting hit every 10 minutes from this spammer. As you can see I am > rejecting the message. I wonder if the offending email server doesn't > know the message is being rejected? > > Mar 13 23:28:58 centos-1gb-sfo1-01 postfix/smtpd[22153]:

Spammer rejected, but resends every 10 minutes. Any way to prevent this

2018-03-13 Thread li...@lazygranch.com
I'm getting hit every 10 minutes from this spammer. As you can see I am rejecting the message. I wonder if the offending email server doesn't know the message is being rejected? Mar 13 23:28:58 centos-1gb-sfo1-01 postfix/smtpd[22153]: NOQUEUE: reject: RCPT from unknown[113.247.6.67]: 450 4.7.1

Re: question about envelop from.

2018-03-13 Thread Viktor Dukhovni
> On Mar 13, 2018, at 12:00 PM, Matus UHLAR - fantomas > wrote: > > smtpd_tls_ciphers=high > smtpd_tls_mandatory_ciphers=high > smtpd_tls_exclude_ciphers=aNULL My recommendation is: smtpd_tls_ciphers = medium smtpd_tls_mandatory_ciphers = high There's not much need to

Re: question about envelop from.

2018-03-13 Thread Viktor Dukhovni
> On Mar 13, 2018, at 11:36 AM, LuKreme wrote: > > In general, or these specific exclusions? Mostly in general. Why do cleartext with clients that can't do strong ciphers, let them encrypt with their medium ciphers. > I've had > > smtpd_tls_exclude_ciphers = MD5, SEED,

Re: question about envelop from.

2018-03-13 Thread Matus UHLAR - fantomas
On 13.03.18 09:36, LuKreme wrote: On Mar 13, 2018, at 09:17, Viktor Dukhovni wrote: smtpd_tls_exclude_ciphers = eNULL, aNULL, LOW, EXP, MEDIUM, ADH, AECDH, MD5, DSS, ECDSA, CAMELLIA128, CAMELLIA256, 3DES This too is unwise. Remove this setting. In general, or

Re: question about envelop from.

2018-03-13 Thread LuKreme
On Mar 13, 2018, at 09:17, Viktor Dukhovni wrote: >> smtpd_tls_exclude_ciphers = eNULL, aNULL, LOW, EXP, MEDIUM, ADH, AECDH, MD5, >> DSS, ECDSA, CAMELLIA128, CAMELLIA256, 3DES > > This too is unwise. Remove this setting. In general, or these specific exclusions?

Re: Reducing logging

2018-03-13 Thread LuKreme
On Mar 13, 2018, at 02:35, Christian Schmidt wrote: > In addition, you could add the option "-o syslog_name=postfix-587" (or > "25") to the corresponding entry in master.cf. This will make postfix > "label" the logfile entries - and maybe enable your

Re: question about envelop from.

2018-03-13 Thread Viktor Dukhovni
> On Mar 13, 2018, at 10:53 AM, L.P.H. van Belle wrote: > > Yes, i've set smtpd_tls_ask_ccert to yes. You almost certainly don't need this. > Hmmm, i now also noticed i dont have Trusted or Verified anymore, this must > be a miss on my side after the switch from 2.10 to 3.1

RE: question about envelop from.

2018-03-13 Thread L . P . H . van Belle
Hello Victor, > -Oorspronkelijk bericht- > Van: postfix-us...@dukhovni.org > [mailto:owner-postfix-us...@postfix.org] Namens Viktor Dukhovni > Verzonden: dinsdag 13 maart 2018 15:27 > Aan: Postfix users > Onderwerp: Re: question about envelop from. > > > > > On Mar 13, 2018, at 8:54

Re: question about envelop from.

2018-03-13 Thread Viktor Dukhovni
> On Mar 13, 2018, at 8:54 AM, L.P.H. van Belle wrote: > > Feb 7 00:00:16 hostname postfix/smtpd[31726]: NOQUEUE: reject: RCPT from > smtp1..nl[x.xx.xxx.xx]]: 450 4.1.8 : > Sender address rejected: Domain not found; >

Re: Greylisting?

2018-03-13 Thread john
Thanks. On 2018-03-11 10:39 PM, john wrote: I  was just taking a look through my postfix configuration and noticed that I have a "check_policy_service" for postgrey a greylisting service. I greylisting still considered worthwhile or should I drop it? TIA John A

RE: question about envelop from.

2018-03-13 Thread L . P . H . van Belle
Hai Matus, Thank you for the reply, most apriciated. No, but its a "government" server, so i need to be very sure.. ;-) Thanks, i was looking in the wrong rfc. Best regards, Louis > -Oorspronkelijk bericht- > Van: uh...@fantomas.sk > [mailto:owner-postfix-us...@postfix.org]

Re: question about envelop from.

2018-03-13 Thread Matus UHLAR - fantomas
On 13.03.18 13:54, L.P.H. van Belle wrote: Im reading through rfc's but the following is still not clear for me.   E-mail is rejected base on the envelop-from adres from a mail-daemon with postfix + postfix-policyd-spf   I saw the following in the postfix logs. Feb  7 00:00:16 hostname

question about envelop from.

2018-03-13 Thread L . P . H . van Belle
Hai,   Im reading through rfc's but the following is still not clear for me.   E-mail is rejected base on the envelop-from adres from a mail-daemon with postfix + postfix-policyd-spf   I saw the following in the postfix logs. Feb  7 00:00:16 hostname postfix/smtpd[31726]: Untrusted TLS

Re: Reducing logging

2018-03-13 Thread Matus UHLAR - fantomas
Patrick Ben Koetter, 12.03.2018: You'll probably have to use a (more modern) syslog service, e.g. rsyslogd, to split log by content into multiple files. On 13.03.18 09:35, Christian Schmidt wrote: In addition, you could add the option "-o syslog_name=postfix-587" (or "25") to the

Re: Reducing logging

2018-03-13 Thread Christian Schmidt
Patrick Ben Koetter, 12.03.2018: > You'll probably have to use a (more modern) syslog service, e.g. rsyslogd, to > split log by content into multiple files. In addition, you could add the option "-o syslog_name=postfix-587" (or "25") to the corresponding entry in master.cf. This will make postfix