On Thu, 2022-05-12 at 21:03 +, Dino Edwards wrote:
> Hi,
>
> Not sure if this is the right place to post the question concerning
> postfix-policyd-spf-python but I can't seem to find any working links
> for the openspf project.
>
You should start here,
https://launchpad.net/spf-engine
On Thu, 2022-01-13 at 15:20 +0100, Markus Grunwald wrote:
>
> I'm a bit at the end of my wits. All I want is that people can
> send a mail to distribut...@myserver.de and some 20 other people
> with various addresses will get that mail reliably. Being able to
> respond is a bonus, but not
On Tue, 2021-02-16 at 01:51 +0300, Eugene Podshivalov wrote:
> Generic approach to system administration and access control
> reconfiguration at runtime (without service reload).
>
If you want something more generic than what's already in postfix, the
next level up is probably iptables.
On 2020-09-11 14:24, Jos Chrispijn wrote:
> Can someone recommend a reliable Postscreen logfile analyser (FreeBSD 12)?
> Thanks in advance!
I still use postfix-logwatch (http://logreporters.sourceforge.net/), but
there are a few patches to apply since the maintainer went AWOL:
On 2020-07-14 09:29, Michael Orlitzky wrote:
> It appears that the blacklist entry is superseded by the cache?
>
> ...
>
> Is that intentional? Fixable? Work-aroundable?
>
For posterity: digging into the source led me to discover the
postscreen_blacklist_action (default:
Out postmaster/abuse addresses fall through a trapdoor at the top of
smtpd_recipient_restrictions, and every once in a while someone decides
to abuse that kindness. Yesterday I added 84.54.12.0/24 to postscreen's
blacklist to prevent them from ever reaching the trapdoor. This morning
I was
On 1/15/20 5:12 PM, Noel Jones wrote:
>
> We've had problems with users mistyping domain names, such as hotmal.com
> or aoil.com. And they ignore the delay warning message because they
> still don't notice their typo.
I can +1 this request, even if it's something I morally shouldn't need.
POSTSCREEN_README.html says that the error
NOQUEUE: reject: CONNECT from [address]:port: all server ports busy
is affected by the postscreen_pre_queue_limit parameter. However, in
postscreen.c it looks like the error associated with the "pre_queue"
parameter is "all screening ports busy", and
On 01/29/2018 03:31 PM, Viktor Dukhovni wrote:
>
> This issue affects a lot more than just Postfix, for example tar(1)
> when run as root will chown files to the owner listed in the archive
> metadata, and is almost certainly equally exposed.
I'm not 100% sure, but it looks like GNU tar will use
On 01/29/2018 12:25 PM, Joris (ideeel) wrote:
>
> Doesnt postfix use proxymap for that?
> http://www.postfix.org/proxymap.8.html
>
For what? I'm wondering whether or not the upgrade procedure is safe
w.r.t. the $mail_owner user.
On 01/28/2018 01:53 PM, Viktor Dukhovni wrote:
>
> You're not supposed to do this "by hand". Instead, when upgrading from
> source, run:
>
> # postfix set-permissions upgrade-configuration
>
How sensitive is the $mail_owner account? From what I gather, the
set-permissions script (which
On 10/20/2017 09:57 AM, Ralph Seichter wrote:
>
> Depending on the use case, discarding email can be as valid a method as
> rejecting email. Messages sent by automation- or monitoring-services
> (Jenkins, Icinga) come to mind. If somebody chooses to reply to these
> machine-generated
On 09/03/2017 07:43 AM, Wietse Venema wrote:
> Tom Browder:
>> The docs mention not to use root or postfix for the "-u UID" option. Then
>> what user should it be? Is a new user to be created for that purpose?
>> Should that same user own the /var/db/dkim directory and files?
>
> All my opendkim
On 01/31/2017 05:45 AM, Tim Smith wrote:
> Hi,
>
> I’m trying to create a “nobody@“ email address for outbound-only
> transaction confirmations that will /dev/null any attempts to email
> it.
>
If someone less computer-savvy takes the time to reply to your
confirmation, why would you throw away
On 12/05/2016 08:52 PM, Alex wrote:
> Hi,
>
> I have a postfix-3.0.5 system with a few hundred users. They have
> access to submission, webmail, and dovecot to send and receive mail.
>
> On occasion, user's local desktop are compromised, and with it their
> account on this system. This leads to
On 08/27/2016 07:42 PM, Wietse Venema wrote:
>>
>> Thanks. The "cp -p" feature was not portable in the days that this script
>> was written, but it should be safe to use now.
>
> Unfortunately, I have to roll back this change, because it may
> install files with non-root ownership.
>
> Those who
On 05/31/2016 08:16 PM, Terry Barnum wrote:
>
> Since web.com probably has a fleet of mail servers, do I need to find and
> enter all their IPs into my postscreen_access.cidr? Is there an easier way?
>
That's generally what you have to do. Postscreen is meant to catch the
most obvious
On 02/19/2016 08:05 PM, Sebastian Nielsen wrote:
>
> Yeah, I agree that actually, only 644 is required on that config
> file. But why get so angry when someone 666's a file to just get
> things working? Its not like a list of banned spam domains is
> something super-sensitive.
>
Maybe this
On 02/19/2016 06:52 PM, Sebastian Nielsen wrote:
>
> 2: Its just a habit, everytime some process complains of not able to
> access a file, "666" is the universal solution. Of course, this isn't
> recommended in a web hosting setup, but if you're hosting for example
> a mail server for a company,
On 05/14/2015 10:41 AM, Barbara M. wrote:
I use SA in default config. Never tried to customize rules, so, may be it
isn't trivial for me. :-)
N.B.: I want mail rejected from Postfix not marked as spam and delivered.
If SA can do this I try it (better if someone give me some example/hints
On 04/30/2015 08:24 PM, Terry Barnum wrote:
I've been using pflogsumm but it's old and doesn't know about
postscreen. I'd like to see how many connections are being refused by
postscreen. What do you like? logwatch? awstats? other?
http://logreporters.sourceforge.net/
I believe logwatch now
On 04/27/2015 06:55 PM, Alex Regan wrote:
Hi,
I assume that means you use it in header_checks?
It's still a client check; I have
smtpd_recipient_restrictions =
...
check_client_access pcre:$maps/generic_rdns.pcre,
If you're using a version of postfix later than 2.6, you
On 04/27/2015 10:57 PM, Alex Regan wrote:
check_client_access uses the verified name, which is more conservative.
I wasn't convinced this was a good idea, so I played it safe.
So check_client_access is performing an additional DNS query on the
hostname to check if it matches the IP?
On 04/26/2015 03:55 PM, Wolfgang Zeikat wrote:
I assume that means you use it in header_checks?
It's still a client check; I have
smtpd_recipient_restrictions =
...
check_client_access pcre:$maps/generic_rdns.pcre,
...
And then in spamassassin,
header GENERIC_RDNS
On 04/26/2015 09:07 AM, Patrick Laimbock wrote:
I would appreciate it if someone with a recent version of fqrdns.pcre
could put it up on github or post it to the mailing list or offline to
me or Steve. I found it very useful and would like to continue to use it.
Here's my copy, modified
On 02/23/2015 05:05 PM, miroslav.rov...@zg.ht.hr wrote:
Hi!
as you can read in this new bug report that I submitted:
GNU debugger employed via Postfix crashed PaX hardened kernel
https://bugs.gentoo.org/show_bug.cgi?id=541104
also:
GNU debugger checking for PaX and refusing to work
On 02/05/2015 09:58 AM, Christian Rößner wrote:
Sorry, if I correct you (hopefully I am right…)
This is not a profile I showed, this is the gcc compiler. And it is from the
hardened stage tar ball:
stage3-amd64-hardened-20121210.tar.bz2 (I kept it since install in / ;-) )
On 06/17/2014 11:58 PM, Jose Borges Ferreira wrote:
If you wanto to deliver do 1.2.3.4 and , if fails, then try 8.9.10.11
then you can create a dns entry with those IP an MX
ex:
some_entry.local IN MX 10 1.2.3.4
some_entry.local IN MX 20 8.9.10.11
then setup transport_maps to:
On 06/18/2014 11:07 AM, Jim Reid wrote:
On 18 Jun 2014, at 15:45, Michael Orlitzky mich...@orlitzky.com
wrote:
Nitpick: the .local TLD is reserved by RFC 6762, .invalid may
be a better long-term choice.
I'll raise you another nitpick. .invalid is reserved by RFC6761 and
in the IANA
On 04/16/2014 10:14 AM, Kris Deugau wrote:
In case some customer changes the MX records away from me, how can I
automatically stop accepting mail for that domain?
About the best you can do is probably a cron job that checks on MX
records for domains you supposedly host, that can lead to
On 11/22/2013 04:12 AM, Alexander Farber wrote:
Hello,
I run a Drupal 7 website on a CentOS 6.4 server
with postfix-2.6.6-2.2.el6_1.x86_64.
In the last few months the amount of fake users trying to register at my
website has increased dramatically - I get 2 or 3 of such registrations
per
On 10/08/2013 01:44 AM, Stan Hoeppner wrote:
Understood. For a more permanent solution to this script problem, you
may want to consider locking down or disabling the pickup service, and
configuring all web applications and MUAs to use the submission service
with auth. This will prevent
On 09/01/2013 08:47 PM, Roman Gelfand wrote:
But these emails ultimately do get sent out. It could take a long time.
To me it sounds odd that they don't know their DNS lookups are screwed
up. And if they do know, why are they placing such strict constraints
on incoming mail.
Usually there are
On 07/19/2013 08:19 AM, L.W. van Braam van Vloten wrote:
Hello list,
I have configured postfix to not accept connections from clients that
fail the reverse dns check.
But I want to be able to whitelist specific clients, even if the reverse
hostname check fails.
To achieve this I
On 06/04/2013 08:51 PM, Wietse Venema wrote:
Please file a bug report with your distribution.
Postfix 2.10 as distributed by me will add a backwards-compatibility
setting to main.cf, thusly:
# postfix upgrade-configuration
COMPATIBILITY: editing /etc/postfix/main.cf, overriding
Is this map type (pcre) intended?
/etc/postfix/main.cf:
smtp_discard_ehlo_keyword_address_maps =
pcre:/etc/postfix/discard_ehlo_keywords
/etc/postfix/discard_ehlo_keywords:
# This is likely to be incomplete.
216.32.0.0/16 silent-discard, pipelining
213.199.0.0/16
We have a customer on a shared server who would like to reject mail from
one recipient while retaining a copy for legal purposes.
Last week, before they asked me to reject the guy, they just wanted to
discard the real copy (addressed to a human) and save a copy elsewhere,
for later review.
My
On 11/12/12 11:29, Noel Jones wrote:
Time to ask for help. Is there a way to make this work with a
before-queue amavisd?
The easy fix is to add a SpamAssassin rule or a clamav signature
that marks the unwanted mail as spam/virus, and configure
amavisd-new to quarantine the message.
On 08/27/12 11:25, Rich Carreiro wrote:
I know the real answer is to figure out how to modify the
relevant logwatch service script and/or to figure out how to get
mailmain to submit on 587.
Update postfix-logwatch[1], this should already be fixed.
[1] http://logreporters.sourceforge.net/
We store our virtual_foo_maps in,
/etc/posfix/maps/virtual_foo_maps.pgsql
and so the (read-only) database credentials are visible in that file.
I'd like to tighten this up if possible, but I don't want to do anything
stupid.
If I'm not going about this all wrong, what can I do to prevent e.g.
On 07/24/12 12:24, DTNX Postmaster wrote:
On Jul 24, 2012, at 18:09, Michael Orlitzky wrote:
We store our virtual_foo_maps in,
/etc/posfix/maps/virtual_foo_maps.pgsql
and so the (read-only) database credentials are visible in that file.
I'd like to tighten this up if possible, but I
On 07/24/2012 07:33 PM, mouss wrote:
map_directory = /var/db/postmap
cidr = cidr:${map_directory}/cidr
db = ${db_type}:${map_directory}/${db_type}
map_directory = /var/db/postmap
regex = ${regex_type}:${map_directory}/${regex_type}
sql = ${sql_type}:${map_directory}/${sql_type}
...
ls
We got hit by an iContact run last night and I woke up with several
hundred postmaster messages reporting a queue file write error. We run a
before-queue amavis.
Here are the logs of one of these transactions:
Jul 13 10:39:10 mx1 postfix/smtpd[14918]: connect from
On 07/13/12 12:22, Noel Jones wrote:
$max_servers = 100;
$max_requests = 25;
$child_timeout = 180;
$smtpd_timeout = 120;
I suspect 100 smtpd/amavisd processes is way too many for your
hardware, preventing amavisd from responding before a timeout occurs.
Reduce smtpd process count
On 07/13/12 12:23, Wietse Venema wrote:
Michael Orlitzky:
Jul 13 10:40:51 mx1 postfix/smtpd[14918]: warning: timeout talking to
proxy localhost:10024
Could it be that amavisd is really taking longer than smtpd is
willing to wait (default: smtpd_proxy_timeout = 100s)?
The timestamps
On 07/13/12 13:35, Noel Jones wrote:
This suggests that 25 is too many. Rule of thumb -- if you're
getting timeouts under heavy load, that means you're accepting more
connections than your box can handle in a timely manner.
I'll lower it back to 40 (this is a decent-sized server) to limit
On 05/03/12 05:14, Rob Sterenborg wrote:
h2a name=credits Credits /a/h2
According to the POSTSCREEN_README, postscreen doesn't do greylisting at
all: postscreen and greylisting are different things. The below is your
patch adapted with a partial copy-paste from the POSTSCREEN_README.
At the bottom of the stress readme,
http://www.postfix.org/STRESS_README.html#other
there is an allusion to what would eventually become postscreen. Might
as well update it with a sentence and a link to POSTSCREEN_README.html?
On 05/01/2012 03:42 PM, Postfix Support Mail wrote:
Sorry about that.
Reading the postscreen readme is what spawned the question.
If you enable the deep protocol tests, postscreen works pretty much like
greylisting since it will 4xx any client that passes. When they
reconnect, they skip
On 04/06/2012 12:53 PM, vr wrote:
I'm exploring moving my small, non-SQL Postfix installation from a SOHO
type server to an ISP... Cloud... or whatever marketing term you fancy.
I ask here because my own personal experience with Web companies has
been dismal when trying to send legitimate
On 03/14/2012 04:03 PM, Patrick Ben Koetter wrote:
* Charles Marcuscmar...@media-brokers.com:
On 2012-03-14 2:39 PM, Ed Wli...@wildgooses.com wrote:
I see no reason to *require* encryption on the submission port (RFC
aside).
Unless you prefer that sniffers not be able to see your passwords
On 03/06/12 14:10, Wietse Venema wrote:
Eray Aslan:
On Tue, Mar 06, 2012 at 11:48:35AM -0500, Wietse Venema wrote:
I think that making everyone wait would be another example of
well-meaning people doing things that give Postfix a bad reputation.
postfix start exits successfully but postfix
On 02/16/2012 12:13 PM, Dipl.-Ing. Juergen Ladstaetter wrote:
yet. Is there any way to configure postfix to always make MX record DNS
lookups, or is the only way through a second postfix instance that has no
localdomains specified?
Even with two instances you could have problems.
For
On 02/03/12 03:24, Laurent RAYSSIGUIER wrote:
I need to have a postfix relay which is able to separate customers
who have an antispam service provided by another company, and the
other who don't have antispam service.
We do something similar. We have two final mailbox destinations at the
On 12/08/2011 11:24 AM, Grant wrote:
You don't really need the permit_sasl_authenticated, since you shouldn't be
trying to auth on port 25. It doesn't hurt, though.
I just noticed that I can't send mail from Thunderbird unless I
include permit_sasl_authenticated in the above
On 12/08/2011 02:21 PM, Gary Smith wrote:
Wouldn't it be smarter to just tell SquirrelMail to use port 587 and
pass through authentication? This way if the server is compromised
or has another exploit there isn't a simple internal email server to
send all that spam from.
This is exactly what
On 12/08/2011 03:24 PM, Grant wrote:
So I should specify smtpd_client_restrictions or
smtpd_recipient_restrictions, but not both?
I think most people find it easier to put all of the restrictions under
smtpd_recipient_restrictions, since you can just read them top-to-bottom
with
On 12/08/2011 05:18 PM, Grant wrote:
I've boiled my config down to this. It is functional and I think it
is secure and that it rejects any attempt to send messages from
outside mynetworks unless authenticated. Am I correct? Please
consider all other directives to be default.
You're fine.
On 12/07/2011 08:09 PM, Grant wrote:
Is IMAP over SSL on 993 deprecated in favor of using STARTTLS on 143?
Nope. I personally prefer the dedicated port for POP3/IMAP.
I just read that Squirrelmail doesn't support STARTTLS, so I must
continue to use smtps 465 in order to use Squirrelmail?
On 12/07/2011 07:49 PM, Grant wrote:
I've been using smtps on port 465 for sending mail but I read it's
deprecated so I'm trying to switch to submission port 587.
With 465 I was using the Connection security: SSL/TLS setting in
Thunderbird, but after switching to 587 I can't send mail unless I
On 12/07/2011 09:48 PM, /dev/rob0 wrote:
On Wednesday 07 December 2011 19:58:18 Michael Orlitzky wrote:
On 12/07/2011 08:09 PM, Grant wrote:
Is IMAP over SSL on 993 deprecated in favor of using STARTTLS on
143?
Nope. I personally prefer the dedicated port for POP3/IMAP.
Preferences aside
On 12/07/2011 09:10 PM, Grant wrote:
I'm trying to figure out why I can't connect to 587 in Squirrelmail.
I can in Thunderbird.
You did select STARTTLS in the SquirrelMail config, right? The postfix
logs might give you an idea what it's trying to do.
The docs say that you need PHP with
On 12/07/2011 10:13 PM, Grant wrote:
You've probably got permit_mynetworks near the top of your
smtpd_foo_restrictions, which are inherited by default. The -o
The only smtpd_foo_restrictions I have in main.cf are:
smtpd_recipient_restrictions =
permit_sasl_authenticated,
On 09/29/11 20:38, James Lay wrote:
Hey All!
Topic says it….I consistently get email from one source that has the
date in the paste….say almost a month. Is there functionality within
Postfix to deal with these, or should I work on a daily script that will
modify my head_checks file or
On 07/27/11 17:41, Reindl Harald wrote:
Am 27.07.2011 23:22, schrieb Wietse Venema:
Is this machine running a webserver? Look in the access logs
if this is the reason consider disable smtp on 127.0.0.1
because most of dumb injected scripts are trying this instead
the network address!
On 07/19/2011 05:44 PM, Wietse Venema wrote:
smtp_skip_5xx_greeting (default: yes)
Skip SMTP servers that greet with a 5XX status code (go away, do not
try again later).
By default, the Postfix SMTP client moves on the next mail exchanger.
Specify
On 07/19/2011 09:39 PM, Wietse Venema wrote:
I think it would be useful to maintain a list of the parameters with
non-standard default values. I for one still notice and fix things like
this every few months.
I'd be willing to look through the main.cf documentation for settings
labeled as
On 07/18/11 17:38, Pablo Chamorro wrote:
Could somebody please tell me if it's possible to setup Postfix in
order to make the reception date is shown instead of the
email-messages sent-date?
Postfix doesn't show the date, your email client does. In Thunderbird, I
just right-click the little
On 07/18/2011 06:35 PM, mouss wrote:
Le 18/07/2011 19:40, Søren Schrøder a écrit :
I'm doing a 1.5M accounts setup with smtp-auth (submission tcp/587 using
postfix with dovecot-auth) and a plain smtp/25 for an allowed range of IP's
for our fixed IP customers
The backend is
On 05/08/2011 01:01 AM, Dennis Carr wrote:
On Sat, 7 May 2011, Michael Orlitzky wrote:
If he wants to reject hosts that HELO as his own, he can check his own
SPF record, and reject anything that softfails.
...spf does that?
-Dennis
Yeah, it can. You can set your local policy
On 05/07/2011 01:13 PM, Dennis Carr wrote:
Over the past couple days I'm noticing mail coming in from outside that is
supposedly from users of mine - but apparently isn't. HELO message comes
from chez-vrolet.net which is in my $mynetworks setting, but the IP
address for the incoming
On 05/07/2011 06:31 PM, Duane Hill wrote:
Saturday, May 7, 2011, 4:34:03 PM, you wrote:
On 05/07/2011 01:13 PM, Dennis Carr wrote:
Over the past couple days I'm noticing mail coming in from outside that is
supposedly from users of mine - but apparently isn't. HELO message comes
from
On 04/28/2011 07:45 PM, Troy Piggins wrote:
Might not be the right place to post this, so just let me know to
move on if so...
I've been using the wonderful postgrey on my server and it seems to
do a wonderful job of cutting down spam. I am now curious about the
targrey patch and whether
On 04/27/2011 10:16 PM, Michael B Allen wrote:
Hi,
When I send email from home through my Postfix server my home dynamic
IP is included in the Received header:
Received: from nano.foo.net
(pool-98-190-153-84.nwrknj.fios.verizon.net [98.190.153.84])
(using TLSv1 with cipher
On 04/27/2011 10:27 PM, Michael Orlitzky wrote:
There is a setting on some Barracuda appliances called deep header
inspection or deep header parsing that does this. Nobody who
understood it would ever turn it on. Nevertheless, it sounds good,
right? If you put the box there, somebody
On 04/18/11 10:07, Carlos Mennens wrote:
My postmaster default account is getting hammered with spam. I've
got SA / Amavisd-new working and tagging the messages as ***spam***
however I've just re-configured SA to be a little more aggressive on
scoring the messages. My question to the Postfix
On 04/11/11 12:49, jeremy.als...@imap-mail.com wrote:
I learned that we really should have both a primary and a backup MX
assigned, and that they should be different IPs.
I'm going question this wisdom with the hope that it might save you some
pain. Why would it be better to have two MXes,
On 04/11/11 14:02, jeremy.als...@imap-mail.com wrote:
Hi Michael
On Mon, 11 Apr 2011 13:41 -0400, Michael Orlitzky
mich...@orlitzky.com wrote:
On 04/11/11 12:49, jeremy.als...@imap-mail.com wrote:
I learned that we really should have both a primary and a backup MX
assigned
On 04/11/11 15:29, Rod Dorman wrote:
On Monday, April 11, 2011, 14:02:37, jeremy.als...@imap-mail.com wrote:
...
There's no wisdom here, just what I've been told -- use a minimum of 2.
All of the examples that I see have at least two MX records.
One of the fellas at the user group who told
Most of our Postfices disable local delivery with,
local_transport = error:...
but one web server is running Mailman and can't do that (I think?)
because it needs to support alias_maps like,
members: |/usr/lib/mailman/mail/mailman post members
The result is that some mail gets
On 01/28/2011 02:09 PM, Ralf Hildebrandt wrote:
* Michael Orlitzky mich...@orlitzky.com:
but one web server is running Mailman and can't do that (I think?)
If it has a seperate domain for lists, you can use:
lists.domain.com local:
in transport_maps and thus route that one domain
On 01/28/2011 03:06 PM, Noel Jones wrote:
On 1/28/2011 1:53 PM, Michael Orlitzky wrote:
On 01/28/2011 02:09 PM, Ralf Hildebrandt wrote:
* Michael Orlitzkymich...@orlitzky.com:
but one web server is running Mailman and can't do that (I think?)
If it has a seperate domain for lists, you can
On 01/28/2011 03:28 PM, Ralf Hildebrandt wrote:
* Michael Orlitzky mich...@orlitzky.com:
I tried with transport_maps:
example.com local:
and local_transport = error:... and got this (http3.viabit.com is myorigin):
Jan 28 15:05:25 http3 postfix/error[20737]: 24944A302DF:
to=memb
On 01/19/11 15:03, Ron Garret wrote:
I am working on a spam filter. I want both incoming and outgoing
messages to go through the filter, not because the outgoing messages
need to be filtered, but because I want the filter to know who my
authorized users have sent messages to because that is a
On 12/02/2010 11:15 PM, Ramesh wrote:
Hi All,
I have configured backup server, which is working as expected when
ever primary not reachable mail are queued in back Mail server, later
pushes to primary mail server.
I would like to know, how to make backup to primary mail server, in
case
Where does Postfix get its list of system-supplied default certificate
authority certificates [1]? If it's an OpenSSL thing, is there some way
I can make it spit the list out?
[1] http://www.postfix.org/postconf.5.html#tls_append_default_CA
On 11/16/2010 10:30 PM, Grant wrote:
I use Gentoo and their etc-update script to update my config files.
After updating to postfix-2.7.1 I noticed that etc-update wanted to
change the following entry in master.cf:
smtps inet n - n - - smtpd
-o
On 11/05/10 00:11, Stan Hoeppner wrote:
Michael Orlitzky put forth on 11/4/2010 8:06 PM:
On 11/04/2010 12:39 AM, Stan Hoeppner wrote:
Ned Slider put forth on 11/3/2010 6:33 PM:
My other thought was to simply comment (or document) ranges known to
contain FPs and then the user can make
On 11/05/10 03:01, Stan Hoeppner wrote:
http://svn.apache.org/repos/asf/spamassassin/rules/branches/3.2/20_dynrdns.cf
Did you happen to notice the absolutely tiny number of expressions in
the SA file, as compared to the ~1600 in the file whose use I promote
here? Maybe I should get in
On 11/04/2010 12:39 AM, Stan Hoeppner wrote:
Ned Slider put forth on 11/3/2010 6:33 PM:
My other thought was to simply comment (or document) ranges known to
contain FPs and then the user can make a judgement call whether they
want to comment out that particular regex based on their
On 10/31/2010 10:21 AM, sunhux G wrote:
I'll need the exact commands in a Shell script to send email
to x...@yahoo.com mailto:x...@yahoo.com y...@gmail.com
mailto:y...@gmail.com with a log file attached
to it.
I believe you're looking for the 'sendmail' command.
On 10/25/10 23:35, utahnix wrote:
On 10/25/2010 9:05 PM, Michael Orlitzky wrote:
On 10/25/2010 10:38 PM, utahnix wrote:
Hello all,
Anyway, I've set up greylisting with Postgrey to help cut down on the
junk mail that I get. I've set it up with default values (deferral of
300 seconds, etc
On 10/25/2010 10:38 PM, utahnix wrote:
Hello all,
This question has probably been asked on this list before, but maybe not
quite with these circumstances. I'm hoping one of you can give me some
direction.
I've got a fairly typical Postfix setup... Postfix, Cyrus IMAP, ClamAV,
On 10/13/2010 05:53 PM, Dan Lannom wrote:
At many Universities there is a continual problem with accounts being
phished and used to send spam. We have a number of measures that
catch stolen accounts but they take a little bit of time to block
outgoing email.
Ideally I'd like to hold email
On 10/05/2010 11:14 AM, pf at alt-ctrl-del.org wrote:
Great!
By saving one version with:
if ($line =~ ' connect from .*\[([\d\.]+?)\]') {
And another with:
if ($line =~ 'smtpd.*client=.*\[([\d\.]+?)\]') {
I can compare attempts vs success, from specific networks.
Rather than use an
On 10/04/2010 02:48 PM, pf at alt-ctrl-del.org wrote:
Are there any existing scripts out there, that report connection counts by
cidr network?
Input:?
parse.pl /var/log/mail cidr_list.zone
Output:?
network count
10.10.128.0/19 983
10.144.48.0/20 121
10.10.128.0/19 983
10.144.48.0/20 121
On 10/04/2010 4:52 PM, Michael Orlitzky wrote:
What's in that cidr_list.zone file?
Simple list of cidr format networks, one per line.
Either a hand crafted list, or a full country .zone file from
http://ipdeny.com/ipblocks/
This should
On 09/26/10 05:24, Michal Bruncko wrote:
Hello list
I am using postfix (v 2.7.0) with sender policy framework
(postfix-policyd-spf-perl-2.001) and greylisting (postgrey-1.32) with
following configuration:
smtpd_recipient_restrictions =
...
check_policy_service unix:private/policy
On 09/24/10 01:10, Sahil Tandon wrote:
On Thu, 2010-09-23 at 21:37:40 -0400, Michael Orlitzky wrote:
check_client_access pcre:/fudged/generic_rbl_clients.pcre,
The content of generic_rbl_clients.pcre:
# sutton-partners.com
/^64\.191\.79\.245$/public_rbls
# mabel.ca
On 09/24/10 10:41, Stan Hoeppner wrote:
Sahil Tandon put forth on 9/24/2010 7:12 AM:
On Fri, 2010-09-24 at 05:31:15 -0500, Stan Hoeppner wrote:
Michael Orlitzky put forth on 9/23/2010 8:37 PM:
# sutton-partners.com
/^64\.191\.79\.245$/public_rbls
# mabel.ca
/^70\.38
1 - 100 of 146 matches
Mail list logo