Hi,
> On 23 Jun 2023, at 05:14, Fourhundred Thecat via Postfix-users
> wrote:
>
> Spamhaus has some removal form on their website, but the page does not
> work for me (it is stuck at: Checking if the site connection is secure)
>
> Anyway, I was trying to find out on which other spamlists I
Hi,
> On 22 Jun 2023, at 21:05, André Rodier via Postfix-users
> wrote:
>
> What are you using on your side ?
I'm running postfix on FreeBSD so I can use blacklistd.
A blacklistd hook has been inserted in Postfix source code so treatment is
triggered directly from events handled by
On 9 Apr 2023, at 08:18, tom--- via Postfix-users
wrote:
>
>> First off make sure that policyd isn't somehow returning an OK (or
>> equivalent) response, if you're not sure temporarily remove
>> "check_policy_service unix:private/policyd-spf," from your restrictions
>> above and see if it
On 21 Dec 2022, at 08:52, Peter wrote:
>
> On 21/12/22 20:35, Samer Afach wrote:
>> Dear Pat:
>> Thank you for throwing this idea, because I really thought it wasn't
>> possible to retrieve docker logs without setup, but I dug and found the
>> logs. I have them all. Unfortunately, I can't
Hello,
Do you have the logs (postfix and maybe dovecot) showing the spammer
interaction with the server?
pat
> On 21 Dec 2022, at 05:45, Samer Afach wrote:
>
> Thank you, Phil. Here we go. Here's postconf -n:
>
>
> I hope this helps in better identifying how the spammer was able to use my
Hi,
I'm already using:
smtpd_sender_restrictions =
reject_unlisted_sender,
check_sender_access hash:/etc/postfix/sender_access
reject_unknown_sender_domain,
reject_non_fqdn_sender,
permit
But the "loophole" here is that blank sender/return-path is
Hello,
This statement is at best off topic. Worst case scenario, it's toxic.
And you can be polite, too.
Thank you.
> On 12 Apr 2022, at 16:58, Ruben Safir wrote:
>
> automated systems with root access are inherently not secure
>
>
> On Tue, Apr 12, 2022 at 03:30:57PM +0200, Ralph Seichter
On 01 Feb 2021, at 13:38, Viktor Dukhovni wrote:
>
> On Mon, Feb 01, 2021 at 12:09:38PM +, pat...@patpro.net wrote:
>
>> It's a risk I can take if I'm stuck but I'm willing to try the dual-sign
>> method.
>
> I should mention that given the humongous sizes of your current
> signatures,
On 31 Jan 2021, at 18:13, Wietse Venema wrote:
>
> Patrick Proniewski:
>> I'm looking for a tool/service that would help me diagnose delivery problems
>> to my server? Any hint appreciated.
> What about good old telnet or netcat?
because I'm looking for a way to test as
Hello,
I've got a strange problem with my MX server, that is not related to postfix:
looks like neither Steam nor Binance can post email to me. I've had a
discussion with Steam support, they said they have delivery failure on their
side but couldn't provide more details than this:
Time
Hi,
I've switched to REDIS for bayesian storage in Spamassassin more than 4 years
ago, and I've never looked back: very good performances and no problem with
files (like locking for a start).
I wrote about it at the time, unfortunately it's in French ;)
Hello,
What would be the best way to hold an incoming email that match both criteria
From=foo and To=bar?
First I thought about header_checks with something like:
if /^From:.*foo.*/
/^To:.*bar.*/ HOLD
endif
but obviously it can't work as headers are processed 1 by 1.
The final solution will
On 17 juin 2020, at 22:05, Viktor Dukhovni wrote:
>
> On Wed, Jun 17, 2020 at 10:00:32PM +0200, Patrick Proniewski wrote:
>
>>> - disable SMTPUTF8 in Postfix.
>>
>> That means disabling it everywhere and let messages bounce on MX servers.
>> Would n
Hello,
> On 17 juin 2020, at 16:28, Wietse Venema wrote:
>
> Patrick Proniewski:
>> Jun 17 12:34:20 postfix-mailgw/smtp[77347]: 57F56EB256:
>> to=, orig_to=,
>> relay=Exchange-VIP[Exchange-VIP]:25, delay=0.01, delays=0.01/0/0/0,
>> dsn=5.6.7, sta
Hello,
> On 17 juin 2020, at 22:48, @lbutlr wrote:
>
> On 17 Jun 2020, at 14:00, Patrick Proniewski wrote:
>> Not possible yet. A flag exists for Exchange 2019 but we are running 2016
>> now and upgrade is not scheduled for now.
>
> Perhaps showing the
Hi,
> On 17 juin 2020, at 15:42, Bastian Blank
> wrote:
>
> On Wed, Jun 17, 2020 at 02:37:23PM +0200, Patrick Proniewski wrote:
>> For some time now I notice that some messages, either originating from
>> Internet or from internal servers are bounced when they ar
Hi,
> On 17 juin 2020, at 15:08, Matus UHLAR - fantomas wrote:
>
> On 17.06.20 14:37, Patrick Proniewski wrote:
>> I have at work a Postfix infrastructure that sits between Internet and our
>> Exchange servers. Postfix is used for MX and SMTP roles, ensure filtering
&
Hello,
I have at work a Postfix infrastructure that sits between Internet and our
Exchange servers. Postfix is used for MX and SMTP roles, ensure filtering with
Amavisd/Clamav/etc.
For some time now I notice that some messages, either originating from Internet
or from internal servers are
Hi,
> On 10 juin 2020, at 05:22, PGNet Dev wrote:
>
> On 6/9/20 8:15 PM, Noel Jones wrote:
>> Postfix assumes the logs are private.
>
> They generally are. The very-recent switch to BLs with Acct-ID's is new, and
> complicated that a bit.
>
>> To sanitize the log, you'll need to use an
On 25 mai 2020, at 13:56, Michael wrote:
>
> I've found the Barracuda rbl to be very useful.
>
> https://www.barracudacentral.org/rbl
I'm using paid spamhaus RBL (local zone file rsynched) for a very long time, at
work, and we are very happy about it. I use complementary RBL also like
Hello,
> On 25 mai 2020, at 03:59, Vincent Pelletier wrote:
>
> On Fri, May 22, 2020 at 5:43 AM Ralph Seichter wrote:
>> Yeah, delays... Used to be people understood the difference between
>> asynchronous messaging (i.e. email) and instant messaging. Nowadays it
>> seems that no day goes by
aders.
My bad.
thank you all.
patpro
> On 02 mai 2020, at 19:36, Patrick Proniewski wrote:
>
> On 02 mai 2020, at 19:25, Matus UHLAR - fantomas wrote:
>>
>> On 02.05.20 17:46, Patrick Proniewski wrote:
>>> well in fact I've tried the default se
On 02 mai 2020, at 19:25, Matus UHLAR - fantomas wrote:
>
> On 02.05.20 17:46, Patrick Proniewski wrote:
>> well in fact I've tried the default settings first ("client" as per
>> <https://manpages.debian.org/testing/amavisd-milter/amavisd-milter.8.en.html#D>
> On 02 mai 2020, at 18:09, Bob Proulx wrote:
>
>> Unfortunately I've discovered that Amavisd is unable to add headers
>> I want as it would do as an smtp proxy filter.
>> It will properly add:
>>
>> X-Virus-Scanned: my custom tag
>> X-Crm114-Status: UNSURE ( 6.79 )
>
> Those two
On 02 mai 2020, at 15:13, Bastian Blank
wrote:
>
> On Sat, May 02, 2020 at 11:40:52AM +0200, Patrick Proniewski wrote:
>> It negates the benefit you were writing about as amavisd-milter will drop
>> the message on the milter interface (postfix/cleanup[26401]: 87E5316135:
On 02 mai 2020, at 14:19, Wietse Venema wrote:
>
> Patrick Proniewski:
>> It negates the benefit you were writing about as amavisd-milter
>> will drop the message on the milter interface (postfix/cleanup[26401]:
>> 87E5316135: milter-discard: END-OF-MESSAGE from localho
On 01 mai 2020, at 18:28, Wietse Venema wrote:
>>
>> would there be a performance/functionality penalty switching from
>> smtpd_proxy_filter to smtpd_milters/non_smtpd_milters?
>
> It will be faster, because it avoids the need to deliver the whole
> message outside of Postfix, and then to
Thanks Wietse,
> On 01 mai 2020, at 15:37, Wietse Venema wrote:
>
> Patrick Proniewski:
>> I really feel like my setup needs some cleanup and I'm not sure were to
>> start. Some of you have suggested to me, in the past, that I could move to
>> amavisd-milter in
Hello,
I've been using postfix with great success and delight for many years now, but
my config has become quite messy over time, with additions like dkim/spf/dmarc
and various filtering options.
I'm currently having a problem with some locally generated emails (eg. sendmail
command). I would
Hi,
I'm using an hourly shell script to retrieve from our AD the proper LDAP
records, and an AWK script to transform this output into an alias map (our
Exchange setup uses a different internal address from the public external
address). This alias map is later used to create a list of allowed
Hi Emanuel,
> Is there any web interface exists for postfix email log analysis? What I
> need is to see all the logs through web interface, see the reports of
> rejection, deferred, bounces, success etc. w.r.t. datetime and/or domain
> filter etc.
If you have a moderate volume of logs (less
Hi
> On 02 nov. 2019, at 19:44, John Schmerold wrote:
>
> I have a few email addresses that were valid 15 years ago, but they have been
> invalid for 5+ years, we are rejecting them with a 450 message, my thought is
> "Let's tie up this spammer's computer just a little bit"
>
> Good idea?
On 25 févr. 2019, at 20:23, Peter wrote:
>
> On 24/02/19 08:47, Patrick Proniewski wrote:
>> I'm also using postscreen, but it doesn't provide the same filtering
>> as a regular greylist. And milter-greylist is nice enough to
>> synchronise between multiple MX se
On 25 févr. 2019, at 19:55, Viktor Dukhovni wrote:
>
> On Mon, Feb 25, 2019 at 07:43:49PM +0100, Patrick Proniewski wrote:
>
>> Then, I'm currently trying another approach. In my current setup, I've an
>> amavisd sandwich: outer-smtp->amavisd->inner-smtp. I can't put
Hi,
> On 23 févr. 2019, at 23:03, Matus UHLAR - fantomas wrote:
>
>> Anyway is there any alternative to opendmarc that would be compatible with
>> BQCF? I realize a good place for that would be inside Amavisd-new, but
>> this feature is not available :/
>
> whatever it is, running it as
On 23 févr. 2019, at 20:58, Viktor Dukhovni wrote:
>
>> On Feb 23, 2019, at 2:47 PM, Patrick Proniewski wrote:
>>
>> My try was a reply to Andrey saying that it's working and I should try.
>
> Milters that inspect message content can only be used downstream of any
On 23 févr. 2019, at 18:49, Matus UHLAR - fantomas wrote:
>
> I believe you read it correctly, and I found it interesting that something
> is documented, behaves like documented and yet you wonder about it.
I don't wonder about it. See my first post where I wrote:
> I would like to add
Hello,
> On 22 févr. 2019, at 23:20, Andrey Repin wrote:
>
>> I would like to add opendmarc for DMARC checking of inbound emails but it
>> looks like it's only available as a milter. Unfortunately, last time I'v
>> checked, milter couldn't modify emails when used in a before-queue content
>>
Hello,
I'm using postfix for years with this setup :
milter-greylist
policyd-spf in check_policy_service
amavisd-new as a before-queue content filter
opendkim signature for outbound emails
It's working really great.
I would like to add opendmarc for DMARC checking of inbound emails but it
On 17 avr. 2014, at 08:33, Robert Schetterer wrote:
perhaps off topic, with using postix and graylog2 i was advised to use
massive pre filter with syslog daemon before inject to graylog2
so this may help you tmp too, but for sure ,its very complex
I'm currently trying to adapt grok patterns
Hi all,
I love Postfix and I use it everywhere I can. At work, I now have about 6 of
them for different uses. My MX alone accepts about 1 million messages per
month. I must (forensic/support request/law) keep logs from all these Postfix
servers, and more importantly I must be able to
On 16 avr. 2014, at 21:39, Wietse Venema wrote:
Patrick Proniewski:
That would be really awesome if Postfix could log into a structured
format. I'm thinking about JSON, because that's what
logstash/elasticsearch eats. But any key=value output is fine.
Any plan about such a feature/option
,
Patrick PRONIEWSKI
--
Responsable pôle Opérations - DSI - Université Lumière Lyon 2
Responsable Sécurité des Systèmes d'Information
On 16 mai 2013, at 14:26, Wietse Venema wrote:
Patrick Proniewski:
Hello,
I'm trying to create an header_check filter (regexp format) that
would issue a warning (or info) when the References: header is
longer than 800 characters. I've discovered that using this kind
of syntax won't work
Hello,
Few months ago, I've switched my postfix setup from regular greylisting to
milter greylisting, and it appears to have changed few things about
header_checks I didn't notice until yesterday.
My setup uses before-queue content filtering:
# Before-filter SMTP server. Receive mail from the
Finally, after an interesting discussion over this issue on opendkim-users,
I've been able to google my way out, with a solution from Wietse:
http://postfix.1071664.n5.nabble.com/Any-best-practices-for-stacking-filters-td51592.html
thanks,
On 17 mars 2013, at 14:51, patrick.proniew...@free.fr
On 17 mars 2013, at 00:38, Noel Jones wrote:
On 3/16/2013 2:51 PM, patrick.proniew...@free.fr wrote:
Hello,
I have a small problem with my postfix/dkim setup:
- dkim properly sign every emails I send via my webmail frontend, crontab,
or the mail command from the server.
- dkim won't
Hello,
I have a small problem with my postfix/dkim setup:
- dkim properly sign every emails I send via my webmail frontend, crontab, or
the mail command from the server.
- dkim won't sign emails I send from my workstation to my server via an ssh
tunnel.
transcript for a webmail sending:
Hello,
I want to enable double delivery for selected users into my MX servers.
My MX servers (I have two, load balanced through a Cisco ACE) are only relay
servers, once filtered and accepted, emails are transported to a gateway that
performs, if needed address rewrite, and dispatch.
On MX
On 24 nov. 2012, at 23:40, Wietse Venema wrote:
I believe the same properties hold with recipients added via
recipient_bcc_maps (automatic NOTIFY=NEVER up to the last forward-path
MTA that supports DSN). Therefore, it may be simpler to use bcc maps,
rather than implement a proxy filter or
)
- postsuper -r ALL
-r is not for retry, it's for requeue. Don't use it unless you really want the
requeue process to be done. Use postqueue -f instead.
Patrick PRONIEWSKI
--
Administrateur Système - DSI - Université Lumière Lyon 2
smime.p7s
Description: S/MIME cryptographic signature
On 9 juin 2011, at 17:46, Victor Duchovni wrote:
On Thu, Jun 09, 2011 at 10:12:17AM +0200, Patrick Proniewski wrote:
On 8 juin 2011, at 18:15, Victor Duchovni wrote:
On Wed, Jun 08, 2011 at 11:33:48AM +0200, Patrick Proniewski wrote:
After the period of double delivery is over, we
On 8 juin 2011, at 18:15, Victor Duchovni wrote:
On Wed, Jun 08, 2011 at 11:33:48AM +0200, Patrick Proniewski wrote:
After the period of double delivery is over, we will deliver emails only to
Google servers. So the virtual aliases map is to look like:
public-addr...@univ-lyon2.fr
...@univ-lyon2.fr
...
The first line looks pretty silly to me. Is there any way to tell that
addresses not listed in virtual aliases map are to be forwarded as is ?
Thanks,
Patrick PRONIEWSKI
--
Administrateur Système - DSI - Université Lumière Lyon 2
.
I've found this about amavisd and BDB performance problem on FreeBSD:
http://www.mail-archive.com/amavis-u...@lists.sourceforge.net/msg15381.html
I'll test ASAP.
regards,
Patrick PRONIEWSKI
--
Administrateur Système - SENTIER - Université Lumière Lyon 2
smime.p7s
Description: S/MIME
-liste send huge bursts of emails (like 3 recipients in
2-3 minutes), and it can greatly impact normal email delivery. So I throttle
smtp-liste so that physical users emails posted via smtp are not delayed by
a (useless) corporate emailing.
Thank you very much for your reply
Patrick
users, 3% of our total users
list), so we have many emails going from mailgw to smtp. But I don't see
how few more emails can wreak havoc in amavisd.
That would be a good idea to plug mailgw-to-smtp traffic on an smtpd
without filtering.
Patrick PRONIEWSKI
--
Administrateur Système - SENTIER
...
I'll double check my settings, but in theory, I don't use RBL for inside email
traffic filtering.
Patrick PRONIEWSKI
--
Administrateur Système - SENTIER - Université Lumière Lyon 2
smtp_destination_concurrency_limit to 1, so that other more legitimate clients
(3 physical users) can still send emails during a local emailing.
Let me know if you need other info…
Patrick PRONIEWSKI
--
Administrateur Système - SENTIER - Université Lumière Lyon 2
smime.p7s
Description: S/MIME cryptographic
have a similar
limitation: it's illegal to destroy a communication (mail, email…). With BQCF
spam is rejected, not destroyed.
Patrick PRONIEWSKI
--
Administrateur Système - SENTIER - Université Lumière Lyon 2
smime.p7s
Description: S/MIME cryptographic signature
60 matches
Mail list logo