Am 08.05.2013 01:07, schrieb Vincent Lefevre:
On 2013-05-07 15:50:33 +0200, Robert Schetterer wrote:
Am 07.05.2013 14:14, schrieb Vincent Lefevre:
A whitelist is not possible as in general, I don't know who
sends me such mail
it is possible
what about reading logs and/or mail headers ?
I
On 5/7/2013 5:36 PM, /dev/rob0 wrote:
...
Peter has explained this: you indeed seem to have FCrDNS, just not
Maybe my understanding of the definition of Forward Confirmed reverse
DNS is incorrect. I thought the definition of FCrDNS is that that the
forward and reverse names not only exist but
On 8 May 2013 at 3:03, Stan Hoeppner wrote:
On 5/7/2013 5:36 PM, /dev/rob0 wrote:
...
Peter has explained this: you indeed seem to have FCrDNS, just not
Maybe my understanding of the definition of Forward Confirmed reverse
DNS is incorrect. I thought the definition of FCrDNS is that
On 05/08/2013 08:03 PM, Stan Hoeppner wrote:
On 5/7/2013 5:36 PM, /dev/rob0 wrote:
...
Peter has explained this: you indeed seem to have FCrDNS, just not
Maybe my understanding of the definition of Forward Confirmed reverse
DNS is incorrect. I thought the definition of FCrDNS is that that
Am 08.05.2013 01:58, schrieb Vincent Lefevre:
On 2013-05-07 23:00:01 +0200, Jan P. Kessler wrote:
Yes this is possible with postfwd. The policy delegation protocol
contains reverse_client_name and client_name, which can be used within
postfwd rulesets.
Example:
id=COMBO01
Am 07.05.2013 03:05, schrieb Vincent Lefevre:
There's no mail exchanger here. The machine in question
(carotte.tilapin.org) just sends the mail.
and in this case it needs a vaild PTR
Don't try to run a mail exchanger on a dynamic IP address or one
lacking FCrDNS. It's definitely his fault
On 2013-05-07 10:18:21 +0200, Reindl Harald wrote:
Am 07.05.2013 03:05, schrieb Vincent Lefevre:
There's no mail exchanger here. The machine in question
(carotte.tilapin.org) just sends the mail.
and in this case it needs a vaild PTR
Perhaps (any quote from the RFC's?). But anyway I can't
Am 07.05.2013 10:40, schrieb Vincent Lefevre:
On 2013-05-07 10:18:21 +0200, Reindl Harald wrote:
Am 07.05.2013 03:05, schrieb Vincent Lefevre:
There's no mail exchanger here. The machine in question
(carotte.tilapin.org) just sends the mail.
and in this case it needs a vaild PTR
Perhaps
Am 07.05.2013 10:54, schrieb Reindl Harald:
about it. I receive important mail from users whose IP doesn't have
a reverse hostname. Not one user, several ones
then use some whitelist ...,should be enough i.e
smtpd_client_restrictions = permit_sasl_authenticated,
On 2013-05-07 10:54:06 +0200, Reindl Harald wrote:
Am 07.05.2013 10:40, schrieb Vincent Lefevre:
On 2013-05-07 10:18:21 +0200, Reindl Harald wrote:
Am 07.05.2013 03:05, schrieb Vincent Lefevre:
There's no mail exchanger here. The machine in question
(carotte.tilapin.org) just sends the
On 2013-05-07 13:15:01 +0200, Robert Schetterer wrote:
Am 07.05.2013 10:54, schrieb Reindl Harald:
about it. I receive important mail from users whose IP doesn't have
a reverse hostname. Not one user, several ones
then use some whitelist ...,should be enough i.e
Am 07.05.2013 14:02, schrieb Vincent Lefevre:
On 2013-05-07 10:54:06 +0200, Reindl Harald wrote:
it is common practice to not accept mails from hosts without a
valid PTR
A PTR is not associated with a host, but with an IP address. That's
important because mail may be sent from different
On 05/07/2013 02:02 PM, Vincent Lefevre wrote:
[snip]
A PTR is not associated with a host, but with an IP address. That's
important because mail may be sent from different IP addresses,
depending on the recipient or other factors. And it seems that
some users forget to set up a PTR for all their
Am 07.05.2013 14:14, schrieb Vincent Lefevre:
A whitelist is not possible as in general, I don't know who
sends me such mail
it is possible
what about reading logs and/or mail headers ?
if you cant do that , forget about hosting email services, and asking
here for help
Best Regards
MfG
On 5/6/2013 6:54 PM, /dev/rob0 wrote:
FCrDNS itself is not just a best practice, it is a
requirement.
It is preferred, but optional, not required. If it was a *requirement*
then Postfix would have neither of these two restrictions, and the first
would simply be hard coded into postscreen and
On 5/6/2013 8:05 PM, Vincent Lefevre wrote:
But I don't see this as a final solution since most users use a
shared MSA and the outgoing mail server may be blacklisted more
or less often (this is the case of my ISP, which is frequently
blacklisted by spamcop) or not reliable (e.g. at my lab,
On 5/7/2013 7:02 AM, Vincent Lefevre wrote:
And it seems that
some users forget to set up a PTR for all their IPv6 addresses.
This apparently includes Debian's mailing-list server.
Seems to have IPv6 rDNS:
~$ host bendel.debian.org
bendel.debian.org has address 82.195.75.100
bendel.debian.org
Is it possible to use reject_unknown_reverse_client_hostname-like
feature as part of scoring with blacklist checking? I think
policyd-weight supported that. I consider using postfwd.
Yes this is possible with postfwd. The policy delegation protocol
contains reverse_client_name and
On 05/08/2013 08:12 AM, Stan Hoeppner wrote:
In addition, if FCrDNS was indeed a requirement, then nobody would
accept mail from my SOHO Postfix server, nor any mail servers behind the
tens of thousands of business class ADSL circuits in the US which
offer static IPs but not custom rDNS. You
I'm going to take this chance to pipe into this thread that I am
confused about Vincent's issue. He says that the client which lacked
PTR (the one run by a Debianista) was not a mail exchanger, or not
exchanging mail.
Why, then, would reject_unknown_reverse_client_hostname be an issue?
On 2013-05-07 15:38:44 -0500, Stan Hoeppner wrote:
On 5/7/2013 7:02 AM, Vincent Lefevre wrote:
And it seems that
some users forget to set up a PTR for all their IPv6 addresses.
This apparently includes Debian's mailing-list server.
I've reported a Debian bug, and one developer claimed it
On 2013-05-07 15:50:33 +0200, Robert Schetterer wrote:
Am 07.05.2013 14:14, schrieb Vincent Lefevre:
A whitelist is not possible as in general, I don't know who
sends me such mail
it is possible
what about reading logs and/or mail headers ?
I meant that it may be a completely new user,
On 2013-05-07 17:36:49 -0500, /dev/rob0 wrote:
I'm going to take this chance to pipe into this thread that I am
confused about Vincent's issue. He says that the client which lacked
PTR (the one run by a Debianista) was not a mail exchanger, or not
exchanging mail.
Why, then, would
On 2013-05-07 14:19:40 +0200, Reindl Harald wrote:
Am 07.05.2013 14:02, schrieb Vincent Lefevre:
depending on the recipient or other factors. And it seems that
some users forget to set up a PTR for all their IPv6 addresses.
This apparently includes Debian's mailing-list server.
that's
On 2013-05-07 23:00:01 +0200, Jan P. Kessler wrote:
Yes this is possible with postfwd. The policy delegation protocol
contains reverse_client_name and client_name, which can be used within
postfwd rulesets.
Example:
id=COMBO01
reverse_client_name==unknown
On 2013-05-07 14:33:12 +0200, Patrick Lists wrote:
On 05/07/2013 02:02 PM, Vincent Lefevre wrote:
[snip]
A PTR is not associated with a host, but with an IP address. That's
important because mail may be sent from different IP addresses,
depending on the recipient or other factors. And it
Am 08.05.2013 01:41, schrieb Vincent Lefevre:
On 2013-05-07 17:36:49 -0500, /dev/rob0 wrote:
I'm going to take this chance to pipe into this thread that I am
confused about Vincent's issue. He says that the client which lacked
PTR (the one run by a Debianista) was not a mail exchanger, or
Am 08.05.2013 01:47, schrieb Vincent Lefevre:
On 2013-05-07 14:19:40 +0200, Reindl Harald wrote:
Am 07.05.2013 14:02, schrieb Vincent Lefevre:
depending on the recipient or other factors. And it seems that
some users forget to set up a PTR for all their IPv6 addresses.
This apparently
Am 08.05.2013 01:58, schrieb Vincent Lefevre:
BTW, if I understand correctly what has been said earlier, DEFER would
be better than REJECT as the reverse_client_name==unknown error may be
temporary
RTFM
http://www.postfix.org/postconf.5.html#reject_unknown_reverse_client_hostname
The reply
Am 08.05.2013 02:09, schrieb Vincent Lefevre:
While I agree that a PTR should be set, this is different. A MTA
sending legitimate mail (not spam) but without a PTR doesn't cause
any damage
and because machines does not guess and smell if it is legitimate
there are rules which are enforced
On 05/08/2013 11:41 AM, Vincent Lefevre wrote:
Perhaps for IPv4 (but this depends: some people send mail to a few
restricted people). If only the IPv6 address lacks a PTR, this is
probably not true, at least in France, where the biggest ISP's don't
support IPv6, so that there are no
On 05/08/2013 11:02 AM, Vincent Lefevre wrote:
I suspect that they temporarily changed the Ethernet card without
updating their DNS config, as only the last 6 bytes of the IPv6
address changed for this particular mail.
There are lots of ways that IPv6 can get messed up, and people tend not
to
On 5/5/2013 8:10 PM, Vincent Lefevre wrote:
Received: from carotte.tilapin.org (unknown [95.138.72.61])
by ioooi.vinc17.net (Postfix) with ESMTPS id EFA4959
for vinc...@vinc17.net; Tue, 2 Oct 2012 03:15:23 +0200 (CEST)
$ host 95.138.72.61
Host 61.72.138.95.in-addr.arpa.
On 2013-05-06 01:10:59 -0500, Stan Hoeppner wrote:
On 5/5/2013 8:10 PM, Vincent Lefevre wrote:
Received: from carotte.tilapin.org (unknown [95.138.72.61])
by ioooi.vinc17.net (Postfix) with ESMTPS id EFA4959
for vinc...@vinc17.net; Tue, 2 Oct 2012 03:15:23 +0200 (CEST)
Am 06.05.2013 23:13, schrieb Vincent Lefevre:
Being a Debian developer carries zero weight here.
I just meant that
* his mail config is probably sane (the fact that the IP doesn't
have a rDNS is not his fault, but the ISP's)
no, it's clearly his fault
how should the ISP smell which
On Mon, May 06, 2013 at 11:13:20PM +0200, Vincent Lefevre wrote:
On 2013-05-06 01:10:59 -0500, Stan Hoeppner wrote:
On 5/5/2013 8:10 PM, Vincent Lefevre wrote:
Received: from carotte.tilapin.org (unknown [95.138.72.61])
by ioooi.vinc17.net (Postfix) with ESMTPS id EFA4959
On 2013-05-06 18:54:57 -0500, /dev/rob0 wrote:
On Mon, May 06, 2013 at 11:13:20PM +0200, Vincent Lefevre wrote:
On 2013-05-06 01:10:59 -0500, Stan Hoeppner wrote:
On 5/5/2013 8:10 PM, Vincent Lefevre wrote:
Received: from carotte.tilapin.org (unknown [95.138.72.61])
by
On 5/5/2013 8:10 PM, Vincent Lefevre wrote:
On 2013-05-02 11:08:13 -0500, Noel Jones wrote:
If the DNS lookup fails with a temporary error, the mail will be
deferred.
It's important to note that not all clients labeled as unknown
will be rejected by reject_unknown_reverse_client_hostname.
38 matches
Mail list logo
