One server of ours just accepts the mails from clients and then relays
the mails to other servers.
Since there is almost no mail queued on the server , I think it is will
be good to mount /var/spool/postfix on a tmpfs partition.
The machine ( linux Centos 5.4 + postfix 2.7 ) has enough Memory
When somebody emails to a non-existing e-mail address postfix bounces these
by default with a Recipient address rejected: User unknown in local
recipient error. I wonder what the appropriate behavior is. To discard
emails for unknow, users, forward them to another address
or bounce them? What
On 2010-07-21 Aniruddha wrote:
When somebody emails to a non-existing e-mail address postfix bounces these
by default with a Recipient address rejected: User unknown in local
recipient error.
No. Postfix REJECTS them with a User unknown in local recipient table
error. Rejection takes place
On Wed, 2010-07-21 at 08:47 +0200, Aniruddha wrote:
When somebody emails to a non-existing
e-mail address postfix bounces these by default with a Recipient
address rejected: User unknown in local recipient error. I wonder
what the appropriate behavior is. To discard emails for unknow, users,
http://blog.fefe.de/?ts=b2b8f9f8
sorry, it's in german. I'll translate some bits:
Sombody went to Torrent trackers and announced blog.fefe.de:443 as
Torrent client (for a really popular download I guess).
Thus, blog.fefe.de:443 got flooded with torrent-client traffic on the
SSL port.
Port 25
Port 25 outgoing will be blocked by most ISPs
---
This may be the case in your country, but from where I'm from, I've never had a
problem sending out on port 25, even on home
On Wed, 2010-07-21 at 10:02 +0100, Jonathan Tripathy wrote:
Port 25 outgoing will be blocked by most ISPs
--
This may be the case in your country, but from where I'm from, I've
never had a problem sending out on port 25, even
Ram:
One server of ours just accepts the mails from clients and then relays
the mails to other servers.
Since there is almost no mail queued on the server , I think it is will
be good to mount /var/spool/postfix on a tmpfs partition.
The machine ( linux Centos 5.4 + postfix 2.7 ) has
Jonathan Tripathy wrote:
Port 25 outgoing will be blocked by most ISPs
This may be the case in your country, but from where I'm from, I've
never had a problem sending out on port 25, even on home residental
ISPs :)
Any ISP that does *not* block port 25 for residential service is a part
of
- Original Message
From: Ralf Hildebrandt ralf.hildebra...@charite.de
To: postfix-users@postfix.org
Sent: Wed, July 21, 2010 5:00:16 AM
Subject: Is such an SSL attack possible against Postfix?
http://blog.fefe.de/?ts=b2b8f9f8
sorry, it's in german. I'll translate some bits:
Jonathan Tripathy wrote:
Port 25 outgoing will be blocked by most ISPs
This may be the case in your country, but from where I'm from, I've
never had a problem sending out on port 25, even on home residental
ISPs :)
Any ISP that does *not* block port 25 for residential service is a part
of
On 2010-07-21 Daniel V. Reinhardt wrote:
From: Ralf Hildebrandt ralf.hildebra...@charite.de
To: postfix-users@postfix.org
Sent: Wed, July 21, 2010 5:00:16 AM
Subject: Is such an SSL attack possible against Postfix?
http://blog.fefe.de/?ts=b2b8f9f8
sorry, it's in german. I'll translate
Hi to all! I've a configuration file like this:
smtp inet n - n - - smtpd
-o content_filter=dfilt:
and I have to *add* another listening port (TCP 37025).
The line -o content_filter=dfilt: has the purpose to add a
disclaimer to all my outgoing emails.
If
On 7/21/2010 9:06 AM, Stefano Villa wrote:
Hi to all! I've a configuration file like this:
smtp inet n - n - - smtpd
-o content_filter=dfilt:
and I have to *add* another listening port (TCP 37025).
The line -o content_filter=dfilt: has the purpose
Ralf Hildebrandt:
* Ansgar Wiechers li...@planetcobalt.net:
The issue with this attack is that it might exhaust CPU resources on the
server without having to saturate the bandwidth, due to cryptographic
operations required by SSL.
Correct.
And that it seems to use BitTorrent as a
Jonathan Tripathy wrote:
Any ISP that does *not* block port 25 for residential service is a part
of the spam/zombie problem, and if yours doesn't, you should complain,
loudly if necessary, and encourage them to block it.
Every ISP in the UK?
Every one that is not, at a bare minimum, closely
mouss wrote:
Simone Caruso a écrit :
Il 19/07/2010 22:04, Jonathan Tripathy ha scritto:
On 19/07/10 18:07, Angelo Amoruso wrote:
On 16/07/2010 10.10, Jonathan Tripathy wrote:
Hi Everyone,
I have set up a mail server (on a VM) as per this article:
I beg to disagree. Blocking port 25 is a violation of Net Neutrality.
Ridiculous, net neutrality has nothing to do with service level
agreements. Residential service does not in any way, shape or form
equate to requiring full SMTP services to be able to run your own full
blown mail server, nor
On 2010-07-21 11:16 AM, Gordan Bobic gor...@bobich.net wrote:
If you want that level of service, upgrade to a service that
provides it, and that will be at least minimally monitored for
abuse (it is in the ISPs best interest to avoid getting their IP
addresses on blacklists).
Absolute
On Wed, Jul 21, 2010 at 06:39:07AM -0400, Wietse Venema wrote:
One server of ours just accepts the mails from clients and then relays
the mails to other servers.
Since there is almost no mail queued on the server , I think it is will
be good to mount /var/spool/postfix on a tmpfs
On 2010-07-21 Charles Marcus wrote:
[ lots of words ]
Charles, any ISP who restricts network traffic (with or without packet
inspection) is clearly violating net neutrality. Period. I suggest you
look up the term.
There may be valid reasons for an ISP to do this, but that doesn't
change one
Ansgar Wiechers wrote:
Charles, any ISP who restricts network traffic (with or without packet
inspection) is clearly violating net neutrality. Period. I suggest you
look up the term.
1. Net neutrality is simply a 'proposed' priniciple, its meaning is not
set in stone, and probably never will
Crap - sorry, meant that to go private...
Mystery solved:
Adding -O2 to CFLAGS (an -Ox parameter was missing) solved the problem.
Seems to be an GCC issue. I don't know if postfix should compile and work fine
without this or with another optimizer level.
If someone wants to debug this further: The pointer to the problem is within
- Original Message
From: Ansgar Wiechers li...@planetcobalt.net
To: postfix-users@postfix.org
Sent: Wed, July 21, 2010 12:51:34 PM
Subject: Re: OT: ISP Blocking of port 25
On 2010-07-21 Charles Marcus wrote:
[ lots of words ]
Charles, any ISP who restricts network traffic
Kai Krakow:
Mystery solved:
Adding -O2 to CFLAGS (an -Ox parameter was missing) solved the problem.
Seems to be an GCC issue. I don't know if postfix should compile and work fine
without this or with another optimizer level.
It *should* work with all optimization levels. except for:
- Bugs
Ram:
One server of ours just accepts the mails from clients and then relays
the mails to other servers.
Since there is almost no mail queued on the server , I think it is will
be good to mount /var/spool/postfix on a tmpfs partition.
You will lose all mail in the queue when the system
On 21/07/10 20:06, Daniel V. Reinhardt wrote:
- Original Message
From: Ansgar Wiechersli...@planetcobalt.net
To: postfix-users@postfix.org
Sent: Wed, July 21, 2010 12:51:34 PM
Subject: Re: OT: ISP Blocking of port 25
On 2010-07-21 Charles Marcus wrote:
[ lots of words ]
2010/7/21 Wietse Venema wie...@porcupine.org:
That would be a compiler bug, possibly compiler version dependent.
Yep, I'm sure it is. The postfix ebuild from gentoo contains some
evidence that hardened gcc 3.4 may be problematic. In case you are
interested, follow up bug report:
I treid grey listng and don't use it because too many servers were not
re-sending the e-mail back asap. Alot did and there was no problem.
But some took up to a day to retry the message.
I remeber reading about DPSAM. Also going to look at amavisd-new and assp.
I like the idea of calling it a
- Original Message
From: Jonathan Tripathy jon...@abpni.co.uk
To: postfix users postfix-users@postfix.org
Sent: Wed, July 21, 2010 8:23:31 PM
Subject: Re: OT: ISP Blocking of port 25
On 21/07/10 20:06, Daniel V. Reinhardt wrote:
- Original Message
On 2010-07-21 Daniel V. Reinhardt wrote:
ISP's should be made responsible and accountable for what their users
do.
No, they shouldn't.
They hold the rights to the IP Space in use at the time, and such any
traffic that goes over it should be logged for later analysis by
authorities if a user
On Wednesday, July 21, 2010, 16:36:08, Daniel V. Reinhardt wrote:
...
ISP's should be made responsible and accountable for what their users
do. They hold the rights to the IP Space in use at the time, and such
any traffic that goes over it should be logged for later analysis by
authorities
* Rod Dorman r...@polylogics.com:
Have we gone far enough off the topic of Postfix yet for this thread to
be declared dead?
Yes, especially since this was about SSL attacks.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus
On 07/21/2010 10:23 PM, Kai Krakow wrote:
2010/7/21 Wietse Venema wie...@porcupine.org:
That would be a compiler bug, possibly compiler version dependent.
Yep, I'm sure it is. The postfix ebuild from gentoo contains some
evidence that hardened gcc 3.4 may be problematic. In case you are
Randy Ramsdell a écrit :
mouss wrote:
Simone Caruso a écrit :
Il 19/07/2010 22:04, Jonathan Tripathy ha scritto:
On 19/07/10 18:07, Angelo Amoruso wrote:
On 16/07/2010 10.10, Jonathan Tripathy wrote:
Hi Everyone,
I have set up a mail server (on a VM) as per this
Le Wed, 21 Jul 2010 13:36:08 -0700 (PDT),
Daniel V. Reinhardt crypto...@yahoo.com a écrit :
Only http and https and submission would be allowed. To help
conserve the cost of bandwidth and to make more bandwidth available
to people who want more.
You are driving consumers to that kind of
I tried, I really did, but I just have to respond to this...
Jonathan Tripathy wrote:
an ISP should *never* monitor for abuse in the EU, and should
*never* be made liable for what their customers do.
Correct - they should only be liable for abuse that they allow *their*
networks to relay from
Original-Nachricht
Datum: Wed, 21 Jul 2010 22:23:06 +0200
Von: Kai Krakow hurikhan77+post...@googlemail.com
An: Postfix users postfix-users@postfix.org
Betreff: Re: postfix/local segfaults
2010/7/21 Wietse Venema wie...@porcupine.org:
That would be a compiler bug,
Wietse Venema put forth on 7/21/2010 2:22 PM:
Ram:
One server of ours just accepts the mails from clients and then relays
the mails to other servers.
Since there is almost no mail queued on the server , I think it is will
be good to mount /var/spool/postfix on a tmpfs partition.
You will
Why should home users get business class services at a fraction of the cost? It
is quite ignorant to think that.
Allowing legal data to pass without being monitored, snooped upon, or
blocked due to the type of traffic, is not just for business class
services.
Are you upset that you live in
Daniel V. Reinhardt wrote:
ISP's should be made responsible and accountable for what their users do. They
hold the rights to the IP Space in use at the time, and such any traffic that
goes over it should be logged for later analysis by authorities if a user is
found to be doing something
Charles Marcus wrote:
As I mentioned before, if they really feel that blocking port 25 blocks
spam,
You aren't serious? It isn't a matter of 'feeling'. Blocking port 25 for
residential users blocks TONS of SPAMBOTNETS. This isn't theory or
guesswork, it is a simple fact. It also relievs a
Time of death on Thu, Jul 22: 01:57:34 UTC
END OF THREAD. Please? :-)
--
Sahil Tandon sa...@freebsd.org
Jonathan Tripathy jon...@abpni.co.uk wrote:
Why should home users get business class services at a fraction of the cost?
It
is quite ignorant to think that.
Allowing legal data to pass without being monitored, snooped upon, or
blocked due to the type of traffic, is not just for business
Charles Marcus put forth on 7/21/2010 7:46 AM:
Jonathan Tripathy wrote:
Port 25 outgoing will be blocked by most ISPs
This may be the case in your country, but from where I'm from, I've
never had a problem sending out on port 25, even on home residental
ISPs :)
Any ISP that does *not*
On Wed, Jul 21, 2010 at 11:16:04PM +0200, Bas Mevissen wrote:
Can you try what happens if you replace at
typedef struct LOCAL_STATE {
int level;/* nesting level, for logging */
DELIVER_ATTR msg_attr;/* message/recipient attributes */
DELIVER_REQUEST
Daniel V. Reinhardt put forth on 7/21/2010 2:06 PM:
Your average joe doesn't need to be running servers, and if you want business
class services and abilities then pay for it.
Class warfare and/or financial means arguments are invalid in this discussion.
Bandwidth costs money. You can't
48 matches
Mail list logo
