Ohh. So there is only one solution - on mail server generate an
alias list that contains aliases and result. Like :
chose OK
user OK
...
...
And in main.cf use directive
smtpd_recipient_restrictions = other options,check_recipient_access
hash:/etc/postfix/alias_list,other options
Am 07.05.2013 09:00, schrieb Josef Karliak:
Ohh. So there is only one solution - on mail server generate an alias
list that contains aliases and result. Like :
chose OK
user OK
...
...
And in main.cf use directive
smtpd_recipient_restrictions = other
Am 07.05.2013 03:05, schrieb Vincent Lefevre:
There's no mail exchanger here. The machine in question
(carotte.tilapin.org) just sends the mail.
and in this case it needs a vaild PTR
Don't try to run a mail exchanger on a dynamic IP address or one
lacking FCrDNS. It's definitely his fault
On 2013-05-07 10:18:21 +0200, Reindl Harald wrote:
Am 07.05.2013 03:05, schrieb Vincent Lefevre:
There's no mail exchanger here. The machine in question
(carotte.tilapin.org) just sends the mail.
and in this case it needs a vaild PTR
Perhaps (any quote from the RFC's?). But anyway I can't
Am 07.05.2013 10:40, schrieb Vincent Lefevre:
On 2013-05-07 10:18:21 +0200, Reindl Harald wrote:
Am 07.05.2013 03:05, schrieb Vincent Lefevre:
There's no mail exchanger here. The machine in question
(carotte.tilapin.org) just sends the mail.
and in this case it needs a vaild PTR
Perhaps
Am 07.05.2013 10:54, schrieb Reindl Harald:
about it. I receive important mail from users whose IP doesn't have
a reverse hostname. Not one user, several ones
then use some whitelist ...,should be enough i.e
smtpd_client_restrictions = permit_sasl_authenticated,
Thanks for your advice Viktor
I have done a capture and loaded into WireShark.
1,0.00,1.2.3.4,192.168.1.239,TCP,66,19524 smtp [SYN] Seq=0
Win=8192 Len=0 MSS=1380 WS=256 SACK_PERM=1
2,0.22,192.168.1.239,1.2.3.4,TCP,66,smtp 19524 [SYN, ACK]
Seq=0 Ack=1 Win=5840 Len=0 MSS=1460 SACK_PERM=1
On 2013-05-07 10:54:06 +0200, Reindl Harald wrote:
Am 07.05.2013 10:40, schrieb Vincent Lefevre:
On 2013-05-07 10:18:21 +0200, Reindl Harald wrote:
Am 07.05.2013 03:05, schrieb Vincent Lefevre:
There's no mail exchanger here. The machine in question
(carotte.tilapin.org) just sends the
On 2013-05-07 13:15:01 +0200, Robert Schetterer wrote:
Am 07.05.2013 10:54, schrieb Reindl Harald:
about it. I receive important mail from users whose IP doesn't have
a reverse hostname. Not one user, several ones
then use some whitelist ...,should be enough i.e
Am 07.05.2013 14:02, schrieb Vincent Lefevre:
On 2013-05-07 10:54:06 +0200, Reindl Harald wrote:
it is common practice to not accept mails from hosts without a
valid PTR
A PTR is not associated with a host, but with an IP address. That's
important because mail may be sent from different
On 05/07/2013 02:02 PM, Vincent Lefevre wrote:
[snip]
A PTR is not associated with a host, but with an IP address. That's
important because mail may be sent from different IP addresses,
depending on the recipient or other factors. And it seems that
some users forget to set up a PTR for all their
Am 07.05.2013 14:14, schrieb Vincent Lefevre:
A whitelist is not possible as in general, I don't know who
sends me such mail
it is possible
what about reading logs and/or mail headers ?
if you cant do that , forget about hosting email services, and asking
here for help
Best Regards
MfG
Hi all,
So, I've a condition where people send mails to my domain with with
fake From: header in the body of mail (which Thunderbird or any MUA
shows while reading the mail).
This is actually an authentic way of sending mail if the user that's
sending mail has proper authority over the email
Hi
i would like a grep of all records from the previous
day with NOQUEUE in a bash script - how do i get
exactly the format like below from /var/log/maillog
and yesterday?
May 7 12:29:39 mail postfix/smtpd[29696]: NOQUEUE
final goal:
add the output at the bottom a my daily logwatch
Use AWK
Like this:
cat /var/log/maillog | awk '{ if ($1==May $2==7) print $0 }' | grep
NOQUEUE
Newton Pasqualini Filho
newtonpasqual...@gmail.com
Em 07/05/2013, às 11:03, Reindl Harald h.rei...@thelounge.net escreveu:
Hi
i would like a grep of all records from the previous
day with
the main question is
a) dynamically
b) ! yesterday ! from the time the script runs
this is intended for a cron-job
Am 07.05.2013 16:09, schrieb Newton Pasqualini Filho:
Use AWK
Like this:
cat /var/log/maillog | awk '{ if ($1==May $2==7) print $0 }' | grep
NOQUEUE
Em 07/05/2013,
On 05/07/2013 04:03 PM, Reindl Harald wrote:
exactly the format like below from /var/log/maillog and yesterday?
With GNU date:
fgrep -e `date -d yesterday +'%b %e'` /var/log/mail.log | fgrep NOQUEUE
--
Martin
Am 07.05.2013 16:20, schrieb Martin Schütte:
On 05/07/2013 04:03 PM, Reindl Harald wrote:
exactly the format like below from /var/log/maillog and yesterday?
With GNU date:
fgrep -e `date -d yesterday +'%b %e'` /var/log/mail.log | fgrep NOQUEUE
perfect - thank you very much!
On 5/7/2013 8:54 AM, Abhijeet Rastogi wrote:
Hi all,
So, I've a condition where people send mails to my domain with with
fake From: header in the body of mail (which Thunderbird or any MUA
shows while reading the mail).
This is actually an authentic way of sending mail if the user that's
On May 7, 2013, at 16:15, Reindl Harald h.rei...@thelounge.net wrote:
the main question is
a) dynamically
b) ! yesterday ! from the time the script runs
this is intended for a cron-job
Things like;
==
$ date -d yesterday
Mon May 6 16:20:20 CEST 2013
$ date -d yesterday +%Y%m%d
On Tue, May 07, 2013 at 04:46:35AM -0700, mailtime wrote:
Thanks for your advice Viktor
I have done a capture and loaded into WireShark.
The wireshark output, which omits much detail, (but the GUI allows
you to drill in various details) is for you to interpret. If you
want help from me, post
Hi Noel,
Thanks for your reply. I already have spamhous and clamav in my setup.
But, still mails are being passed through it.
I completely understand that it's a very legit way of sending mail.
It's done *everywhere*.
But, really want to restrict all this as ignorant people are getting
mails
Viktor Dukhovni:
That said, clearly some packets from the sender are lost, and never
retransmitted. The TCP connection negotiates selective ACK and
window scaling on both sides. First thing I would do is disable
window scaling on your Postfix server. This will reduce throughput
for mail
Hi Tom,
It feels like this is for a lot more features than what's needed. I am
new to this and will definitely give it a read. Thanks for this.
For the time being, can you point me to the right doc so that I can
quickly implement this. (Few pointers would be awesome)
I had a look at
Viktor Dukhovni:
On Tue, May 07, 2013 at 12:57:27PM -0400, Wietse Venema wrote:
Viktor Dukhovni:
That said, clearly some packets from the sender are lost, and never
retransmitted. The TCP connection negotiates selective ACK and
window scaling on both sides. First thing I would do
On Mon, May 6, 2013 at 3:10 PM, Wietse Venema wie...@porcupine.org wrote:
Robert Lopez:
Let me try again. I am assuming the link between a line in the
dndsbl_reply file and the main.cf file is only a label and it could be
anything.
Is that a wrong assumption?
Please describe what is not
On 5/6/2013 6:54 PM, /dev/rob0 wrote:
FCrDNS itself is not just a best practice, it is a
requirement.
It is preferred, but optional, not required. If it was a *requirement*
then Postfix would have neither of these two restrictions, and the first
would simply be hard coded into postscreen and
On 5/6/2013 8:05 PM, Vincent Lefevre wrote:
But I don't see this as a final solution since most users use a
shared MSA and the outgoing mail server may be blacklisted more
or less often (this is the case of my ISP, which is frequently
blacklisted by spamcop) or not reliable (e.g. at my lab,
On 5/7/2013 7:02 AM, Vincent Lefevre wrote:
And it seems that
some users forget to set up a PTR for all their IPv6 addresses.
This apparently includes Debian's mailing-list server.
Seems to have IPv6 rDNS:
~$ host bendel.debian.org
bendel.debian.org has address 82.195.75.100
bendel.debian.org
Is it possible to use reject_unknown_reverse_client_hostname-like
feature as part of scoring with blacklist checking? I think
policyd-weight supported that. I consider using postfwd.
Yes this is possible with postfwd. The policy delegation protocol
contains reverse_client_name and
On 05/08/2013 08:12 AM, Stan Hoeppner wrote:
In addition, if FCrDNS was indeed a requirement, then nobody would
accept mail from my SOHO Postfix server, nor any mail servers behind the
tens of thousands of business class ADSL circuits in the US which
offer static IPs but not custom rDNS. You
I'm going to take this chance to pipe into this thread that I am
confused about Vincent's issue. He says that the client which lacked
PTR (the one run by a Debianista) was not a mail exchanger, or not
exchanging mail.
Why, then, would reject_unknown_reverse_client_hostname be an issue?
On 2013-05-07 15:38:44 -0500, Stan Hoeppner wrote:
On 5/7/2013 7:02 AM, Vincent Lefevre wrote:
And it seems that
some users forget to set up a PTR for all their IPv6 addresses.
This apparently includes Debian's mailing-list server.
I've reported a Debian bug, and one developer claimed it
On 2013-05-07 15:50:33 +0200, Robert Schetterer wrote:
Am 07.05.2013 14:14, schrieb Vincent Lefevre:
A whitelist is not possible as in general, I don't know who
sends me such mail
it is possible
what about reading logs and/or mail headers ?
I meant that it may be a completely new user,
On Tue, May 07, 2013 at 01:03:51PM -0600, Robert Lopez wrote:
What is not clear to me in that description is the reason for
my original question
Does it matter what the short name returned is; that is could
I use zen.spamhaus.org just to keep it shorter?
In my example:
On 2013-05-07 17:36:49 -0500, /dev/rob0 wrote:
I'm going to take this chance to pipe into this thread that I am
confused about Vincent's issue. He says that the client which lacked
PTR (the one run by a Debianista) was not a mail exchanger, or not
exchanging mail.
Why, then, would
On 2013-05-07 14:19:40 +0200, Reindl Harald wrote:
Am 07.05.2013 14:02, schrieb Vincent Lefevre:
depending on the recipient or other factors. And it seems that
some users forget to set up a PTR for all their IPv6 addresses.
This apparently includes Debian's mailing-list server.
that's
On 2013-05-07 23:00:01 +0200, Jan P. Kessler wrote:
Yes this is possible with postfwd. The policy delegation protocol
contains reverse_client_name and client_name, which can be used within
postfwd rulesets.
Example:
id=COMBO01
reverse_client_name==unknown
On 2013-05-07 14:33:12 +0200, Patrick Lists wrote:
On 05/07/2013 02:02 PM, Vincent Lefevre wrote:
[snip]
A PTR is not associated with a host, but with an IP address. That's
important because mail may be sent from different IP addresses,
depending on the recipient or other factors. And it
Am 08.05.2013 01:41, schrieb Vincent Lefevre:
On 2013-05-07 17:36:49 -0500, /dev/rob0 wrote:
I'm going to take this chance to pipe into this thread that I am
confused about Vincent's issue. He says that the client which lacked
PTR (the one run by a Debianista) was not a mail exchanger, or
Am 08.05.2013 01:47, schrieb Vincent Lefevre:
On 2013-05-07 14:19:40 +0200, Reindl Harald wrote:
Am 07.05.2013 14:02, schrieb Vincent Lefevre:
depending on the recipient or other factors. And it seems that
some users forget to set up a PTR for all their IPv6 addresses.
This apparently
Am 08.05.2013 01:58, schrieb Vincent Lefevre:
BTW, if I understand correctly what has been said earlier, DEFER would
be better than REJECT as the reverse_client_name==unknown error may be
temporary
RTFM
http://www.postfix.org/postconf.5.html#reject_unknown_reverse_client_hostname
The reply
Am 08.05.2013 02:09, schrieb Vincent Lefevre:
While I agree that a PTR should be set, this is different. A MTA
sending legitimate mail (not spam) but without a PTR doesn't cause
any damage
and because machines does not guess and smell if it is legitimate
there are rules which are enforced
On 05/08/2013 11:41 AM, Vincent Lefevre wrote:
Perhaps for IPv4 (but this depends: some people send mail to a few
restricted people). If only the IPv6 address lacks a PTR, this is
probably not true, at least in France, where the biggest ISP's don't
support IPv6, so that there are no
On 05/08/2013 11:02 AM, Vincent Lefevre wrote:
I suspect that they temporarily changed the Ethernet card without
updating their DNS config, as only the last 6 bytes of the IPv6
address changed for this particular mail.
There are lots of ways that IPv6 can get messed up, and people tend not
to
45 matches
Mail list logo
