Hi, I'm new to this list.
I have postfix mail server with spam/virus protection running for many
years. All works fine except for some kind of spam still getting
through.
After a review I found out that almost all of that spam is mail from
spoofed freemain domains. After some googling I found
Today I found this double-bounce:
- Forwarded message from Mail Delivery System mailer-dae...@charite.de
-
bounce-25280...@customer110.goolara.net: host
customer110.goolara.net[209.209.90.110] said: 552 Invalid size declaration.
(in reply to MAIL FROM command)
Reporting-MTA:
* Ralf Hildebrandt ralf.hildebra...@charite.de:
Jun 10 13:00:04 mail-ausfall postfix/smtp[7597]:
customer110.goolara.net[209.209.90.110]:25: MAIL FROM:hil...@charite.de
SIZE=19091 BODY=8BITMIME
Jun 10 13:00:04 mail-ausfall postfix/smtp[7597]:
customer110.goolara.net[209.209.90.110]:25:
Ralf Hildebrandt:
[ Charset UTF-8 unsupported, converting... ]
* Ralf Hildebrandt ralf.hildebra...@charite.de:
Jun 10 13:00:04 mail-ausfall postfix/smtp[7597]:
customer110.goolara.net[209.209.90.110]:25: MAIL FROM:hil...@charite.de
SIZE=19091 BODY=8BITMIME
Jun 10 13:00:04
On Thu, Jun 10, 2010 at 06:28:15AM +0200, Stefan Foerster wrote:
$ postmulti -i postfix-out -x mailq
This is correct.
-Queue ID- --Size-- Arrival Time -Sender/Recipient---
1BCBD1DF86 2622 Mon Jun 7 03:02:34
boskop-svn-bounces+trac=trac.incertum@lists.incertum.net
On Wed, Jun 09, 2010 at 07:41:51PM -0400, Wietse Venema wrote:
Victor Duchovni:
I guess our documentation has never promised the use of system CAs when
CApath or CAfile are set, failing to override the system settings is
counter-intuitive, so I can support this change. We'll also have to
Покотиленко Костик put forth on 6/10/2010 4:15 AM:
I'd attack the problem from another angle. You may be better served by adding
some more dnsbl checks rather that fighting spoofs:
http://www.mxtoolbox.com/SuperTool.aspx?action=blacklist%3a111.67.207.126
As you can see the IP sample you gave is
В Чтв, 10/06/2010 в 08:01 -0500, Stan Hoeppner пишет:
Покотиленко Костик put forth on 6/10/2010 4:15 AM:
I'd attack the problem from another angle. You may be better served by adding
some more dnsbl checks rather that fighting spoofs:
Покотиленко Костик put forth on 6/10/2010 8:04 AM:
Thanks for suggestion, I'll apply it.
You're welcome.
But if somebody can help discover (configuration) error which
prioritizing postmaster that would be nice.
postconf -d | grep mail_version might be helpful. IIRC some early versions
of
В Чтв, 10/06/2010 в 08:32 -0500, Stan Hoeppner пишет:
Покотиленко Костик put forth on 6/10/2010 8:04 AM:
Thanks for suggestion, I'll apply it.
You're welcome.
But if somebody can help discover (configuration) error which
prioritizing postmaster that would be nice.
postconf -d |
If the postmaster address is excluded from spam checks then you
may want to change the address_verify_sender setting.
The current default is:
address_verify_sender = $double_bounce_sender
The older (problematic) default is
address_verify_sender = postmaster
The final ultimate fix is to
Is this bcc logic possible with postfix only?
Len
On Thu, Jun 10, 2010 at 09:50:16AM -0400, Wietse Venema wrote:
If the postmaster address is excluded from spam checks then you
may want to change the address_verify_sender setting.
The current default is:
address_verify_sender = $double_bounce_sender
The older (problematic) default
On Thu, Jun 10, 2010 at 04:11:49PM +0200, Len Conrad wrote:
Is this bcc logic possible with postfix only?
No. Postfix has sender_bcc_maps and recipient_bcc_maps. There is no
support for adding bcc recipients via access(5) (and therefore policy
services won't work either). A milter may be able
On Thu, Jun 10, 2010 at 04:55:30PM +0200, Ralf Hildebrandt wrote:
* Victor Duchovni victor.ducho...@morganstanley.com:
On Thu, Jun 10, 2010 at 09:50:16AM -0400, Wietse Venema wrote:
If the postmaster address is excluded from spam checks then you
may want to change the
Victor Duchovni:
On Thu, Jun 10, 2010 at 09:50:16AM -0400, Wietse Venema wrote:
If the postmaster address is excluded from spam checks then you
may want to change the address_verify_sender setting.
The current default is:
address_verify_sender = $double_bounce_sender
The
I am trying to setup a server that will be only used for mail forwarding and
will not have any local mailboxes on it.
I am trying to have virtual_alias_maps as the sole lookup and any other mail
is rejected during the SMTP session after the RCPT TO command if the address
is not found in
On 6/10/2010 10:20 AM, Chad Morland wrote:
I am trying to setup a server that will be only used for mail forwarding
and will not have any local mailboxes on it.
I am trying to have virtual_alias_maps as the sole lookup and any other
mail is rejected during the SMTP session after the RCPT TO
Hi All,
I have a normal postfix setup with a external content filtering(amavis). I want
to skip content filtering for some domains and send through a different IP.
In my main.cf I have
smtpd_sender_restriction =
check_sender_access hash:/etc/postfix/access.cf
Where access.cf
On Thu, Jun 10, 2010 at 7:11 AM, Len Conrad lcon...@go2france.com wrote:
Is this bcc logic possible with postfix only?
No, but substitute courier maildrop and I believe it would be quite easy.
Shameem Ahamed:
smtpd_sender_restriction =
check_sender_access hash:/etc/postfix/access.cf
Where access.cf contains the below line
example.com FILTER csmtp:127.0.0.1
cstmp is a clone of smtp, and the corresponding entry in master.cf is
csmtp unix- -
I tried with
example.com FILTER csmtp:172.16.141.29
But still I have same error
postfix/smtp[10526]: connect to 172.16.141.29[172.16.141.29]:25: Connection
refused
Regards,
Shameem
--- On Thu, 10/6/10, Wietse Venema wie...@porcupine.org wrote:
From: Wietse Venema
On 6/10/2010 11:59 AM, Shameem Ahamed wrote:
I tried with
example.com FILTER csmtp:172.16.141.29
But still I have same error
postfix/smtp[10526]: connect to 172.16.141.29[172.16.141.29]:25: Connection
refused
The FILTER destination must accept mail. smtp is for sending
mail.
On Thu, Jun 10, 2010 at 11:53 AM, Noel Jones njo...@megan.vbhcs.org wrote:
On 6/10/2010 10:20 AM, Chad Morland wrote:
I am trying to setup a server that will be only used for mail forwarding
and will not have any local mailboxes on it.
I am trying to have virtual_alias_maps as the sole
So, is there any way to send mail using a different IP, other than running a
separate postfix instance.
Regrads,
Shameem
--- On Thu, 10/6/10, Noel Jones njo...@megan.vbhcs.org wrote:
From: Noel Jones njo...@megan.vbhcs.org
Subject: Re: Mail Delivery Using FILTER in access table
To:
On 6/10/2010 12:06 PM, Chad Morland wrote:
On Thu, Jun 10, 2010 at 11:53 AM, Noel Jones njo...@megan.vbhcs.org
mailto:njo...@megan.vbhcs.org wrote:
On 6/10/2010 10:20 AM, Chad Morland wrote:
I am trying to setup a server that will be only used for mail
forwarding
On 6/10/2010 12:07 PM, Shameem Ahamed wrote:
So, is there any way to send mail using a different IP, other than running a
separate postfix instance.
Regrads,
Shameem
Please don't top post.
With postfix 2.7 you can select outgoing IP via the FILTER
command. From the 2.7 RELEASE_NOTES:
There seems to be a massive difference between the speed of various
providers, in terms of accepting messages for delivery. Yahoo stands out
as, by far, the slowest of the big ones.
Because the messages are legitimate, we signed up for the email feedback
loop with Yahoo, so that messages
On 06/10/2010 11:31 PM, Ralf Hildebrandt wrote:
I heard that there are firewalls/security appliances that supposedly
can distinguish somebody using telnet from a machine speaking SMTP.
I must admit, it sounds feasible (timing between keystrokes etc.), but
little useful.
Anyway. Is there such a
On 6/10/2010 6:05 PM, Jerrale Gayle wrote:
I have smtpd_bind_address set to the delegated ip for our mail server
173.50.101.12; however this only limits incoming connections to that
ip, along with our firewall; it USE to, on postfix, make postfix send
out from that ip only. Now, postfix is
On 6/10/2010 1:06 PM, Chad Morland wrote:
On Thu, Jun 10, 2010 at 11:53 AM, Noel Jones njo...@megan.vbhcs.org
mailto:njo...@megan.vbhcs.org wrote:
On 6/10/2010 10:20 AM, Chad Morland wrote:
I am trying to setup a server that will be only used for mail
forwarding
On 6/10/2010 6:34 PM, Sahil Tandon wrote:
On Thu, 10 Jun 2010, Jerrale Gayle wrote:
I have smtpd_bind_address set to the delegated ip for our mail
% postconf smtpd_bind_address
postconf: warning: smtpd_bind_address: unknown parameter
[ .. ]
How can I make postfix use the
On Thu, 10 Jun 2010, Jerrale Gayle wrote:
I have smtpd_bind_address set to the delegated ip for our mail
% postconf smtpd_bind_address
postconf: warning: smtpd_bind_address: unknown parameter
[ .. ]
How can I make postfix use the ip it is suppose to, to send mail on?
Hello,
I'm currently working on a test box to verify the behavior of some features I'd
like to implement on a production mail relay server.
Among those are recipient_bcc_maps/sender_bcc_maps (to keep copies of certain
emails) and after-queue content_filter (to be able to block certain file
On 06/11/2010 12:44 AM, motty.cruz wrote:
Is there a best way to stop backscatter spam without using check
headers? Traffic is too heavy to user check headers + we received
email for three different domains.
Using postfix 2.6.
Thanks,
motty
To stop backscatter spam, don't accept mail
On 06/11/2010 12:59 AM, Emmanuel Bailleul wrote:
Hello,
I'm currently working on a test box to verify the behavior of some features I'd
like to implement on a production mail relay server.
Among those are recipient_bcc_maps/sender_bcc_maps (to keep copies of certain
emails) and after-queue
On 6/10/2010 5:31 PM, Ralf Hildebrandt wrote:
I heard that there are firewalls/security appliances that supposedly
can distinguish somebody using telnet from a machine speaking SMTP.
I must admit, it sounds feasible (timing between keystrokes etc.), but
little useful.
Anyway. Is there such a
Florin Andrei a écrit :
There seems to be a massive difference between the speed of various
providers, in terms of accepting messages for delivery. Yahoo stands out
as, by far, the slowest of the big ones.
Because the messages are legitimate, we signed up for the email feedback
loop with
I have smtp_bind_address set to the delegated ip for our mail server
173.50.101.12; however this only limits incoming connections to that ip,
along with our firewall; it USE to, on postfix, make postfix send out
from that ip only. Now, postfix is sending out on the main ip of the
mail server,
On 6/10/2010 6:31 PM, Sahil Tandon wrote:
On Thu, 10 Jun 2010, Jerrale Gayle wrote:
smtpd_reject_unlisted_recipient = no
Bad idea.
Would this be better put by itself or under
smtpd_recipient_restrictions = reject_unlisted_recipient=no?
Bad idea + unsupported syntax.
Jerrale Gayle:
I have smtp_bind_address set to the delegated ip for our mail server
173.50.101.12; however this only limits incoming connections to that ip,
along with our firewall; it USE to, on postfix, make postfix send out
from that ip only. Now, postfix is sending out on the main ip
On Thu, 10 Jun 2010, Jerrale Gayle wrote:
On 6/10/2010 6:34 PM, Sahil Tandon wrote:
On Thu, 10 Jun 2010, Jerrale Gayle wrote:
I have smtpd_bind_address set to the delegated ip for our mail
% postconf smtpd_bind_address
postconf: warning: smtpd_bind_address: unknown parameter
[ .. ]
I heard that there are firewalls/security appliances that supposedly
can distinguish somebody using telnet from a machine speaking SMTP.
I must admit, it sounds feasible (timing between keystrokes etc.), but
little useful.
Anyway. Is there such a thing? Does anybody use such a thing?
--
Ralf
On Thursday, June 10, 2010, 17:51:13, Jerrale Gayle wrote:
smtpd_reject_unlisted_recipient = no
Would this be better put by itself or under smtpd_recipient_restrictions
= reject_unlisted_recipient=no?
I want to accept all mail to non-existent users, then bounce, so that
people can't probe
I have smtpd_bind_address set to the delegated ip for our mail server
173.50.101.12; however this only limits incoming connections to that ip,
along with our firewall; it USE to, on postfix, make postfix send out
from that ip only. Now, postfix is sending out on the main ip of the
mail server,
smtpd_reject_unlisted_recipient = no
Would this be better put by itself or under smtpd_recipient_restrictions
= reject_unlisted_recipient=no?
I want to accept all mail to non-existent users, then bounce, so that
people can't probe for valid users to know wherer to start a brute force.
On Thu, 10 Jun 2010, Jerrale Gayle wrote:
smtpd_reject_unlisted_recipient = no
Bad idea.
Would this be better put by itself or under
smtpd_recipient_restrictions = reject_unlisted_recipient=no?
Bad idea + unsupported syntax.
I want to accept all mail to non-existent users, then bounce, so
Is there a best way to stop backscatter spam without using check headers?
Traffic is too heavy to user check headers + we received email for three
different domains.
Using postfix 2.6.
Thanks,
motty
On 6/10/2010 6:43 PM, Sahil Tandon wrote:
On Thu, 10 Jun 2010, Jerrale Gayle wrote:
On 6/10/2010 6:34 PM, Sahil Tandon wrote:
On Thu, 10 Jun 2010, Jerrale Gayle wrote:
I have smtpd_bind_address set to the delegated ip for our mail
% postconf smtpd_bind_address
On Thu, Jun 10, 2010 at 6:31 PM, Ralf Hildebrandt
ralf.hildebra...@charite.de wrote:
I heard that there are firewalls/security appliances that supposedly
can distinguish somebody using telnet from a machine speaking SMTP.
I must admit, it sounds feasible (timing between keystrokes etc.), but
-Original Message-
Florin Andrei a écrit :
There seems to be a massive difference between the speed of various
providers, in terms of accepting messages for delivery. Yahoo stands out
as, by far, the slowest of the big ones.
Because the messages are legitimate, we signed up for
Mike Hutchinson:
We have had this exact problem, delivering Retail newsletters to people who
have opted in for it. A lot of them are on Gmail and Yahoo, and this can be
difficult with Bulk E-Mail. Despite contact with Google themselves and
signing up for all of their reporting services
On Thu, 10 Jun 2010, Jerrale Gayle wrote:
On 6/10/2010 6:31 PM, Sahil Tandon wrote:
On Thu, 10 Jun 2010, Jerrale Gayle wrote:
smtpd_reject_unlisted_recipient = no
Bad idea.
Would this be better put by itself or under
smtpd_recipient_restrictions = reject_unlisted_recipient=no?
Bad idea
# Slow these destinations to avoid blacklisting, see
/etc/postfix/transport
for domains configured
hotmail_destination_concurrency_limit = 2
hotmail_destination_rate_delay = 2s
hotmail_destination_recipient_limit = 5
yahoo_destination_concurrency_limit = 4
+-- Ralf Hildebrandt wrote (Thu, 10-Jun-2010, 23:31 +0200):
|
| I heard that there are firewalls/security appliances that supposedly
| can distinguish somebody using telnet from a machine speaking SMTP.
|
| I must admit, it sounds feasible (timing between keystrokes etc.), but
| little
On Thu, Jun 10, 2010 at 11:31:49PM +0200, Ralf Hildebrandt wrote:
I heard that there are firewalls/security appliances that supposedly
can distinguish somebody using telnet from a machine speaking SMTP.
I must admit, it sounds feasible (timing between keystrokes etc.), but
little useful.
56 matches
Mail list logo