On Tue, May 17, 2011 at 6:25 PM, Noel Jones njo...@megan.vbhcs.org wrote:
The usual suspects are:
- these are not really generated from your machine, but rather bounces of
undeliverable mail you've previously accepted. Don't accept mail you can't
or won't deliver.
- an insecure web script
On 05/18/2011 12:53 AM, Digest of postfix-users list wrote:
Date: Tue, 17 May 2011 17:37:22 +0200
From: Mark Martinecmark.martinec+post...@ijs.si
Subject: Re: Timed out while sending message body
Tomasz K. Jarzynka:
Finally, I ran a tcpdump on our origin mail server, our firewall
Hi all! i'm seeing a huge quantity of spam during this week (~156K
messages) all from an smtp addresses that begins with '0-', like:
from=0...@cancer.org
from=0-1z3ize-...@bxbmail.de
from=0...@carnival.com
from=0-gentil...@aditi.com
from=0-happy-1...@msf.biglobe.ne.jp
On 5/18/2011 8:06 AM, Lima Union wrote:
Hi all! i'm seeing a huge quantity of spam during this week (~156K
messages) all from an smtp addresses that begins with '0-', like:
from=0...@cancer.org
from=0-1z3ize-...@bxbmail.de
from=0...@carnival.com
from=0-gentil...@aditi.com
Original-Nachricht
Datum: Wed, 18 May 2011 08:49:25 -0500
Von: Noel Jones njo...@megan.vbhcs.org
An: postfix-users@postfix.org
Betreff: Re: Filtering spam with a partial pattern
On 5/18/2011 8:06 AM, Lima Union wrote:
Hi all! i'm seeing a huge quantity of spam during
On Wed, May 18, 2011 at 10:54 AM, Steve stev...@gmx.net wrote:
Original-Nachricht
Datum: Wed, 18 May 2011 08:49:25 -0500
Von: Noel Jones njo...@megan.vbhcs.org
An: postfix-users@postfix.org
Betreff: Re: Filtering spam with a partial pattern
On 5/18/2011 8:06 AM, Lima
On 5/18/2011 8:54 AM, Steve wrote:
Original-Nachricht
Datum: Wed, 18 May 2011 08:49:25 -0500
Von: Noel Jonesnjo...@megan.vbhcs.org
An: postfix-users@postfix.org
Betreff: Re: Filtering spam with a partial pattern
On 5/18/2011 8:06 AM, Lima Union wrote:
Hi all! i'm seeing a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello, I may have a somewhat unique situation regarding an IPv4 relayhost on an
IPv4 and IPv6 enabled Postfix MTA; it seems that even for an IPv6 capable
recipient MTA the IPv4 relayhost is used. Is there a way to bind/enforce the
relayhost to be
afshin afzali:
Postfix has no support for senders to specify do not deliver
this message after X (i.e. no per-message expiration time).
Of course, for transports such as SMS or voice I need to use custom scrips
to wrap postfix to appropriate managers. In these scripts I will check
evilgh...@packetmail.net:
Hello, I may have a somewhat unique situation regarding an IPv4
relayhost on an IPv4 and IPv6 enabled Postfix MTA; it seems that
even for an IPv6 capable recipient MTA the IPv4 relayhost is used.
Is there a way to bind/enforce the relayhost to be IPv4 only, as
in, if
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 05/18/11 13:02, Wietse Venema wrote:
The Postfix documentation only describes the features that are
implemented. Therefore if you can't find something then you can
safely assume that it is not supported.
Dr. Venema, thank you for your reply.
On 05/18/2011 08:15 PM, evilgh...@packetmail.net wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 05/18/11 13:02, Wietse Venema wrote:
The Postfix documentation only describes the features that are
implemented. Therefore if you can't find something then you can
safely assume that it is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 05/18/11 13:19, Jeroen Geilman wrote:
Consider why you have set a global relayhost; apparently, you want ALL mail
delivered via this one host.
Negative, I want all IPv4-only, non-IPv6 transit capable, mail delivered via
this host.
- --
-
On 05/18/2011 08:23 PM, evilgh...@packetmail.net wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 05/18/11 13:19, Jeroen Geilman wrote:
Consider why you have set a global relayhost; apparently, you want ALL mail
delivered via this one host.
Negative, I want all IPv4-only, non-IPv6
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 05/18/11 13:24, Jeroen Geilman wrote:
But that is not what you have DONE.
Yes, because evidently the two are mutually exclusive. A relayhost cannot be
defined for only IPv4 traffic nor can it be configured to not effect IPv6
capable traffic.
On Wed, May 18, 2011 at 11:07 AM, Noel Jones njo...@megan.vbhcs.org wrote:
On 5/18/2011 8:54 AM, Steve wrote:
Original-Nachricht
Datum: Wed, 18 May 2011 08:49:25 -0500
Von: Noel Jonesnjo...@megan.vbhcs.org
An: postfix-users@postfix.org
Betreff: Re: Filtering spam with a
On Wed, May 18, 2011 at 2:30 PM, evilgh...@packetmail.net
evilgh...@packetmail.net wrote:
I'm certainly open for any suggestions for accommodating my goal of applying
an
IPv4 relayhost to non-IPv6 capable traffic if there is such a way to
accomplish
this goal with the existing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 05/18/11 13:52, Vick Khera wrote:
What if you do this: eliminate the ability of your mail server to send
SMTP over IPv4, possibly by removing any IPv4 address from it, or
firewalling that ability away.
Set up fallback_relay on this host so
On 05/18/2011 08:52 PM, Vick Khera wrote:
On Wed, May 18, 2011 at 2:30 PM, evilgh...@packetmail.net
evilgh...@packetmail.net wrote:
I'm certainly open for any suggestions for accommodating my goal of applying an
IPv4 relayhost to non-IPv6 capable traffic if there is such a way to accomplish
Jeroen Geilman:
On 05/18/2011 08:52 PM, Vick Khera wrote:
On Wed, May 18, 2011 at 2:30 PM, evilgh...@packetmail.net
evilgh...@packetmail.net wrote:
I'm certainly open for any suggestions for accommodating my goal of
applying an
IPv4 relayhost to non-IPv6 capable traffic if there is
On 5/18/2011 1:30 PM, Lima Union wrote:
One last question regarding this, due that the amount of spam is huge
I'd like to catch some of these messages, how should I configure
Postfix in order to let this kind of messages (beginning with /^0-/ )
bypass all my checks (RBL,etc) and redirect them to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 05/18/11 14:43, Wietse Venema wrote:
This should be possible with one Postfix
{SNIP}
No firewalling needed.
To bring closure to this thread and perhaps benefit others in the future:
As part of a defense-in-depth security strategy a strict IPv4
On Wed, May 18, 2011 at 5:01 PM, Noel Jones njo...@megan.vbhcs.org wrote:
On 5/18/2011 1:30 PM, Lima Union wrote:
One last question regarding this, due that the amount of spam is huge
I'd like to catch some of these messages, how should I configure
Postfix in order to let this kind of
May 18 16:22:49 m postfix-in/smtp[7806]: connect to
spam1.ihostexchange.net[66.46.182.95]:25: Permission denied
May 18 16:22:49 m postfix-in/smtp[7806]: connect to
spam2.ihostexchange.net[66.46.182.95]:25: Permission denied
May 18 16:22:49 m postfix-in/smtp[7806]: 7081A1088FA:
Darek M:
May 18 16:22:49 m postfix-in/smtp[7806]: connect to
spam1.ihostexchange.net[66.46.182.95]:25: Permission denied
May 18 16:22:49 m postfix-in/smtp[7806]: connect to
spam2.ihostexchange.net[66.46.182.95]:25: Permission denied
May 18 16:22:49 m postfix-in/smtp[7806]: 7081A1088FA:
I am having a problem that IMHO should be solved by the following in
main.cf. I am using version 2.7.1 in Debian squeeze:
smtpd_data_restrictions =
permit_mynetworks,
reject_unauth_pipelining,
reject_multi_recipient_bounce
This says to me that if the host is listed in mynetworks, it
On 5/18/2011 3:39 PM, Shawn Heisey wrote:
I am having a problem that IMHO should be solved by the
following in main.cf. I am using version 2.7.1 in Debian squeeze:
smtpd_data_restrictions =
permit_mynetworks,
reject_unauth_pipelining,
reject_multi_recipient_bounce
This says to me that if the
Hi all,
I have a problem with my dovecot/postfix configuration:
here is my dovecot -n
# 1.2.16: /etc/dovecot.conf
Warning: fd limit 128 is lower than what Dovecot can use under full
load (more than 768). Either grow the limit or change
login_max_processes_count and max_mail_processes settings
#
* Gonzalo Rodriguez gonz...@sepp0.com.ar:
Hi all,
I have a problem with my dovecot/postfix configuration:
...
May 18 09:49:35 FOOBAR-0010 postfix/local[16584]: 8808D26125:
to=gonza...@foobar.com.ar, relay=local, delay=0.92,
delays=0.91/0.01/0/0, dsn=2.0.0, status=sent (delivered to
On 5/18/2011 2:57 PM, Noel Jones wrote:
On 5/18/2011 3:39 PM, Shawn Heisey wrote:
I am having a problem that IMHO should be solved by the
following in main.cf. I am using version 2.7.1 in Debian squeeze:
smtpd_data_restrictions =
permit_mynetworks,
reject_unauth_pipelining,
Shawn Heisey:
smtpd_data_restrictions = permit_mynetworks,
reject_unauth_pipelining, reject_multi_recipient_bounce
permit_mynetworks has NO EFFECT in smtpd_data_restrictions,
because SMTP is a multi-recipient protocol.
Wietse
Wietse Venema:
Shawn Heisey:
smtpd_data_restrictions = permit_mynetworks,
reject_unauth_pipelining, reject_multi_recipient_bounce
permit_mynetworks has NO EFFECT in smtpd_data_restrictions,
because SMTP is a multi-recipient protocol.
Sorry, that is bogus.
Wietse
Shawn Heisey:
smtpd_delay_reject = yes
This will apply the client, helo, and sender restrictions
AFTER Postfix receives the RCPT TO command.
In other words, Postfix never applies restrictions when the
client connects, when the client send EHLO, or when the
client sends the MAIL FROM command.
On Wed, 2011-05-18 at 19:05:11 -0300, Gonzalo Rodriguez wrote:
May 18 09:49:35 FOOBAR-0010 postfix/local[16584]: 8808D26125:
to=gonza...@foobar.com.ar, relay=local, delay=0.92,
delays=0.91/0.01/0/0, dsn=2.0.0, status=sent (delivered to mailbox)
Where is 'foobar.com.ar' listed in your
On 5/18/2011 5:09 PM, Wietse Venema wrote:
This applies restrictions before RCPT TO, so you reported
the wrong Postfix configuration, or you have parameter
settings in master.cf that you should also report about.
It's the right configuration. Just in case, I made sure I was on the
right
Shawn Heisey:
On 5/18/2011 5:09 PM, Wietse Venema wrote:
This applies restrictions before RCPT TO, so you reported
the wrong Postfix configuration, or you have parameter
settings in master.cf that you should also report about.
...
I actually do hope that this is a mistake on my part, so I
Wietse Venema:
With my own system, permit_mynetworks does override
reject_unauth_pipelining, so I guess you either aren't matching
mynetworks, or you have given incorrect confguration info, or the
Debian maintainer introduced an error.
Below are examples for Postfix versions 2.9 (the
On 5/18/2011 6:27 PM, Wietse Venema wrote:
In master.cf you have smtpd_delay_reject = no. With this, Postfix
will apply smtpd_sender_restrictions when it receives the MAIL FROM
command, instead of waiting until the RCPT TO command.
In your log, Postfix rejects the MAIL FROM command. This means
On Wed, May 18, 2011 at 9:02 PM, Wietse Venema wie...@porcupine.org wrote:
afshin afzali:
Postfix has no support for senders to specify do not deliver
this message after X (i.e. no per-message expiration time).
Of course, for transports such as SMS or voice I need to use custom
39 matches
Mail list logo