reject_unknown_client_hostname and 450s

When reject_unknown_client_hostname triggers on an NXDOMAIN it returns a 550 error, which is great. When it triggers because there is no PTR record, it returns a 450 error, which is also great… except. What I see is servers that connect hundreds of times, getting 450 errors and ignoring them

Re: reject_unknown_client_hostname and 450s

On 2013-06-30 LuKreme wrote: When reject_unknown_client_hostname triggers on an NXDOMAIN it returns a 550 error, which is great. When it triggers because there is no PTR record, it returns a 450 error, which is also great… except. What I see is servers that connect hundreds of times, getting

smtpd_banner incorrect for 2nd domain

I am in the process of setting up a second domain for mail, but am at a bit of a roadblock. When I check things with mxtoolbox smtp test, everything is correct on my primary domain, but on the second one I get a message Warning - Reverse DNS does not match SMTP Banner. Reverse DNS is correct

Re: reject_unknown_client_hostname and 450s

LuKreme: When reject_unknown_client_hostname triggers on an NXDOMAIN it returns a 550 error, which is great. When it triggers because there is no PTR record, it returns a 450 error, which is also great? except. That is incorrect. The 450 code is for errors where lookup failed (no result

Re: smtpd_banner incorrect for 2nd domain

Cliff Dunn: I am in the process of setting up a second domain for mail, but am at a bit of a roadblock. When I check things with mxtoolbox smtp test, everything is correct on my primary domain, but on the second one I get a message Warning - Reverse DNS does not match SMTP Banner. Reverse

RE: cert error on outlook when send email using ssl

From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of Jeroen Geilman Sent: 29 June 2013 22:42 To: postfix-users@postfix.org Subject: Re: cert error on outlook when send email using ssl On 06/29/2013 08:25 PM, kazabe wrote: Hi. Im trying to use postfix

Re: reject_unknown_client_hostname and 450s

On 6/30/2013 3:12 AM, LuKreme wrote: When reject_unknown_client_hostname triggers on an NXDOMAIN it returns a 550 error, which is great. When it triggers because there is no PTR record, it returns a 450 error, which is also great… except. What you're seeing is the PTR lookup fails with a

Re: cert error on outlook when send email using ssl

On Sun, Jun 30, 2013 at 5:33 AM, Bart J. Smit b...@smits.co.uk wrote: --- StartSSL will do you a free certificate. https://www.startssl.com/ +1 to Bart's comment. Just get a free cert from StartCom. I have no affiliation, and YMMV, but back in 2011 I

Re: cert error on outlook when send email using ssl

Jerry schreef op 2013-06-29 22:05: On Sat, 29 Jun 2013 13:25:50 -0500 kazabe articulated: Hi. Im trying to use postfix with ssl. Now is working, but i have a little situation with the outloook clients. always to send a email, see a message The name of the security certificate is invalid or

Re: reject_unknown_client_hostname and 450s

On 6/30/2013 3:12 AM, LuKreme wrote: When reject_unknown_client_hostname triggers on an NXDOMAIN it returns a 550 error, which is great. When it triggers because there is no PTR record, it returns a 450 error, which is also great… except. What I see is servers that connect hundreds of

Re: PATCH: Option to log clients that execute invalid commands or disconnect with no email delivery

On 28/06/13 22:30, Wietse Venema wrote: Wietse Venema: John Fawcett: I use fail2ban in order to block some types of apparently malicious connections to postfix when the clients keep retrying. For example the As you agree logging every failed command would not be safe by default. On the

Re: PATCH: Option to log clients that execute invalid commands or disconnect with no email delivery

John Fawcett: I would like to propose the following addition. As well as logging error_count as per the original patch, it also logs the number of messages accepted during the smtp session. The aim of that would be to identify clients that repeatedly connect and never attempt delivery. Why do

Re: PATCH: Option to log clients that execute invalid commands or disconnect with no email delivery

Wietse Venema: John Fawcett: I would like to propose the following addition. As well as logging error_count as per the original patch, it also logs the number of messages accepted during the smtp session. The aim of that would be to identify clients that repeatedly connect and never

Re: PATCH: Option to log clients that execute invalid commands or disconnect with no email delivery

On 01/07/13 02:18, Wietse Venema wrote: John Fawcett: I would like to propose the following addition. As well as logging error_count as per the original patch, it also logs the number of messages accepted during the smtp session. The aim of that would be to identify clients that repeatedly

Re: PATCH: Option to log clients that execute invalid commands or disconnect with no email delivery

On 01/07/13 02:59, Wietse Venema wrote: Wietse Venema: John Fawcett: I would like to propose the following addition. As well as logging error_count as per the original patch, it also logs the number of messages accepted during the smtp session. The aim of that would be to identify clients

Re: Option to log clients that execute invalid commands or disconnect with no email delivery

On 6/28/2013 12:31 PM, John Fawcett wrote: One type of connection which I cannot block in fail2ban are clients that try the AUTH command on port 25, where I have disabled it. I got 245 connections this morning in the space of 5 minutes and those are the ones that got through despite the

Re: Option to log clients that execute invalid commands or disconnect with no email delivery

On 01/07/13 04:30, Stan Hoeppner wrote: On 6/28/2013 12:31 PM, John Fawcett wrote: One type of connection which I cannot block in fail2ban are clients that try the AUTH command on port 25, where I have disabled it. I got 245 connections this morning in the space of 5 minutes and those are the