In message 51ff1bba.9000...@hardwarefreak.com,
Stan Hoeppner s...@hardwarefreak.com wrote:
Doing RBL client checks in postscreen?
That would be one cause.
As I mentioned, I am not using postscreen at the present time.
Another could be having duplicate
reject_rbl_client statements in
In message 51ff2563.1070...@hardwarefreak.com,
Stan Hoeppner s...@hardwarefreak.com wrote:
If not maybe a new restriction
verb would be useful to perform this exact check.
Maybe you should explain why you're having a problem rejecting spamware
that HELO's with an IP literal.
Did I say I was
In message 51ff2ad2.2080...@hardwarefreak.com,
Stan Hoeppner s...@hardwarefreak.com wrote:
BTW, if you want to maximize potential hits on RHSBLs just short of
doing body checks, you may want to give Sahil Tandon's TCP server based
RHSBL header checker a spin. It grabs domains from headers and
On Mon, August 5, 2013 5:12 am, Yishen Miao wrote:
On Aug 4, 2013, at 9:54 PM, wie...@porcupine.org (Wietse Venema) wrote:
Yishen Miao:
I wonder is there any plan about adding such feature to postfix?
There are no such plans. If random people can read a private key
file that is read-only for
On Aug 5, 2013, at 07:12, Yishen Miao mys72...@gmail.com wrote:
I'm trying to re-use my SSL certificate for Apache on postfix which is
encrypted. It would be convent if postfix can support that.
Also, an encrypted private key that is read-only for root sounds more secure
than a plain one
On 2013-08-04 7:30 PM, wie...@porcupine.org (Wietse Venema)
wie...@porcupine.org (Wietse Venema) wrote:
Charles Marcus:
We are set up for performance with VRFY probes and by modifying
your postfix config file so postfix will not nave a performance
issue by setting postfix option
On 08/05/2013 02:15 PM, Charles Marcus wrote:
Also - I hate to ask (it isn't your job to do their job), but could you
suggest off the top of your head what they *should* be doing? Would
properly closing all VRFY probe connections really impact performance on
their side that much - especially
On 8/4/2013 10:13 PM, Ronald F. Guilmette wrote:
In message 51ff13eb.8090...@megan.vbhcs.org,
Noel Jones njo...@megan.vbhcs.org wrote:
On 8/4/2013 8:06 PM, Ronald F. Guilmette wrote:
Does reject_non_fqdn_helo_hostname, when placed in the
smtpd_helo_restrictions, permit clients to HELO/EHLO
Dear list,
I configured postfix to use amavisd as a SMTP proxy (smtpd_proxy_filter). Now
I'd like to skip amavisd if a policy daemon called in
smtpd_recipient_restrictions returns OK.
Has anyone any idea how to accomplish this?
As far as I unterstood postfix' restrictions there is no final OK
On Mon, Aug 05, 2013 at 02:49:49PM +0200, Franz Schwartau wrote:
I configured postfix to use amavisd as a SMTP proxy
(smtpd_proxy_filter). Now I'd like to skip amavisd if a policy
daemon called in smtpd_recipient_restrictions returns OK.
Has anyone any idea how to accomplish this?
If the
On 8/5/2013 3:16 AM, Ronald F. Guilmette wrote:
In message 51ff2ad2.2080...@hardwarefreak.com,
Stan Hoeppner s...@hardwarefreak.com wrote:
BTW, if you want to maximize potential hits on RHSBLs just short of
doing body checks, you may want to give Sahil Tandon's TCP server based
RHSBL
On 8/5/2013 7:15 AM, Charles Marcus wrote:
On 2013-08-04 7:30 PM, wie...@porcupine.org (Wietse Venema)
wie...@porcupine.org (Wietse Venema) wrote:
Charles Marcus:
We are set up for performance with VRFY probes and by modifying
your postfix config file so postfix will not nave a performance
On 2013-08-05 9:21 AM, Noel Jones njo...@megan.vbhcs.org wrote:
Set those three limits to 100 or higher. Those controls are
intended to prevent random clients from wasting your time. Since
you don't allow connections from random clients, it's safe to
increase them.
# main.cf
On 08/05/2013 02:35 AM, Sam Flint wrote:
I hve an alias to a command defined in my /etc/aliases file, anytime I
send to it, I get this error:
|postman...@flintfam.org (expanded from postman...@flintfam.org): user
unknown
You are apparently *piping* a copy to a /recipient/.
This does not
On 8/5/2013 9:09 AM, Charles Marcus wrote:
On 2013-08-05 9:21 AM, Noel Jones njo...@megan.vbhcs.org wrote:
Set those three limits to 100 or higher. Those controls are
intended to prevent random clients from wasting your time. Since
you don't allow connections from random clients, it's safe
On 2013-08-05 10:53 AM, Noel Jones njo...@megan.vbhcs.org wrote:
I don't suppose an open idle connection from an somewhat authorized
client will bother anything, so just go with it.
Ok - and by 'go with it', you mean just adjust the settings per your
last email and be done with it, right?
I
On 8/5/2013 10:30 AM, Charles Marcus wrote:
On 2013-08-05 10:53 AM, Noel Jones njo...@megan.vbhcs.org wrote:
I don't suppose an open idle connection from an somewhat authorized
client will bother anything, so just go with it.
Ok - and by 'go with it', you mean just adjust the settings per
In message 51ff9e18.9050...@megan.vbhcs.org,
Noel Jones njo...@megan.vbhcs.org wrote:
I use a pcre table to reject any HELO that starts with a bracket or
looks like an IP. Legit hosts that use this form are very rare here
-- maybe one every couple years.
...
There is no built-in postfix
Noel Jones:
On 8/5/2013 10:30 AM, Charles Marcus wrote:
On 2013-08-05 10:53 AM, Noel Jones njo...@megan.vbhcs.org wrote:
I don't suppose an open idle connection from an somewhat authorized
client will bother anything, so just go with it.
Ok - and by 'go with it', you mean just adjust
On 8/5/2013 12:54 PM, Ronald F. Guilmette wrote:
In message 51ff9e18.9050...@megan.vbhcs.org,
Noel Jones njo...@megan.vbhcs.org wrote:
I use a pcre table to reject any HELO that starts with a bracket or
looks like an IP. Legit hosts that use this form are very rare here
-- maybe one every
In message 51fff9c5.9070...@megan.vbhcs.org,
Noel Jones njo...@megan.vbhcs.org wrote:
No. Here, near-zero legit clients use bracketed HELO. Looks as if
I've whitelisted 2 clients in the last ~5 years (I see one of them
has fixed their HELO sometime since then). That's close enough to
zero for
On 8/5/2013 4:16 PM, Ronald F. Guilmette wrote:
I see zero value in testing to see if the HELO IP is forged, since
using any IP seems to be a very strong spambot indicator.
OK. Works for me! I just wish that it wasn't necessary to
have to run an external PCRE to catch it, and that the
This attempts to clarify the description for
reject_non_fqdn_helo_hostname. There seems to be end-user confusion
about whether this feature should also reject address literals,
which of course it is not intended to.
*** proto/postconf.protoWed Jul 10 19:01:20 2013
---
In message 520023b2.1070...@megan.vbhcs.org,
Noel Jones njo...@megan.vbhcs.org wrote:
On 8/5/2013 4:16 PM, Ronald F. Guilmette wrote:
I see zero value in testing to see if the HELO IP is forged, since
using any IP seems to be a very strong spambot indicator.
OK. Works for me! I just
On 8/5/2013 9:09 AM, Charles Marcus wrote:
On 2013-08-05 9:21 AM, Noel Jones njo...@megan.vbhcs.org wrote:
Set those three limits to 100 or higher. Those controls are
intended to prevent random clients from wasting your time. Since
you don't allow connections from random clients, it's safe
Hi all,
I'm trying to move my maildirs to a non-standard location (trying to
balance disk activity) and there's something I think I'm missing. Here's
what I tried:
home_mailbox = /Maildir/$user/
But when I ran 'postfix check' it said, several times:
/usr/bin/postconf: warning:
26 matches
Mail list logo