On 7/1/2014 11:18 AM, Wietse Venema wrote:
Narcis Garcia:
How can I check in some manner that some of these parameters is working?
reject_rbl_client
reject_rhsbl_reverse_client
reject_rhsbl_helo
reject_rhsbl_sender
How can WE check that you have configured them properly?
It is
On 7/1/2014 2:21 PM, Narcis Garcia wrote:
if I run mail command or swaks, they both make Postfix to send with SMTP
from 127.0.0.1 or public IP. Never 127.0.0.2
Can I tell Postfix to make 1 mail sending from 127.0.0.2 ?
If so, I suppose the SMTP service listening at TCP/25 will receive the
On 6/27/2014 3:53 AM, Klaipedaville on Google wrote:
...
Now my postfix always warns me due to this generic rDNS of my ISP.
Postfix says, hostname verification errors in FCrDNS:
Does not resolve to address
123.45.67.8123-45-67-8.my.isp.com
You should only see these warnings for
On 6/10/2014 1:24 AM, Michael Tokarev wrote:
10.06.2014 05:02, Stan Hoeppner wrote:
...
Yes. And if you have other separate smtpd_foo_restrictions sections you
should move those restriction parameters under
smtpd_recipient_restrictions as well. This will give you precise
control over
On 6/10/2014 3:39 PM, Wietse Venema wrote:
Kai Krakow:
BTW: In this context, what's the best approach to put mailboxes on a
separate machine? Let the LDA drop mails into NFS mounts, or let postfix
transport the mails via transport_map into a machine which hosts the LDA
(dovecot in our
On 6/9/2014 7:12 PM, Ronald F. Guilmette wrote:
I really should have figured this out ages ago, but...
Quite simply, there exits a small number of organizations that
run afoul of my various smtpd_recipient_restrictions and/or my
smtpd_helo_restrictions, but from which I need to be able to
On 5/3/2014 9:48 PM, post...@nisny.com wrote:
...
I am clueless as to why telnet would receive a correct response but
Postfix not.
I know see this is not necessarily a Postfix issue but not sure what the
next step would be, so if anyone can offer guidance it would be
appreciated.
The
On 5/4/2014 3:02 AM, Stan Hoeppner wrote:
...
1. Create relay transports for the problem domains and limit
concurrency to those domains, until your sender reputation with Akamai
has increased to the point they allow parallel deliveries.
2. Contact the Akamai hostmaster and inquire
Scratch my previous suggestion as it was obviously not the correct
solution. Read on.
On 5/4/2014 9:01 AM, post...@nisny.com wrote:
On , wie...@porcupine.org wrote:
post...@nisny.com:
There were several attempts from postfix to connect to 6 different mx
servers to deliver one email. They
On 5/3/2014 7:54 AM, post...@nisny.com wrote:
On , wie...@porcupine.org wrote:
...
relay=mx4.icloud.com.akadns.net[17.172.34.67]:25, delay=177,
delays=0.3/0.01/177/0, dsn=4.4.2, status=deferred (lost
connection with mx4.icloud.com.akadns.net[17.172.34.67] while receiving
the initial server
On 5/2/2014 6:07 AM, Wietse Venema wrote:
Stan Hoeppner:
swl.spamhaus.org*-4
list.dnswl.org=127.[0..255].[0..255].0*-2
list.dnswl.org=127.[0..255].[0..255].1*-3
list.dnswl.org=127.[0..255].[0..255].[2..255]*-4
Consolidate these last 3 to something like
On 5/1/2014 8:15 PM, Alex wrote:
...
These are both corporate 10mbs dedicated links and I don't think latency
and/or bandwidth is a problem.
The problem, if network related, will be UDP packet loss somewhere in
the end-to-end path, not b/w or latency on the CPE link into the
provider's net.
On 4/14/2014 4:01 AM, li...@rhsoft.net wrote:
Am 14.04.2014 05:20, schrieb Stan Hoeppner:
Clearly I was responding specifically to 'what is hard about making them
match', which is why I snipped the rest. If one controls PTR it's easy
to make all 3 match. When one does not control PTR
On 4/12/2014 3:03 PM, li...@rhsoft.net wrote:
but on the other what is that hard to have HELO/PTR/A matching?
This has been asked and answered multiple times on this list. The short
answer is that customers of some ISPs do not have control of rDNS. For
a more thorough discussion of this topic
On 4/13/2014 8:38 AM, Robert Schetterer wrote:
Am 13.04.2014 10:34, schrieb Stan Hoeppner:
On 4/12/2014 3:03 PM, li...@rhsoft.net wrote:
but on the other what is that hard to have HELO/PTR/A matching?
This has been asked and answered multiple times on this list. The short
answer
On 3/26/2014 10:46 AM, Viktor Dukhovni wrote:
On Wed, Mar 26, 2014 at 08:57:54AM -0500, deoren wrote:
On March 21st I noticed these entries in my mail log and I'm not able to
pinpoint the source of the trouble:
warning: x.x.x.x.b.barracudacentral.org: RBL lookup error: Host or domain
name
On 3/4/2014 7:03 AM, Alessandro Vesely wrote:
On Mon 03/Mar/2014 14:50:07 +0100 Stan Hoeppner wrote:
On 2/28/2014 5:16 AM, Alessandro Vesely wrote:
On Thu 27/Feb/2014 15:00:31 +0100 Wietse Venema wrote:
- Write a tool that TRANSFORMS fqrdns.pcre.txt so that it can be
used by a different
On 2/28/2014 5:16 AM, Alessandro Vesely wrote:
On Thu 27/Feb/2014 15:00:31 +0100 Wietse Venema wrote:
...
Besides USING Postfix source code, there are other options:
- Write a tool that TRANSFORMS fqrdns.pcre.txt so that it can be
used by a different mail system. That would immediately make
On 11/13/2013 2:34 AM, naser sonbaty wrote:
Hi,
I need help with postfix regexp in header_checks.
I want discard all emails(any domain) from admin@
I use following:
/^(To|From|Cc|Reply-To): admin@(.*)/DISCARD
but its not working
Tests fine here:
$ cat test.regexp
On 11/13/2013 5:38 AM, Wijatmoko U. Prayitno wrote:
On Wed, 13 Nov 2013 05:52:28 -0500
Paul C contac...@afcommerce.com wrote:
ip and helo name do not match google. I don't use those content filters to
know enough to tell you what to do, but that's why the emails are getting
in. I'd be
On 11/13/2013 11:16 AM, Steffan A. Cline wrote:
I asked this under a thread but am asking again in its own thread to see
if I get better visibility.
Does anyone know of any good bleeding edge postfix repos?
http://postfix.wl0.org/en/available-packages/
Postfix 2.9 for RHEL 5/6, which also
On 11/14/2013 12:41 AM, Viktor Dukhovni wrote:
On Thu, Nov 14, 2013 at 12:32:45AM -0600, Stan Hoeppner wrote:
In recent years CPUs have become so blindingly fast it makes no
difference. Any excess cycles burned by a non anchored regex were idle
cycles anyway. There are good arguments
On 11/8/2013 4:05 AM, li...@rhsoft.net wrote:
there are only rare situations where a chrooted postfix
makes sense and so they should not making a problematic
default which gains nothing on 999 out of 1000 setups
The reason for chrooting Postfix is due to a Debian policy established
lng
On 11/7/2013 5:53 AM, Simon Loewenthal wrote:
Damned chroot now turned off, and lookups now work like they should have
done :D
The default Postfix chroot environment in Debian 6 Squeeze works fine
out of the box, as did Lenny. You have to go back to Etch or Sarge to
find it broken. I'd
On 11/7/2013 7:52 PM, Roman Gelfand wrote:
Wouldn't the server be chosen round robin as opposed to random?
This would require too much complex code for what is a simple Postfix
operation. Your example is poor man's round robin. That's the best
Postfix can do without serious code changes. But
On 11/6/2013 2:46 AM, Ian Evans wrote:
About three days into my postfix/postgrey experience after migrating from
qmail. Enjoying it.
Of course, like a new dad, I'm sitting here watching the logs. For the last
two hours I've been getting postfix/smtpd: lost connection after RSET from
On 11/4/2013 3:54 PM, Noel Jones wrote:
On 11/4/2013 1:42 PM, inteq wrote:
Hello
For some time now I was wondering why some of my pflogsumm emails were not
received.
Digging deeper into the problem today, I can see the emails are being
blocked by Postfix because it contains a virus.
Nov
On 11/5/2013 12:15 AM, George Adams wrote:
We're using Postfix 2.1.5 on an old Debian 5 Linux system
...
If Postfix 2.1.5 then your Debian install is MUCH older than Lenny
(Debian 5). IIRC Lenny shipped w/Postfix 2.5.5 and Etch shipped
w/2.3.8. Which means you're running Sarge (3.1) or older.
On 10/31/2013 12:19 PM, John Allen wrote:
Which is better, to put the various restrictions with the appropriate
smtpd__restriction stanzas, or to put them all into the
smtpd_recipient_restrictions stanza. I am assuming that
smtpd_delay_reject is yes.
I have always assumed that putting
On 10/20/2013 3:28 AM, Wijatmoko U. Prayitno wrote:
On Sun, 20 Oct 2013 06:50:07 +0300
Merve Temizer mervet2...@gmail.com wrote:
What is the most appropriate way to save mails into a
database that i built before. I mean, i have a custom
Use dbmail (www.dbmail.org)..
dbmail isn't
On 10/18/2013 3:17 PM, Dominik George wrote:
Patrick Ben Koetter p...@sys4.de schrieb:
As a basic principle: Postfix routes and filters message transport, but
it
doesn't deal with the details of mailbox management etc.
Huh?
http://www.postfix.org/postconf.5.html#mailbox_size_limit
On 10/15/2013 4:02 AM, Chad Elliott wrote:
Make sure you understand address classes.
We are not a virtual mailbox domain, we are a virtual alias domain
because we use UNIX accounts for the few mailboxes we have, ...
Noel is correct. You're broken. And you are using
virtual_mailbox_domains.
On 10/15/2013 7:31 AM, Stan Hoeppner wrote:
This should have read:
/etc/postfix/shield_acct_names
mrwh...@breakingbad.com REJECT unknown user
jes...@breakingbad.com REJECT unknown user
g...@breakingbad.comREJECT unknown user
--
Stan
On 10/13/2013 7:43 AM, Dominik George wrote:
Just read pine.bsm.4.64l.1310010843490.20...@herc.mirbsd.org.
It was posted to the list, so you will have received it, and any
reasonable MUA can search for it.
Then Thunderbird is not a reasonable MUA, even though it's the 2nd or
3rd most widely
On 10/13/2013 8:35 AM, Dominik George wrote:
It was posted to the list, so you will have received it, and any
reasonable MUA can search for it. Giving publlicm essage IDs is a
perfectly valid way of pointing to a message on a list.
The string 'Pine.BSM.4.64L.1310010843490.20824' does not
On 10/13/2013 1:12 PM, Dominik George wrote:
On Sun, Oct 13, 2013 at 01:09:52PM -0500, Stan Hoeppner wrote:
On 10/13/2013 8:35 AM, Dominik George wrote:
It was posted to the list, so you will have received it, and any
reasonable MUA can search for it. Giving publlicm essage IDs is a
perfectly
On 10/10/2013 4:30 AM, lst_ho...@kwsoft.de wrote:
Zitat von Daniele Nicolodi dani...@grinta.net:
Hello,
recently I've see some emails from the postfix mailing list being marked
as possible spam by Spamassassin. Investigating which rule caused the
problem I found that dbl.spamhaus.org
of spam.
I established this earlier. Your generous use of scissors in your reply
to that message suggests you didn't read it. Here it is again.
On 10/10/2013 5:06 AM, Stan Hoeppner wrote:...
~$ whois master.cf
This TLD has no whois server.
http://en.wikipedia.org/wiki/.cf
Central African
On 10/8/2013 3:08 PM, li...@sbt.net.au wrote:
On Tue, October 8, 2013 4:44 pm, Stan Hoeppner wrote:
...
Understood. For a more permanent solution to this script problem, you
may want to consider locking down or disabling the pickup service, and
configuring all web applications and MUAs to use
On 10/8/2013 7:15 PM, li...@sbt.net.au wrote:
On Wed, October 9, 2013 10:41 am, Stan Hoeppner wrote:
On 10/8/2013 3:08 PM, li...@sbt.net.au wrote:
Stan, Michael and other who responded, thanks
Others responded with some good ideas here, mostly locking down PHP
itself so it can't use
On 10/7/2013 12:25 PM, Jim Reid wrote:
On 7 Oct 2013, at 18:15, Erwan David er...@rail.eu.org wrote:
Google is really rejecting emails in IPv6 because of a lack of PTR...
If that's the case, good. Just do The Right Thing and arrange a valid PTR for
the IPv6 address that speaks SMTP. This
On 10/7/2013 9:10 PM, li...@sbt.net.au wrote:
On Tue, October 8, 2013 11:31 am, Simon B wrote:
On 8 Oct 2013 01:54, Voytek li...@sbt.net.au wrote:
spam from many.na...@adomain.tld, how best to prevent any outbound mails
from adomain.tld till I can look at this?
Postfix stop
Then post
On 10/7/2013 11:19 PM, li...@sbt.net.au wrote:
On Tue, October 8, 2013 3:02 pm, Stan Hoeppner wrote:
On 10/7/2013 9:10 PM, li...@sbt.net.au wrote:
Without the log entries Simon asked for we can't do anything more to
help you, as we don't know how the spam is being injected. Please provide
On 10/6/2013 1:46 AM, m...@jama.is wrote:
Hi all,
I tried to install spamassassin as a postfix content filter. It did not work
well, so I deactivated it. I am now having a couple of undelivered messages
pending in DEFERRED which have in the header contentfilter: spamfilter set.
postcat
On 10/4/2013 2:29 AM, nik600 wrote:
Virus, botnet and user's bad policies about password allows many 3rd party
entities to stole passwords, in the last month i've experienced a grows of
hacked users, and in some case many spam messages are sent from my servers
before i can block the user.
Hello Azur,
On 9/20/2013 12:45 PM, DTNX Postmaster wrote:
Has it occurred to you that the reason lots of your users enable
forwarding to Gmail may be the fact that you accept everything? And
that they are essentially using Gmail as the spam filter they need
because of this?
Joni makes a
On 9/18/2013 4:27 AM, Emmanuel Fusté wrote:
Le 18/09/2013 05:40, Viktor Dukhovni a écrit :
On Wed, Sep 18, 2013 at 01:00:48PM +1000, li...@sbt.net.au wrote:
Return-Path: bayedfresc...@reuters.com
...
Received: from p2p (unknown [124.11.170.87])
by geko.domain.tld (Postfix) with SMTP
On 9/18/2013 8:09 AM, li...@sbt.net.au wrote:
On Wed, September 18, 2013 2:54 pm, Stan Hoeppner wrote:
On 9/17/2013 10:40 PM, Viktor Dukhovni wrote:
reject_non_fqdn_sender, reject_non_fqdn_recipient,
reject_invalid_hostname, reject_non_fqdn_hostname,
This should have blocked the example
On 9/18/2013 9:07 AM, Wietse Venema wrote:
Stan Hoeppner:
for other users, the old-syntax was working, now updated
That's strange. Usually when new syntax is introduced the old syntax is
removed and no longer works. 2.3 - 2.6 seems a rather long grace
period. Does the pre 2.3 syntax still
On 9/18/2013 6:50 PM, Voytek wrote:
Stan Hoeppner s...@hardwarefreak.com wrote:
On 9/18/2013 9:07 AM, Wietse Venema wrote:
Stan Hoeppner:
for other users, the old-syntax was working, now updated
That's strange. Usually when new syntax is introduced the old
syntax is
removed and no longer
On 9/17/2013 5:08 AM, Rowland Onobrauche wrote:
...
Thanks to all that contributed to a possible resolution. I have decided to
allow the attachments and leave them to mailscanner to filter/quarantine as
some we are receiving are actually legit attachments.
At least if they are quarantined, i
On 9/17/2013 10:40 PM, Viktor Dukhovni wrote:
On Wed, Sep 18, 2013 at 01:00:48PM +1000, li...@sbt.net.au wrote:
...
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_invalid_hostname,
reject_non_fqdn_hostname,
This should have blocked the example message, but did not. Why?
On 9/12/2013 9:45 PM, Jorgen Lundman wrote:
Hello all,
Talking about the customer outgoing SMTP servers, where customers
connect and are forced to SMTPAuth before they can send mail out to the
Internet. We use LDAP for SMTPAuth verification.
Occasionally, a customer account is
On 9/6/2013 9:05 AM, Wietse Venema wrote:
Wijatmoko U. Prayitno:
On Fri, 06 Sep 2013 16:43:27 +0300
wiseadmin wisead...@gmail.com wrote:
and the same message from postfix logs:
/var/log/mail.log.1:Sep 5 17:10:06 cma postfix/pickup[17510]: A3E8C10BADF:
uid=1018 from=stronges...@google.com
On 9/1/2013 7:04 PM, LuKreme wrote:
On 01 Sep 2013, at 15:35 , Noel Jones njo...@megan.vbhcs.org wrote:
If you want your HELO to be consistent regardless of which IP is
used, use a separate hostname that points to both A records.
mail.example.com A A.A.A.A
mail.example.com A B.B.B.B
On 9/1/2013 6:57 PM, Roman Gelfand wrote:
On every machine, at different locations, I have tried dig -x ip
address and it works correctly.
I have 4 messages stuck in a queue which are complaining about the
very thing that works.
refused to talk to me: 451 Sender's ISP has no reverse DNS
On 8/30/2013 10:12 AM, Terry Gilsenan wrote:
I am not talking about implementing SMTP on UDP, I am taking about the
possibility of adding a side-channel for bulk data that would use UDP.
I'm really surprised nobody has mentioned this yet. It seems there's a
far simpler solution to the
On 8/27/2013 5:01 PM, Jeroen Geilman wrote:
On 08/25/2013 08:11 PM, Niclas Arndt wrote:
Sorry if this is slightly off-topic, but at least a bunch of experts
are listening.
I am using Spamhaus (and other methods) and over time I have amassed a
list of IP ranges that (according to Spamhaus)
On 8/27/2013 6:34 PM, John Allen wrote:
On 27/08/2013 6:09 PM, Jeroen Geilman wrote:
A simpler way to do that would be to not put these networks in
mynetworks.
If I remember correctly the question was how do I stop local users using
port 25, while allowing them to access port 587. I felt
On 8/26/2013 10:24 PM, John Allen wrote:
I based it something that Noel Jones wrote way back in 2008.
I doubt that Noel suggested anything like this.
Create a file of the networks you wish to deny access to eg.
“Deny_Mynetworks_Access” the content of which will be the same networks
as those
On 8/24/2013 1:18 PM, LuKreme wrote:
On 22 Aug 2013, at 21:28 , Stan Hoeppner s...@hardwarefreak.com wrote:
~$ wget http://ipdeny.com/ipblocks/data/countries/us.zone
~$ sed 's/$/ OK/g' us.zone us.cidr
~$ cp us.cidr /etc/postfix
~$ postfix reload
and you're off to the races
On 8/22/2013 6:51 AM, Charles Marcus wrote:
The simple fact is, we do not have any users based *anywhere* but the
US, so, is what is the simplest way to block any/all non-US based client
connections on my submission port?
Use the us.zone ipdeny file to build a CIDR table to accept any US
On 8/22/2013 9:57 AM, Stan Hoeppner wrote:
On 8/22/2013 6:51 AM, Charles Marcus wrote:
The simple fact is, we do not have any users based *anywhere* but the
US, so, is what is the simplest way to block any/all non-US based client
connections on my submission port?
Use the us.zone ipdeny
On 8/20/2013 1:04 AM, Jimmy Stewpot wrote:
Hello,
I have recently done a deployment of Postfix 2.10. It seems that the
behaviour of postfix has changed slightly in the way that it handles the
content_filter variables in the configuration file. We are using
content_filter to pass through
On 8/20/2013 3:06 AM, Grant wrote:
Has anyone had a confirmed false positive with zen.spamhaus.org ?
http://lmgtfy.com/?q=spamhaus+false+positive
--
Stan
On 8/16/2013 12:56 AM, Rob Tanner wrote:
I've googled around a quite a bit and while I can find lots of instruction on
what I need in order for Postfix to validate incoming mail, I find nothing
about what I need to do to make sure Postfix does whatever it needs to do to
make sure the MTA
On 8/13/2013 7:43 AM, Philippe Bloix wrote:
I would like to set a limit rate per domain. I know i can use
« destination_rate_delay » and it works ! The problem is that the minimum
period is 1s. It permits to send 1 email per domain per second .
If i want to send for example 5 emails per
On 8/14/2013 7:14 AM, Philippe Bloix wrote:
Thanks for your response
I'm not a spammer :-), i'm working in a telecom firm where we send emails
to our customers.
Ok, so you're a telecom company and the receivers in question are your
customers.
In fact, it's not easy to contact some
On 8/14/2013 10:12 AM, Philippe Bloix wrote:
Of course it's easy to contact our customers!
But in some cases, it can be difficult to contact the mail provider of our
customers in order to ask to belong to their whitelist...
If this is truly the case and this is legitimate transactional mail,
On 8/5/2013 2:52 AM, Ronald F. Guilmette wrote:
Actually, having adjusted my smtpd_recipient_restrictions rather
dramatically today, and looking now at the day's maillog file,
I think that I am entirely less sure that the problem is what
I said it was earlier. I am now getting at least
On 8/5/2013 6:16 PM, Ronald F. Guilmette wrote:
In message 520023b2.1070...@megan.vbhcs.org,
Noel Jones njo...@megan.vbhcs.org wrote:
OK. Works for me! I just wish that it wasn't necessary to
have to run an external PCRE to catch it, and that the
PCRE tables don't run externally. They're
On 8/6/2013 1:57 AM, The_Ace wrote:
On Tue, Aug 6, 2013 at 10:10 AM, David Benfell dbenf...@gmail.com wrote:
Hi all,
I'm trying to move my maildirs to a non-standard location (trying to balance
disk activity) and there's something I think I'm missing. Here's what I
tried:
home_mailbox =
On 8/5/2013 9:09 AM, Charles Marcus wrote:
On 2013-08-05 9:21 AM, Noel Jones njo...@megan.vbhcs.org wrote:
Set those three limits to 100 or higher. Those controls are
intended to prevent random clients from wasting your time. Since
you don't allow connections from random clients, it's safe
On 8/4/2013 9:54 PM, Noel Jones wrote:
On 8/4/2013 8:06 PM, Ronald F. Guilmette wrote:
...
Also, I have just added all of the following to my
smtpd_recipient_restrictions:
reject_rhsbl_reverse_client multi.surbl.org
reject_rhsbl_reverse_client multi.uribl.com
On 8/4/2013 10:13 PM, Ronald F. Guilmette wrote:
In message 51ff13eb.8090...@megan.vbhcs.org,
Noel Jones njo...@megan.vbhcs.org wrote:
On 8/4/2013 8:06 PM, Ronald F. Guilmette wrote:
Does reject_non_fqdn_helo_hostname, when placed in the
smtpd_helo_restrictions, permit clients to HELO/EHLO
On 8/4/2013 10:13 PM, Ronald F. Guilmette wrote:
Do I need to use that if I want to perform RHSBL checks?
BTW, if you want to maximize potential hits on RHSBLs just short of
doing body checks, you may want to give Sahil Tandon's TCP server based
RHSBL header checker a spin. It grabs domains
On 7/29/2013 2:16 PM, motty cruz wrote:
Thank you Mr. Wietse,
I added spamcop to my rbl since to be holding the line for now.
Motty, note that using bl.spamcop.net for direct rejection is
discouraged by the Spamcop team. The chance of FPs is pretty high with
this DNSBL. It is recommended that
On 7/25/2013 11:53 AM, Roman Gelfand wrote:
I am using postfix as outgoing mail gateway. Outside of non-delivery
notification, is there a way to produce a report of email addresses
and the reason for the bounce of all emails, that were, in conclusion,
rejected.
I believe the Logwatch Postfix
Wietse:
Turn OFF postscreen chroot in master.cf asn indicated with :
smtp inet n - n - 1 postscreen
Phil:
At present in master.cf I have:
smtp inet n - n - - smtpd
Phil do you see the discrepancy
On 7/19/2013 5:11 PM, Sam Flint wrote:
Sorry, Gmail.
I'm testing by attempting to connect with my android tablet
Ok, so this is the real problem you're trying to solve. You believe you
cannot connect to Postfix with the Android tablet, correct?
What operation are you performing that is
On 7/18/2013 7:44 AM, Roman Gelfand wrote:
would you have more info on this, as far as, how to go about researching this?
What is left to research? The remote host told you the address doesn't
exist. What more do you need to know?
What is the -real- problem you are wanting to solve Roman?
On 7/17/2013 6:28 PM, Roman Gelfand wrote:
I am trying to send out a message my server and getting an error below
from my server
550 #5.1.0 Address rejected. (in reply to RCPT TO command))
Is it this server that is rejecting this email or target server? Why?
Not enough information. Show
On 7/17/2013 9:58 PM, Roman Gelfand wrote:
relay=smtp.secureserver.net[216.69.186.201]:25, delay=10,
delays=0.08/0.01/10/0.16, dsn=5.0.0, status=bounced (host
smtp.secuaid: 550 #5.1.0 Address rejected. (in reply to RCPT TO
command))
Your Postfix relayed the msg to smtp.secureserver.net,
On 7/15/2013 3:35 PM, Viktor Dukhovni wrote:
Unfortunately there are not a lot of development cycles for adding
a decent SNI implementation to Postfix.
I have no time for this.
And this is precisely why an entire VPS industry has sprouted over the
past few years. As someone stated down
On 7/13/2013 11:02 PM, Roman Gelfand wrote:
What setting determines how long postfix should attempt to deliver an
email if target server is not available?
http://www.postfix.org/postconf.5.html#bounce_queue_lifetime
http://www.postfix.org/postconf.5.html#maximal_queue_lifetime
Will this
On 7/7/2013 4:29 PM, Fred Zinsli wrote:
I have primary and secondary MX servers, but my secondary server is on
cable. My primary server is on the backbone.
How can I configure my primary server to accept connections/mail from the
secondary server but still refuse connections/mail from all
On 6/30/2013 3:12 AM, LuKreme wrote:
When reject_unknown_client_hostname triggers on an NXDOMAIN it returns a 550
error, which is great. When it triggers because there is no PTR record, it
returns a 450 error, which is also great… except.
What I see is servers that connect hundreds of
On 6/28/2013 12:31 PM, John Fawcett wrote:
One type of connection which I cannot block in fail2ban are clients that
try the AUTH command on port 25, where I have disabled it. I got 245
connections this morning in the space of 5 minutes and those are the
ones that got through despite the
On 6/29/2013 7:15 AM, Wietse Venema wrote:
T?ssio Fechine:
What!? How the user running the client library affects DNS response? This
makes no sense.
This is a frequent problem with novice system administrators
who mess up file or directory access permissions.
If a program doesn't run as
On 6/22/2013 4:10 PM, Wietse Venema wrote:
I agree with Viktor's description:
/etc/postfix/main.cf:
# The domain that users are aliased to:
mydestination = localhost localhost.$mydomain
# The domain in DNS that you receive mail for:
vitual_alias_maps = example.com
On 6/22/2013 6:13 AM, Craig R. Skinner wrote:
...
Stan's idea of a plain canonical domain rejecting specific Unix
accounts via smtpd_recipient_restrictions check_recipient_access
reject_system_accounts.map works.
Everyone whose replied in this thread knows and understands aliasing
much better
On 6/19/2013 1:37 PM, Craig R. Skinner wrote:
On 2013-06-19 Wed 10:55 AM |, Stan Hoeppner wrote:
I'm anything but an expert in this particular area of Postfix, but I
think the problem is that Craig is trying to use virtual_alias_maps when
he should probably just be using the local aliases
On 6/19/2013 6:11 AM, Craig R. Skinner wrote:
I'm setting up Postfix for a domain that hosts Dovecot IMAP mail dirs
for real Unix accounts. Postfix needs to accept mail for users' public
aliases, but not their Unix login, and reject mail for daemon accounts.
e.g:
joe.blo...@example.com
On 6/19/2013 10:16 AM, Wietse Venema wrote:
Craig R. Skinner:
On 2013-06-19 Wed 06:51 AM |, Stan Hoeppner wrote:
On 6/19/2013 6:11 AM, Craig R. Skinner wrote:
What happens when you try
mydestination =
That's something I didn't think of trying.
Either blank, or with localhost:
status
On 6/18/2013 11:19 AM, Steve Jenkins wrote:
A good reminder that we often try to over-complicate things, and that the
simplest answer is often the best. :)
You mean like using SMTP for a job best handled by SNMP or syslog? ;)
IIRC both are supported by the Gen 1 APC net cards.
And given your
On 6/18/2013 11:43 AM, Steve Jenkins wrote:
That STILL sounds less simple than those four lines, but you make an
excellent point, Stan (as usual). I'll look into that in anticipation of
the next issue that will surely come up. :)
Well sure, quick hacks are always easy. Call me a purist, no
On 6/16/2013 12:59 PM, Viktor Dukhovni wrote:
On Sun, Jun 16, 2013 at 07:55:28AM -0500, Stan Hoeppner wrote:
Looks more like a botnet, so the connections may not in fact recur.
Quite right, it is a botnet attack. And without further logging, I'd
guess this is a DOS attack on TCP 25
On 6/14/2013 11:19 AM, Viktor Dukhovni wrote:
On Fri, Jun 14, 2013 at 06:00:37PM +0200, Simon B wrote:
On 14 June 2013 17:44, c cc sub...@gmail.com wrote:
Hi,
For the last few days, I noticed that our postfix server had crawl to a halt
due to some kind of email attack. As you can see
On 6/9/2013 12:00 PM, Viktor Dukhovni wrote:
On Mon, Jun 10, 2013 at 01:17:19AM +1000, Nikolas Kallis wrote:
Is using 'reject_non_fqdn_helo_hostname' and
'reject_invalid_helo_hostname' even neccessary when using
'reject_unknown_helo_hostname'?
You seem to have decided that the client HELO
Nikolas, please do not reply off-list. Always reply to the list unless
there is a good reason not to (such as a shouting argument with another
user, a thread drifts wildly off topic, you are asked to, etc).
On 6/7/2013 11:20 PM, Nikolas Kallis wrote:
On 08/06/13 14:09, Stan Hoeppner wrote
1 - 100 of 1223 matches
Mail list logo