Wietse Venema put forth on 11/24/2010 6:18 AM:
> That's 0.5 seconds to read the table once, and milliseconds to query it.
Is it? I must be misreading this then. But it sure looks like each
query is taking over half a second.
Table has 67669 CIDRs:
[r...@greer]/etc/postfix/cidr_files$ time pos
Avinash Pawar // Viva put forth on 11/24/2010 4:48 AM:
> Hi,
>
> I want to put throttling in postfix.
>
> Throttling can be of two types :
>
> 1. Domain wise throttling (i.e. postfix should sent only 10 mails to
> gmail.com and 20 to yahoo.com at a time)
> 2. On hour basis throttling (i.e. postf
Gary Smith put forth on 11/23/2010 11:47 PM:
>> "My general advice WRT to VPS/colo/hosting outfits such as Softlayer,
>> Limestone, Sharktech, Hostnoc, Colocation America, Colo4, SingleHop,
>> Liquid Web, ServePath, GigeNet, WholeSale Internet, FDCservers,
>> CarolinaNet, Hurricane Electric, et al
Victor Duchovni put forth on 11/23/2010 11:05 PM:
> On Tue, Nov 23, 2010 at 10:04:47PM -0600, Stan Hoeppner wrote:
>
>> I'm guessing the
>> latency is actually higher when smtpd queries proxymap than when timing
>> postmap -q. Is this the case?
>
> Not ne
Gary Smith put forth on 11/23/2010 2:17 PM:
> I've been using the same IP's for years but I'm moving all my equipment to a
> new facility in the coming days. Is there a checklist of things that you
> guys suggest when setting up mail servers on a brand new range?
>
> I'm expecting to setup 5 IP
Wietse Venema put forth on 11/23/2010 6:57 PM:
> Victor Duchovni:
>> On Tue, Nov 23, 2010 at 07:35:49PM -0500, Wietse Venema wrote:
>>
>>> Victor Duchovni:
>>>> On Tue, Nov 23, 2010 at 05:20:11PM -0600, Stan Hoeppner wrote:
>>>>
>>>>&g
Victor,
Would you please give us the run down on why these map types (and maybe
others) shouldn't be used with proxymap due to performance reasons? You
mentioned something about this long ago but I can't seem to locate that
email in my archives. IIRC you didn't go into much technical detail as
t
Rich Shepard put forth on 11/21/2010 9:56 AM:
> Recently I upgraded to postfix-2.7.1. Something changed in the pflogsumm
> reporting system because now each day's report appears to accumulate for
> the
> entire week before resetting. It used to report for only the previous day's
> maillog, which
Please keep messages on list. ;)
Cameron Smith put forth on 11/19/2010 1:37 PM:
> The public IP of the NAT appliance is the only public IP and all web traffic
> and outbound mail traffic rout through this point so the DNS A record for
> the Postfix Mail gateway has been made to match that IP for
Cameron Smith put forth on 11/19/2010 11:13 AM:
> I have a Postfix mail gateway behind a security appliance.
> The mail gateway has a published public IP of the security appliance.
>
> On all my Postfix servers I am routing mail for root to an off network email
> address using an entry in /etc/ali
Victor Duchovni put forth on 11/18/2010 12:52 PM:
> This filter is too fragile IMHO. My best advice is to find filters that
> detect spam.
I think you've missed some of my previous posts regarding my spam
filtering setup. I kill about 99.5+% of it at SMTP time, without
resorting to body filters
Noel Jones put forth on 11/18/2010 7:24 AM:
> On 11/18/2010 12:49 AM, Stan Hoeppner wrote:
>> Victor Duchovni put forth on 11/17/2010 11:53 PM:
>>> On Wed, Nov 17, 2010 at 06:28:21PM -0600, Stan Hoeppner wrote:
>>>>
>>>> Does anyone have a header_ch
Matthias Andree put forth on 11/18/2010 4:23 AM:
> Am 18.11.2010 01:28, schrieb Stan Hoeppner:
>> Subject:
>> =?iso-8859-1?Q?Le_invitamos_a_asistir_a_la_Presentaci=F3n_de_la_Oportunid?=
>>
>> =?iso-8859-1?Q?ad_de_negocio_en_ACN_Marketing_y_Servicios_de_Telecomuni
Frank Bonnet put forth on 11/18/2010 2:22 AM:
> Hello
>
> I use smtpd_sender_restrictions map to filter undesirable addresses
> actually I had manually a bunch of addresses every day.
>
> I wonder if it would be possible to do that by forwarding this SPAM to
> a "special" email address ?
>
> I m
Victor Duchovni put forth on 11/17/2010 11:53 PM:
> On Wed, Nov 17, 2010 at 06:28:21PM -0600, Stan Hoeppner wrote:
>
>> Subject:
>> =?iso-8859-1?Q?Le_invitamos_a_asistir_a_la_Presentaci=F3n_de_la_Oportunid?=
>>
>> =?iso-8859-1?Q?ad_de_negocio_en_ACN_Marketi
George Forman put forth on 11/17/2010 11:24 AM:
>
> All,
>
> We are experiencing a problem where Postfix (Using 2.6.2) continuously
> returns a 503 5.7.0 Error: access denied response.
Looks like you're also experiencing a problem with someone else gaining
access to your Hotmail account and spa
Jack put forth on 11/17/2010 11:29 AM:
> So, I'm still confused as to why it doesn't like that.
This is because you have not educated yourself as to what Classless
Inter Domain Routing notation is. To fully understand this you will be
required to convert these DECIMAL notations into BINARY notat
Chris G put forth on 11/17/2010 5:50 AM:
> That's one answer of course, thanks, for the moment I have changed my
> local DNS server so that it returns a LAN address for zbmc.eu as well as
> mws.zbmc.eu. If that causes other issues (I don't think it will) then
> I'll use the above [] syntax.
Some
Subject:
=?iso-8859-1?Q?Le_invitamos_a_asistir_a_la_Presentaci=F3n_de_la_Oportunid?=
=?iso-8859-1?Q?ad_de_negocio_en_ACN_Marketing_y_Servicios_de_Telecomunica?=
=?iso-8859-1?Q?ciones?=
Does anyone have a header_checks pcre that would allow me to reject or
discard any email with an
sunhux G put forth on 11/16/2010 1:18 AM:
> Suppose POP3 & IMAP were disabled on the MS Exchange server,
> would fetchmail still work? Sounds like it uses POP3 / IMAP protocol.
>
> So what I'm looking for is a php script to emulate this without using
> POP3/IMAP
This mailing list is for Postfix
Jay G. Scott put forth on 11/12/2010 9:55 AM:
> On Fri, Nov 12, 2010 at 02:05:16AM -0600, Stan Hoeppner wrote:
>> What anti-spam measures are you currently using?
>
> puremessage, which is a commercialized spamassassin. they supply
> an RBL.
>
> and i'm not interes
sunhux G put forth on 11/12/2010 1:18 AM:
> This routing is done by Cerberus, I can configure Cerberus to grab
> mails from any another location that support POP3
No, it's not.
> Yes, the users can be informed to send their emails to another location
This isn't a solution.
I've done my best
Jay G. Scott put forth on 11/11/2010 3:13 PM:
> ANYWAY, if i'm only allowed to do SPF, does the answer
> change?
I suggest you look into other anti-spam measures then. Greylisting has
some value, depending on the organization, far more than SPF checking.
SPF has zero value WRT fighting spam (and
sunhux G put forth on 11/10/2010 10:04 AM:
>> What we need to know is where the messages will exist, after this
>> corporate change.
> All messages will be in Cerberus after this change.
I asked the question 3 different ways hoping to get the answer I was
looking for. Unfortunately, either you
sunhux G put forth on 11/10/2010 3:01 AM:
> Currently I have a Cerberus Helpdesk/CRM application
> (refer to http://www.cerberusweb.com/) which uses POP3 method
> to download mails from our MS Exchange server via POP3.
>
> We have to cease using this MS Exchange server soon as POP3
> will be disa
Rich put forth on 11/10/2010 1:52 AM:
> The only difference I would have on this server is I would make it a 10 raid
> and not raid5. This is a much more higher performing with all the writes to
> maildir. Its also better fault tolerance.
I typically use RAID10 for most high load transaction hea
Will Fong put forth on 11/9/2010 6:57 PM:
> On 11/09/2010 04:45 PM, Stan Hoeppner wrote:
>> The Proliant Dl180 g6 box he has will scale to 192GB RAM in 12 DIMM
>> slots, but getting it there gets expensive due to the cost/DIMM at 16GB
>> density. Using fairly inexpensive 4GB
Kris Deugau put forth on 11/9/2010 11:07 AM:
> That said... Yeah, upgrade the hardware now - I'd even say go for more
> than 8G of RAM if you can stuff it in, because if you're running a
> memory hog like SpamAssassin on the same machine as your core mail
> daemons and webmail, you'll need it soo
Ralf Hildebrandt put forth on 11/9/2010 4:50 AM:
> * Wietse Venema :
>> Ralf Hildebrandt:
>>> Which headers are deemed worthy? Why can't I add an X-anything: header?
>>
>> RTFM.
>>
>> BOUNCE(5)
>> BOUNCE(5)
>> ...
>> TEMPLATE FILE FORMAT
>
Nick Edwards put forth on 11/9/2010 4:33 AM:
> "Make sure your PTR and A records match. For every IP address, there should
> be a matching PTR record in the in-addr.arpa domain. If a host is
> multi-homed, (more than one IP address) make sure that all IP addresses have
> a corresponding PTR record
Aaron C. de Bruyn put forth on 11/8/2010 10:50 PM:
> The short question:
> I'm looking for a way to store the headers of every message that passes
> through my postfix system. Any pointers?
> (I've read FAQ #45 and it seems to require me to enter the headers I want
> flagged)
This would be your
Ronald F. Guilmette put forth on 11/8/2010 5:22 PM:
> 1) It appears that v1 was in C while v2 is in Perl. I never trust Perl
> for anything requiring high performance, so it seems to me to be kind
> of a shame that v2 is in Perl.
You may want to take another look at modern Perl. AFAIK
Ralf Hildebrandt put forth on 11/8/2010 7:45 AM:
> * Kammen van, Marco, Springer SBM NL :
>
>> 6.9. The file-max parameter
>
> This doesn't override the ulimit for the user starting postfix.
> But of course it needs to be increased as well, this is true.
Increased to what? On my low RAM Lenny b
ahmad riza h nst put forth on 11/8/2010 7:31 AM:
> On Mon, Nov 8, 2010 at 7:25 PM, Stan Hoeppner wrote:
>> ahmad riza h nst put forth on 11/8/2010 4:08 AM:
>> "Have to"? There are alternatives, such as
>> http://www.ispconfig.org/ispconfig-3/
>>
>> In
ahmad riza h nst put forth on 11/8/2010 4:08 AM:
>> You won't have local system accounts. Just setup Postfix and Dovecot to
>> query your current mysql domain and user database. It may take some
>> tweaking, but what doesn't? ;)
>>
>
> thanks for your reply stan,
>
> the problem is we have to
ahmad riza h nst put forth on 11/8/2010 3:37 AM:
> i think it would reach to 12 thousands or less. yes we plan to do it
> in one server but just for mailboxes only (pop3, imap, webmail), we
> have another servers for the mx.
12,000 is a lot of users for one IMAP server. You'll definitely need
th
ahmad riza h nst put forth on 11/8/2010 3:05 AM:
> yes i read the manual before, it's said "Virtual aliasing solves one
> problem: it allows each domain to have its own info mail address. But
> there still is one drawback: each virtual address is aliased to a UNIX
> system account. As you add more
ahmad riza h nst put forth on 11/7/2010 11:55 PM:
> hello,
>
> currently i am new to postfix and at the moment i have a task to setup
> mail server with postfix, dovecot and webmin.
> this system would host hundreds of virtual domains, so thousands of
> virtual emails was expected.
"Thousands" of
Avinash Pawar // Viva put forth on 11/8/2010 12:12 AM:
> Hi,
>
> Nov 7 22:06:27 dell860-403 postfix/smtp[17076]: A35EAC130075: to=<
> rdcha...@indiatimes.com>, relay=rsmtp.indiatimes.com[223.165.24.11]:25,
> delay=3.6, delays=0/0/2.6/1, dsn=2.0.0, status=sent (250 Message received:
> 201011080610
Liam put forth on 11/6/2010 10:39 PM:
> Websocket is a new protocol to enable persistent, full-duplex, efficient
> connections to web servers.
That's vague marketing gobbledeygook. Are you trying to accomplish some
actual task other than playing with this new persistent, full-duplex,
efficient p
Noel Jones put forth on 11/6/2010 11:53 AM:
> On 11/6/2010 11:48 AM, Noel Jones wrote:
>> On 11/6/2010 11:16 AM, Stan Hoeppner wrote:
>>> Noel Jones put forth on 11/6/2010 10:05 AM:
>> The checkdbl.pl reject rate is far less than 1 per recipient
>> per day here. Any r
Michael J Wise put forth on 11/6/2010 11:02 AM:
> Adding locks after the fact with existing contracts in place can get messy.
> But we are thinking about it, and are working on rate limiting for some
> customers.
> The thing is, we don't want to "Punish" people as such, we want to FIX THE
> PROB
Noel Jones put forth on 11/6/2010 10:05 AM:
> On 11/6/2010 9:04 AM, Wietse Venema wrote:
>> There's already demand for DNS lookups for header substrings. This
>> resulted in a header_checks plugin by Sahil, if I recall correctly.
>>
>> Native support for DNS lookups from header_checks fragments cou
Michael J Wise put forth on 11/6/2010 9:53 AM:
> But since RFG is taking a crash course in outflow filtering, I also would be
> VERY interested in whatever suggestions the list membership might have about
> ways to do it well.
>
> Currently, the service where I am employed uses automated proces
Ronald F. Guilmette put forth on 11/6/2010 5:14 AM:
> Hello again friends. Long time no see.
>
> I've gotten myself into a somewhat heated discussion... which seems to
> be the only kind I get into these days... on another mailing list
> regarding the spam outflow filtering capabilities of one pa
Noel Jones put forth on 11/5/2010 11:04 AM:
> On 11/5/2010 10:03 AM, Wietse Venema wrote:
>> This is now implemented with minor changes.
>
> Excellent! Looking forward to a test drive.
Excellent indeed. Thank you for implementing this Wietse.
Jerrale, it appears Wietse just solved your problem
Vincent Lefevre put forth on 11/5/2010 4:03 AM:
> Testing the tld alone seems to be excluded by the access(5) man page,
> which only documents "domain.tld", i.e. the pattern must contain
> at least one dot. Is it an error in the man page (which could say
> "domain" instead, like in Section "Email
Henrik K put forth on 11/5/2010 2:49 AM:
> Did you happen to notice the absolutely generic expressions in the SA file,
> unlike your file which mostly lists specific domains?
The bulk of them are specific to a given ISP. I saw a half dozen that
are generic.
> Not that I don't agree the whole SA
Michael Orlitzky put forth on 11/5/2010 1:39 AM:
> On 11/05/10 00:11, Stan Hoeppner wrote:
>> Michael Orlitzky put forth on 11/4/2010 8:06 PM:
>>> On 11/04/2010 12:39 AM, Stan Hoeppner wrote:
>>>> Ned Slider put forth on 11/3/2010 6:33 PM:
>>>>
>&g
Michael Orlitzky put forth on 11/4/2010 8:06 PM:
> On 11/04/2010 12:39 AM, Stan Hoeppner wrote:
>> Ned Slider put forth on 11/3/2010 6:33 PM:
>>
>>> My other thought was to simply comment (or document) ranges known to
>>> contain FPs and then the user can m
Vincent Lefevre put forth on 11/4/2010 7:57 PM:
> This is not what the documentation says:
>
> Depending on the application, that string is an entire client
> hostname, an entire client IP address, or an entire mail address.
_Application_ in this sentence refers to things like
smtpd_foo_rest
Stan Hoeppner put forth on 11/4/2010 9:20 PM:
> Wietse Venema put forth on 11/4/2010 7:30 PM:
>> Stan Hoeppner:
>>> What's the CIDR lookup table performance difference between say 256 /32
>>> entries and a single /24 entry? Is it 256:1?
>>
>> One /32
Wietse Venema put forth on 11/4/2010 7:30 PM:
> Stan Hoeppner:
>> What's the CIDR lookup table performance difference between say 256 /32
>> entries and a single /24 entry? Is it 256:1?
>
> One /32 match is a probably a little faster than one /24 match.
> The diffe
Vincent Lefevre put forth on 11/4/2010 7:49 PM:
> On 2010-11-04 20:33:11 -0400, Wietse Venema wrote:
>> check_client_access searches the address and domain with ALL lookup
>> table types. It just doesn't do the substring lookups with PCRE,
>> REGEXP and CIDR.
>
> If I understand correctly, there's
Vincent Lefevre put forth on 11/4/2010 6:04 PM:
> On 2010-11-04 17:18:17 +0100, mouss wrote:
>> otherwise, you can do whatever you want with pcre:
>> /\.example\.com$/OK
>> or with sql or ldap.
>
> For pcre, the man page is not clear. It says:
>
> Each pattern is a regular expressi
What's the CIDR lookup table performance difference between say 256 /32
entries and a single /24 entry? Is it 256:1? Or, how about 90,000 /32
entries vs 60,000 entries that consolidate many of those 90,000 /32s
into larger CIDRs such as /24s and /21s etc? I have no idea what the
total processing
Jerrale G put forth on 11/4/2010 4:54 AM:
> you know, they could have made a premium service or addition to offset
> overhead and generate revenue while having the white and blacklists as a
> free service. This means that spamassassin's accuracy, and opensource,
> will reduce as well. I guess Im g
Ned Slider put forth on 11/3/2010 6:33 PM:
> My other thought was to simply comment (or document) ranges known to
> contain FPs and then the user can make a judgement call whether they
> want to comment out that particular regex based on their circumstances.
> Not a very elegant solution.
I'm sta
Ned Slider put forth on 11/3/2010 3:11 PM:
> Stan, and others who are using this file - have any of you looked at the
> overlap with greylisting? I would imaging that the vast majority of
> clients with dynamic/generic rDNS would be spambots and as such I would
> expect greylisting to block the va
Christian Rohmann put forth on 11/3/2010 10:02 AM:
> Maybe any1 has more ideas based on the fact that the
> thing is stable with two cores now, but wasn't with eight.
Absolutely. With 8 virtual CPUs (gasp OMG! big no-no) your guest kernel
will be generating a vastly larger number of timer interr
Charles Marcus put forth on 11/3/2010 8:49 AM:
> On 2010-11-02 10:07 PM, Stan Hoeppner wrote:
>> Last, but not least important by any means (understatement), you may
>> wish to try out:
>> http://www.hardwarefreak.com/fqrdns.pcre
>>
>> Implement this as:
&
gu...@lorenzutti.com.ar put forth on 11/2/2010 10:03 PM:
>> # main.cf
>> transport_maps = hash:/etc/postfix/transport
>>
>> # /etc/postfix/transport
>> exmaple.org lmtp:unix:/path/to/cyrus-lmtp-server-socket
>
> MMmmm... when I remove the local_transport and add everything to the
> transpor
Jack put forth on 11/2/2010 3:56 PM:
> I'm just checking all my spam settings on my postfix servers and I wanted to
> know if anyone is using any newer RBL's than below?
>
> (which have a low false positive rate)
Low FP noted, FSVO "low FP".
>reject_rbl_client zen.spamhaus.org,
>reject_
Peter put forth on 11/1/2010 6:51 PM:
> Hi Stan,
>
>> 1. What are your specific failure concerns with your
>> primary site?
>> Network failure? Host failure? Storage hardware
>> failure?
>
> You have a great suggestion assuming the data center functions well.
>
> the data center primary site
Victor Duchovni put forth on 11/1/2010 12:27 PM:
> - Deploy something similar to the Symantec 8600 (aka Turntide)
> SMTP traffic shaping appliance, that can rate limit outgoing
> spam without rerouting the SMTP connection (limitation:
> it can't see through STARTTLS).
Is thi
Peter put forth on 10/29/2010 1:55 PM:
> I agree with your point.
> the above solution should work well if the active/active server
> are located in the same location.
Correct.
> for the machines in different data center, there is no guarantee of speed.
Correct.
> also, making the server run i
Reinaldo de Carvalho put forth on 10/30/2010 3:39 PM:
> From Cyrus mailling list:
>
> "Now that Cyrus 2.4 has been released with a lot of the groundwork for
> bandwidth efficient replication in place, Max is going to be working
> on improving the management tools and monitoring of the replication
Peter put forth on 10/29/2010 1:55 PM:
> guess it is something beyond postfix to handle. not sure how postfix users
> will handle such an issue?
Attempting to architect your remote site cluster or failover solution
via back-n-forth to the Postfix mail list is not the proper way to go
about this.
Victor Duchovni put forth on 10/28/2010 2:00 PM:
> On Thu, Oct 28, 2010 at 11:41:17AM -0700, Peter wrote:
>
>> I want to use postfix for active/active mode.
>
> No, you want to cluster your mailstore (IMAP, POP, ...). This is not
> Postfix. Multiple Postfix MX hosts do not need to be clustered, t
/dev/rob0 put forth on 10/28/2010 12:36 PM:
> SDLU is a descendent of the old SPAM-L list which, like DSBL, also
> closed in May 2008.
SDLU is a fork of spam-l.com, which itself is the direct descendant of
the Lsoft SPAM-L mailing list which closed in May 2008. None of this
matters to newcomers
Покотиленко Костик put forth on 10/28/2010 5:31 AM:
> a. mail was send directly from company's public ip which is DSL (shouldn't
> send direct)
> b. advertising company's mail server doesn't have revers DNS
> c. doesn't send proper hello
> d. advertising company's ip black listed by sorbs
Ahh, I
Покотиленко Костик put forth on 10/27/2010 7:20 AM:
> Can somebody comment on this please.
>
> В Вто, 26/10/2010 в 18:20 +0300, Покотиленко Костик пишет:
>> I'm now trying to move all RBL and RHSBL checks to policyd-weight. In
>> policyd-weight I set "$ADD_X_HEADER = 1" and very high score so it n
one form or
another, and a few minutes delay is too long for you, then you shouldn't
be using greylisting at all, as it's not a good fit for your needs.
--
Stan
> 2010/10/27 Stan Hoeppner
>
>>
>> Greylisting has but one purpose: stopping spam bots (zombies)
>&g
Неворотин Вадим put forth on 10/27/2010 4:47 AM:
> I have greylisting on my server, but sometimes I need to allow some external
> users to send mail to my server without greylisting. I can't add them to
> whitelist, because in most cases it's a new clients, so the good idea is to
> ask them to add
Rich put forth on 10/25/2010 1:23 AM:
>> 587 inet n - n - - smtpd
>>-o smtpd_enforce_tls=yes
>>-o smtpd_sasl_auth_enable=yes
>>-o content_filter=
>>-o header_checks=
>>-o smtpd_recipient_restrictions=permit_sasl_authentica
Mikael Bak put forth on 10/25/2010 1:18 AM:
> Stan Hoeppner wrote:
> [snip]
>> Yes. I would suggest configuring a new smtpd listener for this. Most
>> people use the master.cf default TCP 587 listener daemon to accept
>> submitted mail. MUA clients will need to b
Rich put forth on 10/24/2010 10:58 PM:
> I am getting the below error when I try to send email from a pc from the
> same network using sasl authentication to the postfix server.
>
> Oct 24 23:02:36 server postfix/smtp[25874]: 7349F21003C: to=<
> rhd...@gmail.com>, relay=127.0.0.1[127.0.0.1]:10024,
why didn't they simply go to the networking group
and tell them to build a VPN?
We can't properly help you if we don't have the full story, or, at
least, a significant portion of it. A tyrannical government isn't the
reason for wanting this encryption is it?
--
Stan
> L
David Touzeau put forth on 10/23/2010 7:30 AM:
> Yes it for a company between remote sites trough internet that need to
> be sure that documents cannot be opened.
> i know pgp but there no informations how we can hook postfix or there is
> not such filter that should perform this operation.
Why do
Sahil Tandon put forth on 10/22/2010 10:35 PM:
> On Fri, 2010-10-22 at 19:16:31 -0500, Stan Hoeppner wrote:
>
>> Sahil Tandon put forth on 10/22/2010 6:55 PM:
>>> CPAN is a core module, so it should be installed by default. And
>>> acquiring modules via C
Sahil Tandon put forth on 10/22/2010 6:55 PM:
> On Fri, 2010-10-22 at 13:55:49 -0500, Stan Hoeppner wrote:
>
> [ .. ]
>
>> http://people.freebsd.org/~sahil/scripts/checkdbl.pl.txt
>
> Just so we are all on the same page: use with caution!
>
>> Sahil, if you
Ned Slider put forth on 10/22/2010 2:53 PM:
> I guess we can agree to disagree - I simply wanted to highlight the fact
> that using such rules can result in ham being blocked, regardless of how
> you want to define that.
I think we may be disagreeing on terminology definitions Ned, but we
definit
Carlos Mennens put forth on 10/22/2010 1:29 PM:
> I had someone tell me today that they were unable to send email to
> their customer from the mail server because they got the following
> error:
>
> *
> Failed Recipient: u...@example.tld
> Reason: Remote hos
Ned Slider put forth on 10/22/2010 10:50 AM:
> On 20/10/10 04:35, Stan Hoeppner wrote:
>> Jeroen Geilman put forth on 10/19/2010 8:09 PM:
>>
>>> You're missing some of the better spam prevention methods here, such as
>>> decent HELO checks, and an RBL or tw
Jeroen Geilman put forth on 10/21/2010 4:33 PM:
> Yup.
>
> reject_unknown_client_hostname is fine for MXen and large providers, but
> it will hurt simple relaying with many false positives.
There are thousands upon thousands of web forum servers that will fall
victim to reject_unknown_client_hos
Brian Evans - Postfix List put forth on 10/20/2010 12:57 PM:
> In your opinion, would check_reverse_client_hostname_access (Postfix
> 2.6+) work better here?
> Many dynamic zombies don't always resolve forward.
Operationally it probably won't make a difference as most ISPs who
bother to assign rd
Steve Jenkins put forth on 10/19/2010 11:12 PM:
> Stan Hoeppner said:
>> This will probably be a big help to Steve.
>
> Thanks, Stan. That fqrdns.pcre file rocks. Is that something you created?
> May I share the link with others?
Glad it's working well for you. That fil
Jeroen Geilman put forth on 10/19/2010 8:09 PM:
> You're missing some of the better spam prevention methods here, such as
> decent HELO checks, and an RBL or two.
>
> I'd suggest at least adding reject_unknown_reverse_client_hostname in
> there, as well as (testing out)
> reject_[invalid|unknown|
Márcio Luciano Donada put forth on 10/8/2010 5:11 PM:
>
> I am configuring a server to read a basic ldap, everything is working
> wonders, but to deliver the e-mail, postfix is not creating the maildir
> of the user, delivering only a mailbox file, but note that the
> configuration that follows be
Jeroen Geilman put forth on 10/4/2010 2:10 PM:
> The OP says in so many words that he sees connections WITH HIS IP: "who
> apparently connect to the MX *with the IP*"
>
> This does not happen.
Is this remotely plausible if he's behind a really funky NAT/masquerade?
I've seen some junk quality N
martin f krafft put forth on 10/3/2010 7:34 AM:
> Dear list,
>
> I found that a lot of spam can be weeded out by rejecting clients
> who greet me with my own hostname. Initially, I achieved this with
> the following:
>
> main.cf:
> smtpd_helo_restrictions =
> […]
> check_helo_ac
Kris Deugau put forth on 9/29/2010 2:33 PM:
> Hmm, no, less than 100M:
>
> PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND
> 28776 rbldns20 0 81740 65m 700 S0 3.3 118:49.42 rbldnsd
I was going by information I received from another list. I don't use
the data fe
y, ease of use, etc, but it does have the one
feature you want. Let us know how it works out for you.
--
Stan
> On 29. 9. 2010 11:36, Stan Hoeppner wrote:
>> Michal Bruncko put forth on 9/29/2010 4:03 AM:
>>
>>> I mean automatically accepted by postfix, but not automa
Michal Bruncko put forth on 9/29/2010 4:03 AM:
> I mean automatically accepted by postfix, but not automatically
> forwarded to mailboxes. My idea lies on principle, that if sender have
> valid SPF record, there is no need to greylist (and delaying mail
> receiving), but... SPF and greylisting ar
Mikael Bak put forth on 9/28/2010 4:25 AM:
> Stan Hoeppner wrote:
>> Mikael Bak put forth on 9/27/2010 6:18 AM:
>>> Stan Hoeppner wrote:
>>>> Michal Bruncko put forth on 9/26/2010 4:24 AM:
>>>>
>>>>> It is possible in some way to configure p
Henrik K put forth on 9/28/2010 12:28 AM:
> On Mon, Sep 27, 2010 at 03:12:01PM -0500, Stan Hoeppner wrote:
>>>
>>> Snowshoe spam will most probably pass greylisting too. Better not
>>> clutter greylisting database with useless things. Have the blacklists
>>>
Jim McIver put forth on 9/27/2010 5:00 PM:
> I'm running postfix 2.5.6 on Freebsd 7.2 and am having an issue with
> message size limit and a user not being able to send a file.
>
> I'm trying to limit the message size to 6 megabytes and in the main.cf I
> set:
>
> message_size_limit = 600
>
Mikael Bak put forth on 9/27/2010 6:18 AM:
> Stan Hoeppner wrote:
>> Michal Bruncko put forth on 9/26/2010 4:24 AM:
>>
>>> It is possible in some way to configure postfix, that SPF Passed mails
>>> will be automatically accepted with postfix without greylisting?
&g
to have that confirmed.
--
Stan
> --
> From: "mouss"
> Sent: Sunday, September 26, 2010 1:38 PM
> To:
> Subject: Re: SPF and greylisting conditioning
>
>> Le 26/09/2010 12:08, Stan Hoeppner a écrit :
>>> Michal Bruncko put
Michal Bruncko put forth on 9/26/2010 4:24 AM:
> It is possible in some way to configure postfix, that SPF Passed mails
> will be automatically accepted with postfix without greylisting?
If I may be blunt: this is a really dumb idea. Many, maybe all,
snowshoe spammers have valid SPF records. T
701 - 800 of 1297 matches
Mail list logo
