Re: Mail blocked if not HTML

James R. Marcus put forth on 7/1/2010 4:40 PM: > Slightly off topic, but a user has observed that any email sent in plain text > is bounced, any mail sent as HTML gets sent. > > Has anyone encountered such an issue? My environment hasn't really changed > in months and I'm confused. Roll Twilig

Re: Connection Refused on Port 25

Asai put forth on 7/2/2010 3:41 PM: > Greetings, > > For some reason, which I don't know how to figure out, our emails to > this one specific email domain are being refused. Can anyone point me > in the right direction? Here's an example of the log: > > Jul 2 09:33:10 triata amavis[1162]: (011

Re: Connection Refused on Port 25

Sahil Tandon put forth on 7/2/2010 4:13 PM: > On Fri, 2010-07-02 at 13:41:06 -0700, Asai wrote: > >> For some reason, which I don't know how to figure out, our emails to >> this one specific email domain are being refused. Can anyone point >> me in the right direction? Here's an example of the l

Re: Postfix 2.7 for RHEL 5?

Morten P.D. Stevens put forth on 7/3/2010 2:40 PM: > Hi, > > Does anyone know backported Postfix 2.6.x or 2.7.x RPM packages for RHEL5? This binary rpm is for x86-64 only: http://ftp.wl0.org/official/2.7/RPMS-rhel5-x86_64/postfix-2.7.1-1.rhel5.x86_64.rpm You'll have to google more than I did to

Re: Postfix.org SPF

junkyardma...@verizon.net put forth on 7/4/2010 9:53 PM: > What is stupid is to be so opposed to anti spam tools that have no > significant downside. The problem is it has no significant upside either, which is why most sites don't use it as an anti spam measure. Since spammers can simply create

Re: Debian package installation

Isaac Witmer put forth on 7/6/2010 9:27 AM: > I'm doing a custom install, and one of the packages in the install is postfix. > Each time, it prompts me to select "no configuration" "Local use" etc. > just after the package has been downloaded and right before it has > been installed. (similar to th

Re: status=bounced unknown user:

Jerry put forth on 7/7/2010 8:09 AM: > Why are you setting configuration parameters to their default setting? > It doesn't serve any purpose that I am aware of. I've seen this quite a bit. It leads me to believe there are some Linux distros that ship with this stuff in main.cf by default. IIRC

Re: Selective outbound relaying II

Ville Walveranta put forth on 7/8/2010 9:14 PM: > sender_dependent_relayhost_maps works except that the other settings > affecting the relay aren't conditionalized by the defined relayhost > maps. In this case the relayhost for the externally relayed > "business" domains requires TLS and authentic

Re: email account bombarded with SPAM error bounces - what to do?

Kammen van, Marco, Springer SBM NL put forth on 7/9/2010 6:00 AM: > Not sure if its related to your issue. > But there is a big spam/virus attack going on, where messages look like > NDR's but they aren't. > Various big anti spam vendors are having serious issues stopping this. Some of my trap ad

Re: postfix-2.7.1 mail_params.c:531: error: expected expression before '/' token

Maybe putting them side-by-side will help. Docs: make makefiles CCARGS='-DDEF_CONFIG_DIR=\"/some/where\"' You: make makefiles CCARGS='-DDEF_COMMAND_DIR=\"/usr/local/sbin\" > Let's see what I did wrong : You spotted the leading squote but you missed the trailing squote. -- Stan

Re: MAIL FROM problem after upgrade

Johan Vromans put forth on 7/13/2010 2:36 AM: > The problem: although I have configured > > mydomain = squirrel.nl > myorigin = squirrel.nl > > postfix stil uses the real, local hostname in the SMTP envelope: What do you want the SMTP host name to be? squirrel.nl ? johan.squirrel.nl ? /e

Re: Reason for blocked access?

Joern Bredereck put forth on 7/14/2010 3:06 AM: > Hi, > > how can I tell why the following mail has been rejected: > > Jul 14 08:48:58 zarafa-xen postfix/smtpd[26113]: NOQUEUE: reject: RCPT > from ns.gbc.net[212.97.96.201]: 554 5.7.1 : > Client host rejected: Access denied; from= > to= proto=ESMT

Re: Reason for blocked access?

Joern Bredereck put forth on 7/14/2010 3:50 AM: > > Am 14.07.10 10:45, schrieb Stan Hoeppner: > >> Do you have more than one access table/type? I have 7 access tables, >> including hash, CIDR, regexp, and PCRE. I add comments to my regexp and PCRE >> tables to make m

Re: OT: Check out my photos on Facebook

Ram put forth on 7/15/2010 1:29 AM: > Now this is the problem of all invites, especially those invites that > scrape my addressbook and invite everyone. > > Should not all invites carry some header or any other identification , > that list management software can automatically detect and /dev/nul

Re: Better spam filter for postfix

Steve put forth on 7/15/2010 4:16 PM: > * if you feed wrong data to the Anti-Spam filter then the filter will make > errors. Content (header/body) filters have always been error prone and always will be. The key to success is if the error rate is acceptable. For users to train them, they have

Re: Postfix and greylisting

Jack Raats put forth on 7/19/2010 1:39 AM: > I'm using postgrey quite a long time but I think there are more efficient > ways to block spam. Totally agree. > Running pflogsumm on maillog gives the following numbers > > Totally blocked 85 > Blocking countries (using client host name and helo): 7

Re: Postfix queue on ramdisk: Insufficient system storage

Wietse Venema put forth on 7/21/2010 2:22 PM: > Ram: >> One server of ours just accepts the mails from clients and then relays >> the mails to other servers. >> Since there is almost no mail queued on the server , I think it is will >> be good to mount /var/spool/postfix on a tmpfs partition. >

Re: Is such an SSL attack possible against Postfix?

Charles Marcus put forth on 7/21/2010 7:46 AM: > Jonathan Tripathy wrote: >>> Port 25 outgoing will be blocked by most ISPs > >> This may be the case in your country, but from where I'm from, I've >> never had a problem sending out on port 25, even on home residental >> ISPs :) > > Any ISP that d

Re: OT: ISP Blocking of port 25

Daniel V. Reinhardt put forth on 7/21/2010 2:06 PM: > Your average joe doesn't need to be running servers, and if you want business > class services and abilities then pay for it. Class warfare and/or financial means arguments are invalid in this discussion. > Bandwidth costs money. You can'

Re: Postfix queue on ramdisk: Insufficient system storage

Patrick Ben Koetter put forth on 7/22/2010 2:11 AM: > * Stan Hoeppner : >> Wietse Venema put forth on 7/21/2010 2:22 PM: >>> Ram: >>>> One server of ours just accepts the mails from clients and then relays >>>> the mails to other servers. >>>&

Re: milter still hungs (from time to time)

Jesus Cea put forth on 7/23/2010 2:33 PM: > The email filesize is around 300Kbytes. The mailing list rejects it. > > Should I send it to your personal email?. Send a ZIP file? Put it on your httpd server, or upload it to pastebin.com, and publish the appropriate link. -- Stan

Re: problem using smtp

Jonathan Amiez put forth on 7/27/2010 8:26 AM: > Le mardi 27 juillet 2010 15:15:24, Fons van der Beek a écrit : >> domain.com smpt:sbsserver:25 >> Anyone an idea what is wrong > Double-check your config, you wrote "smpt" instead of "smtp

Re: problem using smtp

Fons van der Beek put forth on 7/27/2010 10:53 AM: > sorry... > i just didn't see it. > very stupid, but also gratefull Don't sweat it. Laugh about it instead. Exercise a little self deprecating humor. Whenever this kind of thing happens, _always_ say something like: "That'll t

Re: Log file checking

Mark Scholten put forth on 7/31/2010 11:00 AM: > Any ideas if there are ready to use scripts for this part? If you give us your exact requirement, instead of the vague "I want to get certain information", one of us might be able to hack up a simple shell script, or even a single bash line, to do

Re: Log file checking

Mark Scholten put forth on 7/31/2010 6:53 PM: > I want the following information (per day or per hour, it should be possible > to exclude email addresses or to only get information for certain email > addresses): /usr/sbin/pflogsumm.pl --smtpd_stats /var/log/mail.log /var/log/mail.log.1 Grand To

Re: Log file checking

Mark Scholten put forth on 8/1/2010 5:46 AM: > Getting it in a single number is important for me, however looking at the > http://logreporters.sourceforge.net/ link you did give I see that all but > one thing is given the way I want it. This last option isn't given the way I > like it, but that ca

Re: Postfix on Cloud

Julio Cesar Covolato put forth on 8/7/2010 12:37 AM: > Is there anyone using postfix in cloud, like Amazon ec2? Dunno about Postfix specifically, but there are/were many spammers operating out of the Amazon cloud as well as the Rackspace cloud. Even if they are clean now, their reputation is sti

Re: Postfix on Cloud

Jonathan Tripathy put forth on 8/7/2010 8:09 AM: > Of course, VPS ISPs should always do checks to make sure > that a person signing up is who they say they are - Herein lies the problem. The low cost business model of cloud/VPS precludes providers from doing any kind of meaningful customer vett

Re: Postfix on Cloud

Mark Scholten put forth on 8/7/2010 8:19 AM: > As long as it is with a reputable provider there should be no problem to use > them for SMTP mail. I estimate 90%+ of all the VPS providers are in the "disreputable" category WRT SMTP spam, most due to negligence, not evil. There are are a few dozen

Re: Thanks to wietse and the distribution list a new web console is born

Charles Marcus put forth on 8/7/2010 11:54 AM: > On 8/7/2010 11:32 AM, Mihira Fernando wrote: >> This looks very interesting. I assume that SASL backend is also using >> cyrus ? >> Can I suggest/request you add options for Dovecot IMAP and SASL backend >> as well ? > > +10 +100 Postfix/Dovecot i

Re: Postfix on Cloud

Jonathan Tripathy put forth on 8/7/2010 4:03 PM: > I guess my question is a little more general than this topic: do > providers ever block *who* mail is sent to? You probably need to be much more specific, detailed, with this question. -- Stan

Re: Postfix on Cloud

Jonathan Tripathy put forth on 8/7/2010 7:32 PM: > > On 08/08/10 01:33, Stan Hoeppner wrote: >> Jonathan Tripathy put forth on 8/7/2010 4:03 PM: >> >> >>> I guess my question is a little more general than this topic: do >>> providers ever block *who*

Re: Postfix on Cloud

ABPNI put forth on 8/8/2010 1:54 AM: > > > On 8 Aug 2010, at 03:22, Stan Hoeppner wrote: > >> Jonathan Tripathy put forth on 8/7/2010 7:32 PM: >>> >>> On 08/08/10 01:33, Stan Hoeppner wrote: >>>> Jonathan Tripathy put forth on 8/7/2010 4:03 PM:

Re: How to reject bad hosts

Nicolas Michel put forth on 8/9/2010 9:29 AM: > For example : a host with IP WWW.XXX.YYY.ZZZ try so send a mail to my > domain (we'll call it mydomain.be) and claims that the sender is > u...@otherdomain.com Example of forging, typical of spammers: Return-Path: X-Original-To: Delivered

Re: Postfix relay - restrict addresses EXCEPT from specific host

michael.lar...@wellsfargo.com put forth on 8/9/2010 12:47 PM: > I have a very simple postfix relay set up with client.access, sender.access > and recipient.access rules. I need to set it up such that it will relay *all > addresses* from a specific host, but keep the default rejection for all othe

Re: postfix load handling

Patrick Ben Koetter put forth on 8/10/2010 6:37 AM: > * Bjorn Mork : >> i have tried to answer your queris, (Please correct, if I am wrong in >> understanding your question...) >> >> We do have multiple IBM Blade server with 2.4 Xeon + 16GB + NAS over iSCSI >> protocol.. >> >> How many blades w

Re: smtpd_delay_reject = yes & Reject Logging

Michael Orlitzky put forth on 8/10/2010 4:02 PM: > I think he just wants to know which smtpd restrictions list contains the > rule that caused the rejection. This is relatively easy to accomplish with custom rejection messages. Simply insert a unique symbol at the beginning of each rejection mes

Re: smtpd_delay_reject = yes & Reject Logging

Ralf Hildebrandt put forth on 8/11/2010 2:35 AM: > * Stan Hoeppner : >> Michael Orlitzky put forth on 8/10/2010 4:02 PM: >> >>> I think he just wants to know which smtpd restrictions list contains the >>> rule that caused the rejection. >> >> This

Re: smtpd_delay_reject = yes & Reject Logging

Stan Hoeppner put forth on 8/11/2010 3:31 AM: > I was just looking at a Logwatch summary. The data the OP is requesting _is_ > in the Postfix logs somewhere, as Logwatch is tallying the disconnection > phases: > >81 Connections lost (inbound) >61 Afte

Re: smtpd_delay_reject = yes & Reject Logging

Noel Jones put forth on 8/11/2010 6:20 AM: > This is logged when the client disconnected in the middle of the > transaction -- postfix lost the connection -- NOT a reject. > > You won't find reject log entries for the lost connections after EHLO or > CONNECT, although the ones for RCPT and DATA *

Re: Resource allocation issue

Alex put forth on 8/14/2010 7:34 PM: > I'm running an older version of postfix and a 2.6.35 Linux kernel, and > recently started seeing these messages: > > Aug 14 19:52:01 smtp01 postfix/postsuper[2634]: fatal: setuid(103): > Resource temporarily unavailable > > How can I troubleshoot this? Doe

Re: cidr table on mysql database

Jack Knowlton put forth on 8/15/2010 4:53 PM: > Is it possible to store a CIDR access table on a mysql database? I'm pretty sure the answer is, NO. The solution to your problem is sticking the Postfix access table files you want shared across your MX farm on an NFS/CIFS server and mounting the s

Re: Speed up queue injection

Ram put forth on 8/16/2010 8:19 AM: > But Enterprise quality SSD's are so expensive. I can get an additional > server and still save money. I call BS: http://www.newegg.com/Product/Product.aspx?Item=N82E16820167023 $214 USD is _not_ expensive at all, and only a fraction of the cost of a server

Re: Speed up queue injection

Noel Jones put forth on 8/16/2010 10:03 AM: > On 8/16/2010 9:36 AM, Stan Hoeppner wrote: >> Ram put forth on 8/16/2010 8:19 AM: >> >>> But Enterprise quality SSD's are so expensive. I can get an additional >>> server and still save money. >> >&

Re: Configuring internal mail relay

Noel Jones put forth on 8/16/2010 4:46 PM: > Move reject_unauth_destination to below your white/black lists. Thanks for the quick advice for Michael, Noel. I should have thought of this, however I didn't realize until asking Michael to bring this thread back on list that he was dealing with all

Re: Speed up queue injection

Wietse Venema put forth on 8/16/2010 2:36 PM: > Stan Hoeppner: >> Google uses less than 1/10th of 1% "Enterprise grade" hardware, using the >> typical definition of "Enterprise grade", in their operations. And Google is >> the undisputed single largest op

Re: Speed up queue injection

Stan Hoeppner put forth on 8/16/2010 6:56 PM: > Wietse Venema put forth on 8/16/2010 2:36 PM: >> Stan Hoeppner: >>> Google uses less than 1/10th of 1% "Enterprise grade" hardware, using the >>> typical definition of "Enterprise grade", in their ope

Re: Speed up queue injection

Wietse Venema put forth on 8/17/2010 6:11 AM: > Stan Hoeppner: >> Wietse Venema put forth on 8/16/2010 2:36 PM: >>> Stan Hoeppner: >>>> Google uses less than 1/10th of 1% "Enterprise grade" hardware, using the >>>> typical definition of "Ent

Re: How common is reverse DNS checking?

Robert Fournerat put forth on 8/19/2010 4:46 PM: > Quoting Noel Jones : > >> Same here. reject_unknown_client_hostname is too strict, but >> reject_unknown_reverse_client_hostname rejects lots of obvious spambots >> without resorting to an RBL lookup. The false-positive rate is close >> enough t

Re: How common is reverse DNS checking?

Erwan David put forth on 8/20/2010 4:23 AM: > On Fri, Aug 20, 2010 at 10:39:48AM CEST, Stan Hoeppner > said: >> Robert Fournerat put forth on 8/19/2010 4:46 PM: >>> Quoting Noel Jones : >>> >>>> Same here. reject_u

Re: EHLO command generating lots of errors - Firewall or Load issue.

Klaus Engelmann put forth on 8/20/2010 11:25 AM: > Hi list, > > I searched the forum looking for some ideas about the following error > that is growing increasingly in my POSTFIX deployment: > > Aug 20 08:41:40 prometeu postfix/smtpd[16568]: lost connection after > EHLO from mail2.netpoint.com.br

Re: EHLO command generating lots of errors - Firewall or Load issue.

Klaus Engelmann put forth on 8/20/2010 2:32 PM: > Stan, thanks for your answer. > > Searching heavily the list I found that this problem was related to > firewall issues, specially when the firewall does a sort of SMTP > (layer 7) validation or check. > > I disabled some features on my H3C firewa

Re: Selective smtpd_helo_restrictions question

Magnus Bäck put forth on 8/22/2010 10:04 AM: > On Sunday, August 22, 2010 at 16:01 CEST, > p...@alt-ctrl-del.org wrote: > >> So I have, >> smtpd_helo_restrictions = reject_non_fqdn_helo_hostname, >> check_helo_access regexp:/etc/postfix/heloaccess.cf >> >> If I put the following into heloacce

Re: Selective smtpd_helo_restrictions question

Wietse Venema put forth on 8/22/2010 11:13 AM: > Stan Hoeppner: >> That's not necessarily true. It depends on the order of his >> smtpd_*_restrictions and whether he's using delayed evaluation. If he's >> using the multiple section restrictions style with

Re: Selective smtpd_helo_restrictions question

Stan Hoeppner put forth on 8/22/2010 7:34 PM: > So if we reverse the scenario and put the "REJECT" first, it's a final > decision? If so, and if I've described the situation correctly, why do > we have this opposite behavior between whitelisting and blacklisting?

Re: DNS Whitelisting

Wietse Venema put forth on 8/23/2010 10:11 AM: > Noel Jones: > (Might be time to revisit DNS whitelists in >> postfix.) > > Maybe someone can draft a strawman user interface: > > - what is the configuration syntax > > - what does that syntax mean > > - how to make it safe ( we don't want "ope

Re: DNS Whitelisting

Noel Jones put forth on 8/24/2010 2:18 PM: > - This is specific for dnswl.org. Postfix needs a general mechanism. > Other whitelists are not required to follow dnswl.org's 127.0.x.y > mechanism. Yeah, I used this example as dnswl is, afaik, the most "established" of the dns whitelists. I haven

Re: DNS Whitelisting

Wietse Venema put forth on 8/24/2010 2:37 PM: > With reject_rbl_client etc. Postfix can use different DNSXLs names > in different access lists, and filter the result. For example, to > select responses from some.example.com with value 127.0.0.4: > > smtpd_mumble_restrictions = > ... > r

Re: DNS Whitelisting

Steve Linford put forth on 8/25/2010 8:27 AM: > Just to add to the mix if Postfix is working on whitelist implementation... > Spamhaus has assigned 127.0.2.0/24 for whitelist return codes. The new > Spamhaus Whitelist ("SWL") due out very shortly will return 127.0.2.2 and > 127.0.2.3 and Spamha

super selective spamassassin via filter

Would anyone happen to have an example guide showing the proper master.cf and main.cf parameters for setting up daemonized spamassassin to run super selectively via FILTER? I've reached the point that I'm killing about 98% of my spam load but I'm tired of the few phish/419 that make it into my inb

Re: super selective spamassassin via filter

Noel Jones put forth on 8/25/2010 4:24 PM: > FILTER is a poor choice for per-recipient filtering. FILTER is a > per-message action, with only one FILTER action per message (if there > are multiple FILTER actions triggered, only the last will be used). If > there are multiple recipients for a mes

Re: DNS Whitelisting

Wietse Venema put forth on 8/25/2010 4:27 PM: > Noel Jones: >> As I see it, there are two complementary paths we can take >> with DNS whitelists, each with a slightly different purpose. >> While these are both useful, neither depends on the other, so >> postfix can implement either or both. > >

Re: super selective spamassassin via filter

Noel Jones put forth on 8/25/2010 10:11 PM: > In that case, don't use an access table with FILTER; use content_filter > or smtpd_proxy_filter to filter all mail. > > (For wildcard access tables, use a regexp table. But for this > application, use content_filter.) Let me try to make this really

Re: Mail rejected: Client host rejected: cannot find your hostname

Noel Jones put forth on 8/27/2010 8:58 AM: > Yes, this was rejected by reject_unknown_client_hostname. > > Yes, it appears the client's DNS is working correctly /now/. > > The mail was deferred with a 450 code. This implies that there was a > temporary DNS error of some type. Just because dig

Re: temporary dns errors are a pain

pf at alt-ctrl-del.org put forth on 8/27/2010 1:23 PM: > Is there any known policy server or add-on, that will change the > tempfail action after a couple of hours, for things like > reject_unknown_client_hostname and reject_unknown_client_hostname? > > Sending a reject has problems. I don't want

Re: temporary dns errors are a pain

Noel Jones put forth on 8/27/2010 2:28 PM: > You'll need to show evidence of that claim. Hotmail passes > reject_unknown_client_hostname here consistently. In fact I have a > check_sender_access map that specifically does > reject_unknown_client_hostname on any @hotmail sender address. Unfortun

check header from, reply-to, message-id domains against spamhaus dbl?

Is there a straightforward (i.e. relatively painless) way to check the header from, reply-to, and message-id domains against dbl.spamhaus.org and reject on a positive reply as with reject_r*bl_client? Without having to write a content filter to be called in action filter:nexthop in header_checks.p

Re: check header from, reply-to, message-id domains against spamhaus dbl?

Wietse Venema put forth on 8/30/2010 1:29 PM: > Victor Duchovni: >> On Mon, Aug 30, 2010 at 01:06:28PM -0500, Stan Hoeppner wrote: >> >>> Is there a straightforward (i.e. relatively painless) way to check the >>> header from, reply-to, and message-id domains agains

Re: Regexp for blocking dynamic hosts?

Patrick Lists put forth on 8/30/2010 4:34 PM: > Hi, > > I got a lot of spam lately from dynamic hosts so gradually I have been > adding rules to block them with the help of the rules from > http://gabacho.reto.jp/en/anti-spam/anti-spam-system.html > > Unfortunately this type keeps slipping throug

Re: Regexp for blocking dynamic hosts?

Patrick Lists put forth on 8/30/2010 6:00 PM: > On 08/31/2010 12:40 AM, Stan Hoeppner wrote: > [snip] >> >> /^[12]?[0-9]{1,2}(-[12]?[0-9]{1,2}){3}\.(customer|dsl|dial-up)\.telesp\.net\.br$/ >> >> REJECTGeneric - Please relay via ISP (telesp.net.br) >> &

Re: Regexp for blocking dynamic hosts?

Charles Marcus put forth on 8/31/2010 6:48 AM: > On 2010-08-30 6:40 PM, Stan Hoeppner wrote: >> REJECT Generic - Please relay via ISP (telesp.net.br) > > Thanks for this Stan, but just to confirm, was that supposed to be a TAB > between REJECT and Generic? It doesn

Re: Regexp for blocking dynamic hosts?

Charles Marcus put forth on 8/31/2010 11:44 AM: > What the following looked like to me: > > REJECTGeneric - Please relay via ISP (telesp.net.br) > > was that *everything* rejected by this regex would get the same reject > message: > > Please relay via ISP (telesp.net.br) > > Apparently

Re: Regexp for blocking dynamic hosts?

mouss put forth on 9/1/2010 6:10 PM: >> Over 1600 regex patterns matching generic dynamics and statics. Rejects >> all generic dynamics, tags generic statics. Provided with no >> warranties, use at your own risk, etc. Has worked well here. >> >> http://www.hardwarefreak.com/fqrdns.regexp >> >>

Re: Regexp for blocking dynamic hosts?

Noel Jones put forth on 9/2/2010 10:41 AM: > On 9/2/2010 10:14 AM, Stan Hoeppner wrote: >> mouss put forth on 9/1/2010 6:10 PM: >> >>>> Over 1600 regex patterns matching generic dynamics and statics. >>>> Rejects >>>> all generic dynamics, tags

Re: Regexp for blocking dynamic hosts?

Steffan A. Cline put forth on 9/2/2010 10:59 AM: > I can't imagine needing to change them. They are AWESOME! > > They work great just as they are. Kills off 80% of the spam at the least. > > Thank you, Stan the ma Given your MX and general system load Steffan, if you edit those three lines and f

Re: Blocking a particular authenticated user

Noel Jones put forth on 9/2/2010 5:37 PM: > And yes, it is common and acceptable practice to put all restrictions > under smtpd_recipient_restrictions. Not only common, but as I discovered the hard way, it's very difficult, nearly impossible, to manage some white listing scenarios if you don't pu

resent-message-id

After replacing pflogsumm with logwatch, I've noticed in each summary a "resent" stat I wasn't noticing before. What is the significance of "resent-message-id"? Log snippet: Sep 3 11:24:38 greer postfix/smtpd[28881]: 07D976C317: client=liszt.debian.org[82.195.75.100] Sep 3 11:24:38 greer postf

processing time metrics for rejected connections

Considering that spam accounts for the bulk of all client connections to an MX these days, it might be beneficial if we had log data showing total time per session, not just for queued mail, so an OP can see how long it's taking to reject at the smtpd stage, as well as time elapsed when rejecting m

Re: processing time metrics for rejected connections

Victor Duchovni put forth on 9/4/2010 7:33 AM: > What do you mean by "filters"? Spam filters in the form of table lookups and dnsbl queries. I'm currently processing 12,581 CIDRs 1,568 regular expressions (PCRE) 5 dnsbl lookups per each inbound connection (assuming no hits). Obvious

Re: reject_unknown_client_hostname light?

pf at alt-ctrl-del.org put forth on 9/7/2010 11:02 PM: > Am I missing something obvious? > > With many ISPs providing generic PTR, > reject_unknown_reverse_client_hostname is too gentle. > > I'd really like to implement reject_unknown_client_hostname, but I've > seen too many cases where address-

Re: Reading mail messages from local files

Diego Lima put forth on 9/8/2010 2:46 PM: > I considered creating a > shellscript that checks the directory for new files and then sends > them using sendmail -t, but that isn't really good performance-wise. Performance-wise? How many emails are you sending per minute? Unless you have others pr

Re: Reading mail messages from local files

Diego Lima put forth on 9/8/2010 3:33 PM: > Hi Stan, > > This is actually a server for a mail marketing company, so I can > expect several thousands of messages per minute being sent from the > system. That's why I was wondering if there was any way to get postfix > to pick up the messages automat

Re: Virtual users pop3d suggestions

Nick Edwards put forth on 9/10/2010 2:32 AM: > Before the fans cry foul of why not Dovecot. we have followed the list > thread of what may be a problem with Dovecot its author has identified but > decided is a "tuff luck" case, he indicates serious corruption risks with > index and caches using mu

Re: blocking particular senders by country

post...@corwyn.net put forth on 9/10/2010 10:28 AM: > > > Hi! > > what I'd like to do is block all emails from individual contries based > on sender email address (.au, .jp, etc) > > In reading the docs, it looks like I can block particular domains with > check_client_access and check_sender_a

prevent header checks on locally submitted mail

Is there a way to have locally submitted mail (my_networks) bypass header_checks when using a single master.cf smtpd instance? Since implementing Sahil's fine checkdbl.pl tcp server in header_checks, I've noticed a 1-3 second delay when submitting from my workstation MUA. Prior to this submission

Re: prevent header checks on locally submitted mail

mouss put forth on 9/10/2010 5:54 PM: > for header_checks, the option is no_header_body_checks: > http://www.postfix.org/postconf.5.html#receive_override_options Got it, I think. > for smtpd restrictions: > -o smtpd_foo_restrictions=blahblah > > if you want per smtpd header checks, No. I

Re: prevent header checks on locally submitted mail

Sahil Tandon put forth on 9/11/2010 1:15 AM: > Stan Hoeppner wrote: >> Sep 10 22:30:14 greer postfix/smtpd[12354]: before input_transp_cleanup: >> cleanup flags = enable_header_body_filter enable_automatic_bcc >> enable_address_mapping enable_milters >> Sep 10 22:30:1

Re: Seeking recommendation for before-queue content filter capable of removing headers

Ralph Seichter put forth on 9/11/2010 4:12 AM: > There were no recommendations so far, and I wonder if that means I do > have to write a before-queue content filter myself? Has nobody else yet > tried to remove headers from submitted e-mail before DKIM signatures are > added? First hit on Google:

Re: Seeking recommendation for before-queue content filter capable of removing headers

mouss put forth on 9/12/2010 3:46 AM: > === header_checks_submission.pcre: > /^Received:\s*from\s+\S+\s+\(\S+\s+\[192\.168\.1\.\d+\]\)\s+by\s+your\.server\.example\s+\(Postfix\)/ > > IGNORE Isn't this a bit heavy mouss? All he really needs to match is the RFC1918 address, yes? Something li

Re: Seeking recommendation for before-queue content filter capable of removing headers

Stan Hoeppner put forth on 9/12/2010 5:08 AM: > mouss put forth on 9/12/2010 3:46 AM: > >> === header_checks_submission.pcre: >> /^Received:\s*from\s+\S+\s+\(\S+\s+\[192\.168\.1\.\d+\]\)\s+by\s+your\.server\.example\s+\(Postfix\)/ >> >> IGNORE > > Isn'

Re: Seeking recommendation for before-queue content filter capable of removing headers

Ralph Seichter put forth on 9/12/2010 6:44 AM: > On 12.09.10 12:37, Stan Hoeppner wrote: > >> Ralph, do you restrict submission to only certain public subnets or >> do you allow your users/customers to submit from any network? > > Submission is allowed for SASL-auth

Re: Postscreen update

Sahil Tandon put forth on 9/13/2010 8:31 PM: > On Mon, 2010-09-13 at 19:20:05 -0400, Matt Hayes wrote: >> I've not had to use anything involving a DNSBL and a password before >> so just curious what I'm missing. > > That is probably because you do not pay for a DNSBL datafeed. :) In such > cases,

Re: Problems to understand reject_unlisted_recipients

Jeroen Geilman put forth on 9/14/2010 5:56 PM: > On 09/14/2010 04:42 PM, Christian Rößner wrote: >> Sep 11 10:34:36 mx0 postfix/lmtp[29594]: 40FC3520A6: >> to=, relay=127.0.0.1[127.0.0.1]:24, >> delay=0.39, delays=0.19/0.06/0.01/0.13, dsn=5.1.1, status=bounced >> (host 127.0.0.1[127.0.0.1] > > Who

Re: postscreen rhsbl

Vernon A. Fort put forth on 9/16/2010 6:16 PM: > I've read but its not clear (to me) if one can (or should) use rhsbl > sites in postscreen. Well, actually, i did configure but then removed. http://www.postfix.org/postconf.5.html#postscreen_dnsbl_sites postscreen_dnsbl_sites (default: empty) Op

Re: Rules on incoming email

Jos Chrispijn put forth on 9/19/2010 11:11 AM: > I have this email client that takes care of distrubition of email to > different mail folders. > As I now started to read my email with a mobile phone, there is a load > of messages that aren't sorted, as my 'home client' hasn't taken care of > that

Re: Please Help Me Secure My Mail Server

bper put forth on 9/20/2010 3:29 PM: > > Hello, > > I have set up a postfix-dovecot server with smtp-auth using sasl by > following this link: > https://help.ubuntu.com/10.04/serverguide/C/postfix.html > > It seems to be working OK. The only thing is that when I view my logs, I see > a lot of 'r

Re: Can postfix guarantee durability (fsync)?

Yang Zhang put forth on 9/20/2010 3:46 PM: > On Mon, Sep 20, 2010 at 12:33 PM, Wietse Venema wrote: >> Yang Zhang: >>> Can you pinpoint the exact RFC & section you're referring to? Thanks. >> >> I will give you as home work to study the following documents: >> >> RFC 821 >> RFC 2821 >> RFC 5321 >>

Re: transport_maps and round robin dns

Victor Duchovni put forth on 9/20/2010 6:01 PM: > On Tue, Sep 21, 2010 at 12:56:14AM +0200, Jeroen Geilman wrote: > >>> Yes, when traffic to the destination is light (message deliveries >>> are spaced multiple seconds or more apart) or is very heavy (message >>> deliveries are many in each interva

Re: Problem with postfix-dnswl-permit (Was Re: REJECT mails to a specific domain -> ERROR mail to postmaster)

Wietse Venema put forth on 9/21/2010 10:12 AM: > Michael Weissenbacher: >> Hi Wietse! >> >>> Michael Weissenbacher: Sep 21 15:04:58 smtp1 postfix/smtpd[14679]: warning: unknown smtpd restriction: "med" >>> >>> That is also a configuration error. >>> >> This error was really HARD to track.

Re: Please Help Me Secure My Mail Server

bper put forth on 9/21/2010 2:26 PM: > Point taken. I have, and still am, investigating AV scanning. What are your > thoughts on the best solution/fit with postfix? Someone else will need to answer. I don't do A/V scanning in Postfix. I simply reject any emails, using mime_header_checks, that co

<    1   2   3   4   5   6   7   8   9   10   >