Re: Mail queue with 110.000 mails

2017-03-27 Thread Kenneth Marshall
On Mon, Mar 27, 2017 at 04:55:46PM -0300, Roberto Carna wrote: > So should we use this setting for TLS options in main.cf in order to > slow down the key generation time: > > tls_random_source = dev:/dev/urandom > > ??? > > > Thanks again. Yes, that is what we use here. Regards, Ken

Re: Mail queue with 110.000 mails

2017-03-27 Thread Kenneth Marshall
On Mon, Mar 27, 2017 at 04:06:46PM -0300, Alejandro Cabrera Obed wrote: > Dear, thanksis it possible that the STARTTLS settings slow down mail > processing? In this mail relay server, the connections as "client" to the > corporate mail server are always encrypted with the TLS, with the >

Re: Big messages stuck in queue (semi-off topic)

2011-04-13 Thread Kenneth Marshall
On Wed, Apr 13, 2011 at 04:30:17PM +0200, Victoriano Giralt wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 We already know it is not Postix's fault, as the reason lies at the network level, but I'm writing to the list in the hope that someone might have seen this behaviour, as I have

Re: Address Tagging in Postfix?

2011-03-22 Thread Kenneth Marshall
On Tue, Mar 22, 2011 at 01:44:37PM -0700, Steve Jenkins wrote: I've been reading through http://www.postfix.org/ADDRESS_REWRITING_README.html and Googling in an attempt to figure out how to allow tagging of email accounts for SPAM fighting purposes (mail to bob+any...@server.com gets delivered

Re: RESOLVED: suddenly getting these in my mail.log: dsn=4.4.3, status=deferred (Host or domain name not found. Name service error for name=external.com type=MX: Host not found, try again)

2011-03-02 Thread Kenneth Marshall
On Tue, Mar 01, 2011 at 07:00:43PM -0600, /dev/rob0 wrote: [ top-posting fixed, please don't do that ] On Tue, Mar 01, 2011 at 05:34:50PM -0700, Jeff Orrok wrote: On 3/1/2011 4:57 PM, Wietse Venema wrote: See: http://www.postfix.org/DEBUG_README.html#no_chroot and please complain to

Re: Duplicate E-mails with a mbox Implementation

2010-11-16 Thread Kenneth Marshall
I think you need to define an alias-owner for each alias that needs the members to be tracked individually, like a mailing list. Otherwise, some batching of addresses is used with the observed results. Cheers, Ken On Tue, Nov 16, 2010 at 12:37:15PM -0300, Mariel Sebedio wrote: Here is a better

Re: Trying to use prepared statements in PostgreSQL queries

2010-11-01 Thread Kenneth Marshall
It might be worth checking out the pre_prepare module: http://preprepare.projects.postgresql.org/README.html Cheers, Ken On Mon, Nov 01, 2010 at 08:45:17PM +0100, Jeroen Geilman wrote: On 11/01/2010 08:40 PM, Patrick Ben Koetter wrote: Jeroen, thanks for the detailed answer. Please read my

Re: why no configure script?

2010-08-04 Thread Kenneth Marshall
On Wed, Aug 04, 2010 at 12:23:13PM -0500, Jay G. Scott wrote: what's the deal w/ no configure script? you do know that you DON'T NEED autoconf/automake to install, right? they're not hiding behind that old dodge, are they? i'm so sick of that. if i supply a configure script, will you

Re: why no configure script?

2010-08-04 Thread Kenneth Marshall
On Wed, Aug 04, 2010 at 01:40:29PM -0400, Brian Evans - Postfix List wrote: On 8/4/2010 1:23 PM, Jay G. Scott wrote: what's the deal w/ no configure script? you do know that you DON'T NEED autoconf/automake to install, right? they're not hiding behind that old dodge, are they? i'm so sick

Re: why no configure script?

2010-08-04 Thread Kenneth Marshall
On Wed, Aug 04, 2010 at 12:50:36PM -0500, Jay G. Scott wrote: On Wed, Aug 04, 2010 at 01:40:29PM -0400, Brian Evans - Postfix List wrote: On 8/4/2010 1:23 PM, Jay G. Scott wrote: what's the deal w/ no configure script? you do know that you DON'T NEED autoconf/automake to install, right?

Re: Better spam filter for postfix

2010-07-16 Thread Kenneth Marshall
On Fri, Jul 16, 2010 at 02:55:17PM +0200, Mikael Bak wrote: Steve wrote: [big snip] So you have made your point. You prefer (or are required) to have user in control. Yes. The big problem is that no solution out there is 100% accurate for all users. So the only way to make the user

Re: Better spam filter for postfix

2010-07-16 Thread Kenneth Marshall
On Fri, Jul 16, 2010 at 08:06:11PM +0200, Steve wrote: Original-Nachricht Datum: Fri, 16 Jul 2010 08:09:54 -0500 Von: Kenneth Marshall k...@rice.edu An: Mikael Bak mik...@t-online.hu CC: postfix-users@postfix.org Betreff: Re: Better spam filter for postfix On Fri

Re: Too aggressive

2010-06-11 Thread Kenneth Marshall
On Fri, Jun 11, 2010 at 01:48:53PM +0100, Simon Waters wrote: On Friday 11 June 2010 13:30:44 Curtis Maurand wrote: currently I have in my smtpd_client_restrictions: ... reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, permit Is flat out rejecting clients on the

Re: Rate Limiting

2010-05-19 Thread Kenneth Marshall
On Wed, May 19, 2010 at 07:03:12AM -0400, Charles Marcus wrote: On 2010-05-19 6:33 AM, Stan Hoeppner wrote: Then just delete the 20K messages from the queue using postsuper within a script and reset the password on the compromised account. He wasn't asking how to delete the queued

Re: Postfix inbound message configuration

2010-05-03 Thread Kenneth Marshall
On Mon, May 03, 2010 at 05:50:05PM +, Trier, James wrote: Hi, I'm standing up Postfix to intercept inbound email to a particular domain. What I'd like to do is take the inbound emails that reach this Postfix host, regardless of its final destination address, and place them on the file

Re: smtpd ldap query causes session to hang with postfix 2.6.2

2010-04-29 Thread Kenneth Marshall
On Thu, Apr 29, 2010 at 01:53:37PM +, Charles Account wrote: Hi, We have a situation where LDAP query is resulting in a LDAP 80 level errorduring a domain lookup. Yes I understand we need to fix this problem. However, the side effect we see is the client's SMTP session hangs. Over a

Re: Auto blacklist email addresses

2010-03-29 Thread Kenneth Marshall
On Mon, Mar 29, 2010 at 09:34:56PM +0200, Josep M. wrote: Hello. One spammer has tried about 300 times send me email, always from the same address, but from about 20 different IP . Never pass verify sender, always get 450 errormy question is...when one email fail postfix verify_sender

Re: How to limit # of messages for one destination in the active queue?

2010-03-19 Thread Kenneth Marshall
What about setting a second instance up to use for your slow destinations. Then you can route to that instance from your production instance and keep those messages from impacting the faster sites. Cheers, Ken On Fri, Mar 19, 2010 at 03:58:42PM +0100, Attila Nagy wrote: Hello, I have a

Re: reroute mail based on headers

2010-03-17 Thread Kenneth Marshall
Can you use a pcre/regex map instead? Ken On Wed, Mar 17, 2010 at 04:53:37PM -0400, Ryan Suarez wrote: Noel Jones wrote: On 3/17/2010 3:35 PM, Ryan Suarez wrote: Greetings, I would like to reroute mail for all our recipients if a certain header is present. Eg. Mail to 'm...@mydomain.org'

Re: SOLVED: rbl check being skipped - Postfix logs no error on NXDOMAIN, does on SERVFAIL

2010-01-22 Thread Kenneth Marshall
On Fri, Jan 22, 2010 at 08:34:35AM -0600, Stan Hoeppner wrote: Mikael Bak put forth on 1/22/2010 7:50 AM: Stan Hoeppner wrote: 1. Spamhaus has banned Google Public DNS resolver queries. Stan, Do you have a good enough reason to not run your own name resolver on your front MX

Re: 3000 recipients

2010-01-04 Thread Kenneth Marshall
On Sun, Jan 03, 2010 at 10:00:32PM +0100, richard lucassen wrote: On Sun, 3 Jan 2010 14:28:11 -0600 Kenneth Marshall k...@rice.edu wrote: [mlm] I will second that using a real MLM is usually a much, much better option that will allow you to prevent collateral damage to your mail

Re: anti spam measures

2010-01-04 Thread Kenneth Marshall
On Mon, Jan 04, 2010 at 05:40:29PM -0500, Roman Gelfand wrote: Well, it looks like, perhaps, I found the missing link. After adding s25r rules and HELO response verification in main.cf, no spam has siped through. I think that mostly it was HELO response verification that did it. BTW, is

Re: anti spam measures

2010-01-03 Thread Kenneth Marshall
On Sun, Jan 03, 2010 at 10:02:32AM -0500, Roman Gelfand wrote: I am running postfix with anti spam filter (policyd-weight, sqlgrey, grossd, dkim, senderid-milter, dspam) . With this configuration, I am down to under 10 spams a day. Looking at my backend server which is exchange 2007, I find

Re: 3000 recipients

2010-01-03 Thread Kenneth Marshall
On Sun, Jan 03, 2010 at 09:14:03PM +0100, richard lucassen wrote: On Sun, 03 Jan 2010 19:57:41 + Mark Goodge m...@good-stuff.co.uk wrote: I want to send once a week a simple mail to a list of 3000 recipients. I can set smtpd_recipient_limit and smtpd_recipient_overshoot_limit to

Re: 3000 recipients

2010-01-03 Thread Kenneth Marshall
On Sun, Jan 03, 2010 at 08:23:50PM +, Mark Goodge wrote: richard lucassen wrote: On Sun, 03 Jan 2010 19:57:41 + Mark Goodge m...@good-stuff.co.uk wrote: I want to send once a week a simple mail to a list of 3000 recipients. I can set smtpd_recipient_limit and

Re: does order of postscreen_* params matter?

2009-12-09 Thread Kenneth Marshall
On Wed, Dec 09, 2009 at 03:42:30PM -0500, Wietse Venema wrote: Len Conrad: postconf -n | egrep postscreen postscreen_blacklist_action = drop postscreen_blacklist_networks = mysql:/usr/local/etc/postfix/mysql-mta_clients_b.cf ... postscreen_whitelist_networks = $mynetworks,

Re: how to increase throughput of postfix to local user?

2009-11-05 Thread Kenneth Marshall
On Fri, Nov 06, 2009 at 02:19:34AM +0300, devel anaconda wrote: Hello everybody! I have a high-performance server (dual quad-core Xeon 2.8Ghz + 16GB RAM + 2SCSI disks 140Gb), RedHat Enterprise Linux 5.4, software RAID1 + Postfix 2.5.9. This server serves only smtp traffic. The only thing

Re: how to increase throughput of postfix to local user?

2009-11-05 Thread Kenneth Marshall
On Thu, Nov 05, 2009 at 04:03:13PM -0800, Corey Chandler wrote: Kenneth Marshall wrote: Your system is not a high-performance server I/O-wise. Your two disks can only handle 200-300 fsync's to disk per second and postfix will always sync your mail to disk before passing it on for local

Re: How to override an MX value for a particular domain only?

2009-11-04 Thread Kenneth Marshall
On Wed, Nov 04, 2009 at 03:26:07PM -0800, Seth Mattinen wrote: Eric B. wrote: Is there no way to direct Postfix to a different DNS server (as opposed to the ones specified in resolve.conf) either for a particular domain, or for all domains altogether? No, that's outside of the

Re: Weird postfix looping for some emails

2009-09-09 Thread Kenneth Marshall
Hi Preston, Your delivery looks normal. You need to logs from the other end of the connection that is re-trying the message incorrectly. Maybe they are not seeing the final response do to a firewall issue or your delivery is part of a group that is retried because someone else's delivery in the

Re: transport maps using from address field filtering

2009-07-24 Thread Kenneth Marshall
On Fri, Jul 24, 2009 at 11:50:19AM -0400, Etienne Simard wrote: Hi, I must have been searching at the wrong place or using the wrong keywords as I have been trying to find how to correctly transport to a particular smtp relay or have postfix do a MX query based on the from address field. I

Re: policyd-weight and postgrey: which should work first?

2009-07-10 Thread Kenneth Marshall
On Thu, Jul 09, 2009 at 05:15:41PM -0400, Michael Orlitzky wrote: Ignacio Garcia wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi there. We use both postgrey and policyd-weight to block spam. policyd-weight checks against several RBL and DNSBL so each time a mail is received several

Re: delivering mail to one host to another port

2009-05-22 Thread Kenneth Marshall
On Fri, May 22, 2009 at 08:41:45PM +0200, martin f krafft wrote: also sprach Wietse Venema wie...@porcupine.org [2009.05.22.2010 +0200]: Is it possiblew to instruct postfix to always deliver to a different port when it tries to connect to a specific machine? iptables is not an

Re: Centralized Logging Server

2009-05-18 Thread Kenneth Marshall
rsyslog can log directly to a database backend. Cheers, Ken On Mon, May 18, 2009 at 08:57:33PM +0530, Ashwin Muni wrote: Thanks Luigi for the reply can you please tell me how to parse rsyslog to get the desired results using pglogsumm. Thanks in Advance On Mon, May 18, 2009 at 5:07 PM,

Re: limit outgoing smtp connections

2009-05-13 Thread Kenneth Marshall
Use a policyd. Cheers, Ken On Wed, May 13, 2009 at 09:53:25PM +0200, Magnus B?ck wrote: On Wednesday, May 13, 2009 at 20:54 CEST, richard lucassen mailingli...@lucassen.org wrote: IIRC there's a limit for limiting outgoing smtp connections. I just can't find it. Anyone a hint?

Re: limit outgoing smtp connections

2009-05-13 Thread Kenneth Marshall
On Wed, May 13, 2009 at 03:59:58PM -0400, Victor Duchovni wrote: On Wed, May 13, 2009 at 02:57:44PM -0500, Kenneth Marshall wrote: IIRC there's a limit for limiting outgoing smtp connections. I just can't find it. Anyone a hint? Use a policyd. No, policy daemons are only

Re: DNS lookups not working?

2009-02-10 Thread Kenneth Marshall
On Tue, Feb 10, 2009 at 09:50:26PM +0800, jan gestre wrote: On Tue, Feb 10, 2009 at 7:44 PM, Wietse Venema wie...@porcupine.org wrote: David Cottle: [ Charset ISO-8859-1 unsupported, converting... ] -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 All, I see this a lot in my mail.log

Re: stripping null characters

2009-02-04 Thread Kenneth Marshall
On Wed, Feb 04, 2009 at 09:08:57AM -0500, Cory Coager wrote: We have a mainframe client sending emails with the body containing null characters. I found the message_strip_characters and message_reject_characters options could resolve this issue but I'm wondering if

Re: Having problem with SMTP AUTH

2009-01-12 Thread Kenneth Marshall
You need to turn on TLS to encrypt you connection and ask again. Cheers, Ken On Mon, Jan 12, 2009 at 05:21:13PM -0500, postmas...@klam.ca wrote: This may be a duplicate request, if so sorry but its been a bad day so far! I don't seem to be able to get SMTP Auth to work. I have read the

Re: RBL

2008-10-22 Thread Kenneth Marshall
There is/was a piece of software written by the author of the DSPAM program called RABL with a server and a client piece. I think that it would do what you need. Ken On Wed, Oct 22, 2008 at 10:12:41AM -0400, Joey wrote: Hello All, Does anyone have a good reference of how to create my own

Re: Greylist query...

2008-10-07 Thread Kenneth Marshall
On Tue, Oct 07, 2008 at 02:58:52PM +0200, mouss wrote: Johan Andersson wrote: Hi, We are thinking to implement some form of greylisting at one of our sites and wonder which one of the many flavors out there that this group have found reliable? I know postfix has its builting one from a

Re: Greylist query...

2008-10-07 Thread Kenneth Marshall
On Tue, Oct 07, 2008 at 01:44:25PM +0200, Johan Andersson wrote: Hi, We are thinking to implement some form of greylisting at one of our sites and wonder which one of the many flavors out there that this group have found reliable? I know postfix has its builting one from a while back, but