Σχετ: Σχετ: Implement SMTP Auth in a non-disruptive way?
Please do not top-post on this list. I wrote: I this is a good spot for the standard response of please don't tell us what your proposed solution is, please tell us what is the problem you are trying to solve. In other words, why do you suddenly need SMTP AUTH (and I'm assuming here you want it even for clients in $mynetworks) and what is the problem you think making it required will solve? Peter Tselios replied: Well, There are a number of reasons. Like for example, stopping emails from non-existed users, or stopping email bombing from zombie PCs. The majority of emails in the queues of my MTA is backscatter and one of the ways to reduce it is SMTP Auth. Backscatter is a symptom of another problem. Fix that problem rather than trying to block the symptom. More important thought is the need to enable access to the MTA from other networks too, so, I need the SMTP AUTH. How does that affect hosts in $mynetworks? You can have SMTP AUTH turned on but still allow unauthenticated mail from hosts within $mynetworks. -- Larry Stone lston...@stonejongleux.com http://www.stonejongleux.com/ The point it to block spam originating from zombie PCs in my networks. I already allow traffic from $mynetworks but that, unfortunately, includes spam. So, the point is to reduce that emails.
Σχετ: Implement SMTP Auth in a non-disruptive way?
Well, There are a number of reasons. Like for example, stopping emails from non-existed users, or stopping email bombing from zombie PCs. The majority of emails in the queues of my MTA is backscatter and one of the ways to reduce it is SMTP Auth. More important thought is the need to enable access to the MTA from other networks too, so, I need the SMTP AUTH. - Αρχικό μήνυμα - Απο: Larry Stone lston...@stonejongleux.com Προς: Peter Tselios s91...@yahoo.gr Κοιν.: Postfix Users postfix-users@postfix.org Στάλθηκε: 4:32 μ.μ. Τετάρτη, 8 Φεβρουαρίου 2012 Θεμα: Re: Implement SMTP Auth in a non-disruptive way? On Wed, 8 Feb 2012, Peter Tselios wrote: So far I have not implemented SMTP Auth for various reasons (on of them was the fact that I had no Postfix installed). Anyway, I would like to implement it, but since I have a relatively large base (200K emails), I would like to do it in a non-disruptive way. I was thinking to implement something like a bounce message for each outgoing mail without authentication. That message will not stop the delivery of the email, but it will, simply, inform unauthenticated users about the fact that in a few days they will be forced to do so. When D-day comes, I would like to return to unauthenticated users a custom DSN, not the build-in error. Is there any way to do it? If not, is there any other way to do it? I this is a good spot for the standard response of please don't tell us what your proposed solution is, please tell us what is the problem you are trying to solve. In other words, why do you suddenly need SMTP AUTH (and I'm assuming here you want it even for clients in $mynetworks) and what is the problem you think making it required will solve? -- Larry Stone lston...@stonejongleux.com
Σχετ: Implement SMTP Auth in a non-disruptive way?
Well, I believe you meaning: reject_unauthenticated_sender_login_mismatch. I tried that on my test env, but I did not add the permit_sasl_authenticated and I had issues. Now, it's better, thanks! I still need the DSN style message back for those users and I hope to have some ideas. - Αρχικό μήνυμα - Απο: Jose Ildefonso Camargo Tolosa ildefonso.cama...@gmail.com Προς: Postfix Users postfix-users@postfix.org Κοιν.: Στάλθηκε: 5:49 π.μ. Πέμπτη, 9 Φεβρουαρίου 2012 Θεμα: Re: Implement SMTP Auth in a non-disruptive way? Greetings, Reindi, search through postfix docs for that: + permit_sasl_authenticated + permit_mynetworks (play with the mynetworks definition, so, initially you allow all mail from your local network, and when *all* of your users moved to new authenticated schema, you just removed local network from here) That one is not so important, but I have found it really useful in my environment: + reject_authenticated_sender_login_mismatch (this is an interesting one, that you can later replace with: reject_sender_login_mismatch ... now, I use LDAP with all of this). I am a little in a hurry now, but if you read the docs you may get the idea. I hope this helps, Ildefonso Camargo.
Stress Test Postfix
Hallo, I have 2 postfix setup with openLDAP as back ends. I need to stress test my configuration. I tried with the smtp-source but I don't know it is OK to test with 1 connection or more. How is postfix handles the connections with the smtp-source? Is it reliable? I mean, if I use 200 connections on the smtp-source, does that mean that I simulate 200 concurrent connections, from different users, on the postfix? B/R Peter.
SMTP Auth question
Hallo, I would to like to enable SMTP authentication, as an option feature for our users, but I have some questions before doing so. 1st: Is it possible to enable it, without Cyrus of Dovecot? I do not want to install Cyrus of Dovecot on my gateway. 2nd: As far as I understand, there is an option to use SMTP auth for mail submission only. Right? Thanks, Peter
Σχετ: SMTP Auth question
Thank you Brian, Sorry, to bug you, but, do you have any link to read how to enable the SMTP Auth? My plan is to enable it (first for selected users and later for all users (in the openLDAP). All how-tos I have found so far are with Cyrus or Dovecot. P. - Αρχικό μήνυμα - Απο: Brian Evans - Postfix List grkni...@scent-team.com Προς: postfix-users@postfix.org Κοιν.: Στάλθηκε: 8:08 μ.μ. Τετάρτη, 30 Νοεμβρίου 2011 Θεμα: Re: SMTP Auth question On 11/30/2011 12:55 PM, Peter Tselios wrote: Hallo, I would to like to enable SMTP authentication, as an option feature for our users, but I have some questions before doing so. 1st: Is it possible to enable it, without Cyrus of Dovecot? I do not want to install Cyrus of Dovecot on my gateway. You need either Cyrus SASL or Dovecot for Postfix to enable SMTP AUTH. You do NOT need Cyrus IMAP or other services 2nd: As far as I understand, there is an option to use SMTP auth for mail submission only. Right? You choose how you want to use it. Many administrators enforce (require) SASL on the submission port (587) as well as options to use TLS. Brian
Σχετ: Anyone solely using SMTP Auth for outbound mail?
Well, since I plan to move into the Postfix wagon, from scratch, I want to learn more about the 587 port submission and the blockage of port 25 for that. What are the best practices on the matter? Are there any documents on that? Soren how do you implement it? P. Απο: Michael Orlitzky mich...@orlitzky.com Προς: postfix-users@postfix.org Στάλθηκε: 5:19 π.μ. Τρίτη, 19 Ιουλίου 2011 Θεμα: Re: Anyone solely using SMTP Auth for outbound mail? On 07/18/2011 06:35 PM, mouss wrote: Le 18/07/2011 19:40, Søren Schrøder a écrit : I'm doing a 1.5M accounts setup with smtp-auth (submission tcp/587 using postfix with dovecot-auth) and a plain smtp/25 for an allowed range of IP's for our fixed IP customers The backend is openldap/postfix/dovecot are you a (relatively) large ISP? if so, how did you move to the submission part? I am not asking about the tech part, but about the customer relationship part. your experience may be helpful to others. Whenever you get a support call, mention that you have a new, faster, server with more space and you're willing to upgrade them for free; all they'll have to do is change a few settings.
Large ISP which use Postfix
Hallo, I need to prepare a presentation for my company because we plan to deploy a new mail system. I need to know the names of some medium to large ISPs that uses Postfix as their SMTP server. Do you know where I can find that information? Thanks Peter
Σχετ: Large ISP which use Postfix
I did that. But the are sendmail fans :) I need postfix fans/users! P. Απο: Janantha Marasinghe janan...@janantha.net Προς: Peter Tselios s91...@yahoo.gr Κοιν.: postfix-users@postfix.org postfix-users@postfix.org Στάλθηκε: 3:00 μ.μ. Πέμπτη, 14 Ιουλίου 2011 Θεμα: Re: Large ISP which use Postfix Simple. 1. List the mail servers of the large ISPs in your country. 2. do a dig yourispdomainnamewithoutwww mx This will give you the mail exchange records or better known as the mail server domain names 3. Do telnet mailserverdomainname 25 In that you may get postfix in the banner. (however some may hide the mail server type used) On 7/14/2011 5:28 PM, Peter Tselios wrote: Hallo, I need to prepare a presentation for my company because we plan to deploy a new mail system. I need to know the names of some medium to large ISPs that uses Postfix as their SMTP server. Do you know where I can find that information? Thanks Peter
Σχετ: Large ISP which use Postfix
Well, I will be based on my current hardware setup, because it seems to be OK. I have a 25%-50% utilization on the relay servers and nearly 100% on some really old SUN Sparc that I will replace with newer Xeons. Anyway, in case the upper management approve that, I will post some more info. I really thank you for your offer. P. Απο: Patrick Ben Koetter lt;p...@state-of-mind.degt; Προς: postfix-users@postfix.org Στάλθηκε: 3:53 μ.μ. Πέμπτη, 14 Ιουλίου 2011 Θεμα: Re: Large ISP which use Postfix * Peter Tselios lt;s91...@yahoo.grgt;: gt; I need to prepare a presentation for my company because we plan to gt; deploy a new mail system. I need to know the names of some medium to large gt; ISPs that uses Postfix as their SMTP server. Do you know where I can find gt; that information? We run Postfix at python.org: lt;http://mail.python.org/cgi-bin/mailgraph.cgigt; Can you post some of your requirements? We might be able to comment on that and give an estimate of what would need to be done. p@rick -- All technical questions asked privately will be automatically answered on the list and archived for public access unless privacy is explicitely required and justified. saslfinger (debugging SMTP AUTH): lt;http://postfix.state-of-mind.de/patrick.koetter/saslfinger/gt;
Σχετ: Large ISP which use Postfix
That would be good to know, just for statistical reasons Just to note, that I am stunned from your prompt answers, guys thank you all! P. Απο: Frank Bonnet f.bon...@esiee.fr Προς: postfix-users@postfix.org Στάλθηκε: 8:08 π.μ. Παρασκευή, 15 Ιουλίου 2011 Θεμα: Re: Large ISP which use Postfix Anyone knows what Google or Hotmail use ? Le 15/07/2011 00:55, Stan Hoeppner a écrit : On 7/14/2011 6:58 AM, Peter Tselios wrote: Hallo, I need to prepare a presentation for my company because we plan to deploy a new mail system. I need to know the names of some medium to large ISPs that uses Postfix as their SMTP server. Do you know where I can find that information? It may be worth noting that the open source Zimbra integrated messaging suite uses Postfix as its MTA component. Some noteworthy Postfix using sites in the USA: 1. Stanford University's 4 MX hosts run Postfix http://www.stanford.edu One of the leading research universities in US Cisco Systems powers the internet and was born at Stanford: http://www.stanford.edu/group/wellspring/cisco_spotlight.html Current enrollment 19,535 Graduate students 12,595 mx2.stanford.edu. 1800 IN A 171.67.219.72 mx3.stanford.edu. 1800 IN A 171.67.219.73 mx4.stanford.edu. 1800 IN A 171.67.219.74 mx1.stanford.edu. 1800 IN A 171.67.219.71 2. NASA's 6 MX hosts run Postfix http://www.nasa.gov ndmsnpf02.ndc.nasa.gov. 600 IN A 198.117.0.122 ndjsnpf03.ndc.nasa.gov. 600 IN A 198.117.1.123 ndjsnpf01.ndc.nasa.gov. 600 IN A 198.117.1.121 ndmsnpf03.ndc.nasa.gov. 600 IN A 198.117.0.123 ndmsnpf01.ndc.nasa.gov. 600 IN A 198.117.0.121 ndjsnpf02.ndc.nasa.gov. 600 IN A 198.117.1.122 I don't have time currently to research/confirm others, but there are many high profile and medium to high volume mail sites in the US running Postfix both at the edge and internally. Though the fact that AOL alone, which handles millions of emails per day, is using Postfix should provide ample backing to your proposal to use Postfix. These above are simply icing on the cake.