Datum: Sat, 21 May 2011 00:57:23 +0200
Von: Reindl Haraldh.rei...@thelounge.net
Organisation: the lounge interactive design
An: Mailing-List postfixpostfix-users@postfix.org
i need a little help
the following line should filter spam to ivalid rcpt works fine, see
first log-message, but is
Stan Hoeppner Monday, April 11, 2011 4:43 PM
pf at alt-ctrl-del.org put forth on 4/10/2011 10:33 PM:
My thought on auto combating this is to use a CIDR list to kick these
networks (and only these networks) over to a greylist policy that delays
these emails for 4+ hours. By then, most
Has anyone implemented or experimented with selectively greylisting specific networks, with a long delay? Let's say 4
hours...
If so, what are your results?
Background:
1. Greylisting seems to have lost much of its value, and I stopped using it
about a year ago.
2. By using and monitoring the
Stan Hoeppner March 31, 2011 12:41 PM
D G Teed put forth on 3/31/2011 10:21 AM:
I'd like some idea of what real world values would be useful, or additional
suggestions
on how to make the performance less attractive to users of compromised
accounts.
When you find a reasonable and effective
Wietse Venema
Example:
/etc/postfix/main.cf:
smtpd_reject_contact_information = For assistance, call
800-555-0101
Server response:
550-5.5.1u...@examplegt: Recipient address rejected: User unknown
550 5.5.1 For assistance, call
Jeroen Geilman:
On 1/4/11 8:32 PM, pf at alt-ctrl-del.org wrote:
The only rejects that I get calls or emails about are:
reject_non_fqdn_helo_hostname,
reject_unknown_helo_hostname,
reject_unknown_client_hostname,
Don't blindly use that. It causes a LOT of false positives
Wietse Venema:
Yaoxing:
True but there got to be some easy way to export that list, otherwise
I'll have to delete the dead mails from our database manually from time
to time. Any ideas how I can get everything work fluently? I mean, for
example, every several days I get all dead mail
I'm phasing in usage of reject_unknown_client_hostname.
Since I'm in the U.S., I'm giving ripe, apnic, lacnic and afrinic /8's the harsh treatment of
reject_unknown_helo_hostname,reject_unknown_client_hostname. But I can't get away with using
reject_unknown_client_hostname on all of the US or
On 2010-10-18 9:58 PM, Steve Jenkins wrote:
The instructions at http://www.postfix.org/BACKSCATTER_README.html
seem to only address what to do if MY server is the one being
forged. In the above example, it seems that procom.ca is being
forged. How should I configure my Postfix installation so
Are inline comments in map files ok to use? Will they break anything?
check_reverse_client_hostname_access...
/sip\..*\.bellsouth.net$/ DUNNO #static.bellsouth address
I don't see any errors in the log, but I don't want to create a nightmare later.
On 10/13/2010 10:08 PM, pf at alt-ctrl-del.org wrote:
I've used postfix as an incoming anti-spam gateway for several
years. Now, I'm experimenting with an additional postfix'n +
policydV2 as an outbound gateway for another mail server.
mynetworks = 127.0.0.0/8, PO.ST.FIX.IP, MAIL.SER.VER.IP
I've used postfix as an incoming anti-spam gateway for several years. Now, I'm experimenting with an additional
postfix'n + policydV2 as an outbound gateway for another mail server.
mynetworks = 127.0.0.0/8, PO.ST.FIX.IP, MAIL.SER.VER.IP
smtpd_helo_restrictions = permit_mynetworks
On 10/04/2010 06:25 PM, pf at alt-ctrl-del.org wrote:
On 10/04/2010 02:48 PM, pf at alt-ctrl-del.org wrote:
Are there any existing scripts out there, that report connection counts by cidr
network?
Input:?
parse.pl /var/log/mail cidr_list.zone
Output:?
network count
Are there any existing scripts out there, that report connection counts by cidr
network?
Input:?
parse.pl /var/log/mail cidr_list.zone
Output:?
network count
10.10.128.0/19 983
10.144.48.0/20 121
On 10/04/2010 02:48 PM, pf at alt-ctrl-del.org wrote:
Are there any existing scripts out there, that report connection counts by cidr
network?
Input:?
parse.pl /var/log/mail cidr_list.zone
Output:?
network count
10.10.128.0/19 983
10.144.48.0/20 121
On 10
After all tests have been passed and Postfix decides to accept an email, I'd like to selectively BCC some email for
later (manual) inspection. But I don't want to hold that mail.
BCC isn't available in Access, stable.
Can always_bcc, recipient_bcc_maps or, sender_bcc_maps be called\applied\set
Jeroen Geilman wrote:
On 09/28/2010 11:44 PM, motty.cruz wrote:
Hello,
When a client has a typo in the recipient email address it takes 5 days for
my SMTP server to notify that the user does not exist or was unable to
deliver email. Any idea where to change the option to make it more reliable.
Michael Orlitzky September 23, 2010 9:37 PM
We run a private RBL, jerks.viabit.com, and check against it as well as
four other lists at SMTP time. Occasionally, I'll get a false positive
due to blocking an entire /24 and want to whitelist them from our
private RBL check but not against e.g.
Eugene V. Boontseff, September 18, 2010 5:10 PM
CheckRelayRecipient = reject_unverified_recipient, permit
If the main destination server is not working, mail is rejected with the
folowing reason:
Recipient address rejected: unverified address: connect to host.domain.tld
[xx.xxx.xxx.xx]:25:
Peter Evans, September 12, 201
I feel unloved. Why, are you getting nothing but deai spam from us?
You might as well block .info at least there is a deserving case.
I hear .com is full of spammers too.
I'd say that a .info helo or .info rdns as a spam test, has a higher hit (and
accuracy)
Noel Jones August 23, 2010
* p...@alt-ctrl-del.orgp...@alt-ctrl-del.org:
I find that a lot of spam comes from recently registered, throw away
domains. The new domain may be used as the sender, hostname, or name
server.
Are there any rbl type lists that block fresh domains, for the first
10-15
post...@corwyn.net, September 12, 2010
in fact, yes. (at least, nothing but spam). My company simply...
ps: ^_^ for the hard of humour.
post...@corwyn.net wrote:
what I'd like to do is block all emails from individual contries based on
sender email address (.au, .jp, etc)
check_helo_access regexp:/etc/postfix/map_tld
check_reverse_client_hostname_access regexp:/etc/postfix/map_tld
check_sender_access
Am I missing something obvious?
With many ISPs providing generic PTR, reject_unknown_reverse_client_hostname
is too gentle.
I'd really like to implement reject_unknown_client_hostname, but I've seen
too many cases where address-name mapping = exists, the name-address
mapping = exists, BUT
On 2010-08-31 4:45 PM, Charles Marcus wrote:
Yep, in that it shows why I really should read all of a post before
asking questions about it.
I was only looking at the one example line you included in the body - I
neglected the last part about the *file* to download that contained all
of the
Is there any known policy server or add-on, that will change the tempfail
action after a couple of hours, for things like
reject_unknown_client_hostname and reject_unknown_client_hostname?
Sending a reject has problems. I don't want to flat out reject, based on a
temp error.
Sending a 450 has
Is there any known policy server or add-on, that will change the tempfail
action after a couple of hours, for things like
reject_unknown_client_hostname and reject_unknown_client_hostname?
Sending a reject has problems. I don't want to flat out reject, based on a
temp error.
Sending a 450 has
Noel Jones, August 27, 2010 3:56 PM:
On: August 27, 2010 2:23 PM, I wrote:
Is there any known policy server or add-on, that will change
the tempfail action after a couple of hours, for things like
reject_unknown_client_hostname and
reject_unknown_client_hostname?
I guess it would be an
Wietse:
pf at alt-ctrl-del.org:
Noel Jones, August 27, 2010 3:56 PM:
On: August 27, 2010 2:23 PM, I wrote:
Is there any known policy server or add-on, that will change
the tempfail action after a couple of hours, for things like
reject_unknown_client_hostname
Wietse:
Postfix already replies with a 5XX for an NXDOMAIN result.
pf at alt-ctrl-del.org:
nslookup mailserver.jtl.co.in
google-public-dns-a.google.com can't find
mailserver.jtl.co.in: Non-existent
domain
NOQUEUE: reject: RCPT from
outgoing.jeevantechnologies.com[61.12.114.170]:
450 4.7.1
On 8/22/2010 11:42 AM, p...@alt-ctrl-del.org wrote:
On Sunday, August 22, 2010 at 16:01 CEST,
p...@alt-ctrl-del.org wrote:
Reading RESTRICTION_CLASS_README confused me as to whether
adding a Restriction (or a defined smtpd_restriction_classes
group), to the right side of an access table,
31 matches
Mail list logo