On Fri, 22 Oct 2010 23:35:18 -0400
Sahil Tandon sa...@freebsd.org articulated:
If you want to write something, I can throw it in the comments, but I
do not want to actually support this script. It is intended only
for people who know how to use it.
I agree. A system's administrator that
On 20/10/10 04:35, Stan Hoeppner wrote:
Jeroen Geilman put forth on 10/19/2010 8:09 PM:
You're missing some of the better spam prevention methods here, such as
decent HELO checks, and an RBL or two.
I'd suggest at least adding reject_unknown_reverse_client_hostname in
there, as well as
smtpd_recipient_restrictions =
permit_mynetworks
permit_sasl_authenticated,
reject_unauth_destination
...
reject_rbl_client zen.spamhaus.org
reject_rbl_client psbl.surriel.com
reject_rhsbl_client dbl.spamhaus.org
On 22/10/10 19:55, Stan Hoeppner wrote:
Ned Slider put forth on 10/22/2010 10:50 AM:
On 20/10/10 04:35, Stan Hoeppner wrote:
Jeroen Geilman put forth on 10/19/2010 8:09 PM:
You're missing some of the better spam prevention methods here, such as
decent HELO checks, and an RBL or two.
I'd
Ned Slider put forth on 10/22/2010 2:53 PM:
I guess we can agree to disagree - I simply wanted to highlight the fact
that using such rules can result in ham being blocked, regardless of how
you want to define that.
I think we may be disagreeing on terminology definitions Ned, but we
On Fri, 2010-10-22 at 13:55:49 -0500, Stan Hoeppner wrote:
[ .. ]
http://people.freebsd.org/~sahil/scripts/checkdbl.pl.txt
Just so we are all on the same page: use with caution!
Sahil, if you're reading this, you may want to consider adding some
basic instructions on installing cpan and the
Brian Evans - Postfix List put forth on 10/20/2010 12:57 PM:
In your opinion, would check_reverse_client_hostname_access (Postfix
2.6+) work better here?
Many dynamic zombies don't always resolve forward.
Operationally it probably won't make a difference as most ISPs who
bother to assign rdns
On 10/21/2010 05:16 AM, Steve Jenkins wrote:
Jeroen Geilman said:
Make sure you understand the difference between
smtpd_reject_unknown_helo_hostname and
smtpd_reject_unknown_[reverse_]client_hostname.
Ok -- here's what I understand them each to be:
- reject_unknown_helo_hostname will
-us...@postfix.org
[mailto:owner-postfix-us...@postfix.org] On Behalf Of pf at alt-ctrl-del.org
Sent: Tuesday, October 19, 2010 8:04 AM
To: postfix-users@postfix.org
Subject: Re: Fighting Backscatter
On 2010-10-18 9:58 PM, Steve Jenkins wrote:
The instructions at http://www.postfix.org
On 10/20/2010 05:41 AM, Steve Jenkins wrote:
Jeroen said:
My personal server uses:
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
On 10/19/2010 11:35 PM, Stan Hoeppner wrote:
Jeroen Geilman put forth on 10/19/2010 8:09 PM:
You're missing some of the better spam prevention methods here, such as
decent HELO checks, and an RBL or two.
I'd suggest at least adding reject_unknown_reverse_client_hostname in
there, as well as
Jeroen Geilman said:
Make sure you understand the difference between
smtpd_reject_unknown_helo_hostname and
smtpd_reject_unknown_[reverse_]client_hostname.
Ok - here's what I understand them each to be:
-reject_unknown_helo_hostname will reject a request if the remote
mail server
Steve Jenkins:
Gotit. Thanks again for helping me out. I'm still learning.
So it seems I need to figure out how to stop the backscatter process at step
6 and NOT return the bounce to the original sender.
No. Solve the RIGHT problem. DO NOT forward SPAM.
Wietse
On 2010-10-18 9:58 PM, Steve Jenkins wrote:
The instructions at http://www.postfix.org/BACKSCATTER_README.html
seem to only address what to do if MY server is the one being
forged. In the above example, it seems that procom.ca is being
forged. How should I configure my Postfix installation so
* Charles Marcus cmar...@media-brokers.com:
As has been told to you more than once, the correct solution is simple...
1. Stop forwarding spam, or
As we all know that not really easily done. I might consider a mail
ham while other systems consider the mail to be spam.
The first step must be
2. Do not forward *any* emails, period.
That's probably the simplest solution :)
Wouldn't using an owner alias be a solution? (see expand_owner_alias).
You can set the owner alias of the forward to some internal address.
This internal address will only be used to 'suck-up' the bounces of
* martijn.list martijn.l...@gmail.com:
2. Do not forward *any* emails, period.
That's probably the simplest solution :)
Wouldn't using an owner alias be a solution? (see expand_owner_alias).
You can set the owner alias of the forward to some internal address.
This internal address
Wouldn't using an owner alias be a solution? (see expand_owner_alias).
You can set the owner alias of the forward to some internal address.
This internal address will only be used to 'suck-up' the bounces of
forwarded messages.
Interesting idea!
It works for me. I forward a copy of every
On 10/19/2010 7:00 AM, Ralf Hildebrandt wrote:
* martijn.listmartijn.l...@gmail.com:
2. Do not forward *any* emails, period.
That's probably the simplest solution :)
Wouldn't using an owner alias be a solution? (see expand_owner_alias).
You can set the owner alias of the forward to some
On 2010-10-18 9:58 PM, Steve Jenkins wrote:
The instructions at http://www.postfix.org/BACKSCATTER_README.html
seem to only address what to do if MY server is the one being
forged. In the above example, it seems that procom.ca is being
forged. How should I configure my Postfix installation so
-Original Message-
From: Wietse Venema [mailto:wie...@porcupine.org]
Sent: Tuesday, October 19, 2010 5:16 AM
To: Steve Jenkins
Cc: Postfix users
Subject: Re: Fighting Backscatter
Steve Jenkins:
Gotit. Thanks again for helping me out. I'm still learning.
So it seems I need to figure out
Subject: Re: Fighting Backscatter
Steve Jenkins:
Oh, and please don't top-post.
--
J.
...@postfix.org] On Behalf Of pf at alt-ctrl-del.org
Sent: Tuesday, October 19, 2010 8:04 AM
To: postfix-users@postfix.org
Subject: Re: Fighting Backscatter
On 2010-10-18 9:58 PM, Steve Jenkins wrote:
The instructions at http://www.postfix.org/BACKSCATTER_README.html
seem to only address what
From: owner-postfix-us...@postfix.org [owner-postfix-us...@postfix.org] On
Behalf Of Steve Jenkins [st...@stevejenkins.com]
Sent: Wednesday, 20 October 2010 10:52 AM
To: Postfix users
Subject: RE: Fighting Backscatter
I will gladly solve the RIGHT problem. The fact that I'm here looking
: Wietse Venema [mailto:wie...@porcupine.org]
Sent: Tuesday, October 19, 2010 5:16 AM
To: Steve Jenkins
Cc: Postfix users
Subject: Re: Fighting Backscatter
Steve Jenkins:
Oh, and please don't top-post.
--
J.
, 2010 7:10 PM
*To:* postfix-users@postfix.org
*Subject:* Re: Fighting Backscatter
Oh, and please don't top-post.
J.
And you're still top-posting.
--
J.
pointers on exactly how to do that?
Thanks again,
Steve
-Original Message-
From: Terry Gilsenan [mailto:terry.gilse...@interoil.com]
Sent: Tuesday, October 19, 2010 7:27 PM
To: Steve Jenkins; Postfix users
Subject: RE: Fighting Backscatter
From: owner-postfix-us...@postfix.org [owner-postfix
From: owner-postfix-us...@postfix.org [owner-postfix-us...@postfix.org] On
Behalf Of Steve Jenkins [st...@stevejenkins.com]
Sent: Wednesday, 20 October 2010 11:50 AM
To: Terry Gilsenan; Postfix users
Subject: RE: Fighting Backscatter
Hi, Terry. Again, very helpful advice presented in a way I
Well, let's say I can provide you with some pointers.
That doesn't absolve you of the responsibility to study the documentation
thoroughly.
Thank you nonetheless. I was starting to get the impression that doing
anything other than telling people to read the documentation was verboten.
;) I'm
Jeroen Geilman put forth on 10/19/2010 8:09 PM:
You're missing some of the better spam prevention methods here, such as
decent HELO checks, and an RBL or two.
I'd suggest at least adding reject_unknown_reverse_client_hostname in
there, as well as (testing out)
Jeroen said:
My personal server uses:
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_unknown_reverse_client_hostname,
warn_if_reject
reject_non_fqdn_helo_hostname,
Stan Hoeppner said:
This will probably be a big help to Steve.
Thanks, Stan. That fqrdns.pcre file rocks. Is that something you created?
May I share the link with others?
I had already added the spamhaus DBL checks (after Jeroen nudged me toward
their Zen IP blocklist), but Surriel PSBL is new
: Fighting Backscatter
Steve Jenkins:
Hi, Wietse. Thanks for the speedy reply. I'm a big fan of Postfix, so
first
of all, thank you for developing such a great product. I cringe thinking
about the days when I used to have to run Sendmail (shudder).
Ok... so let me see if I understand what
1) SpamCo forges a message from innoc...@victim.com and sends it to
mya...@familyname.com
2) My server (familyname.com) accepts the message because
mya...@familyname is a valid recipient that appears in my virtual
aliases file, then forwards the message (based on the info in that
virtual
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Le 18.10.2010 20:06, Wietse Venema a écrit :
1) SpamCo forges a message from innoc...@victim.com and sends it to
mya...@familyname.com
2) My server (familyname.com) accepts the message because
mya...@familyname is a valid recipient that appears
.
Thanks,
Steve
-Original Message-
From: owner-postfix-us...@postfix.org
[mailto:owner-postfix-us...@postfix.org] On Behalf Of Wietse Venema
Sent: Monday, October 18, 2010 12:07 PM
To: Postfix users
Subject: Re: Fighting Backscatter
1) SpamCo forges a message from innoc...@victim.com
On 10/18/2010 8:58 PM, Steve Jenkins wrote:
Gotit. Thanks again for helping me out. I'm still learning.
So it seems I need to figure out how to stop the backscatter process at step
6 and NOT return the bounce to the original sender.
The solution is to not forward spam to outside accounts.
Steve Jenkins:
I've read through the readme at:
http://www.postfix.org/BACKSCATTER_README.html
and thought I was doing everything right. but my personal mail server is
still getting listed at Backscatterer.org. :(
Have you looked in your logfile for mail from , that is sent by
your
] On Behalf Of Wietse Venema
Sent: Friday, October 15, 2010 8:28 AM
To: Postfix users
Subject: Re: Fighting Backscatter
Steve Jenkins:
I've read through the readme at:
http://www.postfix.org/BACKSCATTER_README.html
and thought I was doing everything right. but my personal mail server is
still
Steve Jenkins:
There are a few entries in there that seem to match the bill, but I'm
not sure I'm understanding what they're saying, or even what I should be
looking for to troubleshoot.
For some background, this is my personal server that I run my family's mail
on. There are a few local
: Fighting Backscatter
Steve Jenkins:
There are a few entries in there that seem to match the bill, but I'm
not sure I'm understanding what they're saying, or even what I should be
looking for to troubleshoot.
For some background, this is my personal server that I run my family's
mail
On Fri, Oct 15, 2010 at 12:47:31PM -0700, Steve Jenkins wrote:
2) My server (familyname.com) accepts the message because mya...@familyname
is a valid recipient that appears in my virtual aliases file, then forwards
the message (based on the info in that virtual aliases file) to my aunt's
Steve Jenkins:
Hi, Wietse. Thanks for the speedy reply. I'm a big fan of Postfix, so first
of all, thank you for developing such a great product. I cringe thinking
about the days when I used to have to run Sendmail (shudder).
Ok... so let me see if I understand what is happening on my
43 matches
Mail list logo
