On Wed, Dec 14, 2022 at 06:07:41AM +, Sean Hennessey wrote:
> Viktor and anyone else,
>
> I'd like your opinion on something I've come up with that seems to
> work in my test box. What I've done is set things up so that instead
> of % thresholds I'm using a count of sent email. I fully expect
Thank you, I'll take a look!
On Wed, 14 Dec 2022 11:29:05 -0500 (EST) Wietse Venema
wrote:
> mailm...@ionos.gr:
> >
> > The milter-8.c file you mention has a lot of information that I was
> > missing, thank you for that!
> >
> > One important part is missing, milter response codes are
Normally you would use a content filter like Amavis along side postfix accomplish this. From: Tan Mientras Sent: Wednesday, December 14, 2022 9:22 AMTo: postfix-us...@cloud9.netSubject: Filter mail with dangerous attachmentsHello Excuse my generic question, but I dont know where to startIs it
mailm...@ionos.gr:
>
> The milter-8.c file you mention has a lot of information that I was missing,
> thank you for that!
>
> One important part is missing, milter response codes are categorised as:
> - "modification"
There are not "final". They add a header, recipient, change sender, etc.
>
Thank you for the response.
One of the reasons for me asking this question is that I'm not fully
sure about the consequences of that. Another one is that the
documentation of postfix specifies that this can be dangerous if
connected to wide-area network, which quite frankly I'm not sure
On Wed, Dec 14, 2022 at 10:43:14AM -0500, Wietse Venema wrote:
> > > query = update send_counts ...
> >
> > How exactly do you imagine integrating such a query into Postfix?
> >
> > [ Hint using this as a transport table may not do what you think
> > it does. Transport lookups happen
Tan Mientras:
> Hello
>
> Excuse my generic question, but I dont know where to start
> *Is it possible to filter/detect/forbid mails containing invoice.exe as
> attachment at postfix level?*
An example from https://www.postfix.org/header_checks.5.html
/etc/postfix/main.cf:
Thank you for your answer.
HAProxy is on the same machine. As you see in the bindings I shared that
are created by docker-compose, docker exposed ports are only allowed to
connect to localhost (127.0.0.1), which is why HAProxy can connect to it.
I gather that as long as HAProxy doesn't
On 14/12/2022 3:18 PM, Wietse Venema wrote:
> mynetworks_style applies to local interface addresses, not proxied
> ones.
Sam:
> Thank you for the response.
>
> One of the reasons for me asking this question is that I'm not fully
> sure about the consequences of that.
If a future version of
Hello
Excuse my generic question, but I dont know where to start
*Is it possible to filter/detect/forbid mails containing invoice.exe as
attachment at postfix level?*
Thanks
Viktor Dukhovni:
> On Wed, Dec 14, 2022 at 06:07:41AM +, Sean Hennessey wrote:
> > Viktor and anyone else,
> >
> > I'd like your opinion on something I've come up with that seems to
> > work in my test box. What I've done is set things up so that instead
> > of % thresholds I'm using a count
The milter-8.c file you mention has a lot of information that I was missing,
thank you for that!
One important part is missing, milter response codes are categorised as:
- "modification"
- "accept/reject"
- "asynchronous"
But these 3 codes are not mentioned anywhere:
SMFIR_CONN_FAIL
I already integrated into postfix. I just slapped that query into the .cf file
and it "worked."
--
cat /etc/postfix/pgsql-transport.cf
hosts = 127.0.0.1
# The user name and password to log into the pgsql server.
user = XXX
password = XXX
# The database name on the servers.
dbname =
Tan Mientras skrev den 2022-12-14 15:22:
Excuse my generic question, but I dont know where to start
Is it possible to filter/detect/forbid mails containing invoice.exe as
attachment at postfix level?
no postfix is not a content filter, use clamav with 3dr party signatures
On 12/14/22 07:05, Wietse Venema wrote:
> Gino Ferguson:
>> Hi List,
>>
>>
>> I'm reading the doc and wondering why 'smtp_tls_connection_reuse'
>> is not enabled by default?
>
> Because it was unknown if doing so would cause problems (in Postfix,
> or in other software). Only real-world
On Wed, Dec 14, 2022 at 07:17:43PM -0500, Demi Marie Obenour wrote:
> > None have come up sofar. So maybe it is safe to make it the default.
> > We know it works well for small messages. but I'd like so see
> > performance metrics for large email messages, because many connections
> > are handled
Wietse Venema skrev den 2022-12-14 15:26:
An example from https://www.postfix.org/header_checks.5.html
this does not work when exe file is in mime compressed archives
clamav unpack archived data to find exe files, postfix can only match on
mime
Viktor Dukhovni:
> On Wed, Dec 14, 2022 at 07:17:43PM -0500, Demi Marie Obenour wrote:
>
> > > None have come up sofar. So maybe it is safe to make it the default.
> > > We know it works well for small messages. but I'd like so see
> > > performance metrics for large email messages, because many
Gino Ferguson:
> Hi List,
>
>
> I'm reading the doc and wondering why 'smtp_tls_connection_reuse'
> is not enabled by default?
Because it was unknown if doing so would cause problems (in Postfix,
or in other software). Only real-world deployment can tell such
things.
> Are there any possible
mailm...@ionos.gr:
>
> I used the "milter-protocol.txt" file that I found everywhere. It
> is for protocol version 2 only. So I based my implementation on
> that.
>
> Later on, I used archive.org to download a copy of libmilter-docs.tar.gz.
> I expected the documentation to explain the differences
mynetworks_style applies to local interface addresses, not proxied
ones.
Wietse
Hi List,
I'm reading the doc and wondering why 'smtp_tls_connection_reuse' is not
enabled by default?
Are there any possible drawbacks?
People from GMail suggested us to enable this feature.
We're on postfix version 3.4.13-0ubuntu1.2
Thanks,
Gino
22 matches
Mail list logo
