> Postfix with default milter body chunk size 65535:
>
> mail processing time 1m30.154298259s
>
> Postfix with milter body chunk size 1048576:
>
> mail processing time 17.52360866s
it looks to me like postfix is able to feed a milter very quickly
i just did a couple of quick tests here, an ~83
On Mon, Aug 19, 2019 at 10:34:51AM +0200, Matthias Schneider wrote:
> Chris, can you tell me your postfix version/settings?
mail_version = 3.4.5
milter_protocol = 6
(not sure what other settings are relevant here)
> But postfix (3.3.0 and 3.4.5) only sends about 24 body chunks per
> second to
i did a quick test using tcp, i see significant no difference in
performance vs using a unix domain socket
> I have a postfix-3.2.6 system that acts as a mail server and
> pop/imap using dovecot for a small domain. The problem is that
> people are increasingly using it as a relay to a personal account,
> such as Gmail and Yahoo.
perhaps i misunderstand
they are sending email from gmail/yahoo
> but note in the DMARC record that you quote: ' p=none': Gmail is
> telling other servers *not* to block (or quarantine) emails from
> @gmail.com that do not obey SPF or DKIM rules. Yahoo by contrast:
>
> # dig +short _dmarc.yahoo.com TXT
> "v=DMARC1; p=reject; pct=100;
> How can I refuse mail from hosts who don't have an open port 25?
>
> What do you think from such a check?
i have tried this, it's not useful, so i didn't leave the check in
place
it's very common, perhaps even the norm that the IP address which
delivers mail to me itself will not accept an
> DMARC policy is best avoided unless you're a bank, or other brand
> that is concerned about phishing of your customers.
or have a domain that spammers use as the from/reply-to address
> Is there a way to remove the duplicate header in Postfix?
it might (should) be possible with a milter
> Alternatively, is it possible to remove the MIME-Version header(s)
> altogether? Would this break the message (or the mail client from
> the recipient)?
it depends, it might break things
> What is the legitimate reason to use base64 encoded emails ?
i see quite a lot of legitimate email as base64 encoded
> Seems to me, it is only being used by spammers to complicate
> body_checks
any modern checker can and will decode base64 or indeed other message
details (the cost of doing so
> Or in short: DMARC intentionally breaks every mailinglist and every
> mail-forwarding. So, if a mail-provider uses a strict DMARC-policy,
> it effectively says: "Our mail-addresses may not be used for
> mailinglists."
this message (i am replying to) from you on this mailing list is not
broken
> > # reject clients without PTR
> > reject_unknown_reverse_client_hostname
FWIW
i log/report such things but don't reject; there is some percentage of
real email that comes from sources with broken PTR or missing records
> Greylisting has become pretty much useless. When I disabled it a
> couple years ago, the spam levers did not increase by any measurable
> amount. We now use just 3 RBLs and that seems to be a relatively
> acceptable level of spam.
Checking for %ge of messages that "return after defer" I see:
> Contrary to someone else's experience related in this thread, I
> still see a significant amount of spam that greylisting blocks, and
> extremely few spammers retry and get through.
I concurn, as reported, I curently see greylisting reduce spam by a
factor of 4.
> I have only had one known
13 matches
Mail list logo
