ferent based if there was a previous warning or not.
I think guys here mentioned a script that parsed and reorders matching log
lines,
unfortunately I forgot its name...
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising
not define more than 1 address.
But would 2 addresses work using a combination of always_bcc AND
recipient_bcc_maps?
Or does one of these options render the other one unusable?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising
hError z19sm15110351wmk.8
- gsmtp
530 5.7.57 Client not authenticated to send mail.
and I think "530 5.7.0 Authentication Required." would be better message on
those ports.
what's the cleanest way to force this error?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fan
end
as <> (in reply to RCPT TO command))
they refuse smpty senders. That's violation of RFCs, which say that empty
envelope from must not be rejected.
you can try listing them in rfc-clueless.org list.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish
On 31.05.21 16:48, Matus UHLAR - fantomas wrote:
looking at postfix logs I found out that with standard restrictions
inherited from main.cf at ports 465/587, the client gets error message like:
May 30 12:05:04 mail postfix/submission/smtpd[22649]: NOQUEUE: reject: RCPT from unknown[192.0.2.1
Matus UHLAR - fantomas:
Can I provide "530 5.7.0 Authentication Required." error in
smtpd_client_restrictions/smtpd_helo_restrictions somehow?
I can think of using:
mua_client_restrictions = permit_sasl_authenticated, check_client_access
static:{"530 5.7.0 Authentication R
ssage explain enough?
Isn't there any possibility that you are replying to a spammer?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu post
nor uncomment:
# smtpd_sender_restrictions=$mua_sender_restrictions
- sender/recipient restrictions are the same for all clients
All just to provide proper error messsages to those clients, after I noticed
that unauthenticated client get rejection message for invalid EHLO/HELO.
--
Matus UHLAR -
guess he wants to replace the "too many connections from" with customized
text.
this seems to be hardcoded in sources and I think it's not wise to replace
it.
however it can be enhanced with smtpd_reject_footer e.g. to provide
localized message:
http://www.postfix.org/postconf.5.
evel (default: empty)
The SMTP TLS security level for the Postfix SMTP server; when a
non-empty value is specified, this overrides the obsolete parameters
smtpd_use_tls and smtpd_enforce_tls. This parameter is ignored with
"smtpd_tls_wrappermode = yes".
--
Matus UHLAR
_authenticated,reject
dfilt unix - n n - - pipe
flags=Rq user=filter argv=/usr/local/etc/postfix/disclaimer -f ${sender} --
${recipient}
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail adverti
_client_restrictions=permit_sasl_authenticated,reject
dfilt unix - n n - - pipe
flags=Rq user=filter argv=/usr/local/etc/postfix/disclaimer -f ${sender} --
${recipient}
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish N
e it could be.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Nothing is fool-proof to a talented fool.
X-Envelope-To:
header or other header your ISP uses for delivering to multidrop mailboxes.
However, yes - if you already receive the same mail multiple times, you only
can try to deduplicate it after that.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT
know it's there. We discovered this about 10
minutes before Matus responded and mentioned it.
you should switch iptables from iptables-legacy to iptables-nft by using
update-alternatives
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to rece
mous
smtp_tls_security_level=encrypt
and put '[mail.'external host'] user:password'
into /etc/postfix/sasl_passwd
http://www.postfix.org/postconf.5.html#smtp_sasl_password_maps
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-
On 24.06.21 16:55, Matus UHLAR - fantomas wrote:
post 25 is the default. You can configure alternative port by using:
"port 25"
relayhost = [mail.'external host']:587
http://www.postfix.org/postconf.5.html#relayhost
and apparently configure SMTP Aut
Le 24/06/2021 à 17:04, Matus UHLAR - fantomas a écrit :
On 24.06.21 16:55, Matus UHLAR - fantomas wrote:
relayhost = [mail.'external host']:587
http://www.postfix.org/postconf.5.html#relayhost
and apparently configure SMTP Authentication by using:
smtp_sasl_password_maps =
/
and
http://www.open-spf.org/FAQ/
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Chernobyl was an Windows 95 beta test site.
authenticated or in mynetworks)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Posli tento mail 100 svojim znamim - nech vidia aky si idiot
rl, but it looks neither python nor perl have interface to postfix
what could e.g. expand maps without calling external commands.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
He who laughs last thinks slowest.
Matus UHLAR - fantomas:
I was curious if I could do a script that would do the same, with the same
possible issues.
I can do perl, but it looks neither python nor perl have interface to postfix
what could e.g. expand maps without calling external commands.
On 01.07.21 22:49, Kevin N. wrote
>>Matus UHLAR - fantomas:
>>>I was curious if I could do a script that would do the same, with the same
>>>possible issues.
>>>
>>>I can do perl, but it looks neither python nor perl have interface to postfix
>>>what could e.g. expand maps wi
er connections.
this it's mostly safe to put
smtpd_tls_protocols=!SSLv2,!SSLv3
smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3,!TLSv1
or even
smtpd_tls_protocols=!SSLv2,!SSLv3
smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3,!TLSv1,!TLSV1.1
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.
sable this or implement this check to
postfix.
domains can have their SPF records that say who is allowed to use their
names in HELO (or mail from of course). You can use SPF to refuse such
clients, although you need external policy server or milter to do that.
--
Matus UHLAR - fantomas, uh...@fantomas
cal addresses and sending bounces can
result into being listed in DNS blocklists.
I recommmend refusing those mails and solve reason why mails to nonexistent
addresses are sent to you.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail adver
On 08-07-2021 12:05, Matus UHLAR - fantomas wrote:
Hans van Zijst:
I'm trying to get Postfix to send its bounce notices to a different
address than "postmaster", so I configured
notify_classes = resource, software, bounce, 2bounce
bounce_notice_recipient = bou
r 587.
All above mentioned ports are allowed in and out of the firewall on both the
NAT and endpoint computer.
I just need to know what settings would be best to avert the timeout. And yes,
I tried relaying and it also times out.
have you tried port 25?
--
Matus UHLAR - fantoma
endly HTTP error messages"
was on), making error messages useless.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Windows 2000: 640
On 09.07.21 08:38, Matus UHLAR - fantomas wrote:
you can add info to reject messages by configuring e.g.:
smtpd_reject_footer_maps=regexp:/etc/postfix/reject_footes_maps
but nobody will guarantee that the sending MTA will put that info to a
bounce.
However, if it helps, please report this
,
reject_unauth_destination,
try adding "reject_unlisted_recipient", although
smtpd_reject_unlisted_recipient=yes (default) shoult take care of that.
permit
The problem is that a rejected recipient produces a mailer-daemon reply.
only if you accept mail for such recipient.
--
Matus UHLAR
.
This can be done by either providing postfix with list of existing addresses
in provided domains, or by using recipient verification for those domains,
and also sender verificatiom, when we're here.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish N
ipient and keep track
of them (deliverable or not) which is useful for cases where you can not use
local_recipient_maps
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOS
btw, as always: what are you trying to achieve?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Silvester Stallone: Father of the RISC concept.
ls are not DKIM signed, so of course they will fail.
which means, if you use DMARC and not DKIM, don't post to mailing lists.
btw, DKIM defined very shitty canonicalication, which makes it very easy to
break messages by using some common formating techniques.
--
Matus UHLAR - fantomas, uh..
ot;reject".
since you only need to allow specific IPs, you apparently don't need that.
I'd would set it anyway - to avoid wondering if you put "reject" there why
it doesn't work.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish
and userB@host2 ?
How can I make our mail server accept mail for all our local hosts?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
ain,
707 reject_unauth_destination,
708 reject_rbl_client sbl.spamhaus.org,
709 permit
- here you define smtpd_recipient_restrictions again
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this addr
Le 28/07/2021 à 09:36, Matus UHLAR - fantomas a écrit :
this mean that your server is going to send mail to "server.mydomain.com"
and your postfix sees it should deliver domain to itself, but
postfix does
not know how to handle mail for server.mydomain.com
- you h
; 4k R$ 1.099,00 Black Ofertas Magalu - Aproveite! - [
95271443633 ]
From: Ofertas Magazine Luiza-38
header From: if often different from envelope from.
postfix directives are related to envelope from.
We don't see envelope from here.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
sorry, but this manpage says that localhost resolvs to 127.0.0.1
(as it always should).
according to systemd-resolved manpage, the local host name is resolved to
127.0.0.2 (not localhost)
maybe a just mistake in your description?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
rt
25. They'll just require STARTTLS to be used and
they'll only support TLSv1.2+. The only alternative
would be to close port 25, use port 465 (TLS-only)
instead, and hope that all mail servers that want to
send them email try to use port 465. But that's not
going to happen.
man
7/29/2021 12:34 AM, Matus UHLAR - fantomas wrote:
sorry, but this manpage says that localhost resolvs to 127.0.0.1
(as it always should).
according to systemd-resolved manpage, the local host name is resolved to
127.0.0.2 (not localhost)
maybe a just mistake in your description?
On 29.07.21 12:1
to IP
172.16.101.1
why? the DNAT is apparenly what makes it not work, SNAT (or MASQUERADE)
should be enough.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT
estination, so the local transport was
selected. You have disabled it above.
relay_transport = hash:/etc/postfix/transport
.our.local.domain relay:[MDA server IP]
if it has to be .our.local.domain, keep .our.local.domain out ot
$mydestination
--
Matus UHLAR - fantomas, uh...@f
strings are in clients' control and anyone can change them
as they wish (I personally did disable using of my hostname in HELO strings
because
abusers used it but that's apparently the only usage I can think of).
- If not, please rephrase.
--
Matus UHLAR - fantomas, uh...@fantomas
On 2021-08-08, at 16:13 (UTC+0200), Matus UHLAR - fantomas had the following to
say:
: are you searching for disabling particular strings in helo/ehlo command?
On 08.08.21 22:04, Mono DHS wrote:
No, I would like to validate the argument to the EHLO command
(actually, to both the EHLO and
/reserved domain name
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"To Boot or not to Boot, that's the question." [WD1270 Caviar]
some headers changes on transit here, dont sign every header at
signing stata
Sender: changed by postfix mailing list and it was in thesignature, that's
why it failed.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to th
dized)
- nowadays, dedicated port is for clients, not for server-server
communication
- so far most of systems try on port 25 and upgrade to SSL via STARTTLS,
when possible.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to
On Sat, Aug 14, 2021 at 02:43:29PM +0200, Matus UHLAR - fantomas
wrote:
- dedicated port for smtp/ssl was deprecated (in fact never standrdized)
On 15.08.21 09:04, raf wrote:
I think that used to be true, but they had a rethink.
This proposed standard (Jan 2018) indicates so:
3.3
icates for getting
mail (IMAPS/POPS), rather than for sending mail
(SMTP/STARTTLS). I don't know. If so, it might only
affect e.g. Dovecot's choice of certificate rather than
Postfix's. But chances are, if you use both, you'll
probably want them to use the same certificate.
is unsafe with mailing lists.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The only substitute for good manners is fast reflexes.
;t be DKIM safe.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"Where do you want to go to die?" [Microsoft]
whenever you run spam filter and/or DNS blocklist
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
LSD will make your ECS screen display
]: disconnect from
mxc01.zoneedit.com[64.68.198.23] commands=0/0
Is there a way I could except that server from the rate limit? And could that
be misused (a lot of spammers already send to the backup MX anyway)
http://www.postfix.org/postconf.5.html#smtpd_client_event_limit_exceptions
--
Matus UHLAR
sure if
it's an intended feature or not, but I'd like to disable it and remove the
mail in /var/mail.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akuk
it's
quite impossible to catch them all
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The early bird may get the worm, but the s
-archive.com/amavis-user@lists.sourceforge.net/msg04896.html
penpal
that could work...
in spamassassin it could be added via TxRep
...but txrep is completely different functionality.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail
sting addresses, I
recommend you setting smtpd_reject_unlisted_sender=yes.
This way you won't need to help with bounces to non-existing addresses.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovani
And thanks for the initial issue of figuring out I had
smtpd_reject_unlisted_sender incorrectly set. Im done with this
issue.
On 09-02-2021 10:24 am, Matus UHLAR - fantomas wrote:
incorrectly? Unless you tend to send mail from non-existing
addresses, I
recommend you setting
On 11.09.21 13:57, Nick Howitt wrote:
So putting your restriction at the beginning.
cat /etc/postfix/recipient_checks.pcre
/.*\@.*/ HOLD
are you two aware, that simple '.' would match as well?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT
should not contain)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux is like a teepee: no Windows, no Gates and an apache inside...
ins in "mail from" for autenticated users
to prevent sending emails with a "third party" domain. I have read
the documentation and did not reached any conclusion.
My best guess is that is some configuration that may be passed as
an option to submission and smtps.
What is the
ficient than pcre:. The reason
for having regexp support in Postfix is that every system library
must support that, while pcre support is an addon.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: n
ad of
delivering via relay_host or other host(t) in transport_maps.
in order to deliver mail locally, the destination domain must be treated as
local domain. You can't do that via transport_maps.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e
rs they are explicitly doing something that breaks
forwarding, which is especially silly when they were able to do SRS in order
not to break SPF.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie:
r option:
-I Ignores messages if the sender has authenticated via SMTP AUTH.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Quantum mechanics: The dreams stuff is made of.
#x27;t see 212.70.149.71 there.
And, postfix/smtps is on port 465 - I don't think you run postscreen on port
465 (you should not do that)
but without success*
use fail2ban
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail adve
set up DMARC for your domain, DMARC won't pass, but Yahoo DKIM should
not break anything.
DMARC and DKIM apply for your sending domain (the one in From:).
signing by other domains usually make no sense.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish N
www.postfix.org/RESTRICTION_CLASS_README.html
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"Two words: Windows survives." - Craig Mundie, Microsoft s
n on. I wonder why this only happens with postfix, but I'll
find out somewhere else.
I guess your VPN provider is hijacking your TCP connections to port 25.
have you tried using port 465 for authenticated submission?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Wa
most of DNS servers
(BIND, unbound, knot-resolver) can do that properly, I think that dnsmasq is
the one that can's (it's not designed to do that).
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Var
ine I guess.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I drive way too fast to worry about cholesterol.
:
[...]
mynetworks = 127.0.0.0/8
is it possible that IP of your nessus server is here?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The 3
-nastroj-ktorym-kontroluje-zranitelnosti-svojich-it-systemov-vyvinul-si-ho-sam/
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
(R)etry, (A)bort, (C)ancer
so far you can use fail2ban
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
LSD will make your ECS screen display 16.7 million colors
I've read something like this described in postfix docs, but I'm
struggling to find an example.
thanks
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT
.postfix.org/FILTER_README.html
version for postfix+amavis users:
https://www.ijs.si/software/amavisd/README.postfix.html#basics_smtpd-daemon
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto
ade by the
scanner were rejected. I went through the logs with a fine-toothed comb
and verified this. The stpid scanner is NOT seeing the rejections. I
may need to wireshark this before submitting a bug report to Tenable.
how were they rejected?
--
Matus UHLAR - fantomas, uh...@fantomas
x27;s $mynetwork.
And from the maillog, I get this:
Nov 09 12:56:44 MAIL_SERVER postfix/smtp[140754]: F077F1016F54:
to=, relay=LOCAL_MDA[aaa.bbb.ccc.ddd]:25, delay=0.12,
delays=0.03/0.03/0.02/0.03, dsn=4.7.1, status=deferred (host
LOCAL_MDA[aaa.bbb.ccc.ddd] said: 454 4.7.1 : Relay
access denied
On 09.11.21 13:47, White, Daniel E. (GSFC-770.0)[NICS] wrote:
On 11/9/21, 08:20, "owner-postfix-us...@postfix.org on behalf of Matus UHLAR -
fantomas" wrote:
so the server successfully accepted mail to remote recipient. That's called
open relay.
Note that nessus can
refused"
(trailing . should avoid matching IP Addresses)
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Nothing is fool-proof to a talented fool.
lock/allowlists, bot detection etc.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The only substitute for good manners is fast reflexes.
removed
after retry the mail went well.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I wonder how much deeper the ocean would be without sponges.
On 16.11.21 10:06, natan wrote:
I need some help about uderstand log:
I have
FILTER smtp-amavis:[127.0.0.1]:10628
On 16.11.2021 10:22, Matus UHLAR - fantomas wrote:
you have this where?
On 16.11.21 10:41, natan wrote:
in master.cf:
smtp-amavis unix
rep postfix/filtered/smtpd /var/log/mail.log
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux IS user friendly, it's just selective who its friends are...
that turns out not to be a concern for me. (The last time I
considered doing this I don't think I had such a surplus of inodes.)
last time I checked the average file size was ~13KB (I guess it's gonna be
more now), the inode_ratio in my mke2fs.conf is 16k, it should be enough.
--
Mat
it is not a forwarder. (or is it ?)
is it not. To be precise:
SRS is to be used when you accept mail for one address and re-send to
another address (in different domain/on different server).
this is not the case for backup MX.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http
"Matus" == Matus UHLAR <- fantomas > writes:
Matus> is it not. To be precise:
Matus> SRS is to be used when you accept mail for one address and re-send to
Matus> another address (in different domain/on different server).
Matus> this is not the case for backup MX
k.com has IPv6 address
2a01:111:f400:7d00::200
c) or, is the domain really misconfigured?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu
m OK
I also have permit_mynetworks and permit_sasl_authenticated
at the start of smtpd_helo_restrictions.
i would recommend using check_client_access instead of check_helo_access to
allow anything, so you will whitelist client IP addresses, not helo strings
they provide.
--
Matus UHLAR - fantomas, uh.
point?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I feel like I'm diagonally parked in a parallel universe.
e alias_maps for inn gateway and virtual_alias_maps for other alias
expansion.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Fucking windows! Bring Bill Gates! (Southpark the movie)
would hope, so please bear with me.
collate could help you:
https://github.com/vdukhovni/postfix/tree/master/postfix/auxiliary/collate
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto ad
net
mail.XX.bl.blocklists.de XX stands for the mirror used is US/UK/DE etc.
spamrats.com
hostkarma.junkemail.com
spamrats.com
funny, some time ago I found spamrats very unrealiable, junkemailfilter
realiability is imho on level of sorbs/uceprotect (scoring only)
--
Matus UHLAR - fantomas, uh...@fanto
"Matus" == Matus UHLAR <- fantomas > writes:
Matus> funny, some time ago I found spamrats very unrealiable, junkemailfilter
Matus> realiability is imho on level of sorbs/uceprotect (scoring only)
On 22.12.21 12:43, Togan Muftuoglu wrote:
I am using selective blocklis
log
that.
- the logs were lost because of systemd's log limits
there are multiple lined of postfix/master.
it also could be systemd restarting postfix and giving up after some time
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail a
works.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
WinError #98652: Operation completed successfully.
bl with that, although I
prefer blocking connection from those IPs at firewall level.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Depression is merely anger without enthusiasm.
1 - 100 of 1343 matches
Mail list logo