Hi !
in email source text is
From: Der heutige Gewinner!<zdu13m5ry...@laurmaceae.com.com>
To:g...@hoerst.net
Subject: Ihre Belohnung erwartet Sie
postmap shows
root@capricorn:/etc/postfix# postmap -q .com.com hash:/etc/postfix/access
DISCARD Spam rule domain block
root@capricorn:/etc/postfix# postmap -q com.com hash:/etc/postfix/access
DISCARD Spam rule domain block
postconf -n
alias_maps = hash:/etc/aliases
anvil_rate_time_unit = 30s
append_dot_mydomain = yes
biff = no
body_checks = pcre:/etc/postfix/body_checks
bounce_queue_lifetime = 6d
broken_sasl_auth_clients = yes
compatibility_level = 2
content_filter = smtp-amavis:[localhost]:10024
debug_peer_level = 2
delay_warning_time = 2h
header_checks = pcre:/etc/postfix/header_checks
inet_interfaces = all
inet_protocols = ipv4
local_header_rewrite_clients = permit_mynetworks, permit_sasl_authenticated
mailbox_command = procmail
mailbox_size_limit = 0
masquerade_domains = hoerst.net
maximal_backoff_time = 2000
maximal_queue_lifetime = 8d
message_size_limit = 256000000
milter_default_action = accept
milter_protocol = 6
minimal_backoff_time = 200
mydestination = /etc/postfix/domain
mydomain = hoerst.net
myhostname = smtp.hoerst.net
mynetworks = 192.168.0.0/16 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = mail.hoerst.net
non_smtpd_milters = $smtpd_milters
policy-spf_time_limit = 3600s
qmgr_message_active_limit = 150
qmgr_message_recipient_limit = 150
queue_run_delay = 180
readme_directory = no
receive_override_options = no_address_mappings
recipient_delimiter = +
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_ciphers = high
smtp_tls_mandatory_ciphers = high
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1
smtp_tls_protocols = !SSLv2, !SSLv3, !TLSv1
smtp_tls_security_level = encrypt
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name ($mail_version)
smtpd_client_connection_rate_limit = 10
smtpd_client_restrictions = permit_sasl_authenticated, permit_mynetworks,
reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net,
reject_rbl_client cbl.abuseat.org, reject_rbl_client b.barracudacentral.org,
reject_rhsbl_client dbl.spamhaus.org, reject_rhsbl_sender dsn.rfc-ignorant.org
smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10040
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated,
reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname,
reject_unknown_helo_hostname
smtpd_milters = inet:localhost:8891, inet:localhost:8893
smtpd_proxy_options = speed_adjust
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated,
reject_unauth_destination, reject_unknown_sender_domain,
reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname,
reject_unverified_sender, check_policy_service inet:127.0.0.1:10040,
check_policy_service unix:private/policy-spf, check_policy_service
inet:localhost:10023, reject_rbl_client zen.spamhaus.org, reject_rbl_client
bl.spamcop.net, reject_rbl_client cbl.abuseat.org, reject_rbl_client
b.barracudacentral.org, reject_rbl_client dnsbl-1.uceprotect.net
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = no
smtpd_sasl_local_domain = hoerst.net
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated,
reject_unknown_client_hostname, reject_unknown_sender_domain,
reject_non_fqdn_sender, check_sender_access hash:/etc/postfix/access
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/letsencrypt/live/smtp.hoerst.net/fullchain.pem
smtpd_tls_dh1024_param_file = /etc/ssl/private/dhparams_4096.pem
smtpd_tls_eecdh_grade = ultra
smtpd_tls_exclude_ciphers = aNULL, eNULL, EXPORT, DES, RC4, MD5, PSK, aECDH,
EDH-DSS-DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA, KRB5-DES, CBC3-SHA
smtpd_tls_key_file = /etc/letsencrypt/live/smtp.hoerst.net/privkey.pem
smtpd_tls_mandatory_ciphers = high
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1
smtpd_tls_protocols = !SSLv2,!SSLv3,!TLSv1
smtpd_tls_received_header = yes
smtpd_tls_security_level = encrypt
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
tls_high_cipherlist =
EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
tls_preempt_cipherlist = yes
tls_random_source = dev:/dev/urandom
tls_ssl_options = NO_COMPRESSION
transport_maps = hash:/etc/postfix/transport
unknown_client_reject_code = 450
unknown_local_recipient_reject_code = 450
i also tried with header_checks but also w/o success
Ciao Gerd
Am 15.03.23 um 12:41 schrieb Wietse Venema via Postfix-users:
Gerd Hoerst via Postfix-users:
domain.com DISCARD Spam rule domain block
.domain.com DISCARD Spam rule domain block
as is wrote? i tried with both versions , depending on my setting in
parent_domain_matching_subdomains .... both did not work..
How would we know that you did not make a mistake?
Show output from:
postconf -n
postmap -q domain.com hash:/etc/postfix/access
postmap -q .domain.com hash:/etc/postfix/access
Wietse
_______________________________________________
Postfix-users mailing list --postfix-users@postfix.org
To unsubscribe send an email topostfix-users-le...@postfix.org
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
