DNS whitelilst for postscreen_access_list
Hi, I would like to use dnswl.org as an access list for postscreen_access_list. Unfortunately, permit_dnswl_client can be only used for the smtpd_client_restrictions. Is there any other way to use dns based whitelist for postscreen_access_list? Ihsan -- ih...@dogan.chhttp://blog.dogan.ch/
Re: DNS whitelilst for postscreen_access_list
??hsan??Do??an: > Hi, > > I would like to use dnswl.org as an access list for > postscreen_access_list. Unfortunately, permit_dnswl_client can be only > used for the smtpd_client_restrictions. > > Is there any other way to use dns based whitelist for > postscreen_access_list? Use postscreen_access_list for static black/white lists. Use postscreen_dnsbl_sites for dynamic black/white lists. Wietse
Re: DNS whitelilst for postscreen_access_list
Hi, Am 10.07.2011 20:31, schrieb Wietse Venema: >> I would like to use dnswl.org as an access list for >> postscreen_access_list. Unfortunately, permit_dnswl_client can be only >> used for the smtpd_client_restrictions. >> >> Is there any other way to use dns based whitelist for >> postscreen_access_list? > > Use postscreen_access_list for static black/white lists. > > Use postscreen_dnsbl_sites for dynamic black/white lists. On the first connect, Postscreen returns a 450 and adds the client to the Postscreen cache. If the sending MTA is white listed, I'd like to avoid this delay. Ihsan -- ih...@dogan.chhttp://blog.dogan.ch/
Re: DNS whitelilst for postscreen_access_list
On 2011-07-10 21:47, İhsan Doğan wrote: Hi, Am 10.07.2011 20:31, schrieb Wietse Venema: I would like to use dnswl.org as an access list for postscreen_access_list. Unfortunately, permit_dnswl_client can be only used for the smtpd_client_restrictions. Is there any other way to use dns based whitelist for postscreen_access_list? Use postscreen_access_list for static black/white lists. Use postscreen_dnsbl_sites for dynamic black/white lists. On the first connect, Postscreen returns a 450 and adds the client to the Postscreen cache. If the sending MTA is white listed, I'd like to avoid this delay. As documented, if the sender is whitelisted, this does not happen. As per http://www.postfix.org/postscreen.8.html, either you manually whitelist a client, in which case all postscreen tests are skipped, or you let it be whitelisted when it passes the tests. It's one or the other, you can't have both. IF these tests include the deep protocol tests, the first message will be deferred. http://www.postfix.org/POSTSCREEN_README.html#after_220 Ihsan -- J.
Re: DNS whitelilst for postscreen_access_list
??hsan??Do??an: [ Charset UTF-8 unsupported, converting... ] > Hi, > > Am 10.07.2011 20:31, schrieb Wietse Venema: > > >> I would like to use dnswl.org as an access list for > >> postscreen_access_list. Unfortunately, permit_dnswl_client can be only > >> used for the smtpd_client_restrictions. > >> > >> Is there any other way to use dns based whitelist for > >> postscreen_access_list? > > > > Use postscreen_access_list for static black/white lists. > > > > Use postscreen_dnsbl_sites for dynamic black/white lists. > > On the first connect, Postscreen returns a 450 and adds the client to > the Postscreen cache. If the sending MTA is white listed, I'd like to > avoid this delay. Then, don't use the "after 220 greeting" tests. They stop less than one percent of the spambots. If I had known that in advance I would probably not have added those tests. It would be a mistake to include DNS lookups with postscreen_access_list, because those lookups happen before postscreen examines the dynamic whitelist. That would slow down all the clients that are already on the dynamic whitelist. Wietse > > > Ihsan > > -- > ih...@dogan.chhttp://blog.dogan.ch/ > >
Postfix terminating on signal 15 caused by Amavis error?
This past days Amavis has been reporting some errors which restart postfix daemon. Does anyone know why is this happening? Is this important? How can it be fixed? I'm using postfix 2.5.1-2ubuntu1.4 and amavis 2.5.3-1ubuntu3 (Ubuntu Hardy) I didn't change postfix settings recently and it was last updated in Jun 10. Logs at /var/log/mail.log : Jul 9 14:32:10 mail postfix/master[3409]: terminating on signal 15 Jul 9 14:32:10 mail amavis[5099]: (05099-07) Negative SMTP resp. to data-dot (, etc.): Jul 9 14:32:10 mail amavis[5099]: (05099-07) Negative SMTP resp. to QUIT: Jul 9 14:32:10 mail amavis[5099]: (05099-07) (!)FWD via SMTP: < h.har...@sangyo.com> -> ,,< k.murama...@sangyo.com>,,,< to.n...@sangyo.com>,BODY=7BIT 451 4.6.0 Bad SMTP code, id=05099-07, from MTA([127.0.0.1]:10025): Jul 9 14:32:10 mail amavis[5099]: (05099-07) (!!)TROUBLE in check_mail, but must continue (1): delivery-notification FAILED: Assert failed: 0, 2, 0 at /usr/sbin/amavisd-new line 6928, line 134074. Jul 9 14:32:42 mail amavis[5099]: (05099-07) (!!)TROUBLE in process_request: wrap_smtp_resp: bad SMTP response code: '' at /usr/sbin/amavisd-new line 3618, line 134074. Jul 9 14:32:42 mail amavis[5099]: (05099-07) (!)Requesting process rundown after fatal error Jul 9 14:32:42 mail amavis[5099]: (05099-07) (!)TempDir removal: tempdir is to be PRESERVED: /var/lib/amavis/tmp/amavis-20110709T142115-05099 Jul 9 14:32:42 mail postfix/master[7208]: daemon started -- version 2.5.1, configuration /etc/postfix -- Jul 9 15:57:14 mail postfix/master[7208]: terminating on signal 15 Jul 9 15:57:14 mail amavis[15297]: (15297-19) (!)ESMTP: NOTICE: Connection broken during data transfer Jul 9 15:57:15 mail postfix/master[23556]: daemon started -- version 2.5.1, configuration /etc/postfix Thank you in advance.
Re: new alternative to spamassassin
Anyone tried? M. Rodrigo Monteiro "Free as in Freedom, not free as in free beer" "As we are liberated from our own fear, our presence automatically liberates others" Linux User # 403730
Best method to post master.conf
Rather than post my master.conf in the wrong format here, what is the suggested way to post that information that in this forum. I will have a follow up question regarding it, but know it will be needed to help troubleshoot. I know people are rightfully finicky about how those things are posted so I am asking first. Thanks.
Re: Best method to post master.conf
On 7/10/2011 10:19 PM, jeffrey starin wrote: > Rather than post my master.conf in the wrong format here, what > is the suggested way to post that information that in this > forum. I will have a follow up question regarding it, but > know it will be needed to help troubleshoot. > > I know people are rightfully finicky about how those things > are posted so I am asking first. > > Thanks. Either output of the "postfinger" tool (google for it), or something like grep -v '^#' master.cf to strip the comments. Please also include "postconf -n" output and logging demonstrating the problem. In your problem report, please be sure to tell us what you expected, and why you think there's a problem. http://www.postfix.org/DEBUG_README.html#mail
Re: Postfix terminating on signal 15 caused by Amavis error?
On 7/10/2011 8:17 PM, Alberto Lepe wrote: > This past days Amavis has been reporting some errors which > restart postfix daemon. > Does anyone know why is this happening? Is this important? How > can it be fixed? > > I'm using postfix 2.5.1-2ubuntu1.4 and amavis 2.5.3-1ubuntu3 > (Ubuntu Hardy) > I didn't change postfix settings recently and it was last > updated in Jun 10. > > Logs at /var/log/mail.log : > > Jul 9 14:32:10 mail postfix/master[3409]: terminating on > signal 15 [Post in plain text only next time please -- no html] Postfix master process crashed. > Jul 9 14:32:10 mail amavis[5099]: (05099-07) Negative SMTP > resp. to data-dot (http://www.postfix.org/DEBUG_README.html http://www.postfix.org/DEBUG_README.html#mail There is likely a fatal: message logged by postfix somewhere earlier in the log that may be of help. http://www.postfix.org/DEBUG_README.html#logging The most common cause of master crashing is mismatched system libraries -- improperly built postfix or one of its components. -- Noel Jones
Re: Postfix terminating on signal 15 caused by Amavis error?
On Mon, Jul 11, 2011 at 1:10 PM, Noel Jones wrote: > > On 7/10/2011 8:17 PM, Alberto Lepe wrote: > > This past days Amavis has been reporting some errors which > > restart postfix daemon. > > Does anyone know why is this happening? Is this important? How > > can it be fixed? > > > > I'm using postfix 2.5.1-2ubuntu1.4 and amavis 2.5.3-1ubuntu3 > > (Ubuntu Hardy) > > I didn't change postfix settings recently and it was last > > updated in Jun 10. > > > > Logs at /var/log/mail.log : > > > > Jul 9 14:32:10 mail postfix/master[3409]: terminating on > > signal 15 > > > [Post in plain text only next time please -- no html] > > Postfix master process crashed. > > > Jul 9 14:32:10 mail amavis[5099]: (05099-07) Negative SMTP > > resp. to data-dot ( > Amavis reports that postfix isn't available. Note that amavis > didn't cause the crash, but is simply the bearer of bad news. > > Debugging tips: > http://www.postfix.org/DEBUG_README.html > http://www.postfix.org/DEBUG_README.html#mail > > There is likely a fatal: message logged by postfix somewhere > earlier in the log that may be of help. > http://www.postfix.org/DEBUG_README.html#logging > > The most common cause of master crashing is mismatched system > libraries -- improperly built postfix or one of its components. > > > -- Noel Jones Thank you Noel, I think you are right, it should be related to: "mismatched system libraries". The kernel was updated (and other libraries) two weeks ago but we didn't proceed restarting the server as it was in use (and we, busy). Looking at the syslog it seems co-related to this warning: "3w-9xxx: scsi0: WARNING: (0x06:0x0037): Character ioctl (0x108) timed out, resetting card.". Sorry about sending the msg in HTML, I forgot to disable it. Thank you again.
