Re: Use relayhost or not ? What is the best strategy ?
On 02.01.19 08:11, Pierre Couderc wrote: In old days, using relayhost was a good solution for ISPs who declared an IP as dynamic even when it is static (free.fr did that..) . With the inconvenience of ISP smtp IPs being blacklisted because of spammers. Is there a good reason today to use relayhost ? still the same as in the old days. What is the best strategy ? get IP not listed as dynamic, with non-generic FCRDNS and not use ISP's relayhost. If your ISP sends much mail, filters oitgoing spam and cares about spam reports, there may get blacklisted less likely than you. In case it's safe to use them as relay. However, the mail is less in your hands then, and you may need their help to solve problems. I would use ISPs relay only in cases of blacklisting. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. 99 percent of lawyers give the rest a bad name.
Re: Combining header/body checks into a single action?
On Thu, Dec 27, 2018 at 10:07:46AM -0500, Viktor Dukhovni wrote: > The checks are applied to *ONE LOGICAL HEADER AT A TIME*. > So while the patterns can nest, they are matching the > content of a *single* logical header line, not the entire > message header. Thanks, Viktor and Wietse. I understand this now. -Bryan
Re: Send a BCC based on header check after receiving mail back from amavis-new
Am 01-Jan-19 um 17:35 schrieb Bastian Blank:
On Tue, Jan 01, 2019 at 12:17:15PM +0100, Admin Beckspaced wrote:
If amavis-new detects some spam it will add headers like:
based on those tags I would like to send a BCC to my spam collecting
s...@address.com for further inspection and review.
Ask amavisd-new to quarantine the mail. Depending on tag- or
kill-level, this is CC_SPAM, CC_SPAMMY,1 or CC_SPAMMY and can be set in
%quarantine_to_maps_by_ccat.
Bastian
Hello Bastian & Wietse,
thanks a lot for your replies.
Based on Wietse's comment 'this may not work' and equipped with the
proper keywords I did a bit more googling on amavis-new ...
... finally added to amavisd.conf the following lines
$quarantine_method_by_ccat{+CC_SPAMMY} = $spam_quarantine_method;
$quarantine_to_maps_by_ccat{+CC_SPAMMY} = ['spa...@mydomain.com'];
and now i do receive a copy of the tag2_level spammy emails. Nice ;)
More infos on this topic can be found there:
https://www.ijs.si/software/amavisd/amavisd-new-docs.html#quarantine
https://sourceforge.net/p/amavis/mailman/message/17352662/
thanks for pointing me in the right direction ;)
Greetings
Becki
Re: Canonical?
Thank you very much for that. It is an interesting possibility and deserves consideration. I wonder; if it was a destination thing, shouldn't the document have used the term "destination name"? As soon as one uses the term "domain" in the context of networking, that comes with standard terminology and meaning. Doesn't trying to merge that into something else damage the English language and the fundamental meanings we are trying to keep standardized? Thanks again. On 1/1/19 6:31 PM, Ansgar Wiechers wrote: On 2019-01-01 Me wrote: In the document athttp://www.postfix.org/VIRTUAL_README.html, it uses the word "canonical" but it fails to give a definition. I have always understood it to mean something that is in line with the standard or is orthodox. When it comes to domain names, the standard is set by IANA and there is only one form. However, the document goes on the differentiate between the "canonical" and so-called "hosted" domains. Sadly it fails to realize that these must also be "canonical". To make it even worse, it fails to explain that the host computer does not have to have a domain, or at least documentation never proves that it does. Further, it goes on to bring in virtual and alias, just to confuse the issue even more. So why are any domains any different than any others? I'm not sure if this answers your question, but from my understanding the README is using the term "domain" in the sense of mail routing destinations and how/where they are configured rather than the DNS sense of the word. Please double-check the "Canonical versus hosted versus other domains" section of the document: http://www.postfix.org/VIRTUAL_README.html#canonical Regards Ansgar Wiechers
Re: Canonical?
On Wed, 2 Jan 2019 at 15:52, Me wrote: > Thank you very much for that. It is an interesting possibility and deserves > consideration... OT: please don't top post and please don't call yourself 'Me'. Some of the rest of us (and our Gmail systems) think we are 'me' too, so it is confusing.
Re: Use relayhost or not ? What is the best strategy ?
On 1/2/19 11:53 AM, Matus UHLAR - fantomas wrote: On 02.01.19 08:11, Pierre Couderc wrote: In old days, using relayhost was a good solution for ISPs who declared an IP as dynamic even when it is static (free.fr did that..) . With the inconvenience of ISP smtp IPs being blacklisted because of spammers. Is there a good reason today to use relayhost ? still the same as in the old days. What is the best strategy ? get IP not listed as dynamic, with non-generic FCRDNS and not use ISP's relayhost. If your ISP sends much mail, filters oitgoing spam and cares about spam reports, there may get blacklisted less likely than you. In case it's safe to use them as relay. However, the mail is less in your hands then, and you may need their help to solve problems. I would use ISPs relay only in cases of blacklisting. Thank you. I agree but wanted other advices.
Virtual Domain
If a server software can handle one domain, why can't it handle two or more in the same manner? Why must other domains be seen as somehow less in importance by labeling them "Virtual"? Regardless of where the server is physically located IP-wise, why not just design the software to do multiples of its basic function? I hope the reader can see the relationship between these questions. Feel free to ask for clarification on any point. Thank you.
Re: Virtual Domain
On 1/2/2019 12:12 PM, Me wrote: > If a server software can handle one domain, why can't it handle two > or more in the same manner? Why must other domains be seen as > somehow less in importance by labeling them "Virtual"? Regardless > of where the server is physically located IP-wise, why not just > design the software to do multiples of its basic function? User namespace is the main issue. If all the users of all mail domains handled by a server are listed in the system password file, then you just add all the domains to mydestination. This also implies that bob@example1 is the same person as bob@example2. Postfix handles this easily, but this is not a common situation. If each domain has its own user list, then there must be some way to list which users go with which domain. Postfix calls these virtual domains. This also allows for bob@example1 and bob@example2 to be different people. This is by far more common. > > I hope the reader can see the relationship between these questions. > Feel free to ask for clarification on any point. > You will probably benefit greatly by studying the basics of computer mail. Change your mail display name. Mail arriving labeled from "Me" when it obviously isn't might be considered abusive or a spoofing attempt. -- Noel Jones
Re: Virtual Domain
Thank you very much. That was very helpful. Especially that part where you stated "Postfix calls these virtual domains". It is always a problem trying to figure out another individual's meaning with the words used. All the research I did in understanding the meaning of words like Virtual and Domain over the years never prepared me for mind reading. ;) Bottom line, whenever a person is trying to learn a new piece of software, it sure helps to understand where the programmer was coming from and his/her meanings. I know that my understanding of e-mail systems and how they work will never prepare me for understanding others. By the way, I fixed the address problem. I just prefer to remain anonymous. Thanks again for the help. On 1/2/19 1:50 PM, Noel Jones wrote: On 1/2/2019 12:12 PM, Me wrote: If a server software can handle one domain, why can't it handle two or more in the same manner? Why must other domains be seen as somehow less in importance by labeling them "Virtual"? Regardless of where the server is physically located IP-wise, why not just design the software to do multiples of its basic function? User namespace is the main issue. If all the users of all mail domains handled by a server are listed in the system password file, then you just add all the domains to mydestination. This also implies that bob@example1 is the same person as bob@example2. Postfix handles this easily, but this is not a common situation. If each domain has its own user list, then there must be some way to list which users go with which domain. Postfix calls these virtual domains. This also allows for bob@example1 and bob@example2 to be different people. This is by far more common. I hope the reader can see the relationship between these questions. Feel free to ask for clarification on any point. You will probably benefit greatly by studying the basics of computer mail. Change your mail display name. Mail arriving labeled from "Me" when it obviously isn't might be considered abusive or a spoofing attempt. -- Noel Jones
Address rewriting not working
Hi, I'm configuring Postfix to relay mail via a smarthost, and I need to rewrite the sender address in order for the smarthost to accept the mail (and not reject it as 'relaying'). I'm using generic mapping to do this, and it works correctly on two of my systems (Debian Sid, running Postfix 3.3.2), but not on a third (Debian Stretch, running 3.1.8). I've tried all sorts of adjustments and debugging, and I'm at my wits' end. Below is the configuration and logging from the broken system: >From /var/log/mail.log : Jan 2 14:05:55 alice postfix/pickup[17200]: D2324AC400BA: uid=0 from= Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: name_mask: all Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: inet_addr_local: configured 2 IPv4 addresses Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: inet_addr_local: configured 5 IPv6 addresses Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: process generation: 20 (20) Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: connection established fd 128 Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: master_notify: status 0 Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: rewrite socket: wanted attribute: request Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: input attribute name: request Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: input attribute value: rewrite Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: rewrite socket: wanted attribute: rule Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: input attribute name: rule Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: input attribute value: local Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: rewrite socket: wanted attribute: address Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: input attribute name: address Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: input attribute value: root Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: rewrite socket: wanted attribute: (list terminator) Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: input attribute name: (end) Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: `local' `root' -> `root@alice.villette' Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: send attr flags = 0 Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: send attr address = root@alice.villette Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: master_notify: status 1 Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: master_notify: status 0 Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: rewrite socket: wanted attribute: request Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: input attribute name: request Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: input attribute value: rewrite Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: rewrite socket: wanted attribute: rule Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: input attribute name: rule Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: input attribute value: local Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: rewrite socket: wanted attribute: address Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: input attribute name: address Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: input attribute value: cele...@gmail.com Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: rewrite socket: wanted attribute: (list terminator) Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: input attribute name: (end) Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: `local' `cele...@gmail.com' -> `cele...@gmail.com' Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: send attr flags = 0 Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: send attr address = cele...@gmail.com Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: master_notify: status 1 Jan 2 14:05:55 alice postfix/cleanup[19935]: D2324AC400BA: message-id=<20190102190555.D2324AC400BA@alice.villette> Jan 2 14:05:55 alice postfix/qmgr[17048]: D2324AC400BA: from=, size=258, nrcpt=1 (queue active) Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: connection established fd 129 Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: master_notify: status 0 Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: rewrite socket: wanted attribute: request Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: input attribute name: request Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: input attribute value: resolve Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: rewrite socket: wanted attribute: sender Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: input attribute name: sender Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: input attribute value: root@alice.villette Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: rewrite socket: wanted attribute: address Jan 2 14:05:55 alice postfix/trivial-rewrite[19936]: input attribute name: address Jan 2 14:05:55 alice postfix/trivial-r
Re: Address rewriting not working
> On Jan 2, 2019, at 7:12 PM, Celejar wrote: > > I'm configuring Postfix to relay mail via a smarthost, and I need to > rewrite the sender address in order for the smarthost to accept the > mail (and not reject it as 'relaying'). I'm using generic mapping to do > this, and it works correctly on two of my systems (Debian Sid, > running Postfix 3.3.2), but not on a third (Debian Stretch, running > 3.1.8). I've tried all sorts of adjustments and debugging, and I'm at > my wits' end. Below is the configuration and logging from the broken > system: smtp_generic_maps (a.k.a. generic_maps) is (not surprisingly), done in the smtp(8) delivery agent in real-time as the message is being sent, and not in trivial-rewrite, which only resolves addresses to standard form and resolves to a transport. Hence the "trivial" in the name. Pre-queue rewriting (masquerading, canonical_maps and virtual_alias_maps for just the recipient) happens in cleanup(8). Post-queue rewriting happens in delivery agents, with just transport resolution in trivial rewrite called from the queue-manager in between. Because the queue manager logs the envelope sender prior to delivery, it always logs the original value, and recipient logging in delivery agents is also the form before generic rewriting. The output of generic rewriting is not logged on the sending system (except perhaps in verbose logging that should not normally be enabled). -- Viktor.
