RE: Problem with postfix-dnswl-permit (Was Re: REJECT mails to a specific domain -> ERROR mail to postmaster)
Greetings, > -Original Message- > From: owner-postfix-us...@postfix.org [mailto:owner-postfix- > us...@postfix.org] On Behalf Of Stan Hoeppner > Sent: Friday, September 24, 2010 11:08 AM > > Matthias Leisi put forth on 9/24/2010 9:12 AM: > > Hi all, > > > > On Thu, Sep 23, 2010 at 12:15 AM, mouss wrote: > > > >>> postfix-dnswl-header > >>> 222.255.237.6/32 PREPEND X-REPLACEME: low vinabook.com DNSWLId > 17147 > >>> > >>> postfix-dnswl-permit > >>> 222.255.237.6/32 permit_auth_destination low vinabook.com DNSWLId > 17147 > > > >> no, it was that way since a long time. and sigh, I noticed that a > long long > >> time ago but I focused on the header part... > > > > Yes, this hasn't changed since... ages. Would it be OK to simple > leave > > out the verbose data after permit_auth_destination from a Postfix > > point of view? > > AFAIK, ACCEPT/PERMIT actions don't allow optional text. I believe > eliminating the verbose data would be preferable, yes. For those who may need assistance in crafting the scripts to automate this, there is a Sourceforge project [1] that I use on our production server. It provides scripts for automatically updating dnswl data, as well as massaging the lookup results to your liking. [1] http://sourceforge.net/projects/dnswl/ Regards, -- Tony Grobe Sorry for this -- This communication and any files or attachments transmitted with it may contain information that is part of a confidential communication or may otherwise be privileged and exempt from disclosure under applicable law. It is intended solely for the use of the individual or entity to which it was addressed. If you are not the intended recipient, you are hereby notified that any use, disclosure, dissemination, or copying of this communication is prohibited by law. If you have received this communication in error, please delete it from your email system and notify us immediately at (802) 257-5200 x5450 or via email at netad...@gsprecision.com.
RE: Problem with postfix-dnswl-permit (Was Re: REJECT mails to a specific domain -> ERROR mail to postmaster)
> -Original Message- > From: owner-postfix-us...@postfix.org [mailto:owner-postfix- > us...@postfix.org] On Behalf Of Matthias Leisi > Sent: Friday, September 24, 2010 1:07 PM > To: postfix-users@postfix.org > Subject: Re: Problem with postfix-dnswl-permit (Was Re: REJECT mails to > a specific domain -> ERROR mail to postmaster) > > On Fri, Sep 24, 2010 at 5:08 PM, Stan Hoeppner > wrote: > > postfix-dnswl-permit > 222.255.237.6/32 permit_auth_destination low vinabook.com DNSWLId > 17147 > > > AFAIK, ACCEPT/PERMIT actions don't allow optional text. I believe > > eliminating the verbose data would be preferable, yes. > > OK, fixed: > > | j...@main:~/bin> grep "222.255.237.6" /opt/rsync/dnswl/postfix-dnswl- > permit > | 222.255.237.6/32permit_auth_destination > > -- Matthias That's fine, and solves the problem of using unmodified files from dnswl, but it complicates life for those who were already doing post processing on the downloaded data before putting it into production. Your excellent Sourceforge project makes it easy for local admins to decide what level of listing they're comfortable with subjecting to less stringent checks based on the extra information in postfix-dnswl-permit. Now it's all or nothing, or I'm forced to reconfigure to make a decision downstream based on header information alone. -- Tony This communication and any files or attachments transmitted with it may contain information that is part of a confidential communication or may otherwise be privileged and exempt from disclosure under applicable law. It is intended solely for the use of the individual or entity to which it was addressed. If you are not the intended recipient, you are hereby notified that any use, disclosure, dissemination, or copying of this communication is prohibited by law. If you have received this communication in error, please delete it from your email system and notify us immediately at (802) 257-5200 x5450 or via email at netad...@gsprecision.com.
RE: Logging a more meaningful admin message on message_size_limit bounce
> -Original Message- > From: owner-postfix-us...@postfix.org [mailto:owner-postfix- > us...@postfix.org] On Behalf Of Quanah Gibson-Mount > Sent: Thursday, October 20, 2011 3:49 PM > > >> Is there any way to customize the error message logged by postfix so > >> admins viewing the postfix log can see the reasons the connection > was > >> lost? > > > > how should this work? the server does NOT know why the > > CLIENT is closing the connection > > The server is the one rejecting the mail because it passed a limit set > in postfix. Not necessarily. If the client uses HELO and sends more data than the server is willing to accept, then the server does reject the message and logs it as such: Oct 19 11:54:46 mail postfix/smtpd[17590]: warning: DEAAF47EE39: queue file size limit exceeded If the client uses EHLO and the server response includes a SIZE statement, the client will often disconnect without issuing a command because it knows the message is undeliverable. In this case, the server has no information to log about why this happened. -- Tony Grobe Please ignore this drivel: This communication and any files or attachments transmitted with it may contain information that is part of a confidential communication or may otherwise be privileged and exempt from disclosure under applicable law. It is intended solely for the use of the individual or entity to which it was addressed. If you are not the intended recipient, you are hereby notified that any use, disclosure, dissemination, or copying of this communication is prohibited by law. If you have received this communication in error, please delete it from your email system and notify us immediately at (802) 257-5200 x5450 or via email at netad...@gsprecision.com.
