On 26.08.2010 02:47, Security Admin (NetSec) wrote:
> Is there an existing file or a weblink that would list the current accepted
> global root CAs? Since the only one in the "exchange.pem" file is from my
> Exchange Server, I could append to this file all the necessary trusted root
> CAs.
Don
On 8/25/2010 7:05 PM, Stan Hoeppner wrote:
Noel Jones put forth on 8/25/2010 4:24 PM:
FILTER is a poor choice for per-recipient filtering. FILTER is a
per-message action, with only one FILTER action per message (if there
are multiple FILTER actions triggered, only the last will be used). If
t
LinkedIn
Ricardo Carrillo requested to add you as a connection on LinkedIn:
--
James,
Me gustaría añadirte a mi red profesional en LinkedIn.
-Ricardo
Accept invitation from Ricardo Carrillo
http://www.linkedin.com/e/ekybff-gdawhzck-35/qB3B504
Noel Jones put forth on 8/25/2010 4:24 PM:
> FILTER is a poor choice for per-recipient filtering. FILTER is a
> per-message action, with only one FILTER action per message (if there
> are multiple FILTER actions triggered, only the last will be used). If
> there are multiple recipients for a mes
> smtp_tls_CAfile = /etc/postfix/exchange.pem
>>You can list more CAs in this file if you wish.
Is there an existing file or a weblink that would list the current accepted
global root CAs? Since the only one in the "exchange.pem" file is from my
Exchange Server, I could append to this file all
On 8/25/2010 6:17 PM, Wietse Venema wrote:
Noel Jones:
On 8/25/2010 4:27 PM, Wietse Venema wrote:
Noel Jones:
As I see it, there are two complementary paths we can take
with DNS whitelists, each with a slightly different purpose.
While these are both useful, neither depends on the other, so
po
On Wed, 25 Aug 2010, Noel Jones wrote:
The user interface would be familiar to anyone using rbl checks. Sample
documentation under the appropriate smtpd_mumble_restrictions section:
- permit_dnswl_client dnswl_domain=d.d.d.d
Accept the request when the reversed client IP network address is l
Noel Jones:
> On 8/25/2010 4:27 PM, Wietse Venema wrote:
> > Noel Jones:
> >> As I see it, there are two complementary paths we can take
> >> with DNS whitelists, each with a slightly different purpose.
> >> While these are both useful, neither depends on the other, so
> >> postfix can implement ei
On 8/25/2010 4:27 PM, Wietse Venema wrote:
Noel Jones:
As I see it, there are two complementary paths we can take
with DNS whitelists, each with a slightly different purpose.
While these are both useful, neither depends on the other, so
postfix can implement either or both.
I'll read the entir
Noel Jones:
> As I see it, there are two complementary paths we can take
> with DNS whitelists, each with a slightly different purpose.
> While these are both useful, neither depends on the other, so
> postfix can implement either or both.
I'll read the entire proposal later.
Would this notatio
On 8/25/2010 3:51 PM, Stan Hoeppner wrote:
Would anyone happen to have an example guide showing the proper
master.cf and main.cf parameters for setting up daemonized spamassassin
to run super selectively via FILTER?
I've reached the point that I'm killing about 98% of my spam load but
I'm tired
* Stan Hoeppner :
> Would anyone happen to have an example guide showing the proper
> master.cf and main.cf parameters for setting up daemonized spamassassin
> to run super selectively via FILTER?
>
> I've reached the point that I'm killing about 98% of my spam load but
> I'm tired of the few phis
Patrick Ben Koetter:
> > There currently exists no Oracle client for Postfix. Maybe someone
> > can donate an ODBC (or other cross-platform) client. It would be
> > a little slower, but would allow Postfix to talk to lots of databases
> > without needing a driver for everything and the kitchen sink
Would anyone happen to have an example guide showing the proper
master.cf and main.cf parameters for setting up daemonized spamassassin
to run super selectively via FILTER?
I've reached the point that I'm killing about 98% of my spam load but
I'm tired of the few phish/419 that make it into my inb
On 8/25/2010 12:50 PM, Charles Marcus wrote:
On 2010-08-24 8:58 AM, Noel Jones wrote:
On 8/24/2010 7:41 AM, Charles Marcus wrote:
I guess I need some clarification now...
My understanding is this is not true if you have all checks under
recipient_restrictions (and delay_reject enabled) - an O
On 8/25/2010 10:49 AM, Xavier Beaudouin wrote:
Hello there,
Maybe this is already spoken here, but it seems that more and more spam system
looks into Received headers to score the mails.
Those stupid things doesn't honor such SMTP auth and then I really need to
remove the Received line when S
On Wed, Aug 25, 2010 at 05:59:10AM -0700, Security Admin (NetSec) wrote:
> "postfix/smtp[28338]: certificate verification failed
> for mail.x.org[xxx.xxx.xxx.xxx]:25: untrusted issuer
> /C=US/O=Entrust.net/OU=www.entrust.net/CPS incorp. by ref. (limits
> liab.)/OU=(c) 1999 Entrust.net Limited/
As I see it, there are two complementary paths we can take
with DNS whitelists, each with a slightly different purpose.
While these are both useful, neither depends on the other, so
postfix can implement either or both.
My proposals:
A) scoring in postscreen
A dns whitelist/blacklist scoring
Le 25/08/2010 03:04, Mike a écrit :
Thank you, gentlemen.
I always appreciate a good "RTFM" from talented folks who actually
know where they are pointing. :-)
I do appreciate the help and definitely do not intend to aggravate and
vex.
I forgot to say that you can use your own file as a sou
* Wietse Venema :
> Zhou, Yan:
> > Hi there,
> >
> > We want to implement SMTP authentication in Postfix and support multiple
> > virtual domains. Rather than having user/domain/endpoint in different
> > files, we prefer them either in database (Oracle) or LDAP. I am trying
> > to weigh the pros
There is a thread in the Dovecot mailing list discussing this subject,
but I think it best to ask here aswell:
My Dovecot 2.0 configuration contains these lines
auth_username_format = %Ln
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
user = postfix
gro
On 08/24/2010 02:48 PM, Noel Jones wrote:
On 8/24/2010 7:24 AM, Edward avanti wrote:
Halo,
We are have odd occasional problem where, some customer that
have made up name in hostname on pc and try send mail get
rejected by us
submission is told use - submission inet n -
n - -
On 08/25/2010 02:59 PM, Security Admin (NetSec) wrote:
This is more of an annoyance than anything else. When my Postfix (v
2.6.7) attempts to send a message via TLS the following warning is
received:
"postfix/smtp[28338]: certificate verification failed for
mail.x.org[xxx.xxx.xxx.xxx]:
Zhou, Yan:
> Hi there,
>
> We want to implement SMTP authentication in Postfix and support multiple
> virtual domains. Rather than having user/domain/endpoint in different
> files, we prefer them either in database (Oracle) or LDAP. I am trying
> to weigh the pros and cons of both options. I have
On 2010-08-24 8:58 AM, Noel Jones wrote:
> On 8/24/2010 7:41 AM, Charles Marcus wrote:
>> I guess I need some clarification now...
>>
>> My understanding is this is not true if you have all checks under
>> recipient_restrictions (and delay_reject enabled) - an OK in this
>> case *would* cause the
* Zhou, Yan :
> We want to implement SMTP authentication in Postfix and support multiple
> virtual domains. Rather than having user/domain/endpoint in different
> files, we prefer them either in database (Oracle) or LDAP. I am trying
> to weigh the pros and cons of both options. I have not seen exa
Hello there,
Maybe this is already spoken here, but it seems that more and more spam system
looks into Received headers to score the mails.
Those stupid things doesn't honor such SMTP auth and then I really need to
remove the Received line when SMTP Auth is used (and succesfull).
Is there anyb
Steve Linford put forth on 8/25/2010 8:27 AM:
> Just to add to the mix if Postfix is working on whitelist implementation...
> Spamhaus has assigned 127.0.2.0/24 for whitelist return codes. The new
> Spamhaus Whitelist ("SWL") due out very shortly will return 127.0.2.2 and
> 127.0.2.3 and Spamha
Stefan Foerster:
> Hello world,
>
> I am concerned about those log entries:
>
> Aug 24 21:16:51 drought postfix/pickup[23165]: fatal: watchdog timeout
> Aug 24 21:16:52 drought postfix/master[4713]: warning: process
> /usr/libexec/postfix/pickup pid 23165 exit status 1
> Aug 24 21:33:31 drought
Hello world,
I am concerned about those log entries:
Aug 24 21:16:51 drought postfix/pickup[23165]: fatal: watchdog timeout
Aug 24 21:16:52 drought postfix/master[4713]: warning: process
/usr/libexec/postfix/pickup pid 23165 exit status 1
Aug 24 21:33:31 drought postfix/pickup[28467]: fatal: wat
On 24 Aug 2010, at 21:37, Wietse Venema wrote:
> Stan Hoeppner:
>> Wietse Venema put forth on 8/23/2010 10:11 AM:
>>> Noel Jones:
>>
>>> (Might be time to revisit DNS whitelists in
postfix.)
>>>
>>> Maybe someone can draft a strawman user interface:
>>>
>>> - what is the configuration syn
Hi there,
We want to implement SMTP authentication in Postfix and support multiple
virtual domains. Rather than having user/domain/endpoint in different
files, we prefer them either in database (Oracle) or LDAP. I am trying
to weigh the pros and cons of both options. I have not seen examples
abou
Wietse Venema put forth on 8/24/2010 2:37 PM:
> With reject_rbl_client etc. Postfix can use different DNSXLs names
> in different access lists, and filter the result. For example, to
> select responses from some.example.com with value 127.0.0.4:
>
> smtpd_mumble_restrictions =
> ...
> r
This is more of an annoyance than anything else. When my Postfix (v 2.6.7)
attempts to send a message via TLS the following warning is received:
"postfix/smtp[28338]: certificate verification failed for
mail.x.org[xxx.xxx.xxx.xxx]:25: untrusted issuer
/C=US/O=Entrust.net/OU=www.entrust.net
Stan Hoeppner:
> Noel Jones put forth on 8/24/2010 2:18 PM:
>
> > - This is specific for dnswl.org. Postfix needs a general mechanism.
> > Other whitelists are not required to follow dnswl.org's 127.0.x.y
> > mechanism.
>
> Yeah, I used this example as dnswl is, afaik, the most "established" of
Wietse Venema:
> Ram:
> > I have a custom milter for userwise blacklists/whitelists I have been
> > running with postfix 2.3.4
> >
> >
> > Now when I upgraded to postfix 2.7 I get this error
> >
> > "can't read SMFIC_DATA reply packet header: Success"
> >
> > This works if I use milter_prot
Ram:
> I have a custom milter for userwise blacklists/whitelists I have been
> running with postfix 2.3.4
>
>
> Now when I upgraded to postfix 2.7 I get this error
>
> "can't read SMFIC_DATA reply packet header: Success"
>
> This works if I use milter_protocol=2. But how do I build my milte
I have a custom milter for userwise blacklists/whitelists I have been
running with postfix 2.3.4
Now when I upgraded to postfix 2.7 I get this error
"can't read SMFIC_DATA reply packet header: Success"
This works if I use milter_protocol=2. But how do I build my milter
again with protocol=6
Noel Jones put forth on 8/24/2010 2:18 PM:
> - This is specific for dnswl.org. Postfix needs a general mechanism.
> Other whitelists are not required to follow dnswl.org's 127.0.x.y
> mechanism.
Yeah, I used this example as dnswl is, afaik, the most "established" of
the dns whitelists. I haven
39 matches
Mail list logo
