Re: Fighting Backscatter

On Fri, 2010-10-22 at 19:16:31 -0500, Stan Hoeppner wrote: > Sahil Tandon put forth on 10/22/2010 6:55 PM: > > CPAN is a core module, so it should be installed by default. And > > acquiring modules via CPAN is already well documented. :) > > I simply think the bar is set a bit high. OPs with no

Re: Fighting Backscatter

Sahil Tandon put forth on 10/22/2010 6:55 PM: > On Fri, 2010-10-22 at 13:55:49 -0500, Stan Hoeppner wrote: > > [ .. ] > >> http://people.freebsd.org/~sahil/scripts/checkdbl.pl.txt > > Just so we are all on the same page: use with caution! > >> Sahil, if you're reading this, you may want to cons

Re: postfix not delivering all by itself (revised question)

> relay_domains = [ws.arlut.utexas.edu] [sisl-list.arlut.utexas.edu] > [spd.arlut.utexas.edu] [lists.arlut.utexas.edu] > [seaturtle.arlut.utexas.edu][arlex.arlut.utexas.edu] > [arlmail.arlut.utexas.edu] [tools.arlut.utexas.edu] > [vme.arlut.utexas.edu] As ment

Re: Fighting Backscatter

On Fri, 2010-10-22 at 13:55:49 -0500, Stan Hoeppner wrote: [ .. ] > http://people.freebsd.org/~sahil/scripts/checkdbl.pl.txt Just so we are all on the same page: use with caution! > Sahil, if you're reading this, you may want to consider adding some > basic instructions on installing cpan and t

Re: postfix not delivering all by itself (revised question)

On Fri, Oct 22, 2010 at 06:02:23PM -0400, Wietse Venema wrote: > Jay G. Scott: > > > > a while back i posted to the effect that i couldn't get postfix to deliver > > mail all by itself. > > > > it was pointed out that because i had two versions of postfix installed > > that i was doing a bad thin

Re: postfix not delivering all by itself (revised question)

On 10/22/2010 4:42 PM, Jay G. Scott wrote: a while back i posted to the effect that i couldn't get postfix to deliver mail all by itself. it was pointed out that because i had two versions of postfix installed that i was doing a bad thing. you're right. i've fixed that. i have ONE version of

Re: postfix not delivering all by itself (revised question)

Jay G. Scott: > > a while back i posted to the effect that i couldn't get postfix to deliver > mail all by itself. > > it was pointed out that because i had two versions of postfix installed > that i was doing a bad thing. you're right. i've fixed that. > i have ONE version of postfix installed

Re: Encrypt messages between 2 servers

On 10/22/2010 11:53 PM, David Touzeau wrote: Dear I would like to encrypt/decrypt messages between 2 postfix servers (not tls but crypt mails content) Why on Earth ? What would the purpose be ? Is there anybody know a good wiki to implement such feature in postfix ? You can probably use G

Encrypt messages between 2 servers

Dear I would like to encrypt/decrypt messages between 2 postfix servers (not tls but crypt mails content) Is there anybody know a good wiki to implement such feature in postfix ? best regards

postfix not delivering all by itself (revised question)

a while back i posted to the effect that i couldn't get postfix to deliver mail all by itself. it was pointed out that because i had two versions of postfix installed that i was doing a bad thing. you're right. i've fixed that. i have ONE version of postfix installed. i compiled 2.7.1 from sou

Re: Fighting Backscatter

Ned Slider put forth on 10/22/2010 2:53 PM: > I guess we can agree to disagree - I simply wanted to highlight the fact > that using such rules can result in ham being blocked, regardless of how > you want to define that. I think we may be disagreeing on terminology definitions Ned, but we definit

Re: Fighting Backscatter

On 22/10/10 19:55, Stan Hoeppner wrote: Ned Slider put forth on 10/22/2010 10:50 AM: On 20/10/10 04:35, Stan Hoeppner wrote: Jeroen Geilman put forth on 10/19/2010 8:09 PM: You're missing some of the better spam prevention methods here, such as decent HELO checks, and an RBL or two. I'd sugg

Re: Is Postfix Checking Spamhaus RBL

* Carlos Mennens : > > Ah, maybe they're looking at all the headers, which is really stupid! > > Oh so then this is completely something configured wrong on their end > using Microsoft Exchange, right? I seriously doubt that exchange can do this. But I guess the error must be someplace on their

Re: Is Postfix Checking Spamhaus RBL

On Fri, Oct 22, 2010 at 3:34 PM, Ralf Hildebrandt wrote: > Ah, maybe they're looking at all the headers, which is really stupid! Oh so then this is completely something configured wrong on their end using Microsoft Exchange, right? I just sent email from the same IP to my personal and friends Pos

Re: Is Postfix Checking Spamhaus RBL

* Carlos Mennens : > My question is why did a message I send from my client (Thunderbird) > from my ISP connected PC [74.235.192.80] who is on the PBL get > rejected when my mail server the message was sent from is > 64.38.48.101. The mail server is not on any PBL so what does it matter > if my IS

Re: Is Postfix Checking Spamhaus RBL

On Fri, Oct 22, 2010 at 3:21 PM, Stan Hoeppner wrote: > Is it your Postfix server at IP address 74.235.192.80, rDNS > adsl-235-192-80.mco.bellsouth.net, that is being rejected by remote > hosts due to the PBL listing?  This does _not_ mean that hosts sending > mail _to_ your Postfix server will be

RE: com.com weirdness and relay_domains warning

On October 22, 2010 9:38 AM I wrote: --- First, I'm trying to figure out why it's giving me that trivial-rewrite warning because teamsites.com appears only in virtual_alias_domains in main.cf. The only references I can find with Google seem to address subdomains of the primary doma

Re: Is Postfix Checking Spamhaus RBL

Carlos Mennens put forth on 10/22/2010 1:29 PM: > I had someone tell me today that they were unable to send email to > their customer from the mail server because they got the following > error: > > * > Failed Recipient: u...@example.tld > Reason: Remote hos

Re: Is Postfix Checking Spamhaus RBL

On Fri, Oct 22, 2010 at 02:29:23PM -0400, Carlos Mennens wrote: > I had someone tell me today that they were unable to send email to > their customer from the mail server because they got the following > error: > > * > Failed Recipient: u...@example.tld > R

Re: Is Postfix Checking Spamhaus RBL

Zitat von Carlos Mennens : I had someone tell me today that they were unable to send email to their customer from the mail server because they got the following error: * Failed Recipient: u...@example.tld Reason: Remote host said: 554 Service unavailable;

Re: Postfix and Google

On Fri, Oct 22, 2010 at 11:11 AM, Victor Duchovni < victor.ducho...@morganstanley.com> wrote: > On Fri, Oct 22, 2010 at 10:59:06AM -0700, Cameron Smith wrote: > > > > If you are accidentially listing sub-domains of $mydestination > > > in $relay_domains, because of the backwards-compatible default

Re: Fighting Backscatter

Ned Slider put forth on 10/22/2010 10:50 AM: > On 20/10/10 04:35, Stan Hoeppner wrote: >> Jeroen Geilman put forth on 10/19/2010 8:09 PM: >> >>> You're missing some of the better spam prevention methods here, such as >>> decent HELO checks, and an RBL or two. >>> >>> I'd suggest at least adding rej

Is Postfix Checking Spamhaus RBL

I had someone tell me today that they were unable to send email to their customer from the mail server because they got the following error: * Failed Recipient: u...@example.tld Reason: Remote host said: 554 Service unavailable; Client host [vss155.webhostin

Re: Postfix and Google

On Fri, Oct 22, 2010 at 10:59:06AM -0700, Cameron Smith wrote: > > If you are accidentially listing sub-domains of $mydestination > > in $relay_domains, because of the backwards-compatible default > > setting, consider removing "relay_domains" from > > "parent_domain_matches_subdomains" and settin

Re: Postfix and Google

On Fri, Oct 22, 2010 at 10:41 AM, Victor Duchovni < victor.ducho...@morganstanley.com> wrote: > On Fri, Oct 22, 2010 at 10:23:23AM -0700, Cameron Smith wrote: > > > On the gateway I have: > > mynetworks = 127.0.0.0/8 10.0.132.0/24 > > > > All mail servers on my LAN are in that range. > > > > On th

Re: Postfix and Google

On Fri, Oct 22, 2010 at 10:23:23AM -0700, Cameron Smith wrote: > On the gateway I have: > mynetworks = 127.0.0.0/8 10.0.132.0/24 > > All mail servers on my LAN are in that range. > > On the inside machines I have: > relayhost = [10.0.132.15] Do NOT list remote domains in "relay_domains". If you

Re: Backup /var/spool/postfix & restoring

On Sat, Oct 23, 2010 at 12:39:59AM +0800, sunhux G wrote: > >the queue starts empty (you are not adding old queue files to a > >queue that has received new queue files) you can restore, and > >then start Postfix > > We do backup once in the night but thing is the mails keep coming in > round the

Re: Postfix and Google

On Fri, Oct 22, 2010 at 9:56 AM, Wietse Venema wrote: > Cameron Smith: > > On Fri, Oct 22, 2010 at 9:10 AM, Cameron Smith >wrote: > > > > > I have my mail system set up with 11 Postfix mail servers on my LAN > servers > > > that send mail out through a single Postfix mail gateway. > > > > > > mx

Re: Request for help with redesign of Postfix Configuration File ...

On Fri, Oct 22, 2010 at 3:27 AM, Victor Duchovni < victor.ducho...@morganstanley.com> wrote: > > No. It does no harm, and possibly a tiny bit of good. There > is nothing wrong with MX records even when an A record is present > for the same domain, and the MX points the domain at itself. > > -- >

Re: Request for help with redesign of Postfix Configuration File ...

On Fri, Oct 22, 2010 at 3:28 AM, Jeroen Geilman wrote: > > I wouldn't - but then again, I wouldn't run a mail server on the domain A > record either :) > Why not? Regards, Christopher koeber > > There are MTAs that want a mail *sender* to have an MX record (which is > silly), but it should ne

Re: Postfix and Google

Cameron Smith: > On Fri, Oct 22, 2010 at 9:10 AM, Cameron Smith wrote: > > > I have my mail system set up with 11 Postfix mail servers on my LAN servers > > that send mail out through a single Postfix mail gateway. > > > > mx for my domain is to google mail servers as mail accounts are handled > >

Re: Postfix and Google

On 10/22/2010 12:46 PM, Cameron Smith wrote: > > On Fri, Oct 22, 2010 at 9:10 AM, Cameron Smith > wrote: > > I have my mail system set up with 11 Postfix mail servers on my LAN > servers that send mail out through a single Postfix mail gateway. > > mx f

Re: Backup /var/spool/postfix & restoring

sunhux G: > >the queue starts empty (you are not adding old queue files to a > >queue that has received new queue files) you can restore, and > >then start Postfix > > We do backup once in the night but thing is the mails keep coming in > round the clock. So what we can get from the backup tape i

Re: Postfix and Google

On Fri, Oct 22, 2010 at 9:10 AM, Cameron Smith wrote: > I have my mail system set up with 11 Postfix mail servers on my LAN servers > that send mail out through a single Postfix mail gateway. > > mx for my domain is to google mail servers as mail accounts are handled > there. > > When an applicati

Re: Backup /var/spool/postfix & restoring

Or would "rsync via ssh" to another server help in this case (& without shutting down postfix). In Oracle online backup, a good snapshot backup is taken followed by "roll-forward" backups where new writes/updates to the database is separately written to another file sitting on another disk On Sat

Re: Backup /var/spool/postfix & restoring

If 'hot backups' make any sense at all. Oracle online/hot backups just crossed my mind where we won't lose a single transaction/data by using point-in-time restore/recovery. Any such equivalent backups for postfix mail queues?

Re: Backup /var/spool/postfix & restoring

>the queue starts empty (you are not adding old queue files to a >queue that has received new queue files) you can restore, and >then start Postfix We do backup once in the night but thing is the mails keep coming in round the clock. So what we can get from the backup tape is not usable because p

com.com weirdness and relay_domains warning

My personal server is happily managing virtual mail domains without any trouble, but I'm now trying to troubleshoot a work server that is being a little more stubborn. It has one primary domain (booyahmedia) and two virtual domains (teamsites.com and virtualvow.com). I've set up a local test accou

Re: Fighting Backscatter

> > smtpd_recipient_restrictions = > > permit_mynetworks > > permit_sasl_authenticated, > > reject_unauth_destination > > ... > > reject_rbl_client zen.spamhaus.org > > reject_rbl_client psbl.surriel.com > > reject_rhsbl_client dbl.spamhaus.org

Re: Forwarding Mail to Local Account AND External Address with LDAP ...

Just a note that the below idea works! Here is tutorial config for setting up both local delivery AND remote forwarding. I guess this is really easy: Put the text below (with your modifications) in a file, preferably in the same directory where other Postfix configuration files are. -

Re: Backup /var/spool/postfix & restoring

On Fri, Oct 22, 2010 at 10:29:27PM +0800, sunhux G wrote: > >You should not directly manipulate the postfix queue directories. > >man postsuper for the correct invocation of the -d option. > > If there's a hard disk crash or corruption of /var/spool/postfix/..., > can we restore from tapes the /v

Postfix and Google

I have my mail system set up with 11 Postfix mail servers on my LAN servers that send mail out through a single Postfix mail gateway. mx for my domain is to google mail servers as mail accounts are handled there. When an application on one of my servers tries to send mail to a mail account on my

Re: Fighting Backscatter

On 20/10/10 04:35, Stan Hoeppner wrote: Jeroen Geilman put forth on 10/19/2010 8:09 PM: You're missing some of the better spam prevention methods here, such as decent HELO checks, and an RBL or two. I'd suggest at least adding reject_unknown_reverse_client_hostname in there, as well as (testin

Re: Backup /var/spool/postfix & restoring

>You should not directly manipulate the postfix queue directories. >man postsuper for the correct invocation of the -d option. If there's a hard disk crash or corruption of /var/spool/postfix/..., can we restore from tapes the /var partition & is there any special recovery of postfix needed?

Re: Backup /var/spool/postfix & restoring

After adding to the current host's *main.cf* relayhost = [your.new.server] do I need to restart anything (postfix reload or ...?) Is there a link that describes in more detail how to set up the new server. Supposedly your.new.server can be IP addr of the new server, right? THanks U On Fri,

Re: can withholding mails ( postsuper -h ... ) help with tens of thousands of spam mails hogging mailq

On Fri, Oct 22, 2010 at 12:04 AM, Matt Hayes wrote: > On 10/21/2010 10:52 PM, Reinaldo de Carvalho wrote: > >> >> 1. You are a backscatter (e.g. accepting email to unknown users). >> >> 2. or Some account has been compromissed and used to sent spam. >> >> 3. look this queue GUi: http://sourceforge

Re: Is there potential OS command injection attack in forwarding e-mail to command?

Kousuke Ebihara: [sending email to a "|non-Postfix command" alias] > Postfix might execute commands in a content of e-mail. Postfix does not execute commands in the content of email messages. Postfix creates the pipe, not the shell. For safety, Postfix has a command_expansion_filter feature that c

Re: Is there potential OS command injection attack in forwarding e-mail to command?

On 10/22/2010 11:32 AM, Kousuke Ebihara wrote: Hi, I have a question about OS command injection attack in forwarding e-mail to command. Postfix alias database allows the following configuration. It forwards to e-mail to the specified command: alias: /path/to/command I think Postfix executes t

Re: Backup /var/spool/postfix & restoring

On 10/22/2010 11:33 AM, sunhux G wrote: Hi Suppose before I delete away mails (postsuper -d ...), I backup all the files in the queue directories below: [r...@postfix]# postconf -d | grep -i dir | grep -i que queue_directory = /var/spool/postfix You should not directly manipulate the postfix

Re: Fighting Backscatter

Jeroen Geilman put forth on 10/21/2010 4:33 PM: > Yup. > > reject_unknown_client_hostname is fine for MXen and large providers, but > it will hurt simple relaying with many false positives. There are thousands upon thousands of web forum servers that will fall victim to reject_unknown_client_hos

Backup /var/spool/postfix & restoring

Hi Suppose before I delete away mails (postsuper -d ...), I backup all the files in the queue directories below: [r...@postfix]# postconf -d | grep -i dir | grep -i que queue_directory = /var/spool/postfix To restore these queue files to another server & read these mails, what are the steps & c

Is there potential OS command injection attack in forwarding e-mail to command?

Hi, I have a question about OS command injection attack in forwarding e-mail to command. Postfix alias database allows the following configuration. It forwards to e-mail to the specified command: alias: /path/to/command I think Postfix executes the following command (my guessing...): echo $e_m

Re: Request for help with redesign of Postfix Configuration File ...

On 10/22/2010 06:54 AM, Christopher Koeber wrote: On Thu, Oct 21, 2010 at 4:52 PM, Jeroen Geilman > wrote: No. foo.bar MX 10 foo.bar is unnecessary, as any valid A record can receive mail. Since foo.bar has to be an A record (you're using it as the MX

Re: Request for help with redesign of Postfix Configuration File ...

On Fri, Oct 22, 2010 at 12:54:22AM -0400, Christopher Koeber wrote: > I never knew that if an A record points to the mail host then you don't need > the MX record for said host. > > Should I remove the record? No. It does no harm, and possibly a tiny bit of good. There is nothing wrong with MX r