Re: filtering return-path :

Frank Bonnet skrev den 2013-05-03 21:32: answer to myself :-) reply to you now here I finally decided to use a body_checks map is it only google.com in body ?, not return-path ? but if its body, why not learn how to create an clamav signature now ? :) -- senders that put my email into

Re: postscreen_dnsbl_sites

I had postscreen_dnsbl_sites = zen.dq.spamhaus.org and postscreen_dnsbl_reply_map = texthash:/etc/postfix/dnsbl_reply in main.cf and I had .zen.dq.spamhaus.net zen.dq.spamhaus.org in the /etc/posrfix/dnsbl_reply file. One of many email se

Re: postscreen_dnsbl_sites

On 5/3/2013 9:33 PM, Robert Lopez wrote: If in /etc/postfix/dnsbl_reply file there is a line: the-authorization-key-was-here.zen.dq.spamhaus.net zen.dq.spamhaus.org And in main.cf there

postscreen_dnsbl_sites

If in /etc/postfix/dnsbl_reply file there is a line: the-authorization-key-was-here.zen.dq.spamhaus.net zen.dq.spamhaus.org And in main.cf there is the line: postscreen_dnsbl_reply_map = texthash:/etc/postfix/dnsbl_reply Should the line in main.cf for "postscreen_dnsbl_siter = " use the long

Re: filtering return-path :

answer to myself :-) I finally decided to use a body_checks map it works well as the message is always the same CYBERDROID Inc. Le 03/05/2013 11:01, Frank Bonnet a écrit : Hello We are hardly spammed by numerous sources , the FIRST line of each email is like the following Return-Path: T

Re: Reject emails except some inside a list

On Fri, May 3, 2013 at 3:25 PM, Sergio Mira wrote: > Hello, > > I started a mail server where I manipulate incoming messages through a > script. > This is 100% working. > > But my "backend" (postfix configuration) is very basic. > > I am now implementing basic security, trying to understand how p

Reject emails except some inside a list

Hello, I started a mail server where I manipulate incoming messages through a script. This is 100% working. But my "backend" (postfix configuration) is very basic. I am now implementing basic security, trying to understand how postfix works and everything. First of all, I am trying to reject me

Re: pfsasl - A perl script to remove messages from queues, based on sasl_username

On Fri, May 03, 2013 at 12:07:56PM -0500, l...@airstreamcomm.net wrote: > Very nice, we tend to see the same behavior in our compromised SASL > users so this will come in handy. Thanks! It best to not let compromised accounts dominate the queue in first place. Consider a policy service that rat

Re: pfsasl - A perl script to remove messages from queues, based on sasl_username

On 2013-05-02 23:02, Nick Bright wrote: On 5/2/2013 10:53 PM, Nick Bright wrote: Greetings, After having a problem with a lot of mail being queued by a compromised end users mailbox, I was unable to find a script able to remove messages from the queue based on the sasl_username. The pfdel s

Re: Probleme with bounce

Am 03.05.2013 17:51, schrieb Phibee Network Operation Center: > we have installed today Postfix and we have a small problems with bounce. > > All email genered by Postfix, for "Mailbox Unknow" sample, put a blank from: > > May 3 15:01:27 smtp-1 postfix/qmgr[9482]: EDA7D281D2: from=<>, size=551

Probleme with bounce

Hi we have installed today Postfix and we have a small problems with bounce. All email genered by Postfix, for "Mailbox Unknow" sample, put a blank from: May 3 15:01:27 smtp-1 postfix/qmgr[9482]: EDA7D281D2: from=<>, size=5511, nrcpt=1 (queue active) where i can specify the email address of

Re: filtering return-path :

On 5/3/2013 9:34 AM, Wolfgang Zeikat wrote: > In an older episode, on 2013-05-03 16:30, Noel Jones wrote: > >> ## sender.pcre file contents: >> /@google\.com$/ REJECT suspicious @google.com sender address > > Shouldn't the @ be escaped: \@ No. This isn't perl. -- Noel Jones > > wolfga

Re: filtering return-path :

In an older episode, on 2013-05-03 16:30, Noel Jones wrote: ## sender.pcre file contents: /@google\.com$/ REJECT suspicious @google.com sender address Shouldn't the @ be escaped: \@ wolfgang # while you're at it, reject the current .pw tld spam storm /\.pw$/ REJECT ".pw" domains not acce

Re: filtering return-path :

On 5/3/2013 4:01 AM, Frank Bonnet wrote: > Hello > > We are hardly spammed by numerous sources , the FIRST line of each email > is like the following > > Return-Path: > > The left part of the address is constantly changed but the right is > always @google.com > > I would like to discard all th

Re: Strange conversion of 5.2.2 into 4.1.0 error

* Viktor Dukhovni : > In the interim you can use 554 5.2.2 ... which won't be misunderstood. Yeah, I'll do that instead. -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick B

Re: Strange conversion of 5.2.2 into 4.1.0 error

On Fri, May 03, 2013 at 02:25:15PM +0200, Ralf Hildebrandt wrote: > Section 4.5.3.1 of RFC 2821 (4.5.3.1.10 in RFC 5321) recommends to treat > a 552 response after the RCPT TO command as if it was actually a 452 > response. This behaviour was intended for cases where the number of > recipients ex

Re: ASSP -- need info

On 2013-05-03 7:43 AM, Vijay Rajah wrote: Hello List, I know this is off-topic. But this is the best place i know for this question.. Has anyone ever tried using @SSP -- http://www.magicvillage.de/~Fritz_Borgstedt/assp/0003D91C-801C/

Re: Strange conversion of 5.2.2 into 4.1.0 error

* Bastian Blank : > On Fri, May 03, 2013 at 10:18:43AM +0200, Ralf Hildebrandt wrote: > > Tue Apr 30 20:05:04 2013 Info: Delivery start DCID 4678286 MID 15335505 to > > RID [0] > > Tue Apr 30 20:05:06 2013 Info: Delayed: DCID 4678286 MID 15335505 to RID 0 > > - 4.1.0 - > > Unknown address error (

ASSP -- need info

Hello List, I know this is off-topic. But this is the best place i know for this question.. Has anyone ever tried using @SSP -- http://www.magicvillage.de/~Fritz_Borgstedt/assp/0003D91C-801C/ -- Any reviews / comments? Can i use it in place of amvisd,spamassin etc... Thanks in advance Vijay

Re: Strange conversion of 5.2.2 into 4.1.0 error

On Fri, May 03, 2013 at 10:18:43AM +0200, Ralf Hildebrandt wrote: > Tue Apr 30 20:05:04 2013 Info: Delivery start DCID 4678286 MID 15335505 to > RID [0] > Tue Apr 30 20:05:06 2013 Info: Delayed: DCID 4678286 MID 15335505 to RID 0 - > 4.1.0 - > Unknown address error ('552', ['5.2.2 : Recipient >

filtering return-path :

Hello We are hardly spammed by numerous sources , the FIRST line of each email is like the following Return-Path: The left part of the address is constantly changed but the right is always @google.com I would like to discard all that spam, help greatly appreciated Thanks by advance

Strange conversion of 5.2.2 into 4.1.0 error

On our Postfix gateway we're using a policy query to our backend dovecot server to check if the mail would fit into the mailbox. Recently I noticed that the hu-berlin.de Mailserver keeps retrying in spite of a 522 error: May 1 05:32:36 mail postfix/smtpd[5185]: NOQUEUE: reject: RCPT from ir2.cm