Hi all,
Straight to the point, I ban IPs using fail2ban based on 4 jails. The
reasons vary from bruteforce sasl login attacks from specific IPs to number
of attempts to send suspect/confirmed spam mails. Right now, there is a
iptables rule that starts dropping packets for a IP. This is highly
unde
On Jun 25, 2013, at 23:55, John Levine wrote:
>>> As I think I said, the person who asked
>>> has a domain a typo away from a very popular one, and would like to
>>> get rid of the unwanted traffic efficiently while still having his
>>> web server or whatever on the A record.
>>
>> Tough. Whoeve
On 6/25/2013 8:31 AM, Dejan Doder wrote:
yes I know that , but how users will change passwords by themselves ?
Long-term, I recommend moving away from local users and towards virtual
users with the accounts stored in a SQL database. Which lets you use
things like PostfixAdmin or other databa
>> As I think I said, the person who asked
>> has a domain a typo away from a very popular one, and would like to
>> get rid of the unwanted traffic efficiently while still having his
>> web server or whatever on the A record.
>
>Tough. Whoever is in that position is presumably making enough money
>Does any MTA other than Postfix implement nullmx?
I did some experiments. My qmail system rejects on nullmx immediately
for roughly the same reason postfix does, a general rejection on bad
MX records.
Among web mail, Yahoo rejects immediately, Gmail and AOL don't reject
immediately and I don't
On 25 Jun 2013, at 21:55, "John Levine" wrote:
> That "works", but it will take a week of repeated connection attempts
> before the message times out.
Seems like the right outcome for the circumstances you refer to: the problem
lies with the end user who mistyped the domain name -- who does tha
On Tue, Jun 25, 2013 at 08:55:08PM -, John Levine wrote:
> > If someone doesn't want a domain name to get email, the solution
> > is simple. Don't start an SMTP listener. For bonus points, don't publish
> > MX records for the domain either. Avoid having A or records too, or
> > at least m
>If someone doesn't want a domain name to get email, the solution is simple.
>Don't start an SMTP
>listener. For bonus points, don't publish MX records for the domain either.
>Avoid having A or
>records too, or at least make sure they go somewhere that doesn't listen for
>SMTP.
That "works
>> This is inaccurate. Postfix will not perform A/ lookups for ".".
>
>True. But postfix is not the only MTA, even if it is the one that gets
>discussed on this list. :-)
I would say that if there are A or records for "." we have worse
problems than whether some poorly addressed mail bo
On 2013-06-25 Tue 14:38 PM |, Viktor Dukhovni wrote:
>
> > Jun 25 14:04:08 server1 postfix/pickup[29023]: 51B8367E0: uid=7432
> > from=
> > Jun 25 14:04:08 server1 postfix/cleanup[154]: 51B8367E0:
> > message-id=<20130625130408.51b836...@server1.example.com>
> > Jun 25 14:04:08 server1 postfix/q
Craig R. Skinner:
> On 2013-06-25 Tue 13:45 PM |, Wietse Venema wrote:
> > > aliases:
> > > root: admin-acct
> > > deamon: root
> >
> > That's deamon.
> >
> > Second, you need admin-acct@localhost, root@localhost here.
> >
>
> So the aliases file needs to have the RHS qual
On 2013-06-25 Tue 13:45 PM |, Wietse Venema wrote:
> > aliases:
> > root: admin-acct
> > deamon: root
>
> That's deamon.
>
> Second, you need admin-acct@localhost, root@localhost here.
>
So the aliases file needs to have the RHS qualified with @localhost when
the machi
On 2013-06-25 Tue 18:27 PM |, Wolfgang Zeikat wrote:
> As you may not have noticed,
> the alias
> deamon is _not_ the same word as
> daemon
No Wolfgang, I hadn't noticed the minor typo in my email.
Thanks,
--
Craig Skinner | http://twitter.com/Craig_Skinner | http://linkd.in/yGqkv7
On 2013-06-25 Tue 16:16 PM |, Viktor Dukhovni wrote:
> >
> > aliases:
> > root: admin-acct
> > deamon: root
>
> Is this the right aliases(5) file?
Yes.
> Some systems use /etc/aliases,
> others /etc/mail/aliases, ... What does "postconf alias_database"
> output? What
On Mon, Jun 24, 2013 at 10:49:49PM +0100, Craig R. Skinner wrote:
> On 2013-06-24 Mon 12:34 PM |, /dev/rob0 wrote:
> > On Mon, Jun 24, 2013 at 03:12:24PM +0100, Craig R. Skinner wrote:
> > > main.cf:
> > > myorigin = $mydomain # example.com
> > > mydestination = localhost, localhost.$mydomain
> >
On 25 Jun 2013, at 18:53, Viktor Dukhovni wrote:
> This is inaccurate. Postfix will not perform A/ lookups for ".".
True. But postfix is not the only MTA, even if it is the one that gets
discussed on this list. :-)
On Tue, Jun 25, 2013 at 06:22:22PM +0100, Jim Reid wrote:
> > it means the domain does not receive mail.
>
> Well yes. But it only "works" as long as there are no A or
> records for . in the root zone. If that was ever to change, anyone
> who adopted this Bad Idea will be in for a nasty surp
On Tue, Jun 25, 2013 at 05:01:59PM -, John Levine wrote:
> There is a somewhat popular convention that if a domain publishes an
> MX like this:
>
> whatever.example MX 0 .
>
> it means the domain does not receive mail. There was a draft about it
> in 2005 but it's never been formally stan
On Tue, 25 Jun 2013 18:22:22 +0100
Jim Reid wrote:
> On 25 Jun 2013, at 18:01, "John Levine" wrote:
>
> > There is a somewhat popular convention that if a domain publishes an
> > MX like this:
> >
> > whatever.example MX 0 .
> >
> > it means the domain does not receive mail.
>
> Well yes. B
Craig R. Skinner:
> On 2013-06-25 Tue 10:14 AM |, Wietse Venema wrote:
> >
> > You need to show:
> >
> > 1 - One email address ending in localhost or localhost.$mydomain,
> >
>
> aliases:
> root: admin-acct
> deamon: root
That's deamon.
Second, you need admin-acct@local
On 25 Jun 2013, at 18:01, "John Levine" wrote:
> There is a somewhat popular convention that if a domain publishes an
> MX like this:
>
> whatever.example MX 0 .
>
> it means the domain does not receive mail.
Well yes. But it only "works" as long as there are no A or records for .
in th
John Levine:
> There is a somewhat popular convention that if a domain publishes an
> MX like this:
>
> whatever.example MX 0 .
>
> it means the domain does not receive mail. There was a draft about it
> in 2005 but it's never been formally standardized and the question has
> arisen how widely
There is a somewhat popular convention that if a domain publishes an
MX like this:
whatever.example MX 0 .
it means the domain does not receive mail. There was a draft about it
in 2005 but it's never been formally standardized and the question has
arisen how widely imlplemented it is.
I don't
In an older episode, on 2013-06-25 18:16, Viktor Dukhovni wrote:
deamon: root
$ uptime | mail -s uptime daemon@localhost
As you may not have noticed,
the alias
deamon is _not_ the same word as
daemon
On Tue, Jun 25, 2013 at 03:53:53PM +0100, Craig R. Skinner wrote:
> On 2013-06-25 Tue 10:14 AM |, Wietse Venema wrote:
> >
> > You need to show:
> >
> > 1 - One email address ending in localhost or localhost.$mydomain,
> >
>
> aliases:
> root: admin-acct
> deamon: root
On 2013-06-25 Tue 10:14 AM |, Wietse Venema wrote:
>
> You need to show:
>
> 1 - One email address ending in localhost or localhost.$mydomain,
>
aliases:
root: admin-acct
deamon: root
...
...
$ uptime | mail -s uptime daemon@localhost
> 2 - Logfile evidence that this email
On Tue, Jun 25, 2013 at 02:53:47PM +0100, Craig R. Skinner wrote:
> > And hence, it is processed by the local(8) delivery agent, which
> > normally handles domains listed in mydestination.
> >
>
> Well, that's the theory - but I don't see that happening when adhering
> to the suggestions provide
Craig R. Skinner:
> On 2013-06-24 Mon 20:24 PM |, Wietse Venema wrote:
> > Craig R. Skinner:
> > > The default aliases file does not indicate that;-
> > >
> > > "The aliases(5) table provides a system-wide mechanism to redirect mail
> > > for LOCAL recipients."
> > >
> > > "Users can control del
Thank you Helga
BR
Dejan
On Tue, Jun 25, 2013 at 3:51 PM, wrote:
>
> - Message from Ryan Patrick Fernandez -
>Date: Tue, 25 Jun 2013 20:58:32 +0800
>From: Ryan Patrick Fernandez
> Subject: Re: /etc/passwd Centos + postfix
> To: Dejan Doder
> Cc: "postfix-users
On 2013-06-24 Mon 20:24 PM |, Wietse Venema wrote:
> Craig R. Skinner:
> > The default aliases file does not indicate that;-
> >
> > "The aliases(5) table provides a system-wide mechanism to redirect mail for
> > LOCAL recipients."
> >
> > "Users can control delivery of their own mail by setting
- Message from Ryan Patrick Fernandez -
Date: Tue, 25 Jun 2013 20:58:32 +0800
From: Ryan Patrick Fernandez
Subject: Re: /etc/passwd Centos + postfix
To: Dejan Doder
Cc: "postfix-users@postfix.org"
On Jun 25, 2013, at 7:22 PM, Dejan Doder wrote:
Hi group , I
Fabrizio Monti:
> > but when I try to send mail from client using port 25 without
> > authentication and sends the email to me, I do not want this, I do not
> > want it to work! Where am I doing wrong? Risce someone to tell me where
> > I'm wrong?
If you don't want to receive mail from the Interne
On 25 Jun 2013 15:04, "Fabrizio Monti" wrote:
>
> @Jerry
>
> >Please don't use HTML format to send email. Plain ASCII is preferred.
> Sorry, correct it immediately.
>
>
> postconf -n
>
> alias_database = hash:/etc/aliases
> broken_sasl_auth_clients = yes
> command_directory = /usr/sbin
> config_di
@Jerry
>Please don't use HTML format to send email. Plain ASCII is preferred.
Sorry, correct it immediately.
postconf -n
alias_database = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_d
Use a web based tool like webmin, i think this is not the proper forum for that
though you can start it from their.. Just google webmin
Ryan
On Jun 25, 2013, at 7:22 PM, Dejan Doder wrote:
> Hi group , I use system users with passwords defined in /etc/passwd.
> How can users change their pass
On 2013-06-25 Tue 14:31 PM |, Dejan Doder wrote:
>
>yes I know that , but how users will change passwords by themselfs ?
>
They ssh to the server & then run 'passwd'
This is a Centos question, not a Postfix one.
Cheers,
--
Craig Skinner | http://twitter.com/Craig_Skinner | http://linkd.in
Dejan Doder wrote:
> Hi group , I use system users with passwords defined in /etc/passwd.
> How can users change their passwords ?
On Tue, Jun 25, 2013 at 2:25 PM, wrote:
> use CLI "passwd"..
Dejan Doder:
> yes I know that, but how users will change passwords by themselfs ?
You are looking for
yes I know that , but how users will change passwords by themselfs ?
On Tue, Jun 25, 2013 at 2:25 PM, wrote:
> On Tue, 25 Jun 2013 13:22:46 +0200
> Dejan Doder wrote:
>
> > Hi group , I use system users with passwords defined in /etc/passwd.
> > How can users change their passwords ?
> >
> use
On Tue, 25 Jun 2013 13:22:46 +0200
Dejan Doder wrote:
> Hi group , I use system users with passwords defined in /etc/passwd.
> How can users change their passwords ?
>
use CLI "passwd"..
Hi group , I use system users with passwords defined in /etc/passwd.
How can users change their passwords ?
BR
Dejan
On 2013-06-24 postfix2...@hushmail.com wrote:
> Holy cow? Two things I didn't expect. Somebody would own a goofy name
> like that and somebody else would actually feel like pulling the
> records to test that. I suppose example.com is taken too, which is
> precisely why I avoided it. I'm sure they
Fabrizio,
* Fabrizio Monti :
> hello to all,
> I can not understand: I would like to enable authentication on port 25
> to prevent
> my server was used as a free smtp, I configured, by the book, postfix, if I
> connect to telnet gives me back
>
> Escape character is '^]'.
> 220 example.com ESMTP
On Tue, 25 Jun 2013 12:15:28 +0200
Fabrizio Monti articulated:
> > hello to all,
> > I can not understand: I would like to enable authentication on port
> > 25 to prevent my server was used as a free smtp, I configured, by
> > the book, postfix, if I connect to telnet gives me back
> >
> > Escape
All this because I have problems with my mail server, I have been using as
smtp relay, how can I prevent sending email on port 25 and at the same
time able
to receive mail on port 25?
2013/6/25 Fabrizio Monti
> hello to all,
> I can not understand: I would like to enable authentication on port
Mon, 24 Jun 2013 20:22:00 -0500 skrev postfix2...@hushmail.com:
> Holy cow? Two things I didn't expect. Somebody would own a goofy name
> like that and somebody else would actually feel like pulling the
> records to test that. I suppose example.com is taken too, which is
> precisely why I avoided
hello to all,
I can not understand: I would like to enable authentication on port 25
to prevent
my server was used as a free smtp, I configured, by the book, postfix, if I
connect to telnet gives me back
Escape character is '^]'.
220 example.com ESMTP Postfix
ehlo example.com
250-test.example.com
46 matches
Mail list logo
