SMTP scanning server pool

2014-12-17 Thread Daniel Hopkirk
Hi All, I'm in need of a little help... I've got the basic idea of what I'm trying to achieve but am stuck with a few things not knowing the right wording to be asking uncle google to find examples etc, so I'm hoping that someone can help with some pointers in the right direction. I don't expec

Re: Postfix with AMAVIS and reject_unknown_recipient_domain

2014-12-17 Thread Wietse Venema
Thomas Nagel: > But when I send a mail with userpart that doesn't exist - even though it > is sasl-authenticated - It does not go into amavis which is much clever, > because it shouldn't go there since your don't need to do spam-filterin > if the recipient domain does not exist or the user does

Postfix with AMAVIS and reject_unknown_recipient_domain

2014-12-17 Thread Thomas Nagel
Hi there, we are running our postfix server (2.9.6) for quite some time now and are very happy with it. A few days ago - one of our users got hacked and his credentials were stolen, so someone started to use or system for spamming, which we resolved very fast. From my understanding you could

Re: postfix smtpd processes ballooning from L4 health checks

2014-12-17 Thread Wietse Venema
Wietse Venema: > return -1 when write(fd, buf, 0) returns > -1, regardless of the errno. Dammit, that is no good. I just tested on a Solaris9 box and find that poll() can't even enforce a write timeout in the normal case where the connection is NOT closed. It just sits there until the remote party

Re: Why does SPF fail sometimes?

2014-12-17 Thread Benny Pedersen
On 17. dec. 2014 07.19.30 Peter wrote: On 12/15/2014 01:36 PM, Wietse Venema wrote: > DMARC "verifies" the From: header against SPF, DKIM or both, but > only a poorly-informed person would require that the From: address > *always* verifies with SPF. I agree, but unfortunately I'm in the minori

Re: postfix smtpd processes ballooning from L4 health checks

2014-12-17 Thread Wietse Venema
Jorgen Lundman: > Experimental patch aside, we have changed the L7 health-check [1] to be L4 > port-open checks instead. This stops Postfix from sitting in flush since no > command has been issued. This still leaves your system vulnerable to a trivial DOS: force the sender to sit in timed-write fo

Re: postfix smtpd processes ballooning from L4 health checks

2014-12-17 Thread Wietse Venema
Jorgen Lundman: > However, I found that this works: > > char buffer[1]; > if ((write(fd, buffer, 0) < 0) && (errno == EPIPE)) { > msg_warn("write_wait() connection reset %d", fd); > return 0; > } Try: return -1; Then it won't send "221 Bye". Wietse

Re: Why does SPF fail sometimes?

2014-12-17 Thread li...@rhsoft.net
Am 17.12.2014 um 07:18 schrieb Peter: On 12/15/2014 01:36 PM, Wietse Venema wrote: DMARC "verifies" the From: header against SPF, DKIM or both, but only a poorly-informed person would require that the From: address *always* verifies with SPF. I agree, but unfortunately I'm in the minority. I