On Thu, Feb 05, 2015 at 01:04:58AM +, Viktor Dukhovni wrote:
> On Wed, Feb 04, 2015 at 01:12:16PM -0500, Wietse Venema wrote:
>
> > Very lighty-tested patch follows. No INSTALL documentation until
> > this has been tested.
> >
> > Usage: $ make makefiles pie=yes ...
>
> Works on NETBSD6, wi
On Wed, Feb 04, 2015 at 08:06:36PM -0500, Wietse Venema wrote:
> > Usage: $ make makefiles pie=yes ...
>
> How do we know this makes a meaningful difference?
>
> Postfix programs appear to behave as usual with Fedora Core 20 and
> FreeBSD 9.x. The "file" command reports the executables as "ELF
>
On 02/05/2015 02:06 PM, Wietse Venema wrote:
> How do we know this makes a meaningful difference?
>
> Postfix programs appear to behave as usual with Fedora Core 20 and
> FreeBSD 9.x. The "file" command reports the executables as "ELF
> 64-bit LSB shared object" instead of "ELF 64-bit LSB executab
Viktor Dukhovni:
> On Wed, Feb 04, 2015 at 01:12:16PM -0500, Wietse Venema wrote:
>
> > Very lighty-tested patch follows. No INSTALL documentation until
> > this has been tested.
> >
> > Usage: $ make makefiles pie=yes ...
>
> Works on NETBSD6, with:
>
> pie=yes shared=yes dynamicmaps=yes
>
Wietse Venema:
> Wietse Venema:
> > Indeed. PIE support is a new feature. New features are not added
> > during the code freeze. You're welcome to back-port this new feature
> > once we have tested it in Postfix 3.1 with multiple build options
> > (shared/nonshared) and with multiple OS distributio
On Wed, Feb 04, 2015 at 01:12:16PM -0500, Wietse Venema wrote:
> Very lighty-tested patch follows. No INSTALL documentation until
> this has been tested.
>
> Usage: $ make makefiles pie=yes ...
Works on NETBSD6, with:
pie=yes shared=yes dynamicmaps=yes
pie=yes shared=no dynamicmaps=no
On Thu, 5 Feb 2015 08:53:23 +1100
"Voytek" wrote:
> ot:
>
> I have Postfix running mail server for several small domains, all
> working well.
>
> since about 48 hours, several of my domains started getting bounced
> from hotmail as per below
>
> ...
> --
> Feb 5 07:06:45 emu postf
Am 04.02.2015 um 22:54 schrieb Noel Jones:
On 2/4/2015 3:12 PM, li...@rhsoft.net wrote:
*sadly* that sort of incoming rules is not widespreaded enough,
otherwise spam from infected botnet zombies would no longer exist
and frankly the rule for "IPhfc.comcastbusiness.net" is manually
written
That would be appreciated.
On 4 Feb 2015 at 16:11, Wietse Venema wrote:
> I have an unfinished implementation for multiple actions in access
> maps or header/body_checks. Instead of "prepend foo" you would say
> "{prepend foo} {prepend bar}". This may be completed in the Postfix
> 3.1 develo
what exactly did you not understand in:
"Unfortunately, messages from 103.15.178.123 weren't sent. Please
contact your Internet service provider since part of their network is on
our block list. You can also refer your provider to
http://mail.live.com/mail/troubleshooting.aspx#errors";
Am 04
On 2/4/2015 3:12 PM, li...@rhsoft.net wrote:
>
>
> *sadly* that sort of incoming rules is not widespreaded enough,
> otherwise spam from infected botnet zombies would no longer exist
> and frankly the rule for "IPhfc.comcastbusiness.net" is manually
> written by look at the incoming junk amou
ot:
I have Postfix running mail server for several small domains, all working
well.
since about 48 hours, several of my domains started getting bounced from
hotmail as per below
checked with mxtoolbox, mail server is:
Checking emu.sbt.net.au which resolves to 103.15.178.123 against 100 known
bl
Am 04.02.2015 um 21:51 schrieb Noel Jones:
On 2/4/2015 2:37 PM, li...@rhsoft.net wrote:
it don't matter if it matches - if you are coming with such a PTR
you are rejected - on my setup this is skipped at least if the
envelope domain has a SPF policy listing that IP or if you are on
one of 11 p
System Support:
> The PREPEND action can add a single header to outgoing mail. Is
> there a way to add multiple
> headers?
As implemented, there is one PREPEND action per rule, so you would
need multiple rules. If this is smtpd_mumble_restrictions you can
do one rule in smtpd_data_restrictions an
I tried that, but it only triggered on the first one.
On 4 Feb 2015 at 14:52, Noel Jones wrote:
> On 2/4/2015 2:09 PM, System Support wrote:
> > The PREPEND action can add a single header to outgoing mail. Is there a
> > way to add multiple
> > headers?
> >
> > ...don
> >
> > support (at) mi
On 02/04/2015 03:51 PM, Noel Jones wrote:
Which reminds me that the OP should register his domain and IP on
dnswl.org (free and easy). -- Noel Jones
thanks for the tip. Just one more action item.
On 02/04/2015 03:46 PM, Noel Jones wrote:
On 2/4/2015 1:47 PM, Robert Moskowitz wrote:
I have been 'working' with my new ISP for a couple weeks to get the
rDNS setup for my server move (I am changing ISPs for a number of
reasons). I was assured on signing that setting up rDNS was 'easy';
it is
On 2/4/2015 2:09 PM, System Support wrote:
> The PREPEND action can add a single header to outgoing mail. Is there a way
> to add multiple
> headers?
>
> ...don
>
> support (at) microtechniques.com
>
Use the PREPEND action multiple times.
-- Noel Jones
On 2/4/2015 2:37 PM, li...@rhsoft.net wrote:
>
> it don't matter if it matches - if you are coming with such a PTR
> you are rejected - on my setup this is skipped at least if the
> envelope domain has a SPF policy listing that IP or if you are on
> one of 11 public DNSWL
>
> ptr-check.sh 50-253-
On 2/4/2015 1:47 PM, Robert Moskowitz wrote:
> I have been 'working' with my new ISP for a couple weeks to get the
> rDNS setup for my server move (I am changing ISPs for a number of
> reasons). I was assured on signing that setting up rDNS was 'easy';
> it is not. DIGing up the SOA on my IP rDNS
Am 04.02.2015 um 20:47 schrieb Robert Moskowitz:
I have been 'working' with my new ISP for a couple weeks to get the rDNS
setup for my server move (I am changing ISPs for a number of reasons). I
was assured on signing that setting up rDNS was 'easy'; it is not.
DIGing up the SOA on my IP rDNS te
The PREPEND action can add a single header to outgoing mail. Is there a way to
add multiple
headers?
...don
support (at) microtechniques.com
I have been 'working' with my new ISP for a couple weeks to get the rDNS
setup for my server move (I am changing ISPs for a number of reasons).
I was assured on signing that setting up rDNS was 'easy'; it is not.
DIGing up the SOA on my IP rDNS tends to indicate that they have not
updated tha
Wietse Venema:
> Indeed. PIE support is a new feature. New features are not added
> during the code freeze. You're welcome to back-port this new feature
> once we have tested it in Postfix 3.1 with multiple build options
> (shared/nonshared) and with multiple OS distributions. This does
> not appea
So it's hardware and not the Unix cache/buffers that keep things in RAM to
improve performance.
Thank you for clarifying!
On Wed, Feb 4, 2015 at 3:59 PM, Wietse Venema wrote:
> Andrew Bourgeois:
> > But what does "persistent write cache" mean? What needs to be changed on
> > the OS level? Googl
LuKreme wrote:
I have a local user who is generating occasional mail forwarding loop errors,
which are causing forged emails to cause NDNs and fill up mailq.
Jan 30 13:46:08 mail postfix/local[44147]: 7020950D4D4: to=<*bob*@covisp.net>,
relay=local, delay=0.65, delays=0.59/0/0/0.06, dsn=5.4.6,
On 04 Feb 2015, at 08:45 , li...@rhsoft.net wrote:
> just setup SpamAssassin and ClamAV as *milter* and they are filtered
> unconditional until you define "no_milters" in master.cf for a specific
> service
Ah, right, that sounds familiar. Reading documentation now. Thanks.
--
Well, we know whe
On Wed, Feb 04, 2015 at 08:39:05AM -0700, LuKreme wrote:
> Quite a few users are forwarding their mail to either yahoo or gmail, which
> is causing a lot of trouble because both services see spam being forwarded
> and blacklist the sending server (me). Gmail at least seems to calm down
> after a
On 04/02/15 13:39, LuKreme wrote:
Quite a few users are forwarding their mail to either yahoo or gmail, which is
causing a lot of trouble because both services see spam being forwarded and
blacklist the sending server (me). Gmail at least seems to calm down after a
little while, but delays on
Am 04.02.2015 um 16:39 schrieb LuKreme:
Quite a few users are forwarding their mail to either yahoo or gmail, which is
causing a lot of trouble because both services see spam being forwarded and
blacklist the sending server (me). Gmail at least seems to calm down after a
little while, but del
On Wed, Feb 4, 2015 at 11:30 AM, francis picabia wrote:
> I'm sure there are other Postfix sites which have looked
> into the question of what is required for Everbridge email
> to come in without potential delays or non-delivery.
>
> I'm asking someone working with our contact at Everbridge
> for
Am 04.02.2015 um 16:30 schrieb francis picabia:
I'm not aware we can introduce exemptions for smtpd_client_connection_rate_limit
smtpd_client_message_rate_limit
If anyone has already tweaked Postfix to accommodate
the Everbridge alert system, do you want to share what helped?
you can easily i
Quite a few users are forwarding their mail to either yahoo or gmail, which is
causing a lot of trouble because both services see spam being forwarded and
blacklist the sending server (me). Gmail at least seems to calm down after a
little while, but delays on some mail can be many hours.
These
I'm sure there are other Postfix sites which have looked
into the question of what is required for Everbridge email
to come in without potential delays or non-delivery.
I'm asking someone working with our contact at Everbridge
for a list of IPs which are used on their end,
as I've found there are
On 04/02/15 12:41, Wietse Venema wrote:
Use postfwd, set a rule that triggers with too many recipients
per SASL login. http://www.postfwd.org/
Wietse
Policyd can also do that, check both.
http://www.policyd.org/
--
Atenciosamente / Sincerily,
Leonardo Rodrig
Viktor Dukhovni:
> On Wed, Feb 04, 2015 at 03:31:03PM +1300, Peter wrote:
>
> > Well for now, then I'll just have to remove -pie, but if I can get that
> > in as a feature request to make -pie work with shared=yes, then I would
> > really appreciate it. Not sure if it should be considered a block
Thank you for the postfwd link. Not sure why I didn't find this during my
research. I guess I didn't have the right Google keywords. :)
On Wed, Feb 4, 2015 at 8:41 AM, Wietse Venema wrote:
> Dave Jones:
> > I need to be able to relay outbound for this customer of ours as a
> service
> > we pr
On Wed, Feb 04, 2015 at 10:34:47AM +0100, Tobias Reckhard wrote:
> It's postfix-2.8.5 or, to be more precise, postfix-2.8.5-2~build0.10.04,
> and, as you assume, linked OpenSSL 0.9.8. I guess I'll have to relax the
> TLS policy for this domain until we can upgrade the system.
If security to that
Andrew Bourgeois:
> But what does "persistent write cache" mean? What needs to be changed on
> the OS level? Google doesn't clearly link "persistent write cache" to a
> Linux feature.
It is a hardware feature found in RAID controllers and in server
I/O accelerators. The basic idea is to serialize
On 04 Feb 2015, at 07:38 , Wietse Venema wrote:
>
> LuKreme:
>> I have a local user who is generating occasional mail forwarding loop
>> errors, which are causing forged emails to cause NDNs and fill up mailq.
>>
>> Jan 30 13:46:08 mail postfix/local[44147]: 7020950D4D4:
>> to=<*bob*@covisp.ne
Am 04.02.2015 um 15:40 schrieb Andrew Bourgeois:
But what does "persistent write cache" mean? What needs to be changed on
the OS level? Google doesn't clearly link "persistent write cache" to a
Linux feature.
https://www.google.at/#q=write+cache+storage
https://www.google.at/search?q=bbu+stora
Dave Jones:
> I need to be able to relay outbound for this customer of ours as a service
> we provide and I need to be able to block compromised accounts which I have
> been successful at for years until this new spam technique showed up a few
> weeks ago.
> I do have a way to detect this Bcc sendi
With postfwd you could use the following rule:
id=RCPTCNT
action=PREPEND X-RCPT-COUNT: $$recipient_count
or something like that
id=RCPTCNT01
recipient_count>=200
action=PREPEND X-RCPT-COUNT: RED
id=RCPTCNT02
recipient_count>=100
action=PREPEND X-RCPT-COUNT: YELLOW
Please
But what does "persistent write cache" mean? What needs to be changed on
the OS level? Google doesn't clearly link "persistent write cache" to a
Linux feature.
On Wed, Feb 4, 2015 at 2:16 PM, wrote:
>
> Zitat von Andrew Bourgeois :
>
>
> Hello
>>
>> What does "Speed up disk updates with a large
LuKreme:
> I have a local user who is generating occasional mail forwarding loop errors,
> which are causing forged emails to cause NDNs and fill up mailq.
>
> Jan 30 13:46:08 mail postfix/local[44147]: 7020950D4D4:
> to=<*bob*@covisp.net>, relay=local, delay=0.65, delays=0.59/0/0/0.06,
> dsn=5
I need to be able to relay outbound for this customer of ours as a service
we provide and I need to be able to block compromised accounts which I have
been successful at for years until this new spam technique showed up a few
weeks ago.
I do have a way to detect this Bcc sending _after the fact_ an
I have a local user who is generating occasional mail forwarding loop errors,
which are causing forged emails to cause NDNs and fill up mailq.
Jan 30 13:46:08 mail postfix/local[44147]: 7020950D4D4: to=<*bob*@covisp.net>,
relay=local, delay=0.65, delays=0.59/0/0/0.06, dsn=5.4.6, status=bounced (
- Have you identified the e-mail server having those compromised
accounts? If yes forbid this server to relay using your Postfix servers.
If you don't want or cannot do it...
- Then have you identified what e-mail accounts exactly are compromised?
If yes temporarily close or disabled those accou
I have a sneaky spammer that is using compromised accounts of a mail server
that relays outbound through my Postfix servers. The spammer is Bcc'ing
200 or 300 recipients at a time and sending very slowly to avoid my high
volume detection. I need to be able to add a header that SpamAssassin can
us
Zitat von Andrew Bourgeois :
Hello
What does "Speed up disk updates with a large (64MB) persistent write
cache." mean (source: http://www.postfix.org/TUNING_README.html)?
Does this talk about the "dirty ratio" or is it something else? Google
didn't help me on this one.
Thanks in advance!
Bes
Hello
What does "Speed up disk updates with a large (64MB) persistent write
cache." mean (source: http://www.postfix.org/TUNING_README.html)?
Does this talk about the "dirty ratio" or is it something else? Google
didn't help me on this one.
Thanks in advance!
Best regards
Andrew
Hi
Viktor Dukhovni wrote on 03.02.2015 18:12:
> On Tue, Feb 03, 2015 at 04:41:40PM +, Viktor Dukhovni wrote:
>
>> If your Postfix is old enough, and is linked against OpenSSL 0.9.8,
>> it only supports md5 and sha1.
Thanks, Viktor, that'll be it.
> "Old enough" means older than these:
[...]
52 matches
Mail list logo
