Re: Problems with mailbox_command

Michael Jung: > mailbox_command = /usr/local/bin/spamc -s 200 -y -R --pipe-to > /usr/bin/mail -s spam-report "{$sender)" "{$sender)" looks like a syntax error to me. Regardless, $sender is not defined. The valid names are documented in http://www.postfix.org/postconf.5.html#mailbox_command

Re: non-existent users submitting email qmgr as localhost

I reset rgarrity’s password and things have been quiet. In my effort to understand what was happening let me describe what I think happened. Someone got ahold of rgarrity’s password. With that password they were able to craft emails with forged headers that appeared to spawn new messages to di

Re: non-existent users submitting email qmgr as localhost

On 12/17/2015 4:03 PM, Ben Greenfield wrote: > Thank your for the tips. > > I just found this which looked wrong to me. > > I got this 433039B83D9A message id from the bad message sent by > bjbear...@cogs.com . Then I traced it > back and see the message id come from an

Re: non-existent users submitting email qmgr as localhost

Thank your for the tips. I just found this which looked wrong to me. I got this 433039B83D9A message id from the bad message sent by bjbear...@cogs.com . Then I traced it back and see the message id come from an actual user, rgarrity. Am I reading that correctly is t

Problems with mailbox_command

I'm new to postfix so I maybe simply attacking my problem wrong. I was asked to setup an instance so the users could send an email to spam@, have that email run through spamassassin and have the results emailed back to the user. After setting everything up I found that mailbox_command = /

SV: non-existent users submitting email qmgr as localhost

Then you have some local process that is compromised. Areas to check: Do you have a password reminder sending service? Do you have other automated email facilies? Check if some user on your server has became rogue Check if some process on the server are abusing sendmail Do you have a mailing

non-existent users submitting email qmgr as localhost

Hey All, I’m truly lost on this. I suddenly I’m receiving email at my qmgr delivered by localhost 127.0.0.1. The email all end in cogs.com but none of them addresses are ours. Search the message ID of the spoofed email and the first appearance in the log is always qmgr and the mail was receive

DANE verificate sites

Hello, yesterday updating the tlsa tool I thought about making a set of domains which contain different errors or non-errors for DANE-TLSA records, like DANE-TA with incomplete TLS chain, but the missing part in full cert TLSA record and similar examples. Before doing so I want to ask if may

Re: postscreen: DNSBL rank not seen in logs for some ip addresses

On 2015.12.16 11.35, Wietse Venema wrote: The client was not listed at some DNSBL this explains it, thanks. i don't know why, but i was expecting postscreen to tell me that the client was not listed. i now see in the docs that it's only logged if postscreen_dnsbl_threshold is met. -ben