Re: reject_non_fqdn_sender not working?

2016-05-22 Thread Peter
On 23/05/16 16:00, Richard James Salts wrote: > Almost, it is > valenzuelaelvira94...@brushfiremusic.net, Assuming that the Return-Path header accurately reflects the envelope sender, then yes. While this is almost certainly the case, they are not

Re: reject_non_fqdn_sender not working?

2016-05-22 Thread Richard James Salts
On 23/05/16 12:58, Alberto Lepe wrote: On Mon, May 23, 2016 at 11:47 AM, Bill Cole > wrote: On 22 May 2016, at 22:31, Alberto Lepe wrote: In my understanding, "reject_non_fqdn_sender" should have blocked this email

Re: reject_non_fqdn_sender not working?

2016-05-22 Thread Alberto Lepe
On Mon, May 23, 2016 at 11:47 AM, Bill Cole < postfixlists-070...@billmail.scconsult.com> wrote: > On 22 May 2016, at 22:31, Alberto Lepe wrote: > > In my understanding, "reject_non_fqdn_sender" should have blocked this >> email as the sender's hostname is "unknown". >> > > No. In Postfix nomencla

Re: reject_non_fqdn_sender not working?

2016-05-22 Thread Bill Cole
On 22 May 2016, at 22:31, Alberto Lepe wrote: In my understanding, "reject_non_fqdn_sender" should have blocked this email as the sender's hostname is "unknown". No. In Postfix nomenclature the "sender" is the SMTP envelope sender address. The host offering the message is the "client". If

reject_non_fqdn_sender not working?

2016-05-22 Thread Alberto Lepe
Hi all! These are my settings (important parts): - smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_invalid_helo_hostname, permit smtpd_sender_restrictions = permit_sasl_authentic

Re: check_client_access cidr - Performance concerns ?

2016-05-22 Thread Wietse Venema
Viktor Dukhovni: > On Fri, May 20, 2016 at 03:24:26PM -0400, Wietse Venema wrote: > > > I can do a little better than thats, and also give a number for the > > per-query overhead. With this i5-650 CPU @3.2GHZ, it takes 0.92 > > seconds to parse 1 million IPv4 patterns, and less than about 0.01 > >

Re: Ordering the preque filtering?

2016-05-22 Thread Robert Schetterer
Am 22.05.2016 um 19:00 schrieb Phil Stracchino: > On 05/22/16 12:30, Robert Schetterer wrote: >> loose mail means silent discard, this should never happen >> you might not get the mail or some bounce ,but there is less you can do >> with "broken" forwarders in any case. >> >> If someone decides to

Re: Ordering the preque filtering?

2016-05-22 Thread lists42
I think the question is a simple one. Who has the 'problem' when 'they' do not receive 'your' email?  'Them'  or 'you'? For me I have decided that the admins should configure their servers correctly.  If they do not then that is their problem not mine.  It the receiving user want to receive my

Re: Ordering the preque filtering?

2016-05-22 Thread Phil Stracchino
On 05/22/16 12:30, Robert Schetterer wrote: > loose mail means silent discard, this should never happen > you might not get the mail or some bounce ,but there is less you can do > with "broken" forwarders in any case. > > If someone decides to act as forwarder he has to honor existing > dkim/dmarc

Re: Ordering the preque filtering?

2016-05-22 Thread Robert Schetterer
Am 22.05.2016 um 02:07 schrieb Phil Stracchino: > My point stands: Making DMARC failure an automatic reject is a sound > policy only if you're OK with losing legitimate mail because it passed > through a forwarder who hasn't implemented DMARC yet. > loose mail means silent discard, this should n

Re: Ordering the preque filtering?

2016-05-22 Thread A. Schulze
Am 22.05.2016 um 02:07 schrieb Phil Stracchino: My point stands: Making DMARC failure an automatic reject is a sound policy only if you're OK with losing legitimate mail because it passed through a forwarder who hasn't implemented DMARC yet. disagree DMARC in it's current definition describ