Hello,
I am using postfix-2.10.1-6.el7 and set "double_bounce_sender = double -
bounce".
Let me question about single bounce and double bounce.
· About single bounce
Sending to a mail address that does not exist results in a single bounce.
The single bounce was recorded in the mail log as shown
Number 4 is immensely useful. When I had a hosted service, I got hacked from
someone in Morocco via a Round Cube exploit that wasn't patched. (My PayPal
account subsequently hacked, though I had the account suspended.)
I saw two problems. One, I only use mail clients. Browsers leak. Two, I don'
On 19 Feb 2019, at 5:56, Admin Beckspaced wrote:
Dear Postfix Users,
just recently the computer of a client got infected with malware and
the email password was compromised.
The bad guys immediately started sending out spam emails via our mail
servers.
We got notified by our monitoring syst
A. Schulze:
>
>
> Am 19.02.19 um 19:48 schrieb Wietse Venema:
> > A. Schulze:
> >>> Feb 19 14:24:09 spider postfix/submissions/smtp[3895]: panic:
> >>> VSTREAM_CTL_SWAP_FD can't swap descriptors between single-buffered and
> >>> double-buffered streams
> >
> > That was the result of wrappermod
Am 19.02.19 um 19:48 schrieb Wietse Venema:
> A. Schulze:
>>> Feb 19 14:24:09 spider postfix/submissions/smtp[3895]: panic:
>>> VSTREAM_CTL_SWAP_FD can't swap descriptors between single-buffered and
>>> double-buffered streams
>
> That was the result of wrappermode never having been tested wi
A. Schulze:
> > Feb 19 14:24:09 spider postfix/submissions/smtp[3895]: panic:
> > VSTREAM_CTL_SWAP_FD can't swap descriptors between single-buffered and
> > double-buffered streams
That was the result of wrappermode never having been tested with
tlsproxy mode turned on.
Wietse
*** src/
> On Feb 19, 2019, at 11:15 AM, A. Schulze wrote:
>
>> I've not tested what happens
>> with server-side operation in that case, does it refuse service, or
>> try and fail in some manner?
>
> unsure if that's a open question or you expect me something to test?
I am not sure either. :-) I you wa
> On Feb 19, 2019, at 10:50 AM, A. Schulze wrote:
>
>>> Feb 19 13:28:53 spider postfix/tlsproxy[1061]: warning: No server certs
>>> available. TLS can't be enabled
>>
>> For me, applying the patch
>> made the segfaults in a certificateless proxy configuration
>> go away.
>
> indeed, my fault /
Am 19.02.19 um 14:28 schrieb A. Schulze:
>
> A. Schulze:
>
>> Viktor Dukhovni:
>>
>>> diff --git a/src/tls/tls_misc.c b/src/tls/tls_misc.c
>>> diff --git a/src/tlsproxy/tlsproxy.c b/src/tlsproxy/tlsproxy.c
>
> there is an other side effect:
>
> I configured
> smtpd_tls_cert_file = /etc/ssl/$
Am 19.02.19 um 15:37 schrieb Viktor Dukhovni:
>> On Feb 19, 2019, at 7:35 AM, A. Schulze wrote:
>>
>> Feb 19 13:25:53 spider postfix/master[2282]: warning: process
>> /usr/lib/postfix/tlsproxy pid 996 killed by signal 11
>> Feb 19 13:25:53 spider postfix/master[2282]: warning:
>> /usr/lib/pos
> On Feb 19, 2019, at 7:35 AM, A. Schulze wrote:
>
> Feb 19 13:25:53 spider postfix/master[2282]: warning: process
> /usr/lib/postfix/tlsproxy pid 996 killed by signal 11
> Feb 19 13:25:53 spider postfix/master[2282]: warning:
> /usr/lib/postfix/tlsproxy: bad command startup -- throttling
> Feb
> On 19 Feb 2019, at 16:20, Admin Beckspaced wrote:
>
> Thanks Christos,
>
> so I might want to look into rate limits.
> Have not looked into rspamd as I'm running postfix with amavis-new and
> spamassassin
> Is rspamd compatible with amavis-new?
>
> Thanks & greetings
> Becki
For virus sca
Thanks Christos,
so I might want to look into rate limits.
Have not looked into rspamd as I'm running postfix with amavis-new and
spamassassin
Is rspamd compatible with amavis-new?
Thanks & greetings
Becki
Am 19.02.2019 um 12:23 schrieb Christos Chatzaras:
We wrote a shell script that runs h
Hi Daniel,
thanks a lot for your insights ;)
Still collecting thoughts and strategies how other admins solve the
issue of a hacked email account.
Anyone?
Thanks & greetings
Becki
Am 19.02.2019 um 12:09 schrieb Daniel Armengod:
Hi Becki,
At our site we have a log monitoring script (ad-hoc) w
A. Schulze:
Viktor Dukhovni:
diff --git a/src/tls/tls_misc.c b/src/tls/tls_misc.c
diff --git a/src/tlsproxy/tlsproxy.c b/src/tlsproxy/tlsproxy.c
there is an other side effect:
I configured
smtpd_tls_cert_file = /etc/ssl/${myhostname}/cert+intermediate.pem
smtpd_tls_key_file = /etc/ssl/${m
I see. Thanks it was from master.cf
Sent from my iPad
> On Feb 19, 2019, at 7:53 AM, Benny Pedersen wrote:
>
> Soydepr skrev den 2019-02-19 13:34:
>
>> Feb 19 07:25:45 pepino postfix/smtps/smtpd[10435]: warning: unknown smtpd
>> restriction: "permit_ssl_authenticated"
>
> postconf -nf | grep
Not sure sure where is coming from not form main cf
root@pepino:/home/pi# postconf -nf |grep permit
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated,
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated,
smtpd_relay_restrictions = permit_mynetworks,
Christos Chatzaras skrev den 2019-02-19 12:23:
Also we use Postfix relays with Rspamd checking the From header (we
don't allow users to spoof From address) and doing rate limits (500
e-mails / hour). If someones tries to send more e-mails then the extra
e-mails go to queue for later delivery. So
Soydepr skrev den 2019-02-19 13:34:
Feb 19 07:25:45 pepino postfix/smtps/smtpd[10435]: warning: unknown
smtpd
restriction: "permit_ssl_authenticated"
postconf -nf | grep permit
postconf -Mf | grep permit
its permit_sasl, not permit_ssl
the warning is obervious error
When I send email out trying to use smtp authentication I get this error
Feb 19 07:24:36 pepino dovecot: imap-login: Login: user=, method=PLAIN,
rip=127.0.0.1, lip=127.0.1.1, mpid=10433, TLS, session=
Feb 19 07:25:45 pepino postfix/smtps/smtpd[10435]: connect from
localhost[127.0.0.1]
Feb 19 07:2
Viktor Dukhovni:
diff --git a/src/tls/tls_misc.c b/src/tls/tls_misc.c
diff --git a/src/tlsproxy/tlsproxy.c b/src/tlsproxy/tlsproxy.c
Another issue remains, in that tlsproxy(8) wants
unconditional server-side support before it is willing to be a
client proxy, and therefore also wants server
On Tue, 19 Feb 2019 at 11:41, Francesc Peñalvez wrote:
>
> Add smtpd_sender_restrictions =
> permit_mynetworks
> check_client_access cidr: /etc/postfix/trusted_ips.cidr
> permit_sasl_authenticated
> check_sender_access inline: {
> {almogavers.net =
Postfix does not implement SASL.
Instead, Postfix relies on Cyrus SASL or Dovecot for SASL support.
Wietse
Add smtpd_sender_restrictions =
permit_mynetworks
check_client_access cidr: /etc/postfix/trusted_ips.cidr
permit_sasl_authenticated
check_sender_access inline: {
{almogavers.net = Local REJECT sender from unauthorized
client}
}
This seeme
We wrote a shell script that runs hourly and notifies us for SASL
authentications with IPs for at least 2 different countries in the previous
hour. In the future we plan to automatically change the password if SASL
authentications are from 3 different countries. This catches most of the hacked
Hi Becki,
At our site we have a log monitoring script (ad-hoc) which warns us
about "mass" authenticated smtp sessions, and also automatically
triggers a user disable on certain criteria, in this case:
- That sent emails exceed a threshold on a given time interval,
- *That there are numerous orig
Dear Postfix Users,
just recently the computer of a client got infected with malware and the
email password was compromised.
The bad guys immediately started sending out spam emails via our mail
servers.
We got notified by our monitoring system a bit later ... and fixed things
But lots and l
27 matches
Mail list logo
