Bernardo Reino wrote:
The messages should be stored in one place, such as webmail/IMAP could
read all messages directly from this location.
Use a single IMAP server. Have both mail servers deliver the messages to
the single IMAP server.
Do you mean I setup a single IMAP server in middle loca
On Tue, 19 Nov 2019, Merrick wrote:
The question is, how to make storage shared by two MX servers?
MX (SMTP) servers don't store messages. They deliver them to whatever
system makes them available to the users.
(or do you mean you want have a shared queue? -- not recommended!)
The messages
Hello,
We plan to setup two postfix as MX servers.
One is in west location, such as CA state.
Another is in east location, such as NYC.
The question is, how to make storage shared by two MX servers?
The messages should be stored in one place, such as webmail/IMAP could
read all messages directl
On Mon, Nov 18, 2019 at 09:40:24PM +, Nick wrote:
> Why did reject_unauth_destination (line 11) only take effect after the
> probe (line 8, if that's what it is) and after check_policy_service
> (line 10)?
Because Postfix evaluates smtpd_relay_restrictions *after* it checks
smtpd_recipient_re
On 11/18/19 8:55 AM, Gregory Heytings wrote:
>
> Hi,
>
>>
>> I know it’s an RFC violation, but I see no email that is delivered
>> with a bare IP helo that is legitimate.
>>
>
> That might be your experience, but RFC 2821 (3.6) and RFC 5321 (2.3.5
> and 4.1.4) explicitly state that an address liter
On 2019-11-18 23:05 GMT, Gregory Heytings wrote:
> In lines 5-9 your server checks that the recipient address of the email the
> client would like to send, namely "***@gmail.com", is deliverable. This
> happens because you have "reject_unverified_recipient" in
> "smtpd_recipient_restrictions" (
1 Nov 18 01:28:37 rolly postfix/postscreen[26770]: CONNECT from
[162.246.19.201]:61693 to [46.235.227.79]:25
2 Nov 18 01:28:43 rolly postfix/postscreen[26770]: PASS NEW
[162.246.19.201]:61693
3 Nov 18 01:28:43 rolly postfix/smtpd[26774]: warning: hostname
rever.aftermathdevelopment.com does
Below is a postmaster notification about a relay attempt. The
notification is from my server running 3.4.7 on debian stable.
Out: 220 mail.acrasis.net ESMTP Postfix (Debian/GNU)
In: HELO win-sa71d6ou2qs.domain
Out: 250 mail.acrasis.net
In: MAIL FROM:
Out: 250 2.1.0 Ok
In: RCPT TO:<**
Now I try to send mail to box and what happen:
Nov 18 17:12:35 netcup.silviosiefke.com postfix/smtpd[6215]: NOQUEUE:
reject: RCPT from unknown[81.91.160.182]: 450 4.7.25 Client host
rejected: cannot find your hostname, [81.91.160.182];
from= to=
proto=ESMTP helo=
This means that a rev
On Mon, 18 Nov 2019, siefke_lis...@web.de wrote:
On Mon, 18 Nov 2019 17:23:43 +0100
Matus UHLAR - fantomas wrote:
cannot find your hostname indicated reject_unknown_client_hostname hit.
Ah thank you this what I had search.
seems something is wrong with your (or maybe their) reverse DNS
re
On Mon, 18 Nov 2019 17:23:43 +0100
Matus UHLAR - fantomas wrote:
> cannot find your hostname indicated reject_unknown_client_hostname hit.
Ah thank you this what I had search.
> seems something is wrong with your (or maybe their) reverse DNS
> resolution...
This is what I had:
[siefke@sisi-de
On Mon, 18 Nov 2019 at 12:23, Dominic Raferd
wrote:
>
>
> On Mon, 18 Nov 2019 at 12:00, @lbutlr wrote:
>
>> Is it safe (or mostly safe) to simply block attempts to deliver mail with
>> a helo that is only an IP address? (I am talking about only on
>> postfix/stmpd and obviously not on postfix/su
Two other users replied to your question. For real-world mail
servers, my experience is that the only safe restriction (safe =
no false positives) is "reject_unknown_reverse_client_hostname".
Irrelevant to HELO argument filtering.
On 18.11.19 18:10, Gregory Heytings wrote:
Relevant to reject
Two other users replied to your question. For real-world mail servers,
my experience is that the only safe restriction (safe = no false
positives) is "reject_unknown_reverse_client_hostname".
Irrelevant to HELO argument filtering.
Relevant to rejecting emails. Perhaps I should have wr
On 18.11.19 17:16, siefke_lis...@web.de wrote:
Now I try to send mail to box and what happen:
Nov 18 17:12:35 netcup.silviosiefke.com postfix/smtpd[6215]: NOQUEUE: reject: RCPT from
unknown[81.91.160.182]: 450 4.7.25 Client host rejected: cannot find your hostname,
[81.91.160.182]; from=
to=
Hello,
I try to run postfix, rspamd and dovecot. The 3 stars :)
Now I try to send mail to box and what happen:
Nov 18 17:12:35 netcup.silviosiefke.com postfix/smtpd[6215]: NOQUEUE: reject:
RCPT from unknown[81.91.160.182]: 450 4.7.25 Client host rejected: cannot find
your hostname, [81.91.160.
Bill Cole wrote:
Rejecting mail is a far better choice than delivering to a 'spam box'
since most users never bother looking there for anything. Rejections at
least stand some chance of making enough noise on the sender side to get
misconfigurations fixed.
IME exactly the opposite is true, b
On 11/18/2019 7:46 AM, @lbutlr wrote:
On 18 Nov 2019, at 06:04, Andrew Sullivan wrote:
At the same time, there are a _lot_ of anti-abuse techniques for mail that don't
rely on the broad hueristic of, "This TLD seems to suck,” and that don't rely
on establishing that rule as a permanent part o
On 18 Nov 2019, at 8:55, Gregory Heytings wrote:
Hi,
I know it’s an RFC violation, but I see no email that is delivered
with a bare IP helo that is legitimate.
That might be your experience, but RFC 2821 (3.6) and RFC 5321 (2.3.5
and 4.1.4) explicitly state that an address literal can b
On 18 Nov 2019, at 7:22, Gregory Heytings wrote:
Hi,
Is it safe (or mostly safe) to simply block attempts to deliver mail
with a helo that is only an IP address? (I am talking about only on
postfix/stmpd and obviously not on postfix/submit or related).
No it is not, it's a RFC violation
On 18 Nov 2019, at 6:59, @lbutlr wrote:
Is it safe (or mostly safe) to simply block attempts to deliver mail
with a helo that is only an IP address? (I am talking about only on
postfix/stmpd and obviously not on postfix/submit or related).
Yes.
There are cases of Special Needs Nodes (printer
David B?rgin:
> Looking for protocol expertise that some here might have ?
>
> I understand that email header content should contain 7-bit ASCII-only.
It can be UTF8 if Postfix has SMTPUTF8 support enabled and the
client specified the SMTPUTF8 request in the MAIL FROM command.
> However, as an i
Hi,
I know it’s an RFC violation, but I see no email that is delivered with
a bare IP helo that is legitimate.
That might be your experience, but RFC 2821 (3.6) and RFC 5321 (2.3.5 and
4.1.4) explicitly state that an address literal can be used after
HELO/EHLO. So it's a RFC violation
On 18 Nov 2019, at 06:04, Andrew Sullivan wrote:
> At the same time, there are a _lot_ of anti-abuse techniques for mail that
> don't rely on the broad hueristic of, "This TLD seems to suck,” and that
> don't rely on establishing that rule as a permanent part of your
> configuration.
Yeah, but
On Fr, Nov 08, 2019 at 03:31:05 +0100, Jaroslaw Rafa wrote:
But in that case probably LDA is the best place to do such change. Some
time ago I was doing something similar via procmail.
I found a great program for procmail:
https://fex.belwue.de/fstools/#aw2re
It fixes the subject and can remov
On Mon, 18 Nov 2019, Benny Pedersen wrote:
Bernardo Reino skrev den 2019-11-18 10:12:
I have now done it with:
rbl_reply_maps = texthash:/etc/postfix/dnsbl_reply_smtpd
where that file has lines like:
$KEY.zrd.dq.spamhaus.net=127.0.2.[2..24] $rbl_code Service
unavailable; $rbl_class [$rbl_what]
Bernardo Reino skrev den 2019-11-18 10:12:
I have now done it with:
rbl_reply_maps = texthash:/etc/postfix/dnsbl_reply_smtpd
where that file has lines like:
$KEY.zrd.dq.spamhaus.net=127.0.2.[2..24] $rbl_code Service
unavailable; $rbl_class [$rbl_what] blocked
where $KEY is my key, and the LHS o
Hi,
On Mon, Nov 18, 2019 at 01:11:22PM +0200, George Papas wrote:
> this still works :
>
> https://www.davidmartinwhite.com/2016/10/25/fighting-spam-block-entire-ttld-with-postfix/
>
To be clear, I believe in, "Your network, your rules." Each operator
should do what s/he wants.
At the same ti
Merrick skrev den 2019-11-18 08:48:
On 2019/11/18 3:42 下午, Bernardo Reino wrote:
How can I configure postfix to do like postscreen_dnsbl_reply_map but
for smtpd?
can spamassassin do that as well?
https://github.com/spamhaus/spamassassin-dqs/blob/master/sh.cf
with meta its solved, but its rea
Hello
On 2019/11/18 8:32 下午, @lbutlr wrote:
How much legitimate mail do you get with an IP helo?
I just saw postfix in my Vps, the default configuration is using IP for
Helo command.
I use this postfix to send monitor stuff to myself, received in gmail.
regards.
Looking for protocol expertise that some here might have …
I understand that email header content should contain 7-bit ASCII-only.
However, as an implementor of email software such as a milter, how do I
best deal with non-conforming input?
Say I receive a header line in my milter that isn’t ASCII
Is it safe (or mostly safe) to simply block attempts to deliver mail
with a helo that is only an IP address? (I am talking about only on
postfix/stmpd and obviously not on postfix/submit or related).
On 18.11.19 13:22, Gregory Heytings wrote:
No it is not, it's a RFC violation. The string that
On 18 Nov 2019, at 05:22, Gregory Heytings wrote:
>> Is it safe (or mostly safe) to simply block attempts to deliver mail with a
>> helo that is only an IP address? (I am talking about only on postfix/stmpd
>> and obviously not on postfix/submit or related).
>>
>
> No it is not, it's a RFC vio
On Mon, 18 Nov 2019 at 12:00, @lbutlr wrote:
> Is it safe (or mostly safe) to simply block attempts to deliver mail with
> a helo that is only an IP address? (I am talking about only on
> postfix/stmpd and obviously not on postfix/submit or related).
>
> I have about 50,000 NOQUEUE reject from "h
Hi,
Is it safe (or mostly safe) to simply block attempts to deliver mail
with a helo that is only an IP address? (I am talking about only on
postfix/stmpd and obviously not on postfix/submit or related).
No it is not, it's a RFC violation. The string that follows HELO/EHLO is
purely i
Is it safe (or mostly safe) to simply block attempts to deliver mail with a
helo that is only an IP address? (I am talking about only on postfix/stmpd and
obviously not on postfix/submit or related).
I have about 50,000 NOQUEUE reject from "helo=<[193.32.160.151]>" over the last
week, for examp
On Mon, 18 Nov 2019, Matus UHLAR - fantomas wrote:
anything in the logs yet?
I just got a hit, and it worked as expected :)
Nov 18 11:47:17 regenbogen postfix/smtpd[17564]: NOQUEUE: \
reject: RCPT from 71-10-166-63.dhcp.stls.mo.charter.com[71.10.166.63]: \
554 5.7.1 Service unavailable; Clien
Hi,
Postfix is giving me a very unhelpful message of just "SASL plain
authentication failed:".
My guess is that you have set "log_path" in your dovecot.conf. If this is
the case, the other line of the message appears in the dovecot log file,
for instance:
mail.log: ... SASL PLAIN a
On Mon, 18 Nov 2019, Matus UHLAR - fantomas wrote:
On 18.11.19 10:12, Bernardo Reino wrote:
My plan is/was to use only one blacklist (zen, IP-based) during postscreen
but then have the option of using other blacklists (dbl, zrd) at smtpd
time.
I moved all blacklist filtering from smtpd to po
On 18.11.19 08:42, Bernardo Reino wrote:
I currently use postscreen with postscreen_dbl_sites pointing to
my instance of spamhaus.net. With postscreen_dnsbl_reply_map I
hide the secret key from the server responses.
Now, I also have/had "reject_rbl_client zen.spamhaus.org" a part
of my smtpd_
On Mon, 18 Nov 2019, Matus UHLAR - fantomas wrote:
On 18.11.19 08:42, Bernardo Reino wrote:
I currently use postscreen with postscreen_dbl_sites pointing to my
instance of spamhaus.net. With postscreen_dnsbl_reply_map I hide the secret
key from the server responses.
Now, I also have/had "rej
On 18.11.19 08:42, Bernardo Reino wrote:
I currently use postscreen with postscreen_dbl_sites pointing to my
instance of spamhaus.net. With postscreen_dnsbl_reply_map I hide the
secret key from the server responses.
Now, I also have/had "reject_rbl_client zen.spamhaus.org" a part of my
smtpd_
On Thu, Oct 31, 2019 at 07:52:11PM -0400, Andrew Sullivan wrote:
I _know_ I am overlooking something, and I need a clue-bat.
On 17.11.19 22:03, Andrew Sullivan wrote:
Thanks to the list for the help. I tracked this down to a mistake in
main.cf with a too-restrictive smtpd_client_restrictions
On Mon, 18 Nov 2019, Merrick wrote:
hello
On 2019/11/18 3:42 下午, Bernardo Reino wrote:
How can I configure postfix to do like postscreen_dnsbl_reply_map but for
smtpd?
can spamassassin do that as well?
I don't know, that was not my question :)
(I use rspamd for spam filtering, where I als
44 matches
Mail list logo
