My primary outbound relay cluster connects through a load balancer NAT so when
it gives "helo host1.services.domain.tld" it actually reverses to the hostname
assigned to the load balancer (relay.domain.tld). there are multiple nodes
that all lookup with the single NAT IP when connecting outboun
> On Feb 10, 2021, at 9:38 PM, Eugene Podshivalov wrote:
>
> Are there any wise cases for a legitimate client to provide a valid ehlo
> hostname (which maps to some address) but that address will differ from
> the address it connects from?
I don't know about "wise", but this is not uncommon.
As
Are there any wise cases for a legitimate client to provide a valid ehlo
hostname (which maps to some address) but that address will differ from the
address it connects from?
чт, 11 февр. 2021 г. в 01:01, Bob Proulx :
> Eugene Podshivalov wrote:
> > Then what is the sense of doing this if the nam
Eugene Podshivalov wrote:
> Then what is the sense of doing this if the name can be whoever else's name?
For anti-spam and anti-abuse software. It's all available for the
anti-spam to use to decided how to classify the message. Perhaps not
as a hard block as that would definitely have false posi
On Thu, Feb 11, 2021 at 12:15:32AM +0300, Eugene Podshivalov wrote:
> > Viktor Dukhovni:
> > Postfix can check that the EHLO name resolves to some IP address.
>
> Then what is the sense of doing this if the name can be whoever else's name?
Spam bots are sloppy, and typicall default to the name f
On Wed, Feb 10, 2021 at 01:20:30PM -0800, Ron Garret wrote:
> I am working on a spam filter and so I find myself spending a lot more
> quality time with mail logs than I used to. One of the things I have
> noticed is that I will get a lot of connections that send a HELO
> command and then disconn
On 10 Feb 2021, at 15:52, Chris Green wrote:
On Wed, Feb 10, 2021 at 02:13:22PM -0500, Viktor Dukhovni wrote:
On Wed, Feb 10, 2021 at 05:41:49PM +, Chris Green wrote:
OK, what I want to do is as follows:-
I have several headless machines which need to be able to send error
and other mess
On Wed, Feb 10, 2021 at 4:21 PM Ron Garret wrote:
>
> Hello (not helo :-)
>
> I am working on a spam filter and so I find myself spending a lot more
> quality time with mail logs than I used to. One of the things I have noticed
> is that I will get a lot of connections that send a HELO command
On 2/10/2021 3:20 PM, Ron Garret wrote:
Hello (not helo :-)
I am working on a spam filter and so I find myself spending a lot more quality
time with mail logs than I used to. One of the things I have noticed is that I
will get a lot of connections that send a HELO command and then disconnec
On Wed, Feb 10, 2021 at 09:05:03PM +, Chris Green wrote:
> OK, but every system I know about has hostname as just the hostname
> with no domain.
Only because you configured it that way, perhaps via an "installer" that
made that default choice for you, but all these systems allow you to
config
Hello (not helo :-)
I am working on a spam filter and so I find myself spending a lot more quality
time with mail logs than I used to. One of the things I have noticed is that I
will get a lot of connections that send a HELO command and then disconnect.
Sometimes I get this repeated several t
I'm sorry everyone if I got a bit heated about this.
I *think* I have most of the information I need to sort it out one way
or another, and there probably isn't a 'right' answer. :-)
... and as I said before, a big thank you for all the help, I do
appreciate it even if it might not seem like it
>
> Viktor Dukhovni:
> Postfix can check that the EHLO name resolves to some IP address.
Then what is the sense of doing this if the name can be whoever else's name?
чт, 11 февр. 2021 г. в 00:03, Viktor Dukhovni :
> On Wed, Feb 10, 2021 at 11:59:39PM +0300, Eugene Podshivalov wrote:
>
> > > Vikt
Dnia 10.02.2021 o godz. 20:52:01 Chris Green pisze:
>
> If (and it's a big if) I configure the hostname to be a FQDN how do I
> then get mail sent to 'chris' out of isbd.uk to ch...@isbd.co.uk?
That seems to be completely unrelated to the hostname problem.
If you alias "chris" to "ch...@isbd.co.
On Wed, Feb 10, 2021 at 01:11:49PM -0700, Bob Proulx wrote:
> Chris Green wrote:
> > Viktor Dukhovni wrote:
> > > Chris Green wrote:
> > > > Local hostname doesn't have FQDN by default though:-
> > > >
> > > > chris@isbdGandi$ hostname
> > > > isbdGandi
> > > > chris@isbdGandi$ hostnam
On Wed, Feb 10, 2021 at 11:59:39PM +0300, Eugene Podshivalov wrote:
> > Viktor Dukhovni:
> > The actual expectation is that the EHLO name is a valid DNS hostname,
> > and should resolve to the IP address of the client.
>
> Postfix does not seem to be able to check this right now. Wouldn't it be
>
>
> Viktor Dukhovni:
> The actual expectation is that the EHLO name is a valid DNS hostname,
> and should resolve to the IP address of the client.
Postfix does not seem to be able to check this right now. Wouldn't it be
good to have such features in smtpd_helo_restrictions?
ср, 10 февр. 2021 г.
On Wed, Feb 10, 2021 at 02:13:22PM -0500, Viktor Dukhovni wrote:
> On Wed, Feb 10, 2021 at 05:41:49PM +, Chris Green wrote:
>
> > OK, what I want to do is as follows:-
> >
> > I have several headless machines which need to be able to send error
> > and other messages to me ch...@isbd.co.uk.
>
On Wed, Feb 10, 2021 at 01:20:23PM -0700, Bob Proulx wrote:
> Eugene Podshivalov wrote:
> > I've just received a spam email from a client who presented itself as
> > emx.mail.ru but its ip 117.30.137.22 resolves to
> > 22.137.30.117.broad.xm.fj.dynamic.163data.com.cn
> >
> > Are reverse client ho
On Wed, 10 Feb 2021, Bob Proulx wrote:
Eugene Podshivalov wrote:
I've just received a spam email from a client who presented itself as
emx.mail.ru but its ip 117.30.137.22 resolves to
22.137.30.117.broad.xm.fj.dynamic.163data.com.cn
Are reverse client hostname and the ehlo one not supposed to
Eugene Podshivalov wrote:
> I've just received a spam email from a client who presented itself as
> emx.mail.ru but its ip 117.30.137.22 resolves to
> 22.137.30.117.broad.xm.fj.dynamic.163data.com.cn
>
> Are reverse client hostname and the ehlo one not supposed to match?
It's been an old traditi
Chris Green wrote:
> Viktor Dukhovni wrote:
> > Chris Green wrote:
> > > Local hostname doesn't have FQDN by default though:-
> > >
> > > chris@isbdGandi$ hostname
> > > isbdGandi
> > > chris@isbdGandi$ hostname -f
> > > isbdGandi.isbd.uk
> > >
> > > > Do your OS instances have th
On 10 Feb 2021, at 11:37, @lbutlr wrote:
> A trivial script of a couple of lines should do the trick.
postconf -e mydomain=$( dnsdomainname ) && postfix reload
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Ava
On 10 Feb 2021, at 5:55, Marek Kozlowski wrote:
I've read the recommended way of connecting clamav is via
smtpd_milters in main.cf. But spamassassin in those tutorial is not
connected that way but a master.cf entry is defined and a "-o
content_filter=that_entry" for smtp service is added. If s
On 10 Feb 2021, at 14:41, Eugene Podshivalov wrote:
Hello,
I've just received a spam email from a client who presented itself as
emx.mail.ru but its ip 117.30.137.22 resolves to
22.137.30.117.broad.xm.fj.dynamic.163data.com.cn
Are reverse client hostname and the ehlo one not supposed to match
Hello,
I've just received a spam email from a client who presented itself as
emx.mail.ru but its ip 117.30.137.22 resolves to
22.137.30.117.broad.xm.fj.dynamic.163data.com.cn
Are reverse client hostname and the ehlo one not supposed to match?
--Eugene
On Wed, Feb 10, 2021 at 05:41:49PM +, Chris Green wrote:
> OK, what I want to do is as follows:-
>
> I have several headless machines which need to be able to send error
> and other messages to me ch...@isbd.co.uk.
Directly to that address, or indirectly by sending mail to various local
acco
On 10 Feb 2021, at 10:41, Chris Green wrote:
>chris$ postconf -d myorigin
>myorigin = $myhostname
>chris$ postconf -d myhostname
>myhostname = t470.localdomain
>chris$ dnsdomainname
>zbmc.eu
>chris$ hostname -f
>t470.zbmc.eu
>chris$ hostname
>t470
>
> So on
On Wed, Feb 10, 2021 at 10:37:15AM -0700, @lbutlr wrote:
> On 10 Feb 2021, at 10:05, Chris Green wrote:
> > but this doesn't seem to have worked. What am I doing wrong now? (I
> > have run 'newaliases').
>
> what does
>
> postconf -d myhostname mydomain myorigin
>
> Report?
>
> It should repo
On Wed, Feb 10, 2021 at 12:17:47PM -0500, Viktor Dukhovni wrote:
> On Wed, Feb 10, 2021 at 05:05:52PM +, Chris Green wrote:
>
> This may be a good time to clearly (re)state what problem you're trying
> to solve, now that you're apparently able to assign the desired mydomain
> to each machine.
On 10 Feb 2021, at 10:05, Chris Green wrote:
> but this doesn't seem to have worked. What am I doing wrong now? (I
> have run 'newaliases').
what does
postconf -d myhostname mydomain myorigin
Report?
It should report:
myhostname = isbdGandi.isbd.uk
mydomain = isbd.uk
myorigin = $myhostname
On Wed, Feb 10, 2021 at 05:14:57PM +, Chris Green wrote:
> What exactly do you mean by "... have fully-qualified hostnames?".
This means that the raw system hostname reported via `uname -n` or
`hostname` commands (really the underlying system calls) is an FQDN.
> I know what you mean by FQDN
On Wed, Feb 10, 2021 at 05:05:52PM +, Chris Green wrote:
> So I have the FQDN everywhere:-
>
> chris@isbdGandi$ hostname
> isbdGandi.isbd.uk
>
> ... and now postfix sends cron mail *to* ch...@isbd.uk as well as from
> ch...@isbd.uk which doesn't help at all! I have an entry for chri
On Wed, Feb 10, 2021 at 11:36:42AM -0500, Viktor Dukhovni wrote:
> On Wed, Feb 10, 2021 at 03:01:44PM +, Chris Green wrote:
>
> > Local hostname doesn't have FQDN by default though:-
> >
> > chris@isbdGandi$ hostname
> > isbdGandi
> > chris@isbdGandi$ hostname -f
> > isbdGandi
On Wed, Feb 10, 2021 at 05:31:47PM +0100, Matus UHLAR - fantomas wrote:
> > > Dnia 10.02.2021 o godz. 15:10:09 Chris Green pisze:
> > > >
> > > > These systems are all systemd'ed so I can't just run postfix as above.
> > > > However will 'postconf "myhostname = $(dnsdomainname)"' actually
> > > > c
On 10 Feb 2021, at 07:36, Chris Green wrote:
> So myhostname isn't explicitly set.
That is correct. Myshostname is not normally set, it is taken from the machine
name by postfix. The only reason you would declare it in main.cf is to override
the name for some reasons.
postconf -d myhostname
On 10 Feb 2021, at 07:03, ludic...@gmail.com wrote:
>> It would be really handy if I could get postfix to use the value returned by
>> the dnsdomainname command for its mydomain value as I could then use the
>> same main.cf file in several headless 'send only'
>> systems where postfix is used solel
On Wed, Feb 10, 2021 at 03:01:44PM +, Chris Green wrote:
> Local hostname doesn't have FQDN by default though:-
>
> chris@isbdGandi$ hostname
> isbdGandi
> chris@isbdGandi$ hostname -f
> isbdGandi.isbd.uk
>
> > Do your OS instances have their hostnames?
>
> See above.
The si
Dnia 10.02.2021 o godz. 15:10:09 Chris Green pisze:
>
> These systems are all systemd'ed so I can't just run postfix as above.
> However will 'postconf "myhostname = $(dnsdomainname)"' actually
> change/set the myhostname value in main.cf? If so then simply putting
> the postconf command in /etc/
Dnia 10.02.2021 o godz. 15:55:23 Chris Green pisze:
>
> Currently I have a single main.cf file kept in mercurial that I deploy
> on all these systems. If I change the file in my mercurial repository
> the change gets distributed to all systems (by a file synchronising
> process). I'm just trying
Thanks! all is clear.
Il 10/02/2021 16:41, Matus UHLAR - fantomas ha scritto:
On 10.02.21 16:19, Matteo Cazzador wrote:
Hi , i've a problem related to forwarding external (using relayhost)
mail on my server, my mail server host "x.com" like virtual domain,
but i need to force to send every em
On Wed, Feb 10, 2021 at 04:40:13PM +0100, Jaroslaw Rafa wrote:
> Dnia 10.02.2021 o godz. 15:10:09 Chris Green pisze:
> >
> > These systems are all systemd'ed so I can't just run postfix as above.
> > However will 'postconf "myhostname = $(dnsdomainname)"' actually
> > change/set the myhostname val
Dnia 10.02.2021 o godz. 10:42:08 Kris Deugau pisze:
>
> I would say the main reason for the difference is that the core
> SpamAssassin project itself doesn't have a milter component, so
> there's no way to use that method to link it in, whereas ClamAV
> doesn't really have a content-filter-compati
Marek Kozlowski wrote:
:-)
I know that clamav and spamassassin are out of scope of this list. But
my question is more postfix-related. Most systems and Linux distros have
tutorials on postfix, spamassassin and clamav. In most of I've read the
recommended way of connecting clamav is via smtpd_
On 10.02.21 16:19, Matteo Cazzador wrote:
Hi , i've a problem related to forwarding external (using relayhost)
mail on my server, my mail server host "x.com" like virtual domain,
but i need to force to send every email direct (by forward) to domain
"x.com" using an external relayhost.
x.com
Dnia 10.02.2021 o godz. 15:10:09 Chris Green pisze:
>
> These systems are all systemd'ed so I can't just run postfix as above.
> However will 'postconf "myhostname = $(dnsdomainname)"' actually
> change/set the myhostname value in main.cf? If so then simply putting
> the postconf command in /etc/
Hi , i've a problem related to forwarding external (using relayhost)
mail on my server, my mail server host "x.com" like virtual domain,Â
but i need to force to send every email direct (by forward) to domain
"x.com" using an external relayhost.
But i obtain an error "*User unknown in virtual
On Wed, Feb 10, 2021 at 09:53:02AM -0500, Wietse Venema wrote:
> Chris Green:
> > On Wed, Feb 10, 2021 at 03:14:11PM +0100, Matus UHLAR - fantomas wrote:
> > > On 10.02.21 13:57, Chris Green wrote:
> > > > It would be really handy if I could get postfix to use the value
> > > > returned by the dnsd
On Wed, Feb 10, 2021 at 03:47:29PM +0100, Matus UHLAR - fantomas wrote:
> On 10.02.21 14:36, Chris Green wrote:
> > Apart from the TLS/SASL bits the main.cf for all these headless
> > systems is:-
> >
> >mydomain = zbmc.eu
> >myorigin = $mydomain
> >relayhost = [mail.gandi.net]:465
> >
Chris Green:
> On Wed, Feb 10, 2021 at 03:14:11PM +0100, Matus UHLAR - fantomas wrote:
> > On 10.02.21 13:57, Chris Green wrote:
> > > It would be really handy if I could get postfix to use the value
> > > returned by the dnsdomainname command for its mydomain value as I
> > > could then use the sa
On Wed, Feb 10, 2021 at 03:14:11PM +0100, Matus UHLAR - fantomas wrote:
> On 10.02.21 13:57, Chris Green wrote:
> > It would be really handy if I could get postfix to use the value
> > returned by the dnsdomainname command for its mydomain value as I
> > could then use the same main.cf file in seve
On 10.02.21 13:57, Chris Green wrote:
It would be really handy if I could get postfix to use the value
returned by the dnsdomainname command for its mydomain value as I
could then use the same main.cf file in several headless 'send only'
systems where postfix is used solely for sending error mess
On Wed, Feb 10, 2021 at 03:03:47PM +0100, ludic...@gmail.com wrote:
> > Von: owner-postfix-us...@postfix.org Im
> > Auftrag von Chris Green
> > Gesendet: Mittwoch, 10. Februar 2021 14:57
> > An: postfix-users@postfix.org
> > Betreff: Can I get postfix to use what's returned by dnsdomainname for
>
Can't this be simply done by bash/cron?
Execute dnsdomainname
Alter main.cf
postfix reload
Not sure about startup / system boot.
Just my first thoughts.
Greets,
Ludi
-Ursprüngliche Nachricht-
Von: owner-postfix-us...@postfix.org Im
Auftrag von Chris Green
Gesendet: Mittwoch, 10. Febru
It would be really handy if I could get postfix to use the value
returned by the dnsdomainname command for its mydomain value as I
could then use the same main.cf file in several headless 'send only'
systems where postfix is used solely for sending error messages from
cron and similar.
There isn't
On 10 Feb 2021, at 04:13, Matus UHLAR - fantomas wrote:
> On 09.02.21 14:22, @lbutlr wrote:
>> But yes, each admin needs to look at their logs and see who
>> is still using encryption they should not be using (especially since this
>> probably indicates they have not updated the ssl libraries and
On 10.02.21 11:55, Marek Kozlowski wrote:
I know that clamav and spamassassin are out of scope of this list. But
my question is more postfix-related. Most systems and Linux distros
have tutorials on postfix, spamassassin and clamav. In most of I've
read the recommended way of connecting clamav
On 09 Feb 2021, at 04:23, Dominic Raferd wrote:
This shows plenty of 'good' servers still using TLSv1 or TLSv1.1 -
including the postfix-users list servers. Of course they would
probably downgrade to plaintext if required, but that would reduce
security.
On 09/02/2021 12:36, @lbutlr wrote:
T
:-)
I know that clamav and spamassassin are out of scope of this list. But
my question is more postfix-related. Most systems and Linux distros have
tutorials on postfix, spamassassin and clamav. In most of I've read the
recommended way of connecting clamav is via smtpd_milters in main.cf.
But
59 matches
Mail list logo
