>
> Michael Orlitzky:
If you want something more generic than what's already in postfix, the
> next level up is probably iptables.
I was looking for something with host lookup capability and tcp wrappers
was exactly the thing. There were allow/deny.hosts files present in the
system, which made m
Generic approach to system administration and access control
reconfiguration at runtime (without service reload).
вт, 16 февр. 2021 г. в 01:24, Bob Proulx :
> Eugene Podshivalov wrote:
> > Is it by chance possible that tcp wrappers will be supported in future at
> > least a
Is it by chance possible that tcp wrappers will be supported in future at
least as an optionally compiled feature?
пн, 8 февр. 2021 г. в 23:00, Eugene Podshivalov :
> Thanks, Noel! Your comments are helpful indeed.
>
> пн, 8 февр. 2021 г. в 22:37, Noel Jones :
>
>>
>&
webmail>
Без
вирусов. www.avast.ru
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
пт, 12 февр. 2021 г. в 19:43, Eugene Podshivalov :
> Wietse:
>> smtpd does not resolve
;
Без
вирусов. www.avast.ru
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
пт, 12 февр. 2021 г. в 19:32, Wietse Venema :
> Eugene Podshivalov:
> > Another somewhat
smtpd needs to
resolve all virtual etc. mappings which is also done by the cleanup. Is
this resolution done twice in this case?
пт, 12 февр. 2021 г. в 02:48, Wietse Venema :
> Eugene Podshivalov:
> > >
> > > Wietse:
> >
> > The address can be transformed
ell, don't they? But
still no probe is done for them.
Is it because local messages are considered more trusted then relay ones,
or maybe some other silent verification mechanisms are utilized for them
which cannot be used for relay ones?
чт, 11 февр. 2021 г. в 23:48, Wietse Venema :
itself.
чт, 11 февр. 2021 г. в 22:58, Wietse Venema :
> Eugene Podshivalov:
> > Let me put it this way: does Postfix do probe for outgoing mail?
>
> reject_unverified_recipient and reject_unverified_sender make no
> such distinction. That is a feature, not a bug.
>
> rej
Let me put it this way: does Postfix do probe for outgoing mail?
чт, 11 февр. 2021 г. в 21:35, Wietse Venema :
> Eugene Podshivalov:
> > I meant Postfix probes use a sender address even when it is a local one.
> > Example from logs:
> >
> > > postfix/qmgr[20192]:
=deliverable (delivers
> to mailbox)
чт, 11 февр. 2021 г. в 20:58, Wietse Venema :
> Eugene Podshivalov:
> > When reject_unverified_sender param is set and an email is sent on behalf
> > of the server the double-bounce check is still performed (i.e. sent to
> > itself).
When reject_unverified_sender param is set and an email is sent on behalf
of the server the double-bounce check is still performed (i.e. sent to
itself).
Is this all right?
Eugene
> on behalf of Viktor Dukhovni
> *Sent:* Wednesday, February 10, 2021 18:39
> *To:* postfix-users@postfix.org
> *Subject:* Re: client and ehlo hostname mismatch
>
> > On Feb 10, 2021, at 9:38 PM, Eugene Podshivalov
> wrote:
> >
> > Are there any wise cases
Are there any wise cases for a legitimate client to provide a valid ehlo
hostname (which maps to some address) but that address will differ from the
address it connects from?
чт, 11 февр. 2021 г. в 01:01, Bob Proulx :
> Eugene Podshivalov wrote:
> > Then what is the sense of doing th
>
> Viktor Dukhovni:
> Postfix can check that the EHLO name resolves to some IP address.
Then what is the sense of doing this if the name can be whoever else's name?
чт, 11 февр. 2021 г. в 00:03, Viktor Dukhovni :
> On Wed, Feb 10, 2021 at 11:59:39PM +0300, Eugene
, 10 февр. 2021 г. в 23:38, Viktor Dukhovni :
> On Wed, Feb 10, 2021 at 01:20:23PM -0700, Bob Proulx wrote:
> > Eugene Podshivalov wrote:
> > > I've just received a spam email from a client who presented itself as
> > > emx.mail.ru but its ip 117.30.137.22 re
Hello,
I've just received a spam email from a client who presented itself as
emx.mail.ru but its ip 117.30.137.22 resolves to
22.137.30.117.broad.xm.fj.dynamic.163data.com.cn
Are reverse client hostname and the ehlo one not supposed to match?
--Eugene
Thanks, Noel! Your comments are helpful indeed.
пн, 8 февр. 2021 г. в 22:37, Noel Jones :
>
> On 2/8/2021 11:45 AM, Eugene Podshivalov wrote:
> > Thanks for the explanation, Wietse.
> >
> > Probably the issue is just with the logging levels.
> > My cur
февр. 2021 г. в 19:39, Wietse Venema :
> Eugene Podshivalov:
> > Have read through the postscreen documentation closely and got it setup
> and
> > running already, but could not find the three major possibilities
> provided
> > by the tcp wrappers:
> > 1. block
Do you mean with the help of reject_unknown_client_hostname
and check_sender_access params?
пн, 8 февр. 2021 г. в 16:37, Matus UHLAR - fantomas :
> On 08.02.21 16:27, Eugene Podshivalov wrote:
> >Have read through the postscreen documentation closely and got it setup
> and
> &
st two produce the major bulk of spambot connections.
Are there any other means to achieve these?
пн, 8 февр. 2021 г. в 12:14, Eugene Podshivalov :
> I'm new to postscreen and it's what I was looking for. Thanks a lot for
> the answers!
>
> пн, 8 февр. 2021 г. в 11:22, Do
I'm new to postscreen and it's what I was looking for. Thanks a lot for the
answers!
пн, 8 февр. 2021 г. в 11:22, Dominic Raferd :
> On 08/02/2021 08:04, Eugene Podshivalov wrote:
> > There are a bunch of spiders and spammers nowadays which are knocking
> > the service e
ilter
those out by UFW but dynamic addresses make it quite inefficient.
Regards,
Eugene
пн, 8 февр. 2021 г. в 04:01, Viktor Dukhovni :
> On Mon, Feb 08, 2021 at 02:17:46AM +0300, Eugene Podshivalov wrote:
>
> > Are there any reasons not to have Postfix compiled with TCP wrappers?
>
Hi all,
Are there any reasons not to have Postfix compiled with TCP wrappers?
Regards,
Eugene
-40BB-A1B8-4E2AA1F9FDF2>
пн, 23 нояб. 2020 г. в 17:40, Wietse Venema :
> Eugene Podshivalov:
> > Hi all,
> > I have the following config
> >
> > > smtpd_client_restrictions =
> > > reject_unknown_client_hostname
> &
Hi all,
I have the following config
> smtpd_client_restrictions =
> reject_unknown_client_hostname
> smtpd_helo_required = yes
> smtpd_helo_restrictions =
> reject_invalid_helo_hostname,
> reject_non_fqdn_helo_hostname,
> reject_unknown_helo_hostname
> smtpd_sender_restrictions =
>
Hi,
Is there a way to block spam messages like this?
Probably "receiver=" spf param might be the clue.
postfix/smtpd[15571]: connect from a.benient.com[198.144.154.163]
postfix/smtpd[15571]: Anonymous TLS connection established from
a.benient.com[198.144.154.163]: TLSv1 with cipher ECDHE-RSA-AES25
26 matches
Mail list logo
