newbie department

Why do I get mail to names like dcpczy3foku+gcyvikdnlcei? They're not a lot of them, but they show up every few days, and I can't think why anybody'd do this. At first I thought somebody was trying to access their bot, but Postfix rejects them after a quick look at /etc/passw

Re: (Off-topic: who's on the list) was: Is not honoring bounces-to violation of RFC?

rted typing. Downhill ever since :-) Managing Postfix is more a recreational duty that I fell into by choice. Postfix is a delightful piece of software. -- Glenn English

Re: Webmin with Postfix: recommended or not.

show on a Raspberry Pi) aren't capable of doing most of the things Wietse and his buds talk about on the mailing list -- that usually takes a text editor, some time, and some knowledge. -- Glenn English

Re: Outbound rate limiting

the spammers. > Are they alerted when these are > received so they can be managed/deleted or the accounts disabled, etc? Nope. Any packets they send me are just ignored (after the first one). -- Glenn English

Re: Rate limiting guidance needed

27;re talking about outgoing traffic, the same thing could be done. -- Glenn English

Re: Goodbye IBM, Hello Google

to support Postfix. Very glad to hear that! -- Glenn English

Re: sending from a virtual domain

nt brain injury a few years ago, and my thinking isn't what it used to be. (Stay off bicycles!) Thanks again. -- Glenn English

sending from a virtual domain

t; ab...@elizabethenglish.comeae > webmas...@elizabethenglish.comeae > @elizabethenglish.com eae > > silvercloudphoto.com virtual > davidwsil...@silvercloudphoto.com oscysbtdel2 > da...@silvercloudphoto.comoscysbtdel2 > > BoulderMedicalAdvocate.comvirtual > da...@bouldermedicaladvocate.com oscysbtdel > davidwsil...@bouldermedicaladvocate.com oscysbtdel > g...@bouldermedicaladvocate.com ghe These are a little bent from my trying to deal with the problem... -- Glenn English

virtual sending problem

re > reject_unknown_reverse_client_hostname reject_rbl_client zen.spamhaus.org > permit > smtpd_sender_restrictions = permit > smtpd_timeout = 60 > swap_bangpath = no > transport_maps = hash:/etc/postfix/transport-mapping > unknown_local_recipient_reject_code = 550 > virtual_alias_maps = hash:/etc/postfix/virtual -- Glenn English

Re: TLS help request

s it expecting me to enter? You say it showed the last line of the EHLO response. What made it stop and take all that info in the middle of that info, then finish afterward. Is something wrong in that openssl... command? -- Glenn English

Re: TLS help request

On Mar 7, 2014, at 5:29 PM, li...@rhsoft.net wrote: > let me guess: BSD as operating system Sorry, Debian. > there where a lot of posts recently that this is a problem > honestly you should always disable compression in con text of TLS Thanks. I'll check it out... -- Glenn English

TLS help request

do with TLS, but I built one anyway, containing a phony user/pw. The dox on the web say it doesn't need to be there, and the Debian installer didn't put it in the dist config, but the log quieted down. The latest info from the log after running the openssl... command: > Mar 7 16:21:46 smbox postfix/smtpd[19039]: connect from > ip6-localhost[127.0.0.1] > Mar 7 16:21:48 smbox postfix/smtpd[19039]: lost connection after STARTTLS > from ip6-localhost[127.0.0.1] > Mar 7 16:21:48 smbox postfix/smtpd[19039]: disconnect from > ip6-localhost[127.0.0.1] Please, what have I done wrong? -- Glenn English

Re: DNS timeout??

On Feb 3, 2014, at 11:37 AM, li...@rhsoft.net wrote: > smells like chroot in master.cf without a sane configuration for chroot > Debian? How about a mismatch between /etc's resolv.conf and postfix's? Fixed. Please excuse the newbie noise... -- Glenn English

DNS timeout??

x/helo_checks check_sender_access > hash:/etc/postfix/sender_checks check_client_access > pcre:/etc/postfix/check_client_fqdn.pcre > reject_unknown_reverse_client_hostname reject_rbl_client zen.spamhaus.org > permit > smtpd_sender_restrictions = permit > smtpd_timeout = 60 > swap_bangpath = no I'm thinking there's some unfortunate interaction between Bind and Postfix, but I don't know where to go from here... -- Glenn English

Re: newbie check Was [Re: port 25 submission settings sanity check]

order, etc. If that were done, you'd be back at TCP overhead and speed (and reliability). Streaming movies is one thing; transfering legal documents and medical records is another. -- Glenn English Disclaimer: Any disclaimer attached to this message may be ignored. smime.p7

Re: SMTP over UDP (was: newbie check...)

g the parts that deal with packet loss, > out-of-order arrival, and flow control. Good. Then I won't reconfigure my firewall until further notice... -- Glenn English smime.p7s Description: S/MIME cryptographic signature

Re: newbie check Was [Re: port 25 submission settings sanity check]

87" -- the protocol isn't mentioned. -- Glenn English smime.p7s Description: S/MIME cryptographic signature

Re: newbie check Was [Re: port 25 submission settings sanity check]

On Aug 29, 2013, at 1:37 PM, li...@rhsoft.net wrote: > > > Am 29.08.2013 21:34, schrieb Glenn English: >> I'm under the impression that 587 is to be used by my local users >> (email clients to local MTA), and 25 is used by MTA<->MTA. Is this wrong? > >

newbie check Was [Re: port 25 submission settings sanity check]

> reasons. I'm under the impression that 587 is to be used by my local users (email clients to local MTA), and 25 is used by MTA<->MTA. Is this wrong? And /etc/services says: > auth 113/tcp authentication tap ident not 587... -- Glenn English smime.p7s Description: S/MIME cryptographic signature

Re: iptables based spam prevention

s answers. And that'd be pretty tough. If you're asking about something to verify that an IP is indeed a spammer, that's called Spamhaus... As for just loading a list of IPs, that's easy. If your iptables packet filter is split into chains, like mine is, a simple shell script

Re: Postscreen

On Jul 21, 2013, at 12:51 PM, Phil Daws wrote: > What are we doing wrong please as the cache is never being created ? No Postmap?? -- Glenn English Disclaimer: Any disclaimer attached to this message may be ignored. smime.p7s Description: S/MIME cryptographic signature

Re: warning:xsasl_cyrus_server_get_mechanism_list: no applicable SASL mechanisms

quick to set up. It's worked flawlessly. Thanks, Weitse, for the option. -- Glenn English

Re: Lamentation and query

t of date. Have you considered printing (parts of) the website? -- Glenn English

Re: need some OT help

mply > get on-topic and ask on the dovecot mailinglist... I thought the problem was with the log software, not Dovecot. Good idea, though. I'll ask over there. -- Glenn English

Re: Server configuration problem

restarted if it ever quits again. Thanks much. -- Glenn English

Re: Server configuration problem

sed entries. That's postgrey. It's running, but bears looking into... -- Glenn English

Server configuration problem

pd_sender_restrictions = permit > smtpd_timeout = 60 > swap_bangpath = no > transport_maps = hash:/etc/postfix/transport-mapping > unknown_local_recipient_reject_code = 550 > virtual_alias_maps = hash:/etc/postfix/virtual Any suggestions would be appreciated... -- Glenn English

Re: Webmin as an admin tool?

the configuration(s). I still use it for some things, but have tended toward the wonderful admin tool, vi :-) I've sometimes noticed holes in it, but for the basic things I was doing back then, it was fine. -- Glenn English

aliases

I hope I just dodged a bullet -- my aliases file 'disappeared' somehow. And it was empty in all the backups. But I found a 12K aliases.db; I assume this contains the translated aliases data. Is there a way to convert this to a plain aliases file? TIA... -- Glenn English g...@slsware.com

Re: wildcard domains

but their IP says they're .ru. And this works only if there's an inverse lookup. I think. -- Glenn English g...@slsware.com

Re: reverse proxy

e of the DMZ, as I understand it. This suggestion was to run an SMTP reverse proxy on the firewall. I'm thinking about maybe doing that for HTTP because it'd be pretty easy to filter based on what would be legit HTML requests, but not for much else. Thanks for the info... -- Glenn English g...@slsware.com

Re: reverse proxy

ernal SAV), and so on". Just trying to decide whether I want to do it, and I think I've been convinced on this list that I don't. Thanks all... -- Glenn English g...@slsware.com

Re: reverse proxy

ns unneeded complexity. Certainly, although I'm far from seasoned. The hard part is defining "unneeded". I'm running a small system, but the DMZ model's never given me much trouble. I don't have a problem managing it, and it's useful in segmenting functions of the hosts (physically and mentally). -- Glenn English g...@slsware.com

Re: reverse proxy

s, and that it's 'default allow' because that's the way the default ruleset is configured. I'm just repeating some of what they said, and I'm attracted to parts of the proxy argument.) -- Glenn English g...@slsware.com

Re: reverse proxy

be gained from that. Besides, I'm a refugee from "fixup protocol smtp." -- Glenn English g...@slsware.com

Re: reverse proxy

r not. Thanks to you and Noel for the speedy advice. I haven't been able to find much with google... -- Glenn English g...@slsware.com

reverse proxy

Is it possible to use postfix as a reverse proxy for my SMTP server? I think what I'm asking is does postfix do its UBE and protocol checks *before* it sends to a smarthost. If not, do you know of a way to reverse proxy SMTP? How about POP3 and IMAP? -- Glenn English g...@slsware.com

Re: SMTP failure [solved]

o things that guarantee incompatibility with each other, is beyond me -- far be it from me to disparage either of them... But it's working now. Thanks very much to all of you. -- Glenn English g...@slsware.com

Re: SMTP failure

e a feature to me. Soon as I get it figured out, I'll let you know how to implement it. -- Glenn English g...@slsware.com

Re: SMTP failure

gt; ... >} > } > return DNS_HARD; /* alias loop */ > } But my understanding of the RFC says the MTA has to be an A. Why would they be looking for anything else? And does this code imply that the g...@[] address would skip the T_ANY lookup, and would work? (I know it's supposed to work, but this is Yahoo modified qmail, not postfix :-) -- Glenn English g...@slsware.com

Re: SMTP failure

but from the other site, I got the same timeout error you did. bind9 claims my config is correct (at both nameservers). Can you offer any ideas as to what's wrong? -- Glenn English g...@slsware.com

SMTP failure

One of my nameservers is on an ISDN connection -- the latency there is 140ms or so (the other's a much more responsive T1). Might that have had something to do with it? -- Glenn English g...@slsware.com

Re: Does Postfix cache resolv.conf? [SOLVED]

x-script: warning: /var/spool/postfix/etc/hosts and /etc/hosts > differ -- Glenn English g...@slsware.com

Re: GUI for maillog

On Jan 6, 2010, at 5:40 AM, Kaushal Shriyan wrote: > Any GUI based application to view postfix mail.log file? It's not exactly GUI, but logwatch emails me nicely organized reports every morning. No graphs or anything, though... -- Glenn English g...@slsware.com

Re: 3000 recipients

vel and for a specific set of tasks -- http://www.auraluserinterface.com. The kids in TX were quite empowered by it, even though it's far from ready for prime time. If you think it might help the list manager, let me know and I'll see if I can't make it run mailman list adds and deletes via ssh or http... -- Glenn English g...@slsware.com

Re: smtpd_helo_required compliance with the RFC

ust say HELO/MAIL FROM/RCPT TO to get an address verification. I only have to H/MF once -- it will respond to RFs for longer than I have patience to test it. The big difference is that it logs failed RFs, but doesn't seem to log anything about VRFY tries (VRFY is disabled). -- Glenn English g...@slsware.com

Re: Log question

Wietse Venema wrote: > Just so you know, Postfix won't always send QUIT. Under what conditions does it not. I thought QUIT was part of the dance specified by the RFCs. Or does it happen in response to non-RFC connections? -- Glenn English g...@slsware.com