Re: GeoIP based rejections

2011-03-12 Thread Justin Piszcz
On Sat, 12 Mar 2011, mouss wrote: - write your own policy server or milter Hi, There is a GeoIP policy server out there if you search around, it is called: geoip-policyd-0.01.tar.gz With some modifications, it works quite nicely. Justin.

Re: Question about accepting null senders

2011-02-21 Thread Justin Piszcz
On Mon, 21 Feb 2011, Linda Pagillo wrote: Hi everyone. I'm new to the list and I'm trying to gather some information about Postfix for my documentation notes. I looked all over the place to try and find the answer to this question, but I was unable to, so I thought I would ask the list. Wil

When sending e-mail from iPhone: lost connection after DATA

2011-02-10 Thread Justin Piszcz
Hi, When I attach large images > 5-10MiB/s, sometimes this occurs, I tried setting: tcp_windowsize = 65535 I also tried setting ecn to 0. But neither seemed to fix the problem below. I can send the same images to an Exchange server and they send through with no problems. Also, if I send s

Re: How to get rid of the "Received: from localhost" header?

2010-01-26 Thread Justin Piszcz
On Tue, 26 Jan 2010, Noel Jones wrote: On 1/26/2010 12:33 PM, Justin Piszcz wrote: This needs to be more specific so you don't remove headers added by other servers. Maybe: /^Received: from localhost.*by lucidpixels\.com / IGNORE If you need special header_checks for your am

How to get rid of the "Received: from localhost" header?

2010-01-26 Thread Justin Piszcz
Hi, How do I remove the: Received: from localhost line at the top of the e-mail message? Return-Path: X-Original-To: myusern...@mydomain.com Delivered-To: myusern...@mydomain.com Received: from localhost (localhost.localdomain [127.0.0.1]) by lucidpixels.com (Postfix) with ESMTP id D9354321

Re: Country IP block list

2009-08-23 Thread Justin Piszcz
On Sun, 23 Aug 2009, postfix@cmulcahy.com wrote: Ralf Hildebrandt wrote: * Security Admin (NetSec) : Could someone provide links to sites where IP addresses are grouped by country? I use (the free) geoip database for that. This script has proven useful for me... http://www.cyberciti

Re: need to add custom header parameter/value to postfix logging.

2009-08-12 Thread Justin Piszcz
Hi, You want: PREPEND http://www.postfix.org/header_checks.5.html PREPEND text... Prepend one line with the specified text, and inspect the next input line. Notes: o The prepended text is output on a separate

Re: postfix strip ??? (highbit chars)

2009-07-23 Thread Justin Piszcz
On Thu, 23 Jul 2009, Wietse Venema wrote: Benny Pedersen: On Thu, July 23, 2009 02:29, Sahil Tandon wrote: On Jul 22, 2009, at 7:28 PM, "Benny Pedersen" wrote: On Thu, July 23, 2009 01:07, Sahil Tandon wrote: % postconf message_strip_charters postconf: warning: message_strip_charters:

Re: More main.cf cleanup

2009-02-13 Thread Justin Piszcz
On Fri, 13 Feb 2009, Charles Marcus wrote: On 2/13/2009, Ralf Hildebrandt (ralf.hildebra...@charite.de) wrote: I'm thinking it would be better to move the check_client_access check to smtpd_client_restrictions, and the check_sender_access check to smtpd_sender_restrictions, so I'd then have:

Re: postfix logs, spams and bounce messages

2009-02-11 Thread Justin Piszcz
On Wed, 11 Feb 2009, Victor Duchovni wrote: You are doing Sender Address Verification (reject_unverified_sender) before doing RBL checks. Fix this. Do the RBL checks first, and consider not doing SAV at all, but if you do use it, do SAV *last*. smtpd_data_restrictions =

Re: Dead RBL

2009-02-01 Thread Justin Piszcz
On Sun, 1 Feb 2009, mouss wrote: Justin Piszcz a écrit : RIP: dnsbl.clue-by-4.org http://dnsbl.clue-by-4.org/parking.php?domain_name=clue-by-4.org Not sure exactly when but FYI, this RBL appears to be no more. This is the first time I hear about such DNSBL... can you please send a mail

Dead RBL

2009-02-01 Thread Justin Piszcz
RIP: dnsbl.clue-by-4.org http://dnsbl.clue-by-4.org/parking.php?domain_name=clue-by-4.org Not sure exactly when but FYI, this RBL appears to be no more. Justin.

Does a policy server exist to filter on domain age/creation?

2008-12-20 Thread Justin Piszcz
$ whois linendim.com Record created on:2008-12-15 11:45:30.0 Database last updated on: 2008-12-15 11:42:09.153 Domain Expires on:2009-12-15 11:45:31.0 A 1-second life domain name. First, is there an existing policy server out there that checks how many d

Re: Avoiding spam scan for a specific recipient

2008-12-12 Thread Justin Piszcz
On Fri, 12 Dec 2008, Rocco Scappatura wrote: Hello, I have a Postfix+MySQL+Amavisd-new platform. Time ago I get some hint for avoiding spam scan for a particular sender an a particular client. In particular, in /etc/postfix/main.cf I put: smtpd_restriction_classes = from_policy_bank_sender

3dm2 (3ware daemon) smtp/e-mail issue (lost connection after QUIT)

2008-12-01 Thread Justin Piszcz
Quick question-- Nov 30 17:39:03 p34 postfix/smtpd[15257]: 6B3A310676: client=localhost.localdomain[127.0.0.1] Nov 30 17:39:03 p34 postfix/cleanup[15260]: 6B3A310676: message-id=<[EMAIL PROTECTED]> Nov 30 17:39:03 p34 postfix/qmgr[18872]: 6B3A310676: from=<[EMAIL PROTECTED]>, size=430, nrcpt=1

policy daemon to greylist on SPF failure?

2008-11-19 Thread Justin Piszcz
Was curious if there were any daemons out there that currently did this, or if I should just modify the main spf checking script that openspf.org provides? Nov 19 13:32:39 p34 postfix/policy-spf[15114]: : SPF SoftFail (Mechanism '~all' matched): Envelope-from: [EMAIL PROTECTED] Nov 19 13:32:39

Re: your mail

2008-11-14 Thread Justin Piszcz
On Sat, 15 Nov 2008, Petr Janda wrote: Hi all, I have got reports about lost mail(not received, im the receiver not the sender) recently and trying to find out whats going on seems to be beyond me. Basically a lot of email is lost with "timeout after DATA" For example: timeout after DATA (0

Re: Name service error

2008-11-14 Thread Justin Piszcz
On Fri, 14 Nov 2008, Jeffrey Shawn Klotz wrote: Sahil Tandon wrote: Jeffrey Shawn Klotz <[EMAIL PROTECTED]> wrote: I'm having DNS issues when delivering mail on a postfix server. The server seems to run fine for several hours. After a while, emails start to stay in the queue with the fo

Re: [Q] when to call greylisting?

2008-11-12 Thread Justin Piszcz
On Wed, 12 Nov 2008, Roderick A. Anderson wrote: Wietse Venema wrote: Roderick A. Anderson: I'm implementing greylisting on CentOS 5 systems. These are spools for the actual mailserver/mailbox systems. Currently we have: smtpd_recipient_restrictions = reject_unauth_pipelining,

Google postfix compatible policy server.

2008-11-08 Thread Justin Piszcz
If someone gets a moment-- he/she should add gross to the postfix policy page: http://www.postfix.org/addon.html Homepage URL: http://code.google.com/p/gross/ From page description: * it's blazingly fast * it's amazingly resource efficient * it can be configured to query DNSBL dat

timeout after END-OF-MESSAGE (still)

2008-11-07 Thread Justin Piszcz
Even after using: http://www.mail-archive.com/[EMAIL PROTECTED]/msg11500.html I still get these occasionally, both from localhost and other (real) hosts: Oct 29 17:54:59 p34 postfix/smtpd[9883]: timeout after END-OF-MESSAGE from oss.sgi.com[192.48.170.157] Oct 29 17:55:00 p34 postfix/smtpd[9906

Re: Which FileSystem do you use on your postfix server?

2008-10-31 Thread Justin Piszcz
On Fri, 31 Oct 2008, Wietse Venema wrote: Justin Piszcz: On Fri, 31 Oct 2008, Wietse Venema wrote: Does XFS still overwrite existing files with zeros, when those files were open for write at the time of unclean shutdown? This I believe this was fixed in an early 2.6.2x release, cc

Re: Which FileSystem do you use on your postfix server?

2008-10-31 Thread Justin Piszcz
On Fri, 31 Oct 2008, Wietse Venema wrote: Does XFS still overwrite existing files with zeros, when those files were open for write at the time of unclean shutdown? This I believe this was fixed in an early 2.6.2x release, cc'ing xfs mailing list to confirm. would violate a basic requiremen

Re: Best anti-spam

2008-10-22 Thread Justin Piszcz
On Wed, 22 Oct 2008, Jorey Bump wrote: Richard Foley wrote, at 10/22/2008 07:56 AM: On Wednesday 22 October 2008 01:27:51 Terry Carmen wrote: check_client_access=regexp:/etc/postfix/spam_ip_regex spam_ip_regex file: /[ax]dsl.*\..*\..*/i 450 AUTO_XDSL Email Rejected. You appear to be c

RE: Finally blocking some spam

2008-10-13 Thread Justin Piszcz
On Mon, 13 Oct 2008, Joey wrote: -Original Message- From: Justin Piszcz [mailto:[EMAIL PROTECTED] Sent: Monday, October 13, 2008 6:06 PM To: Joey Cc: postfix-users@postfix.org Subject: RE: Finally blocking some spam On Mon, 13 Oct 2008, Joey wrote: -Original Message

Re: Finally blocking some spam

2008-10-13 Thread Justin Piszcz
On Mon, 13 Oct 2008, Aaron Wolfe wrote: On Mon, Oct 13, 2008 at 6:05 PM, Justin Piszcz <[EMAIL PROTECTED]> wrote: On Mon, 13 Oct 2008, Joey wrote: -Original Message- From: Justin Piszcz [mailto:[EMAIL PROTECTED] Sent: Monday, October 13, 2008 5:37 PM To: Joey Subject: RE: F

RE: Finally blocking some spam

2008-10-13 Thread Justin Piszcz
On Mon, 13 Oct 2008, Joey wrote: -Original Message- From: Justin Piszcz [mailto:[EMAIL PROTECTED] Sent: Monday, October 13, 2008 5:37 PM To: Joey Subject: RE: Finally blocking some spam What anti-spam measurements do you currently use? What does your main.cf look like? (Snip

Re: [OFF]: DKIM broken by certain email clients [OT/BAD_HEADER]

2008-09-25 Thread Justin Piszcz
On Thu, 25 Sep 2008, James Brown wrote: Robert Schetterer wrote: > James Brown schrieb: >> Would anyone who checks DKIM sigs on incoming mails mind if I send >> them an email directly? >> >> That way I can make sure it is not just the DKIM reflector that's >> giving false results somehow. >

Re: Postfix and multiple IP configuration

2008-08-27 Thread Justin Piszcz
On Wed, 27 Aug 2008, Adrien wrote: I don't know why the mail is send to ns9.bacto.net (my server here is ns12.bacto.net and the MX is ns9.bacto.net). Somebody has an idea ? An other method to do this ? I can do it with multiple instance of postfix but I think it's not a perfomant solution,

Re: postfix/smtpd[19254]: timeout after END-OF-MESSAGE from localhost.localdomain

2008-08-12 Thread Justin Piszcz
On Tue, 12 Aug 2008, Ralf Hildebrandt wrote: I'd think that amavisd-new may have problems. What does amavisd-new log at a hight log_level? Of course, it has not recurred since I enabled log_level 5, I will wait and then follow-up once it happens again, thanks. The mail causing the problem

Re: postfix/smtpd[19254]: timeout after END-OF-MESSAGE from localhost.localdomain

2008-08-12 Thread Justin Piszcz
On Tue, 12 Aug 2008, Ralf Hildebrandt wrote: * Justin Piszcz <[EMAIL PROTECTED]>: What is the program that feeds postfix? amavisd-new I'd think that amavisd-new may have problems. What does amavisd-new log at a hight log_level? Of course, it has not recurred since I enable

Re: postfix/smtpd[19254]: timeout after END-OF-MESSAGE from localhost.localdomain

2008-08-12 Thread Justin Piszcz
On Tue, 12 Aug 2008, Ralf Hildebrandt wrote: * Justin Piszcz <[EMAIL PROTECTED]>: On Tue, 12 Aug 2008, Wietse Venema wrote: Thanks Wietse, Per http://www.postfix.org/smtpd.8.html Which parameter needs to be tweaked for the smtpd process so these timeouts no longer occur? I am

Re: postfix/smtpd[19254]: timeout after END-OF-MESSAGE from localhost.localdomain

2008-08-12 Thread Justin Piszcz
On Tue, 12 Aug 2008, Wietse Venema wrote: Justin Piszcz: Regarding the timeout... Aug 11 19:02:23 p34 postfix/smtpd[19254]: timeout after END-OF-MESSAGE from localhost.localdomain[127.0.0.1] Aug 11 19:02:23 p34 postfix/smtpd[19254]: disconnect from localhost.localdomain[127.0.0.1] That

postfix/smtpd[19254]: timeout after END-OF-MESSAGE from localhost.localdomain

2008-08-12 Thread Justin Piszcz
Regarding the timeout... Aug 11 19:02:23 p34 postfix/smtpd[19254]: timeout after END-OF-MESSAGE from localhost.localdomain[127.0.0.1] Aug 11 19:02:23 p34 postfix/smtpd[19254]: disconnect from localhost.localdomain[127.0.0.1] # See the following URL for cache_on_demand: # http://www.mail-archive

Re: Question with postfix and DNS and newegg.com e-mails.

2008-08-08 Thread Justin Piszcz
On Fri, 8 Aug 2008, Jorey Bump wrote: Please keep responses on the list: Justin Piszcz wrote, at 08/08/2008 10:27 AM: On Fri, 8 Aug 2008, Jorey Bump wrote: Justin Piszcz wrote, at 08/08/2008 07:53 AM: Multiple PTR records tend to be returned in a round robin fashion: $ host

Re: Question with postfix and DNS and newegg.com e-mails.

2008-08-08 Thread Justin Piszcz
On Fri, 8 Aug 2008, Justin Piszcz wrote: On the server w/ postfix: $ host 38.119.56.160 160.56.119.38.in-addr.arpa domain name pointer mta700.testemail.newegg.com. 160.56.119.38.in-addr.arpa domain name pointer mta700.email.newegg.com. When it re-connected (after greylisting, then it

Question with postfix and DNS and newegg.com e-mails.

2008-08-08 Thread Justin Piszcz
On the server w/ postfix: $ host 38.119.56.160 160.56.119.38.in-addr.arpa domain name pointer mta700.testemail.newegg.com. 160.56.119.38.in-addr.arpa domain name pointer mta700.email.newegg.com. Is the reason below why it shows up as unknown because the fwd/reverse do not match properly, or?