Hi,
on a new server with debian buster and Plesk some lines of the postfix log
are not reported by pflogsumm anymore.
The lines look like:
Aug 6 15:45:07 mx10 postfix/cleanup[0]: D8B0A1480AA4: reject: header
Reply-To: nigerias...@gmail.com from
mail-ed1-x532.google.com[2a00:1450:4864:20::53
Hi,
>> /\.that-domain\.com$/ OK
>/.*\.that-domain\.com$/ OK
>Tested in https://www.debuggex.com/?flavor=pcre
Thanks!
Greets,
Ludi
Hi all,
I would like to exclude non-existing subdomains from this rule:
"reject_unknown_sender_domain"
that I have on the end of my sender-restrictions here:
smtpd_sender_restrictions = check_sender_access
hash:/var/spool/postfix/plesk/blacklists, permit_sasl_authenticated,
reject_n
Hi,
>> Even if fail2ban is “whack a mole”, you could also feed the data on auth
>> spammers to an abuse-compaint script, and do your part to make the internet
>> a little cleaner.
>And we all know how fabulously well abuse reports have worked with preventing
>spam, don't we !!
>As I said. Fai
Check out fail2ban
Greets,
Ludi
-Ursprüngliche Nachricht-
Von: owner-postfix-us...@postfix.org Im
Auftrag von ??? (alice)
Gesendet: Montag, 25. April 2022 06:27
An: Postfix users
Betreff: password security
do you know how to stop passwords from being brute-forced for a mailserver? do
Hi,
not exactly what you ask for, but:
I think it is absolutely safe to block "From: Smart Invest" and "Subject:
become rich" with PCRE rules in header checks.
Greets,
Ludi
-Ursprüngliche Nachricht-
Von: owner-postfix-us...@postfix.org Im
Auftrag von Fourhundred Thecat
Gesendet: Fre
Hi,
while being the #1 scam hoster and outlet of nigeria fraud, GMail is rather
strict when it comes to receiving their own spam/scam.
That includes forwarding.
The outcome can be throttling or even blocking of the sending servers IP.
My advice is not to forward to GMail if you can not exclude
Hi,
maybe you can use a tool with such old clients.
https://www.stunnel.org/platforms.html
To have them talk to localhost or another local station and then relay the mail
to your postfix with proper encryption.
I would not alter my mailserver/MTA to accomodate such outdated clients.
Greets,
L
IMO you should not reject widely based on HELO. Too many false positives.
More a place for basic checks.
But you can catch that if you want in your files.
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated,
reject_invalid_helo_hostname, check_helo_access hash:/etc/postfix/hash
On a side note, I see fraud and nigeria spam directly from Gmail accounts on
the rise for some time now.
Not only the Reply-To hosting, that they happily provide for many years to the
criminal world.
> If so, given they allow spammers virtually free range to send FROM gmail this
> is a bit hy
Might be DNSWL, where TOL lists it‘s mailservers so people can overcome the
frequent spamcop listings etc.
I doubt anyone from Gmail reads here. Otherwise: wtf guys? How about stopping
the #1 worldwide nigeria spam facilitation? They can’t pay that good.
Greets,
Ludi
Von: ow
Root Servers / IPs at datacenters often also get a default RDNS in that style.
Greets,
Ludi
-Ursprüngliche Nachricht-
Von: owner-postfix-us...@postfix.org Im
Auftrag von post...@ptld.com
Gesendet: Donnerstag, 11. November 2021 14:56
An: postfix-users@postfix.org
Betreff: Re: How to
Hi,
try to reject mail that contains a Reply-To with GMail in it. Easy to set,
minimal to no false-positive potential.
And see if that comes near the effect you want.
My observation is that it matches around 90% of the typical Googemail spam.
ps. GMail is the #1 spam/scam facilitator for years
13 matches
Mail list logo
