Hi,
On 11/19/2014 03:27 AM, Joe Acquisto-j4 wrote:
[snip]
I was daydreaming about ways to get messages from the old system to the
new one, as might be required. For a bit it seemed feasible to cobble up
something to allow messages to be sent via SMTP from the old system
to the new, in a contro
Hi,
On 10/25/2013 09:48 AM, Rune Elvemo wrote:
> Does anyone know how to use a mysql database for mynetworks?
> We did manage to use it to match a single ip address, but is there a way to
> match entire networks?
>
That can be done at the sql level.
See mysql functions "INET_ATON" and "INET_NTOA
On 08/22/2013 01:51 PM, Charles Marcus wrote:
[snip]
>
> The simple fact is, we do not have any users based *anywhere* but the
> US, so, is what is the simplest way to block any/all non-US based client
> connections on my submission port?
>
[snip]
Hi,
Sometimes it seems like a good solution to f
On 08/07/2013 12:03 PM, John Allen wrote:
>> Is there any particular reason you need to accept messages 32 GB in size?
>>
>>
> Yes. We support a business that designs and manufactures packaging and
> displays. The sort of thing you might see in the aisle of a supermarket
> or store selling gum, per
On 08/05/2013 02:15 PM, Charles Marcus wrote:
> Also - I hate to ask (it isn't your job to do their job), but could you
> suggest off the top of your head what they *should* be doing? Would
> properly closing all VRFY probe connections really impact performance on
> their side that much - especiall
Stan,
On 05/31/2013 08:49 AM, Stan Hoeppner wrote:
> On 5/30/2013 11:43 PM, James Zee wrote:
>> I was hoping someone could take a quick glance at my
>> smtpd_*_restrictions configurations. While I've read and (re-)read the
>> SMTPD_ACCESS_README file a few times over I would be greatly
>> apprecia
On 05/30/2013 01:39 PM, Feel Zhou wrote:
[snip]
>
> My purpose is permit my_customer_ip send mail via my mail server, only
> permit my customer domain address send mail, reject any other domain
> send mail via my_customer_ip, how can I setting in my postfix.
>
> Thanks a lot
> Tom
>
Hi Tom,
I
On 04/18/2013 12:20 PM, Josef Karliak wrote:
> Hi,
> thanks for reply. We thought that we have to copy existing "aliases"
> file from imap server to incoming MX. If we reject an emailduring smtp
> communication, we won't "relay" spam to victim. Am I right ?
> Best regards
> J.K.
>
Hi,
Ple
Hi Josef,
On 04/18/2013 11:06 AM, Josef Karliak wrote:
> Good morning,
> our outgoing smtp server gets into a backscatter blacklist. When I
> checked my logs, there were only one mailer daemon email to some server
> in the time that is mentioned on the backscatter web.
> In all servers in th
On 02/19/2013 01:58 PM, richard lucassen wrote:
> On Tue, 19 Feb 2013 13:49:54 +0100
> Benny Pedersen wrote:
>
>>> Any hint?
>>
>> google postfwd
>>
>> postfix can do it with classes, but its more complicated then with
>> postfwd
>
> Ok, that seems to be very nice. AFAIUI it can be implemented
Richard,
On 02/19/2013 12:34 PM, richard lucassen wrote:
> I have transport front-end servers for domains:
>
> domain1.tld
> domain2.tld
> domain3.tld
> domain4.tld
> [..]
> domainX.tld
>
> I want to blacklist 1.2.3.4/24 only for destination domain3.tld (and
> reply with a 5xx if possible).
>
>
Kevin,
On 02/14/2013 09:41 PM, Kevin Blackwell wrote:
> I have 2 mx records. The primary is Exchanges edge server that has it's
> own internal spam filtering. The secondary is poxtfix server relaying
> mail to the edge server as a backup mx record. Are you saying the
> postfix server should be beh
On 02/13/2013 03:24 PM, Noel Jones wrote:
[snip]
>
> - If you only have a handful of addresses, you can sign up for a
> free google apps account with your own domain name. That will allow
> you to relay through google. You are not required to use google as
> your MX; you can continue to use your
On 02/13/2013 01:14 PM, Dominique wrote:
> Hi,
>
> I am looking at using gmail as a relayhost in our current server setup
> ubuntu12.04/postfix/cyrus instead of using the ISP relayhost.
>
Is you ISP relayhost service bad?
> I have it working, but the outgoing email address is replaced by the
>
On 11/12/2012 05:55 PM, John Hinton wrote:
> A really good use for POP is for more sensitive email situations, such
> as legal, medical or financial. Some of our users want it 'off' the
> server soonest. But yes, IMAP is more the standard these days. We allow
> either using Dovecot. POP is faster,
Hi Stan,
On 09/25/2012 08:22 AM, Stan Hoeppner wrote:
>
> Apparently Linux and Windows TCP window scaling doesn't always work
> reliably together. Try disabling TCP window scaling on the Linux box(en):
>
[snip]
Perhaps off topic, but do you have any links to documents or similar
that proves th
Hi Dominique,
On 07/27/2012 11:37 AM, Dominique wrote:
>>>
>>> However when trying to connect through a phone app (Android/email app),
>>> there is no way to send a mail. It gets rejected all the time.
>>>
>>> Jul 27 10:25:03 www postfix/smtpd[10868]: connect from 230.Red-176-83-
>>> 90.dynamicIP
On 06/15/2012 06:03 AM, Adam Bradley wrote:
>
> Sorry, but this sounds to me like an accident waiting to happen. I
> would /strongly/ recommend getting a proper recipient list and
> populating transport_maps with a user->host mapping.
>
>
>
> My only concern is scalability, is ther
On 05/03/2012 07:45 AM, Kirill Bychkov wrote:
> Hi all,
>
> I need create server with 5 IP addresses (interfaces) and postfix(es).
> The role of this server is relay.
> If message delivered into my mail server on one ip address, for example,
> 172.16.35.35, so this message should be sent from same
Szia Levente!
On 04/02/2012 02:26 PM, Birta Levente wrote:
> On 02/04/2012 14:31, Mikael Bak wrote:
>> Hi list,
>>
>> I have configured an alternate transport route for mail going to
>> specific destination domains. I call this transport "slowsmtp".
>>
Hi list,
I have configured an alternate transport route for mail going to
specific destination domains. I call this transport "slowsmtp".
My problem is that I see no evidence in my logs that email sent to the
specific domains uses "slowsmtp" route for delivery.
I have defined "slowsmtp" in "/etc
Stan Hoeppner wrote:
> Mikael Bak put forth on 4/12/2011 7:31 AM:
>> Stan Hoeppner wrote:
>> [snip]
>>>> Received: from [190.221.28.39] (unknown [190.221.28.39])
>>> In this example, reject_unknown_reverse_client_hostname would have
>>> gene
Stan Hoeppner wrote:
[snip]
>
>> Received: from [190.221.28.39] (unknown [190.221.28.39])
>
> In this example, reject_unknown_reverse_client_hostname would have
> generated a 450 rejection. You should always use
> reject_unknown_reverse_client_hostname at minimum, or the more
> restrictive rejec
Mark Watts wrote:
>
> I'd like to be able to reject connections from remote IP addresses if
> they're from certain countries (or conversely only allow from certain
> countries).
>
> What are my options for doing this in/with postfix?
>
Perhaps not what you asked for, bur Spamassassin has a way
/dev/rob0 wrote:
> On Fri, Jan 21, 2011 at 09:12:32AM +0100, Mikael Bak wrote:
>> Reindl Harald wrote:
>>> Am 20.01.2011 12:29, schrieb Christian Roessner:
>>>
>>>> Why adding a contact form? If a postmaster really does
>>>> his/her job and
Reindl Harald wrote:
> Am 20.01.2011 12:29, schrieb Christian Roessner:
>
>> Why adding a contact form? If a postmaster really does his/her job and scans
>> the logs, finds your assistance info and enters the website, don't you think
>> the same admin is also able to write a mail to you (postmas
/dev/rob0 wrote:
> http://nospam4.nodns4.us/
>
The "Alternate media" stuff is like accepting that spam has made email
impossible to rely on for communication. Antispam made right can
actually make email work again as it once did.
Mikael
IT geek 31 wrote:
>
> Outlook is all-or-nothing - it can force encryption for all
> recipients, regardless if they have a certificate or not, or none at
> all.
>
Thunderbird and Enigmail can encrypt by default if a valid key is avalable.
HTH,
Mikael
Rich wrote:
>
> Hi,
>
> Instead of "permit_mynetworks" I'd suggest "permit_sasl_authenticated"
> on the above line. The submission service is not very often used without
> authentication.
>
> Mike are you saying remove "permit_mynetworks"?
>
Yes, I do not see any reason to hav
Stan Hoeppner wrote:
[snip]
> Yes. I would suggest configuring a new smtpd listener for this. Most
> people use the master.cf default TCP 587 listener daemon to accept
> submitted mail. MUA clients will need to be configured accordingly.
> Apparently your current configuration relays all mail to
Stan Hoeppner wrote:
> Mikael Bak put forth on 9/27/2010 6:18 AM:
>> Stan Hoeppner wrote:
>>> Michal Bruncko put forth on 9/26/2010 4:24 AM:
>>>
>>>> It is possible in some way to configure postfix, that SPF Passed mails
>>>> will be automaticall
Stan Hoeppner wrote:
> Michal Bruncko put forth on 9/26/2010 4:24 AM:
>
>> It is possible in some way to configure postfix, that SPF Passed mails
>> will be automatically accepted with postfix without greylisting?
>
> If I may be blunt: this is a really dumb idea. Many, maybe all,
> snowshoe sp
Nick Edwards wrote:
>
> So basically, using postifx's virtual, excluding Dovecot, what POP3
> servers are people using?
Hi Nick,
We have been happy with Courier for POP and IMAP for years. Not a single
problem. We are using it with Postfix's virtual.
http://www.courier-mta.org/imap/
Most Linux
Jan-Frode Myklebust wrote:
>
>> and I still fail to understand how controlling your customers
>> envelope sender will help with backscatterer.org.
>
> It will make sure that when viruses/malware on the customers computer is
> sending out spam from fake addresses, the bounces goes back to the
> cu
Richard Chapman wrote:
> Perhaps you are describing an alternative method for google apps smtp
> which I am unaware of. If so - can you point me to a description of this
> alternative option?
>
I fail to see why you need postfix if your domain is hosted on Google
Apps. Google Apps provide you wit
Vasya Pupkin wrote:
> Hello.
>
> First, I have spent two days reading articles and searching web for
> solution but failed there. I am using postfix as an mx for my domains,
> it accpets mail for different addresses withing my domains which is
> then forwarded to other external domains, i.e. googl
Steve wrote:
[big snip]
>> So you have made your point. You prefer (or are required) to have user in
>> control.
>>
> Yes. The big problem is that no solution out there is 100% accurate for all
> users. So the only way to make the user happy is to delegate the control to
> him.
>
Can't speek fo
Stan Hoeppner wrote:
>
> 1. Spamhaus has banned Google Public DNS resolver queries.
Stan,
Do you have a good enough reason to not run your own name resolver on
your front MX machine?
IMO relying on third parties for DNS on an MX is bad design.
Mikael
Hi Stan,
On Wed, 09 Dec 2009 21:24:53 -0600
Stan Hoeppner wrote:
> Mikael Bak put forth on 12/9/2009 4:18 AM:
>
> > I understand why you avoid the real question. But hey - it's your server :-)
>
> Do you? I have avoided it because these threads can quickly delve into
Stan Hoeppner wrote:
> Mikael Bak put forth on 12/8/2009 3:31 AM:
>> mouss wrote:
>>> I'm looking through you, where did you go:
>>>
>>> : host greer.hardwarefreak.com[65.41.216.221]
>>> said: 554 5.7.1 : Client host
>>> rejected: Access
lst_ho...@kwsoft.de wrote:
> Zitat von Mikael Bak :
>>
>> I could not agree more. I got this from him:
>>
>> : host greer.hardwarefreak.com[65.41.216.221]
>> said: 554 5.7.1 : Client host rejected:
>> Mail not accepted from Hungary (in reply to RCPT TO c
mouss wrote:
>
> I'm looking through you, where did you go:
>
> : host greer.hardwarefreak.com[65.41.216.221]
> said: 554 5.7.1 : Client host
> rejected: Access denied (in reply to RCPT TO command)
>
> It is nice to not reject mail from people who help you...
I could not agree more. I got this
On Sat, 05 Dec 2009 21:32:02 -0600
Stan Hoeppner wrote:
> It's looking like I was having transient issues with my resolvers. I
> did some more log digging and found more dns related temp fails than I
> should be having given my mail volume. I've since switched from the old
> resolvers to the ne
Stan Hoeppner wrote:
> Why bother? This is an ISP scenario, correct? The 587 command set is
> standard SMTP right? Just iptables (verb) TCP 25 to TCP 587 for any IP
> ranges within the ISP's MUA customer range. This is assuming said
> customers already have to submit auth over TCP 25 to relay m
Larry Stone wrote:
> On Fri, 30 Oct 2009, Mikael Bak wrote:
>
>> Simon Morvan wrote:
>>> The last time I tried it, Zen included too many legitimate users behind
>>> ADSL lines. The "Policy" behind PBL is a bit too restrictive. Maybe it
>>> change
Simon Morvan wrote:
>> Consider Zen here. It also incorporates the (not-quite-so) new PBL,
>> which has been very effective here.
>>
> The last time I tried it, Zen included too many legitimate users behind
> ADSL lines. The "Policy" behind PBL is a bit too restrictive. Maybe it
> changed, I'll
Dennis Putnam wrote:
> Thanks for the reply. It appears this is not supported with my version
> of Postfix (2.1.5). When I try this syntax:
>
> smtpd_helo_restrictions =
> check_client_access pcre:/etc/postfix/heloaccept.pcre
>
> I get this error:
>
> fatal: unsupported dictionary type:
Jacqui Caren-home wrote:
>
> Same here - stock RH (actually CentOS) install.
>
> [r...@gate ~]# postconf -d | grep xfer_timeout
> lmtp_data_xfer_timeout = 180s
> smtp_data_xfer_timeout = 180s
> [r...@gate ~]#
>
> Could this be a redhat thing?
>
> Nope - emerged mail-mta/postfix-2.5.5 on gentoo
Cottalorda Sébastien wrote:
> Sorry, I've courier-imap, and I use roundcubemail as webmail.
> I also add to roundcube the vacation plugin that allow my users to program
> themselves theirs vacations.
> Everything is good, the link between the mysql database and the plugin, but
> now I want to conne
Zhang Huangbin wrote:
>
> On Oct 10, 2009, at 2:55 AM, Eero Volotinen wrote:
>
>> I am currently using postfix 2.3.x on RHEL for mail proxy and mailserver.
>>
>> Is there any good reason to update to 2.6 ? and if is, is there any
>> good and stable rpm repositories for RHEL 5 on web ?
>
> As i k
Mathias Tausig wrote:
> I just tried to replace the "\n" with "\r\l", but to no avail. The same
> problem remains.
I can be wrong here, but shouldn't that be "\r\n" ?
HTH,
Mikael
ram wrote:
>
> I have a very basic ( and old) postfix installation and I want to accept
> mails only after smtpauth
>
> The rule works fine except when the recipient belongs to $myhostname
>
[snip]
> mydestination = mumbai.nstest.com
[snip]
Hi Ram,
$mydestination is probably why the email get
Steve Heaven wrote:
> On Wed, 2009-09-09 at 08:11 +0100, Clunk Werclick wrote:
>
>> Are you saying that it is not possible to configure it to reject users
>> that don't exist at the SMTP level? Are you *sure*? So if you telnet in
>> to it and send mail for anyoldrubb...@domain.co.uk it accepts it?
Steve Heaven wrote:
> On Mon, 2009-09-07 at 11:50 -0400, Sahil Tandon wrote:
>
>>
>> You should not accept mail for invalid recipients. Use existing
>> functionality to build a cache/database of valid recipients "on the fly".
>> See: http://www.postfix.org/ADDRESS_VERIFICATION_README.html#recipie
rank1see...@gmail.com wrote:
>
> Thanks. On FreeBSD that is section 2
> http://www.freebsd.org/cgi/man.cgi?query=pipe&sektion=2&apropos=0&manpath=FreeBSD+7.2-RELEASE
>
> I've read it and still have no logical clue.
# uname -r
7.2-RELEASE-p2
# man 8 pipe
Formatting page, please wait...Done.
PIP
Daniel L'Hommedieu wrote:
>
> The spam I see pretty much all originates in China & Brazil, with some
> originating in Korea & US. It also pretty much all originates on
> dynamic IP addresses, so if there's a way to block email from dynamic
> address ranges, I would very much be interested in that
Hi,
Roman Gelfand wrote:
> Can somebody recommend a mail box server software that would be worthy
> of postfix?
>
dovecot
> Also, if anyone knows of a cool web client.
>
roundcube
rank1see...@gmail.com wrote:
> It did, but not anymore.
> It is now depreciated.(php-milter)
>
> I use PHP 5.3 and already have working filter.
>
> To finalise it, I just need a list and description of milter commands.
> Those milter commands works for any type of coding language
>
> Up to now I
Security Admin (NetSec) wrote:
> Could someone provide links to sites where IP addresses are grouped by
> country? ASNs would work too but would prefer IP lists that I could put
> in a file that my postfix mail gateway could read. Obvious countries
> like China and Brazil I would like to block wh
Stefan Förster wrote:
>
> The documentation at http://www.postfix.org/INSTALL.html#4 mentions
> that earlier versions of Postfix were supported on FreeBSD 2.x to 5.x.
>
> I think it's very likely that you can run recent Postfix versions on
> newer FreeBSD releases, too.
>
>
Ack,
I have FreeBSD
Florin Andrei wrote:
> Mikael Bak wrote:
>>
>> Is it really recommended to run a mail server that accepts email from
>> outside with non static IP address?
>>
>> I would not do it.
>
> As long as the dynamic DNS service works well, and the IP address only
Hi,
Florin Andrei wrote:
> Running Postfix 2.5.5 on Linux. The system is multihomed, connected to
> several private networks, and to the Internet with a dynamic DNS hostname.
>
Is it really recommended to run a mail server that accepts email from
outside with non static IP address?
I would not
Jay G. Scott wrote:
[snip]
> mynetworks_style = host
[snip]
> smtpd_recipient_restrictions = permit_mynetworks,
> permit_sasl_authenticated, reject_unauth_destination
[snip]
Hi,
Are you running mutt on the postfix host? In that case perhaps that is
why you can send email without AUTH.
H
Robert Lopez wrote:
> On one mail gateway running postfix I see about 24 lines that look like this:
>
> postfix 7579 32735 0 10:00 ?00:00:00 smtpd -n smtp -t inet
> -u -c -o stress
>
> On all the other gateways I normally see lines that look like this:
>
> postfix 9243 3682 0 08:5
Charles Marcus wrote:
> On 8/5/2009, Mikael Bak (mik...@t-online.hu) wrote:
>>> So, do you mean that changing this parameter to 250 would make postfix
>>> to accept the email?
>
>> No.
>
> Actually, the answer to his question is yes.
>
>> You sho
Santiago Romero wrote:
>
>> Hi,
>>
>> Quoting the documentation[1]:
>>
>> "The unverified_recipient_defer_code parameter (default 450) specifies
>> the numerical Postfix SMTP server reply code when a recipient address
>> probe fails with some temporary error. Some sites insist on changing
>> this
Brian Evans - Postfix List wrote:
> Mikael Bak wrote:
>> Brian Evans - Postfix List wrote:
>>
>>> Mikael Bak wrote:
>>>
>>>> Santiago Romero wrote:
>>>>
>>>>
>>>>> Really, reject_unverified_
Brian Evans - Postfix List wrote:
> Mikael Bak wrote:
>> Santiago Romero wrote:
>>
>>> Really, reject_unverified_recipient feature is very nice, but rejecting
>>> all mail when primary MX doesn't answers breaks it for us :(
>>>
>>> Any id
Santiago Romero wrote:
>
> Really, reject_unverified_recipient feature is very nice, but rejecting
> all mail when primary MX doesn't answers breaks it for us :(
>
> Any idea? :?
>
Hi,
Quoting the documentation[1]:
"The unverified_recipient_defer_code parameter (default 450) specifies
the num
Robin Smidsrød wrote:
>
> I've had at least one client leave because he absolutely needs to have
> every email, because every single email he receives could be really
> important. So dealing with spam is something he just has to do. On the
> other hand I have users that don't really care one way o
Hi list,
Maybe a little OT, but I thought maybe you guys know how to deal with this.
I'm currently blocking all attepmts to connect from hosts not having a
valid reverse DNS name with "reject_unknown_reverse_client_hostname".
This is very effective for dealing with spam. This is not our only
pro
ave to fiddle with
master.cf for this to work.
As I said. I may have misunderstood your purpose completely :-)
HTH,
Mikael Bak
72 matches
Mail list logo
