>The web form results in an automated email saying, "Your ip addresses are not
>blocked." from Comcast. This is a difficult group to interact with.
Last time I went through this I found they were using some 3rd party scoring
company. And for a small server like mine, I wasn’t even on that c
>All of these entries are using the LOGIN mech. Unless you have an
>extremely old outlook express MUA (or similar) you xan and should be
>using the PLAIN mech. You can eliminate all of the above attacks by
>removing LOGIN from the list of mechs you accept.
Peter:
I too see a lot of these so I w
Noel:
As I understand from your explanation, if I keep my
parent_domain_matches_subdomains = smtpd_access_maps
Then the preceding dot format is moot/not needed. Only
outbound.protection.outlook.com OK
Check.
>The reason it doesn't work is you're confusing sender and client.
In
>>Depending on whether omain is client or sender or ...
>>
>>...
>>reject_unauth_destination
>>...
>>check_client_access hash:/pathname
>>reject_rbl_client example.com
>>...
>>
>>Or
>>
>>...
>>reject_unauth_destination
>>...
>>check_sender_access hash:/pathna
>> check_sender_access hash:/etc/postfix/sender_checks,
>
>That directive checks the email address which is used in the SMTP MAIL
>FROM command.
>
>I believe you need to use check_client_access to check the verified
>client hostname instead of check_sender_access.
>
>
Bill & Noel, thank you both f
>Scott Techlist via Postfix-users:
>> I need to allow a domain to bypass my RBL checks. I'm doing something
>> wrong, or I'm
>misunderstanding what I'm checking from my logs. I'd be grateful for an
>assist to remedy.
>>
>
>I can tell you there is significant spam from that Microsoft IP space. That
>spamcop doesn't have false positives, but rather due to >the sharing of IP
>space, senders that aren't spammers get tarred with the same brush as the
>spammers. I did a grep on the maillog >files and that is a firehos
I need to allow a domain to bypass my RBL checks. I'm doing something wrong,
or I'm misunderstanding what I'm checking from my logs. I'd be grateful for an
assist to remedy.
This box is an old postfix install Postfix version 2.2.10. (I know, working on
migrating)
main.cf: (full postcon
Client has an appliance (Axion RTAC) that sends email based reports. I don't
have access to the appliance or its docs. It used to send its emails to an
Exchange server that has been decommissioned. I'm trying to get it to send to
my postfix server. I have it whitelisted for postfix checks.
>>Michael W. Lucas is writing a book about "Run Your Own Mail Server"
>>featuring the Postfix mail server. Michael has written and published a
>>Chapter 0 that gives an impression what the book will contain. Besides
>>the technical aspects, the book will cover the email ecosystem and how
>>to fit w
>Michael W. Lucas is writing a book about "Run Your Own Mail Server"
>featuring the Postfix mail server. Michael has written and published a
>Chapter 0 that gives an impression what the book will contain. Besides
>the technical aspects, the book will cover the email ecosystem and how
>to fit well i
>> On Tue, 7 Mar 2023, John Stoffel via Postfix-users wrote:
>>
>>> So what's the option for a more upto date version of DKIM milter for debian?
>>
>> rspamd does DKIM, SPF, DMARC and ARC (and lots more), and doesn't segfault
>> (so
>> far ;-)
>
>
>I'm STILL trying to figure out rspamd's documenta
>> No idea what's stripping them. I use amavisd and spamassassin, the
>> later I expect.
>
>Nope. ASF SpamAssassin does not manipulate existing headers in any way
>except for pre-existing X-Spam-* headers that it is specifically
>configured to remove. When used via amavisd or MIMEDefang or any oth
Re: Raf
>In other words, check_sender_access tests the address
>that ended up being stored in the From_ mbox pseudo header:
>
> From
> bounce-91040_html-994996332-142678-514026815-45...@bounce.s11.mc.pd25.com
> Fri Jan 20 12:40:11 2023
>
>And check_client_access doesn't check any headers at al
>But then how do we configure Postfix to do this automatically so that
>we can gain enough reputation to send more than one recipient at a
>time? Because Comcast is not rejecting all mail. Comcast is only
>rejecting mail with multiple recipients. Comcast is accepting mail
>with single recipients
> If I missed anywhere on the web where moving from sendmail to postfix while
> using (or modifying) existing external files is discussed
>in detail, pointers would be appreciated - might save me from making a bunch
>of embarrassing newbie posts here...
> If I missed anywhere on the web wher
>Is there a workaround for the space in v2.2 (old server, working on migrating)?
>
>submission inetn - n - - smtpd
> -o smtpd_recipient_restrictions=check_client_access
> hash:/etc/postfix/access,permit_sasl_authenticated,reject
>
I found a post where someone
Thanks Wietse.
Is there a workaround for the space in v2.2 (old server, working on migrating)?
submission inetn - n - - smtpd
-o smtpd_recipient_restrictions=check_client_access
hash:/etc/postfix/access,permit_sasl_authenticated,reject
I'd like to block certain IP's from attempting to authenticate on my submission
port.
This is what I have now:
#master.cf
#port 587
submission inetn - n - - smtpd
-o smtpd_recipient_restrictions=permit_sasl_authenticated,reject
-o smtpd_sasl_auth_enable=yes
Matus:
>why just outgoing? Are you willing to accept spam with fake from in your
>domain?
I am not willing. Inbound is already restricted and functioning properly.
That said, I migrated my configs from an older version of PF so now you made me
worry about *how* it is restricted.
I have se
Here's a related recent thread
http://postfix.1071664.n5.nabble.com/postscreen-dnsbl-AND-smtpd-recipient-restrictions-rbl-tt91307.html#none
>-Original Message-
>From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org]
>On Behalf Of Alex
>Sent: Tuesday, August 01,
Postfix 3.2.2
Post upgrade, I'm revisiting my configuration to be sure I'm taking advantage
of current features relative to my old server.
I'm still using 2 cleanup services , pre-cleanup before the content_filter and
the regular cleanup after-filter.
I was using Patrick Koetter's current p
>Did you configure your content filter to send a bounce message?
Not intentionally.
>Jul 26 19:05:57 mail1 postfix/smtpd[11093]: 67FB13910:
>client=localhost[127.0.0.1]
>
>Jul 26 19:05:57 mail1 postfix/cleanup[11094]: 67FB13910:
>message-id=
>
>That is not a Postfix-generated message ID.
>Do you have concrete evidence that the posting actually reaches the list
host,
>and isn't blocked at a point closer to you?
Yes, but I figured it out. It was right there in front of me in the
auto-reply/bounce message. Just missed it. Apologies for the static.
Postfix 3.2.2, Centos7, amavisd, clamav
Upgrading my server, and recently migrated one of my older domains that gets
more spam. When checking my mail queue I saw a few deferred messages to
addresses that alarmed me. I had a moment of panic thinking maybe I had
configured something allowing a rel
Anyone have or know of a log parser/tool that includes postscreen logs? I
don't think Jim's pflogsum includes any type of postscreen data.
Would be nice to have some reporting that included how much I'm potentially
preventing vs. processing.
Thanks, Scott
Is it possible to inspect or clear postscreen's whitelist cache?
>There is no need to duplicate the threshold check.
I'm not duplicating the check. I was just considering using the logged,
recorded checks (of a minimum value) and making use of those. They could
trigger a ban of the IP via fail2ban's respective jail's frequency
settings, based on those log e
>Postcreen logs DISCONNECT for clients that PASS the "after 220 greeting"
>tests (bare newline, non-SMTP command, pipelining).
Exactly what I was afraid of, thanks for the confirmation.
>I don't think there is much to gain from parsing postscreen logging to
produce
>fail2ban rules. postscreen is
As I watch the bots and spammers hammer my server with connection attempts,
I figured I might as well stop them even closer to the front door when they
try repeatedly.
I have fail2ban running already and once I enabled postscreen it didn't seem
to have much to do anymore.
My primary question is:
>This looks similar to my own config, from which I think Steve adapted his.
I
>presume therefore that you're using a threshold of 3?
Yes.
>SWL is no longer active; the zone has been emptied.
Check. Thanks.
>> reject_rbl_client bl.spamcop.net
>> reject_rbl_client psbl.surriel.com
>
>I would
>Do "postfix reload" and see what Postfix version is being logged.
Jul 11 15:58:29 tn2 postfix/postfix-script[17935]: refreshing the Postfix
mail system
Jul 11 15:58:29 tn2 postfix/master[17876]: reload -- version 2.11.10,
configuration /etc/postfix
32 matches
Mail list logo
