On 10/16/24 09:37, Paul Fowler via Postfix-users wrote:
@Serhi, delaying the rejection of invalid RCPT TO, do you know how I can
accomplish that?
In main.cf:
smtpd_reject_unlisted_recipient = no
In master.cf add -o smtpd_end_of_data_restrictions=reject_unlisted_recipient to
smtpd serving 25
On 10/15/24 16:52, Bill Cole via Postfix-users wrote:
Unless you've intentionally enabled EXPN in your config, you probably have not
done anything really wrong but not all defaults are ideal. There are some
non-defaults which will break SOME enumeration attempts:
main.cf:
smtpd_reject_unlist
I have checked this script and the simplest thing you can do is to delay
rejection of invalid RCPT TO to DATA or END-OF-DATA. In this case, nmap will
output all usernames it uses to check, making this info completely useless for
potential attacker.
On 10/15/24 15:03, Paul Fowler via Postfix-us
2024-09-05T20:37:33Z Bill Cole via Postfix-users :
> [Puts on ASF SpamAssassin Contributor hat]
>
> There is a complex mechanism for this in SpamAssassin which (using the
> default rules & scores) is NOT an outright ban on any TLD in any particular
> role in a message but which has a significan
2024-09-05T14:07:05Z Thomas Cameron via Postfix-users
:
> Am I smoking crack? Or is this pretty reasonable? Or should I just knuckle
> down and set up Spamassassin or some other anti-spam tool (I'm totally open
> to suggestions, I just have experience with SA from a past life)
No, you are not.
Have you tried postsrsd?
https://github.com/roehling/postsrsd/
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
For some mailing lists you have to be lax on DMARC failures because they
overwrite email body and aren't rewriting header From.
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
On 7/28/24 20:59, Christophe Kalt via Postfix-users wrote:
How do folks monitor the health of their postfix installations?
I am using https://github.com/kumina/postfix_exporter for metrics collection
and to spot anomalies if there are any. But it is definitely not a silver
bullet, I am intere
From postfix docs: "The form [hostname] turns off MX or SRV lookups."
https://www.postfix.org/postconf.5.html#relayhost
On 7/25/24 09:09, Corey H via Postfix-users wrote:
Hi list,
I saw this configuration in my company's postfix.
relayhost = [mail.example.net]:587
Generally I would write it
On 7/10/24 08:40, Gilgongo via Postfix-users wrote:
As you can see, it goes straight to the MX of the domain of the recipient. The
same is true if I use mail.mailutils or other clients. So I was wondering how I
might both allow sending but also (reliably) prevent abuse. Perhaps doing both
isn'
You should use check_reverse_client_hostname_access
I have the following pcre map entry:
/\.googleusercontent\.com$/ REJECT policy forbids MTA with generic PTRs
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an ema
It is kind of off topic, but to my opinion there is no FP-less RBL available.
Consider moving to scoring system to not rely on listing at only one blocklist.
--
Send unsolicited bulk email to carl...@at.encryp.ch
___
Postfix-users mailing list -- postf
12 matches
Mail list logo
