Same here, but I found some interesting facts about outlook spam, they have 4
common marks that can be used to catch them with Spamassassin.
The following rules block all outlook spam, but will also block some legitimate
emails that use "undisclosed recipients". Not a big deal for me and my
n
About Docker, you may want to do some research on it, because it may not be
desirable for production systems due to its monolithic design, it uses a single
Docker daemon, while competitors like podman use a daemonless architecture.
Look how "easy" it is to secure Docker:
https://cheatsheetseri
it happens to me sometimes, I make changes to the postfix configuration and I
forget to restart postfix for it to take effect (systemctl restart postfix
opendkim opendmarc etc).
Could it be that simple?
On Tue, 14 Nov 2023 11:16:18 -0500 Dino Edwards via Postfix-users
wrote:
> Logs don'
You mention that you are using dovecot along with postfix, so in that case, the
most common theme is to use LMTP like this:
virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_mailbox_domains = /etc/postfix/virtual_mailbox_domains
then your /etc/postfix/virtual_mailbox_domains may look
we must be looking at different manuals/specifications because I don't see how
a SMFIC_ABORT is implied here.
but
I don't think it matters anyway, it should not make any difference, just extra
traffic between postfix and the milters :)
I'll adjust my milter to expect SMFIC_ABORT after STARTT
The specification does NOT state that after STARTTLS the MTA must send an
SMFIC_ABORT.
It only states that when SMFIC_ABORT is sent, between emails with the same
connection, to reset everything except the connection information (since its
the same I guess?)
At least that is how I interpret
(resending because the previous email failed to submit due to its size)
I'm sorry I did not provide enough information.
With "the next email" I mean the next SMTP SESSION, a different sender.
I should also mention that I'm using AlmaLinux (derivative of RHEL) which comes
with the following pos
Hello everyone,
While running my milter, I noticed an inconsistency filtering incoming mail by
their connection information and by inconsistency I mean complete lack of data.
Of course it could be a bug in my milter, but in case it is not, here is the
problem:
A normal (unencrypted) connecti
thank you for the explanation, I'll adjust my code accordingly :)
On Tue, 17 Oct 2023 10:02:33 -0400 (EDT) Wietse Venema via Postfix-users
wrote:
> mailmary--- via Postfix-users:
> >
> > Hello everyone,
> >
> > I'm coding a milter and I noticed a
Hello everyone,
I'm coding a milter and I noticed an issue with postfix. Once postfix is done
communicating with the milters, instead of sending a SMFIC_QUIT, it sends
SMFIC_ABORT.
abort all milters
milter8_abort: abort milter inet:127.0.0.1:8891
milter8_abort: abort milter inet:127.0.0.1:889
In my case, libspf2 is a dependent package of OpenDMARC
(Alma Linux, Rocky Linux, Oracle Linux)
On Sat, 30 Sep 2023 16:47:30 -0400 Viktor Dukhovni via Postfix-users
wrote:
> Recent news of security issues in Exim appear to in part implicate
> libspf2.
>
> While Postfix does not directly u
So in other words, read the manual ;)
On Fri, 8 Sep 2023 11:25:22 -0400 Viktor Dukhovni via Postfix-users
wrote:
> On Fri, Sep 08, 2023 at 05:15:45PM +0300, mailmary--- via Postfix-users wrote:
>
> > Two quick questions:
> >
> > 1) How do I force an email addres
Hello everyone,
Two quick questions:
1) How do I force an email address to NOT be able to send email, but still
receive.
2) How do I force an email address to NOT be able to receive, but still send.
Thank you.
___
Postfix-users mailing list -- p
maybe spamassassin is reading your vCard (.vcf) which has the following string:
URL:https://woodpeckersnest.space/
btw, yes .space is considered a "bad domain" frequently abused for spam. But I
think it was recently removed from spamassassin bad domains.
https://apache.googlesource.com/spama
In all honesty, the current situation of logging the base64 string
"UGFzc3dvcmQ6" does not help us.
Maybe we could reconsider, and actually log the data (raw or base64-decoded)?
On Tue, 16 May 2023 09:30:44 -0400 (EDT) Wietse Venema via Postfix-users
wrote:
> mailmary--
I am talking about the authentication email, not MAIL FROM or RCPT TO.
hmm, when using the -v parameter, just above the "SASL LOGIN authentication
failed: UGFzc3dvcmQ6" log entry, I can clearly see the email/password
thus postfix knows the email address being authenticated BEFORE the error
me
Out of curiosity, why does postfix display the base64 encoded "Password:"
string on failed authentication, instead of the user/email that actually failed?
eg:
warning: unknown[59.2.250.144]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
warning: unknown[1.219.223.120]: SASL LOGIN authenticatio
The postscreen feature for RBL checks allows us to use scoring!
My configuration is based on this one here:
https://gitlab.com/noumenia/aetolos/-/blob/master/modules/el8/postfix/maincf.tpl
Take a look at lines 100 to 132.
For example:
postscreen_dnsbl_action = enforce (reject email with 55
I've said this in the past, certbot was badly coded, used too much memory and
lacked vision. But there are two great alternatives, written as bash scripts
(thats right.. bash scripts!)
https://github.com/acmesh-official/acme.sh
https://github.com/dehydrated-io/dehydrated
give them a try, they
I'm using a PHP milter to reject languages by their charset.
For example, look for the charset "ks_c_5601-1987" under headers:
Subject:
Content-Type:
Thread-Topic:
etc...
An Base64-encoded subject would look like:
Subject: =?ks_c_5601-1987?B?...base64string...
or a mime content-type would lo
same here, it appears like someone is doing tests on their end, because these
errors first appeared today and only for a few hours.
On Fri, 17 Mar 2023 14:17:19 +0100 Benny Pedersen via Postfix-users
wrote:
> Mar 17 11:38:31 localhost postfix/smtpd[22150]: lost connection after
> STARTTLS
other account
domains, which is something supported by SELinux on enterprise linux distros
(Alma, Rocky, Oracle, etc).
no need for an SQL database.
On Mon, 13 Mar 2023 13:42:42 +0100 Antonino Di Mauro via Postfix-users
wrote:
> about 200 users...
>
>
> Il 13/03/23 13:33, mai
out of curiosity, why do you want to use an SQL database? Do you have more than
1,000,000 email accounts?
I don't really see any benefit by using SQL for small to medium sized systems.
On Mon, 13 Mar 2023 13:26:47 +0100 Antonino Di Mauro via Postfix-users
wrote:
> It seems i found the pro
Unfortunately, due to company policy, I can only work with RPM packages from
either the default repo or EPEL and nothing else. I know several other
companies that have the same rule. Its not something that I can change, so I
work with what I have.
On Fri, 10 Mar 2023 11:14:14 -0500 PGNet De
The problem with dkimpy/dkimpy-milter, is that they don't exist in enterprise
distros (Alma, Rocky, Oracle) via EPEL.
The popularity of opendkim/opendmarc is due to their packages being available
via EPEL.
Looking at the opendkim/opendmarc right now, they appear dead over the past 2
years
Hello,
Are you using OpenDMARC? if you do, then its because OpenDMARC is broken and
crashes on some types of emails.
Look above those log lines for the actual crash, it looks like:
"can't read SMFIC_BODYEOB reply packet header"
unfortunately, OpenDMARC seems like a dead project so don't expec
Unfortunately I've seen this crash as well, its actually quite frequent in my
case and I'm using a newer version of OpenDMARC than you:
# opendmarc -V
opendmarc: OpenDMARC Filter v1.4.2
SMFI_VERSION 0x101
libmilter version 1.0.1
Active code options:
W
27 matches
Mail list logo
