smtpd_data_restrictions fixed my issue and I see the header now.
Thank you.
On Thu, Feb 19, 2015 at 7:05 PM, Wietse Venema wrote:
> Dave Jones:
> > Feb 19 16:55:12 smtp1 postfwd[27034]: [RULES] rule=4, id=RCPTCNT1,
> > queue=C2B7433E7CE, client=unknown[172.27.0.203], sender=<
> > r...@server1.ex
Dave Jones:
> Feb 19 16:55:12 smtp1 postfwd[27034]: [RULES] rule=4, id=RCPTCNT1,
> queue=C2B7433E7CE, client=unknown[172.27.0.203], sender=<
> r...@server1.example.com>, recipient=, helo=<
> server1.example.com>, proto=ESMTP, state=END-OF-MESSAGE, delay=0.00s,
> hits=RCPTCNT1, action=PREPEND X-Rcpt
On Wed, Feb 4, 2015 at 9:24 AM, Leonardo Rodrigues wrote:
> On 04/02/15 12:41, Wietse Venema wrote:
>
>>
>> Use postfwd, set a rule that triggers with too many recipients
>> per SASL login. http://www.postfwd.org/
>>
>> Wietse
>>
>
> Policyd can also do that, check both.
>
> http://w
On 04/02/15 12:41, Wietse Venema wrote:
Use postfwd, set a rule that triggers with too many recipients
per SASL login. http://www.postfwd.org/
Wietse
Policyd can also do that, check both.
http://www.policyd.org/
--
Atenciosamente / Sincerily,
Leonardo Rodrig
Thank you for the postfwd link. Not sure why I didn't find this during my
research. I guess I didn't have the right Google keywords. :)
On Wed, Feb 4, 2015 at 8:41 AM, Wietse Venema wrote:
> Dave Jones:
> > I need to be able to relay outbound for this customer of ours as a
> service
> > we pr
Dave Jones:
> I need to be able to relay outbound for this customer of ours as a service
> we provide and I need to be able to block compromised accounts which I have
> been successful at for years until this new spam technique showed up a few
> weeks ago.
> I do have a way to detect this Bcc sendi
With postfwd you could use the following rule:
id=RCPTCNT
action=PREPEND X-RCPT-COUNT: $$recipient_count
or something like that
id=RCPTCNT01
recipient_count>=200
action=PREPEND X-RCPT-COUNT: RED
id=RCPTCNT02
recipient_count>=100
action=PREPEND X-RCPT-COUNT: YELLOW
Please
I need to be able to relay outbound for this customer of ours as a service
we provide and I need to be able to block compromised accounts which I have
been successful at for years until this new spam technique showed up a few
weeks ago.
I do have a way to detect this Bcc sending _after the fact_ an
- Have you identified the e-mail server having those compromised
accounts? If yes forbid this server to relay using your Postfix servers.
If you don't want or cannot do it...
- Then have you identified what e-mail accounts exactly are compromised?
If yes temporarily close or disabled those accou
I have a sneaky spammer that is using compromised accounts of a mail server
that relays outbound through my Postfix servers. The spammer is Bcc'ing
200 or 300 recipients at a time and sending very slowly to avoid my high
volume detection. I need to be able to add a header that SpamAssassin can
us
10 matches
Mail list logo
