Re: Feedback on Postscreen Whitelist Article

Il 26/11/15 21:43, Wietse Venema ha scritto: Do not greylist sites that have many *different* outbound MTA IP addresses. This is a greylisting problem, not postscreen, Wietse Thanks for your clarification, Wietse. I have found my (macroscopic!) configuration issue instead: Enablin

Re: Feedback on Postscreen Whitelist Article

Am 27.11.2015 um 02:53 schrieb @lbutlr: On Nov 26, 2015, at 1:03 PM, ale@proto wrote: I know somebody discourages the use of postscreen + postgrey. But I don't understand those MS retries. If by “someone” you mean just about everyone including the developer of postfix, then yes, someone dis

Re: Feedback on Postscreen Whitelist Article

On Nov 26, 2015, at 1:03 PM, ale@proto wrote: > I know somebody discourages the use of postscreen + postgrey. But I don't > understand those MS retries. If by “someone” you mean just about everyone including the developer of postfix, then yes, someone discourages it. Greylisting and Postscreen

Re: Feedback on Postscreen Whitelist Article

On 26/11/2015 20:10, Steve Jenkins wrote: On Thu, Nov 26, 2015 at 12:03 PM, ale@proto mailto:alessan...@protodigital.net>> wrote: I reviewed my logs today and I saw a lot of connections from a bunch of MS outbound gateways before entering the "postgrey layer". Once postscreen mar

Re: Feedback on Postscreen Whitelist Article

ale @ proto: > I reviewed my logs today and I saw a lot of connections from a bunch of > MS outbound gateways before entering the "postgrey layer". > > Once postscreen marked one of these gw PASS OLD postgrey put the message > in greylist (default 5 mins), but it expects another connection withi

Re: Feedback on Postscreen Whitelist Article

On Thu, Nov 26, 2015 at 12:03 PM, ale@proto wrote: > I reviewed my logs today and I saw a lot of connections from a bunch of MS > outbound gateways before entering the "postgrey layer". > > Once postscreen marked one of these gw PASS OLD postgrey put the message > in greylist (default 5 mins), bu

Re: Feedback on Postscreen Whitelist Article

I reviewed my logs today and I saw a lot of connections from a bunch of MS outbound gateways before entering the "postgrey layer". Once postscreen marked one of these gw PASS OLD postgrey put the message in greylist (default 5 mins), but it expects another connection within (better: after!) th

Re: Feedback on Postscreen Whitelist Article

On Thu, Nov 26, 2015 at 9:00 AM, Bill Cole < postfixlists-070...@billmail.scconsult.com> wrote: > > Every DNS SOA should have a RP field that is supposed to be an email > address (s/@/./) for the Responsible Party who can fix problems in the > zone. Surely a big responsible company like Microsoft

Re: Feedback on Postscreen Whitelist Article

On 26 Nov 2015, at 11:12, Steve Jenkins wrote: On Thu, Nov 26, 2015 at 4:49 AM, Robert Chalmers wrote: So do I. So I’ll hand cut the cidr file for now, and wait till the author updates his code.. So, I've updated the code. :) Instead of relying on multiple scripts to make multiple list

Re: Feedback on Postscreen Whitelist Article

On Thu, Nov 26, 2015 at 4:49 AM, Robert Chalmers wrote: > So do I. > So I’ll hand cut the cidr file for now, and wait till the author updates > his code.. > So, I've updated the code. :) Instead of relying on multiple scripts to make multiple lists, I simplified things and created a new projec

Re: Feedback on Postscreen Whitelist Article

On Thu, Nov 26, 2015 at 3:41 AM, Robert Chalmers wrote: > Hi Steve, > I’m seeing this in the mail.log > > warning: cidr map /usr/local/etc/postfix/msft_whitelist.cidr, line 36: > non-null host address bits in "207.68.169.173/30", perhaps you should use > "207.68.169.172/30" instead: skipping this

Re: Feedback on Postscreen Whitelist Article

On November 26, 2015 1:46:15 PM Ralf Hildebrandt wrote: What do you think? I think postfix is right :) wish microsoft learn to use shorewall iprange ? :) what id have microsoft on dnswl.org ? hmm

Re: Feedback on Postscreen Whitelist Article

In fact on closer inspection, the last two are duplicates. Robert Chalmers rob...@chalmers.com .au Quantum Radio: http://tinyurl.com/lwwddov Mac mini 6.2 - 2012, Intel Core i7,2.3 GHz, Memory:16 GB. El-Capitan 10.11. 2TB Storage made up of - Drive 0:HGST HTS721010

Re: Feedback on Postscreen Whitelist Article

So do I. So I’ll hand cut the cidr file for now, and wait till the author updates his code.. Robert Chalmers rob...@chalmers.com .au Quantum Radio: http://tinyurl.com/lwwddov Mac mini 6.2 - 2012, Intel Core i7,2.3 GHz, Memory:16 GB. El-Capitan 10.11. 2TB Storage m

Re: Feedback on Postscreen Whitelist Article

> I’m seeing this in the mail.log > > warning: cidr map /usr/local/etc/postfix/msft_whitelist.cidr, line 36: > non-null host address bits in "207.68.169.173/30", perhaps you should use > "207.68.169.172/30" instead: skipping this rule > Nov 26 11:39:25 zeus postfix/postscreen[29402]: warning: ci

Re: Feedback on Postscreen Whitelist Article

Hi Steve, I’m seeing this in the mail.log warning: cidr map /usr/local/etc/postfix/msft_whitelist.cidr, line 36: non-null host address bits in "207.68.169.173/30", perhaps you should use "207.68.169.172/30" instead: skipping this rule Nov 26 11:39:25 zeus postfix/postscreen[29402]: warning: cidr

Re: Feedback on Postscreen Whitelist Article

On Wed, Nov 25, 2015 at 4:13 AM, ale@proto wrote: > I thinks it's a good starting point, Steve. > And it's much better than doing it manually as I did :-) > > Anyway... I rapidly tested delivery time from my office365 account: > - WL disabled: 15 hours > - WL enabled: just a few minutes > > postg

Re: Feedback on Postscreen Whitelist Article

I thinks it's a good starting point, Steve. And it's much better than doing it manually as I did :-) Anyway... I rapidly tested delivery time from my office365 account: - WL disabled: 15 hours - WL enabled: just a few minutes postgrey enabled. Thanks! a. Il 25/11/15 04:45, Steve Jenkins ha s

Re: Feedback on Postscreen Whitelist Article

On Tue, Nov 24, 2015 at 10:32 AM, proto wrote: > Thank you Steve. > I did something similar some weeks ago because I had to get in contact > with MS Support urgently. > > I remember I had to get outbound gateways IPs from < > spf.protection.outlook.com>, but I didn't use . Actually in > your scri

Re: Feedback on Postscreen Whitelist Article

Thank you Steve. I did something similar some weeks ago because I had to get in contact with MS Support urgently. I remember I had to get outbound gateways IPs from , but I didn't use . Actually in your script this NS return no SPF records (IP and includes). I think this WL could be complet

Re: Feedback on Postscreen Whitelist Article

Hi Steve, I implemented the idea, and it works treat. I’m on OSX 10.11, and apart from a few directory changes, (and my bad spelling) - no problems. Interesting idea and an excellent script. Thanks for the work. I understand now what it’s doing. Robert > On 23 Nov 2015, at 23:54, Steve Jenkin

Re: Feedback on Postscreen Whitelist Article

On Mon, Nov 23, 2015 at 1:48 PM, rob...@chalmers.com.au < rob...@chalmers.com.au> wrote: > Interesting article Steve. What happens when/if they change ip blocks in > between cron runs? > and I can't help thinking this may be a little redundant though, with spf, > dkim and dmarc in place the source

Re: Feedback on Postscreen Whitelist Article

On Mon, Nov 23, 2015 at 1:03 PM, Noel Jones wrote: > > Maintaining a local postscreen whitelist of well-known providers is > largely obsolete. > > http://www.postfix.org/postconf.5.html#postscreen_dnsbl_whitelist_threshold > http://www.postfix.org/postconf.5.html#postscreen_dnsbl_sites > > a mini

Re: Feedback on Postscreen Whitelist Article

‎If wishes were horses. ;-)  My xyz domain is on the VPS. I'm going to switch systems in a few days.   Original Message   From: Viktor Dukhovni Sent: Monday, November 23, 2015 2:45 PM To: postfix-users@postfix.org Reply To: postfix-users@postfix.org Subject: Re: Feedback on Postscreen Whit

Re: Feedback on Postscreen Whitelist Article

On Mon, Nov 23, 2015 at 02:29:45PM -0800, yahoogro...@lazygranch.xyz wrote: >�Regarding Spamhaus, I am periodically blacklisted on my hosted Web service > provider because somebody �sets up an account on the same service, then > spews spam. Because I share the same IP, I'm declared toxic.  Sounds

Re: Feedback on Postscreen Whitelist Article

‎Regarding Spamhaus, I am periodically blacklisted on my hosted Web service provider because somebody ‎sets up an account on the same service, then spews spam. Because I share the same IP, I'm declared toxic.  I have set up a VPS, which of course has its own IP, not to get in this boat. But I a

Re: Feedback on Postscreen Whitelist Article

On 11/23/2015 3:48 PM, rob...@chalmers.com.au wrote: > Interesting article Steve. What happens when/if they change ip > blocks in between cron runs? > and I can't help thinking this may be a little redundant though, > with spf, dkim and dmarc in place the source of the email is checked > and acted

Re: Feedback on Postscreen Whitelist Article

Interesting article Steve. What happens when/if they change ip blocks in between cron runs? and I can't help thinking this may be a little redundant though, with spf, dkim and dmarc in place the source of the email is checked and acted upon accordingly. Sent from my iPad > On 23 Nov 2015,

Re: Feedback on Postscreen Whitelist Article

On 11/23/2015 1:42 PM, Steve Jenkins wrote: > I just posted an article about how to whitelist Gmail and > Hotmail/Outlook.com IP addresses for Postscreen, based on the > webmaster's SPF records: > > http://www.stevejenkins.com/blog/2015/11/postscreen-whitelisting-smtp-outbound-ip-addresses-large-w

Feedback on Postscreen Whitelist Article

I just posted an article about how to whitelist Gmail and Hotmail/Outlook.com IP addresses for Postscreen, based on the webmaster's SPF records: http://www.stevejenkins.com/blog/2015/11/postscreen-whitelisting-smtp-outbound-ip-addresses-large-webmail-providers/ I'd appreciate feedback from anyone