On Tue, Apr 02, 2024 at 12:11:03PM -0400, David Mehler wrote:
> Here is the complete log of the connections, IPS x-d out, but I tried
> twice, once on 587, once with smtps enabled. Any help appreciated.
As noted by Wietse, debug (verbose) logging is not useful here. Just
normal logging is quite
David Mehler via Postfix-users:
> Hello,
>
> Here is the complete log of the connections, IPS x-d out, but I tried
> twice, once on 587, once with smtps enabled. Any help appreciated.
We DID NOT ask for verbose logs.
All we asked for is this:
> postfix/submission/smtpd[1529]: improper command
Hello,
Here is the complete log of the connections, IPS x-d out, but I tried
twice, once on 587, once with smtps enabled. Any help appreciated.
Thanks.
Dave.
#tail -f /var/log/mail.log
2024-04-02T09:48:08.220604-04:00 hostname
postfix/submission/smtpd[1529]: connect from
xxx.xxx.xxx.xxx[xxx.
On Mon, Apr 01, 2024 at 04:09:34PM -0400, David Mehler via Postfix-users wrote:
> In my master.cf I do have smtpd_tls_wrappermode but it's in the commented
> out service for port 465, I'm using submission.
>
> I've checked with postconf and smtpd_tls_wrappermode is set to no.
Of course, but Thun
Hello Wietse
Thank you for your reply.
> Thunderbird pipelining errors after helo?
That is the problem yes.
In my master.cf I do have smtpd_tls_wrappermode but it's in the
commented out service for port 465, I'm using submission.
I've checked with postconf and smtpd_tls_
David Mehler via Postfix-users:
> to utilize Thunderbird v91.x. I've tried configuring with both the
> automatic configuration and the manual configuration, in both cases I am
> getting an error in my maillog from submission/smtpd service stating
> error improper command pipe
proper command
> pipelining after helo.
Instead if reinterpreting/summarising the log message, you should post
it verbatim, and in full.
> # postconf -n
>
> compatibility_level =
This is not a good idea. Set it to 3.6, if you've resolved all the
compatibility is
sion to send it. I'm wanting
to utilize Thunderbird v91.x. I've tried configuring with both the
automatic configuration and the manual configuration, in both cases I am
getting an error in my maillog from submission/smtpd service stating
error improper command pipelining after helo. Googling
On 2023-08-22 at 09:32:11 UTC-0400 (Tue, 22 Aug 2023 15:32:11 +0200)
Matus UHLAR - fantomas via Postfix-users
is rumored to have said:
so far all SMTP RFCs have specified that hostname specified in HELO
needs NOT to match the result of client IP's hostname lookup.
I think there's
On 22.08.23 18:43, Peter H via Postfix-users wrote:
When my mailserver talks to other MTA, it certainly will issue a HELO
command.
Saying the hostname after HELO is: mail.host.com, which points to an IP.
But this IP's PTR doesn't point back to the hostname above.
That's sayi
Peter H via Postfix-users:
> Hello,
>
> When my mailserver talks to other MTA, it certainly will issue a HELO
> command.
>
> Saying the hostname after HELO is: mail.host.com, which points to an IP.
>
> But this IP's PTR doesn't point back to the hostname abov
Hello,
When my mailserver talks to other MTA, it certainly will issue a HELO
command.
Saying the hostname after HELO is: mail.host.com, which points to an IP.
But this IP's PTR doesn't point back to the hostname above.
That's saying, the IP does have a PTR like we
ith
setting up SPF already – you should.
The point is that both the HELO and MAIL FROM names can undergo SPF
evaluation, so ideally you will set up an SPF record for each:
…
EHLO mail.example.com
…
MAIL FROM:
…
___
Postfix-users mailing list -- postfi
Dnia 12.04.2023 o godz. 15:43:07 Fourhundred Thecat via Postfix-users pisze:
> OK, I see.
> So should the client (mail.example.com) then have it's own SPF record,
> in addition to the domain itself (example.com) ?
If you plan to send mail with senders addresses as
someth...@mail.example.com, then
F_HELO_NONE SPF: HELO does not publish an SPF Record
A fact that in fact carries no value judgment.
SpamAssassin currently hard-scores that rules at +0.001, meaning that
while *in theory* it adds to the "spamminess" metric, it is effectively
meaningless in the overal
locutor
de-facto uses a GMail address. Just three weeks ago on the LUGA
ML that also came up
On 12.04.23 14:08, Scott Kitterman via Postfix-users wrote:
Generally the interoperability issues that can arise with SPF for Mail From
don't come up with HELO. I don't think I've ever hear
loned https://github.com/roehling/postsrsd.git to have
> a look at it.
Generally the interoperability issues that can arise with SPF for Mail From
don't come up with HELO. I don't think I've ever heard of a problem with -all
for HELO. For Mail From, some people have issues,
Matus UHLAR - fantomas wrote in
:
|On 12.04.23 12:41, Fourhundred Thecat via Postfix-users wrote:
...
|>Does it mean that I should either:
|>
|> 1) create SPF record for mail.mydomain.com
...
|I would do the first:
|
|fantomas.fantomas.sk descriptive text "v=spf1 a -all"
Interesting thi
Fourhundred Thecat via Postfix-users:
> > On 2023-04-12 15:30, Wietse Venema via Postfix-users wrote:
> > Fourhundred Thecat via Postfix-users:
> >> > On 2023-04-12 14:48, Byung-Hee HWANG via Postfix-users wrote:
> >
> > The smtp_helo_name used in the Postfix SMTP client should resolve to the
>
> On 2023-04-12 15:30, Wietse Venema via Postfix-users wrote:
Fourhundred Thecat via Postfix-users:
> On 2023-04-12 14:48, Byung-Hee HWANG via Postfix-users wrote:
The smtp_helo_name used in the Postfix SMTP client should resolve to the
client IP address that is seen by a remote SMTP server.
Fourhundred Thecat via Postfix-users:
> > On 2023-04-12 14:48, Byung-Hee HWANG via Postfix-users wrote:
> >>2) change smtp_helo_name to
> >>
> >> smtp_helo_name = $mydomain
> >
> > It is very strange, i think.
>
> what do you mean?
> is it strange to use example.com, instead of mail.exam
> On 2023-04-12 14:48, Byung-Hee HWANG via Postfix-users wrote:
2) change smtp_helo_name to
smtp_helo_name = $mydomain
It is very strange, i think.
what do you mean?
is it strange to use example.com, instead of mail.example.com as
smtp_helo_name, when the smtp client is actually mail
> 2) change smtp_helo_name to
>
> smtp_helo_name = $mydomain
It is very strange, i think.
Sincerely,
--
^고맙습니다 _地平天成_ 감사합니다_^))//
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@pos
:
SPF_HELO_NONE SPF: HELO does not publish an SPF Record
this is just informative message, it does not cause any problem.
and lastly, I have smtp_helo_name = mail.mydomain.com
Does it mean that I should either:
1) create SPF record for mail.mydomain.com
or
2) change smtp_helo_name to
on mail-tester.com, it says:
SPF_HELO_NONE SPF: HELO does not publish an SPF Record
and lastly, I have smtp_helo_name = mail.mydomain.com
Does it mean that I should either:
1) create SPF record for mail.mydomain.com
or
2) change smtp_helo_name to
smtp_helo_name = $mydomain
,
reject_unknown_helo_hostname
many email MUA such as thunderbird were delivering messages from a
dyna IP with just localhost as HELO hostname. so their messages will
be rejected by postfix.
If I changed the above configuration to:
smtpd_helo_restrictions = permit_mynetworks
On 2023-04-11 07:37, Wietse Venema via Postfix-users wrote:
Did you set 'smtpd_delay_reject=no'?
Wietse
Wietse,
I didn't set smtpd_delay_reject=no in my main.cf.
regards
___
Postfix-users mailing list -- postfix-users@postfix.org
To un
Did you set 'smtpd_delay_reject=no'?
Wietse
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
thunderbird were delivering messages from a dyna
IP with just localhost as HELO hostname. so their messages will be
rejected by postfix.
If I changed the above configuration to:
smtpd_helo_restrictions = permit_mynetworks,
permit_sasl_authenticated
common approach, an incorrect hostname in the "helo".
Many senders are mis-configured, it's true, perhaps I'll set to "yes" again,
some time.
Best Regards,
In addition, I have configured PostScreen with the following RBLs and
weights:
-Mensaje original-
De: owner-postfix-us...@postfix.org En nombre de Alberto
Enviado el: jueves, 2 de marzo de 2023 16:11
Para: 'Postfix users'
Asunto: RE: Helo reject working?
-Mensaje original-
De: owner-postfix-us...@postfix.org En nombre de Wietse Venema Enviado
-Mensaje original-
De: owner-postfix-us...@postfix.org En nombre de Wietse Venema
Enviado el: jueves, 2 de marzo de 2023 15:50
Para: Postfix users
CC: 'Postfix users' ; u...@porcupine.org
Asunto: Re: Helo reject working?
Alberto:
> Except, as in this case, when the would-be
Alberto:
> Except, as in this case, when the would-be sender tries an unsupported
> command, e.g. AUTH. It's really not feasible to postpone rejection in
> those cases.
>
>
> +1
> I've changed "smtp_delay_reject" directive to "no", because there are too
> many connections with this approach.
>
-Mensaje original-
De: owner-postfix-us...@postfix.org En nombre de Bill Cole
Enviado el: martes, 28 de febrero de 2023 15:43
Para: Postfix users
Asunto: Re: Helo reject working?
On 2023-02-28 at 06:00:39 UTC-0500 (Tue, 28 Feb 2023 12:00:39 +0100)
Jaroslaw Rafa is rumored to have said
On 2023-02-28 at 06:00:39 UTC-0500 (Tue, 28 Feb 2023 12:00:39 +0100)
Jaroslaw Rafa
is rumored to have said:
Dnia 28.02.2023 o godz. 10:03:23 Alberto pisze:
I see that almost all attacks do not have a valid FQDN, so I have set
the
"reject_non_fqdn_helo_hostname" directive in
"smtpd_helo_rest
s are evaluated at RCPT TO stage, so you
cannot cause a reject earlier.
You have to set this parametr to "no" in order to reject at HELO stage.
However take into account what is written in the documentation:
"This feature is turned on by default because some clients apparently
mis
28.02.23, 10:03 +0100, Alberto:
I see that almost all attacks do not have a valid FQDN, so I have set the
"reject_non_fqdn_helo_hostname" directive in "smtpd_helo_restrictions"
directive, which I see is in a previous phase, to reject it beforehand.
However, it has no effect. The attacks continu
Hi,
I saw that I had many such attacks...
Out: 220 MyServer ESMTP
In: EHLO Oi9oRGhc
Out: 250-MyServer
Out: 250-PIPELINING
Out: 250-SIZE 500
Out: 250-ETRN
Out: 250-ENHANCEDSTATUSCODES
Out: 250-8BITMIME
Out: 250-DSN
Out: 250 SMTPUTF8
In: AUTH LOGIN
Out: 503 5.5.1 Error: authenti
Demi Marie Obenour wrote in
<6baaf997-0462-f5de-402b-c77f01ff5...@gmail.com>:
|On 12/2/22 08:08, David Dolan wrote:
|> On Fri, 2 Dec 2022 at 10:33, David Dolan wrote:
|>> Subject:Re: helo command rejected
|>>> From: Viktor Dukhovni
|>>>
On 12/2/22 08:08, David Dolan wrote:
> On Fri, 2 Dec 2022 at 10:33, David Dolan wrote:
>> Subject: Re: helo command rejected
>>> From: Viktor Dukhovni
>>> Date: 2022-12-01 16:56:13
>>> Message-ID: Y4jcrRxsEJPsWZVZ () straasha ! imrryr ! o
On Fri, Dec 02, 2022 at 09:47:03AM -0500, Wietse Venema
wrote:
> raf:
> > On Fri, Dec 02, 2022 at 08:51:14AM -0500, Wietse Venema
> > wrote:
> >
> > > David Dolan:
> > > > I guess it's using the musl resolver in Alpine so we need to migrate OS
> > > > to
> > > > get past this issue?
> > >
>
Steffen Nurpmeso wrote in
<20221202180252.bmzqg%stef...@sdaoden.eu>:
|Viktor Dukhovni wrote in
| :
||On Fri, Dec 02, 2022 at 06:03:51PM +0100, Steffen Nurpmeso wrote:
||> Simply add a dnsmasq local cache. dnsmasq is a package on
...
||Deploying dnsmasq does not do anything to address the li
Viktor Dukhovni wrote in
:
|On Fri, Dec 02, 2022 at 06:03:51PM +0100, Steffen Nurpmeso wrote:
|
|> Simply add a dnsmasq local cache. dnsmasq is a package on
|> AlpineLinux, i use it. (Including dnssec, and it even serves its
|> cache back into a VPN, so that effectively only one instance do
On Fri, Dec 02, 2022 at 06:03:51PM +0100, Steffen Nurpmeso wrote:
> Simply add a dnsmasq local cache. dnsmasq is a package on
> AlpineLinux, i use it. (Including dnssec, and it even serves its
> cache back into a VPN, so that effectively only one instance does
> all the web queries.) (I use it
Felker has past history with this mailing list and postfix, as well as
some things related to annoyances like versioning.
Are you on a MUSL libc system? IIRC there's no support for TCP in
MUSL's stub resolver. See, for example:
https://news.ycombinator.com/item?id=28312935
https://news
Wietse Venema wrote in
<4nnwkv4frxzj...@spike.porcupine.org>:
|raf:
|> On Fri, Dec 02, 2022 at 08:51:14AM -0500, Wietse Venema e.org> wrote:
|>
|>> David Dolan:
|>>> I guess it's using the musl resolver in Alpine so we need to migrate \
|>>> OS to
|>>> get past this issue?
|>>
|>> Yes.
David Dolan:
> I guess it's using the musl resolver in Alpine so we need to migrate OS to
> get past this issue?
On Fri, Dec 02, 2022 at 08:51:14AM -0500, Wietse Venema
wrote:
Yes. Don't use toy software in production.
On 03.12.22 00:59, raf wrote:
I suspect that alpine is used in many ma
raf:
> On Fri, Dec 02, 2022 at 08:51:14AM -0500, Wietse Venema
> wrote:
>
> > David Dolan:
> > > I guess it's using the musl resolver in Alpine so we need to migrate OS to
> > > get past this issue?
> >
> > Yes. Don't use toy software in production.
> >
> > Wietse
>
> I suspect that alpin
On Fri, Dec 02, 2022 at 08:51:14AM -0500, Wietse Venema
wrote:
> David Dolan:
> > I guess it's using the musl resolver in Alpine so we need to migrate OS to
> > get past this issue?
>
> Yes. Don't use toy software in production.
>
> Wietse
I suspect that alpine is used in many many
dock
David Dolan:
> On Fri, 2 Dec 2022 at 10:33, David Dolan wrote:
>
> >
> >
> > Subject:Re: helo command rejected
> >> From: Viktor Dukhovni
> >> Date: 2022-12-01 16:56:13
> >> Message-ID: Y4jcrRxsEJPsWZVZ () straasha ! imrryr ! o
On Fri, 2 Dec 2022 at 10:33, David Dolan wrote:
>
>
> Subject: Re: helo command rejected
>> From: Viktor Dukhovni
>> Date: 2022-12-01 16:56:13
>> Message-ID: Y4jcrRxsEJPsWZVZ () straasha ! imrryr ! org
>> [Download RAW message or body]
>>
Subject:Re: helo command rejected
> From: Viktor Dukhovni
> Date: 2022-12-01 16:56:13
> Message-ID: Y4jcrRxsEJPsWZVZ () straasha ! imrryr ! org
> [Download RAW message or body]
>
> On Thu, Dec 01, 2022 at 04:06:30PM +, David Dolan wrote:
>
>
On Thu, 1 Dec 2022 at 16:59, Matus UHLAR - fantomas
wrote:
> >> On 01.12.22 15:23, David Dolan wrote:
> >> >We have two customers who we're unable to receive email from.
> >> >It's failing the helo lookup as it can't resolve the hostname in the
&
On 01.12.22 15:23, David Dolan wrote:
>We have two customers who we're unable to receive email from.
>It's failing the helo lookup as it can't resolve the hostname in the helo
>message.
>Helo command rejected: Host not found;
On Thu, 1 Dec 2022 at 15:49, Matus UHL
On Thu, Dec 01, 2022 at 04:06:30PM +, David Dolan wrote:
> This is the full line:
>
> NOQUEUE: reject: RCPT from unknown[103.246.251.109]:
> 450 4.7.1 :
> Helo command rejected: Host not found;
> from=<#> to=<#####>
> proto=ESMTP he
On Thu, 1 Dec 2022 at 15:49, Matus UHLAR - fantomas
wrote:
> On 01.12.22 15:23, David Dolan wrote:
> >We have two customers who we're unable to receive email from.
> >It's failing the helo lookup as it can't resolve the hostname in the helo
> >message.
>
On 01.12.22 15:23, David Dolan wrote:
We have two customers who we're unable to receive email from.
It's failing the helo lookup as it can't resolve the hostname in the helo
message.
Helo command rejected: Host not found;
The issued hostname is logged just prior to this text.
On Thu, Dec 01, 2022 at 03:23:52PM +, David Dolan wrote:
> We have two customers who we're unable to receive email from. It's
> failing the helo lookup as it can't resolve the hostname in the helo
> message. Helo command rejected: Host not found;
Not surprisin
David Dolan skrev den 2022-12-01 16:23:
Has anybody come across this before and any idea how to resolve it?
32 ips with one single helo name ?
solution is 32 ips with not a single helo name
Hi All,
We have two customers who we're unable to receive email from.
It's failing the helo lookup as it can't resolve the hostname in the helo
message.
Helo command rejected: Host not found;
The postfix configuration for helo checks is as follows. It's failing on
reject_u
they do what you said, not what you meant. And
I don't know what you meant, because domain names appear in helo names,
envelope sender addressses, and message headers, and you failed to make
it clear where you observed these names. Failure to block the unwanted
traffic with helo restrictions
Greg Earle:
> On 25 Apr 2022, at 16:35, Wietse Venema wrote:
>
> > Greg Earle:
> >
> >> [root@isolar postfix]# grep smtpd_helo_ master.cf
> >
> > What is the output from:
> >
> > postconf -Px |grep check_helo_access
> >
> > I suspect that you made a mistake, such as configuring
> > the wrong S
On 25 Apr 2022, at 21:03, Viktor Dukhovni wrote:
On Mon, Apr 25, 2022 at 03:26:52PM -0700, Greg Earle wrote:
All of the sending hostnames are of the form
www-data@vNNN-NNN-NNN-NNN.*.static.cnode.io
That's not a hostname, it is an email address, and not clear whether
the
envelope sender or
On Mon, Apr 25, 2022 at 08:57:01PM -0700, Greg Earle wrote:
> [root@isolar tmp]# postconf -Px |grep check_helo_access
> submission/inet/mua_helo_restrictions = permit_mynetworks,
> reject_non_fqdn_hostname, reject_non_fqdn_sender,
> reject_non_fqdn_recipient, reject_invalid_hostname, check_helo_
On Mon, Apr 25, 2022 at 03:26:52PM -0700, Greg Earle wrote:
> All of the sending hostnames are of the form
>
> www-data@vNNN-NNN-NNN-NNN.*.static.cnode.io
That's not a hostname, it is an email address, and not clear whether the
envelope sender or the "From:" message header.
> For example, here
On 25 Apr 2022, at 16:35, Wietse Venema wrote:
Greg Earle:
[root@isolar postfix]# grep smtpd_helo_ master.cf
What is the output from:
postconf -Px |grep check_helo_access
I suspect that you made a mistake, such as configuring
the wrong SMTP service.
Hi Wietse,
It's (output split for
Greg Earle:
> [root@isolar postfix]# grep smtpd_helo_ master.cf
What is the output from:
postconf -Px |grep check_helo_access
I suspect that you made a mistake, such as configuring
the wrong SMTP service.
Wietse
I tried to implement a HELO regex block via
--
[root@isolar postfix]# grep smtpd_helo_ master.cf
-o smtpd_helo_required=yes
-o { smtpd_helo_restrictions= $mua_helo_restrictions }
-o smtpd_helo_required=yes
-o { smtpd_helo_restrictions= $mua_helo_restrictions }
[root@isolar post
On Mon, Mar 07, 2022 at 07:05:53PM -0500, Alex wrote:
> > Replace "reject_non_fqdn_helo_hostname" with:
> >
> > main.cf:
> > pcre = pcre:${config_directory}/
> >
> > # In the client, helo, sender or recipient restr
> > Mar 7 13:25:36 armor postfix-113/smtpd[4009829]: NOQUEUE: reject:
> > RCPT from unknown[173.213.231.144]: 504 5.5.2 : Helo command
> > rejected: need fully-qualified hostname; from=<>
> > to= proto=ESMTP helo=
> >
> > reject_non_fqdn
On Mon, Mar 07, 2022 at 03:31:43PM -0500, Alex wrote:
> Mar 7 13:25:36 armor postfix-113/smtpd[4009829]: NOQUEUE: reject:
> RCPT from unknown[173.213.231.144]: 504 5.5.2 : Helo command
> rejected: need fully-qualified hostname; from=<>
> to
Hi,
I have what appears to be a machine-generated email that's sending
with an invalid hostname and invalid helo hostname. In lieu of being
able to have the sender fix their broken email, I'd like to add
entries to bypass these checks for this specific host. I don't
otherwi
On 03.02.22 13:27, Adrian van Bloois wrote:
I reject unknown hosts through the EHLO restrictions.
But my fritzbox wants to sent me something withou a valid EHLO value.
Is there a whitelist I can put my fritx on accept?
you can enable connections from your fritz box by using check_client_access
Dnia 3.02.2022 o godz. 13:27:06 Adrian van Bloois pisze:
> I reject unknown hosts through the EHLO restrictions.
> But my fritzbox wants to sent me something withou a valid EHLO value.
> Is there a whitelist I can put my fritx on accept?
Isn't it better to whitelist it via IP address, for example
IMO you should not reject widely based on HELO. Too many false positives.
More a place for basic checks.
But you can catch that if you want in your files.
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated,
reject_invalid_helo_hostname, check_helo_access hash:/etc/postfix
Hi,
I reject unknown hosts through the EHLO restrictions.
But my fritzbox wants to sent me something withou a valid EHLO value.
Is there a whitelist I can put my fritx on accept?
Adrian
--
Adri P. van Bloois
"The greatest threat to our planet is the belief that someone
"Matus" == Matus UHLAR <- fantomas > writes:
Matus> funny, some time ago I found spamrats very unrealiable, junkemailfilter
Matus> realiability is imho on level of sorbs/uceprotect (scoring only)
On 22.12.21 12:43, Togan Muftuoglu wrote:
I am using selective blocklists like for postscreen sco
> "Matus" == Matus UHLAR <- fantomas > writes:
Matus> funny, some time ago I found spamrats very unrealiable, junkemailfilter
Matus> realiability is imho on level of sorbs/uceprotect (scoring only)
I am using selective blocklists like for postscreen scoring if they pass then
use of spamhaus D
"r" == raf writes:
r> On Tue, Dec 21, 2021 at 10:06:29AM -0500, post...@ptld.com wrote:
Spamhaus is just one company you can use, there are several others, I am
not making any claims or recommendations to them over any other. They do
allow free usage for low volume servers which is why i use
> "r" == raf writes:
r> On Tue, Dec 21, 2021 at 10:06:29AM -0500, post...@ptld.com wrote:
>> Spamhaus is just one company you can use, there are several others, I am
>> not making any claims or recommendations to them over any other. They do
>> allow free usage for low volume servers which i
# Jul 26 10:48:43 ook postfix/smtpd[23844]: NOQUEUE: reject: RCPT from
planeta-dsp.ru[212.41.22.11]: 554 5.7.1 Service unavailable; Client host
[212.41.22.11] blocked using dnsbl.sorbs.net; Currently Sending Spam See:
http://www.sorbs.net/lookup.shtml?212.41.22.11; from=
to= proto=ESMTP helo=
On 2021-12-21 15:38, White, Daniel E. (GSFC-770.0)[NICS] wrote:
How do I stop junk like…
HELO example.com
… without having to create a huge "check_helo_access" table ?
you should only prevent forged helo, not random helo
reject if myhostname is used in ehlo is safe, the othe
On 2021-12-21 at 09:38:23 UTC-0500 (Tue, 21 Dec 2021 14:38:23 +)
White, Daniel E. (GSFC-770.0)[NICS]
is rumored to have said:
How do I stop junk like…
HELO example.com
… without having to create a huge "check_helo_access" table ?
smtpd_{helo,sender,recipient,relay}_re
White, Daniel E. (GSFC-770.0)[NICS]:
> How do I stop junk like…
>
> HELO example.com
>
> … without having to create a huge "check_helo_access" table ?
(This is not a general answer but perhaps interesting still.)
SPF validation (RFC 7208) can also be applied to a H
> On 12-21-2021 9:38 am, White, Daniel E. (GSFC-770.0)[NICS] wrote:
> How do I stop junk like…
> HELO example.com
> … without having to create a huge "check_helo_access" table ?
In my opinion it would be better to focus on the client PTR than to worry about
HELO. I have s
How do I stop junk like…
HELO example.com
… without having to create a huge "check_helo_access" table ?
Dnia 3.12.2021 o godz. 09:14:23 Fourhundred Thecat pisze:
> I have strict helo checks:
>
> smtpd_helo_required = yes
> smtpd_helo_restrictions = reject_non_fqdn_helo_hostname,
>reject_invali
On Fri, Dec 03, 2021 at 11:08:52AM +0100, Jaroslaw Rafa
wrote:
> Dnia 3.12.2021 o godz. 09:14:23 Fourhundred Thecat pisze:
> > Hello,
> >
> > I have strict helo checks:
> >
> > smtpd_helo_required = yes
> > smtpd_helo_restr
>>>>> "JR" == Jaroslaw Rafa writes:
JR> Dnia 3.12.2021 o godz. 09:14:23 Fourhundred Thecat pisze:
>> Hello,
>>
>> I have strict helo checks:
>>
>> smtpd_helo_required = yes smtpd_helo_restrictions =
>> reject_non_fqdn_helo_hostnam
Dnia 3.12.2021 o godz. 09:14:23 Fourhundred Thecat pisze:
> Hello,
>
> I have strict helo checks:
>
> smtpd_helo_required = yes
> smtpd_helo_restrictions = reject_non_fqdn_helo_hostname,
> reject_
On 03.12.21 09:14, Fourhundred Thecat wrote:
I have strict helo checks:
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_non_fqdn_helo_hostname,
reject_invalid_helo_hostname,
reject_unknown_helo_hostname
should be
Fourhundred Thecat:
> Hello,
>
> I have strict helo checks:
>
> smtpd_helo_required = yes
> smtpd_helo_restrictions = reject_non_fqdn_helo_hostname,
> reject_invalid_helo_hostname,
> reject_unknown_helo_hostname
Anecdotal: I
Hello,
I have strict helo checks:
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_non_fqdn_helo_hostname,
reject_invalid_helo_hostname,
reject_unknown_helo_hostname
now I have noticed mails being rejected
nal Message-
From: Wietse Venema
Sent: Friday, June 11, 2021 9:53 AM
To: Apelin, Eulogio
Cc: postfix-users@postfix.org
Subject: Re: [NON-HA] Re: Need help with response to HELO, 502 5.5.2 Error
*** CAUTION: This email originated from outside the organization *** Do NOT
click links or o
(you DID look in the logs?) and will by default disable ESMTP and send HELO
instead of EHLO.
This default setting is:
smtp_pix_workarounds = disable_esmtp,delay_dotcrlf
You can configure that to not disable ESMTP, so that Postfix will send EHLO
instead:
smtp_pix_workarounds = delay_d
onnect and get a 220 *, There were no entries in the warning
file, postfix-warning.log.
This is logged in postfix-info.log (see below) when I connect from a client and
get a 200 *** banner, and type in helo myserver.com
Each of the 'vstream_buf_get_ready: fd 10 got 1' a
Apelin, Eulogio:
> This looks like the case. Some networks on prem going through the
> ASA encounter banner with *, will error out, while other
> networks on prem get the nicely formatted Banner (not through ASA)
> will work (helo servername). I am getting a list of vlans from
&g
response to HELO, 502 5.5.2 Error
*** CAUTION: This email originated from outside the organization ***
Do NOT click links or open attachments unless you recognize the sender and know
the content is safe.
Hey,
this looks like proxy protocol is enabled on the ELB, however it is not enabled
in postfix
This looks like the case. Some networks on prem going through the ASA
encounter banner with *, will error out, while other networks on prem get
the nicely formatted Banner (not through ASA) will work (helo servername). I
am getting a list of vlans from network team that identify all the
On 2021-06-10 12:02 a.m., post...@ptld.com wrote:
On 06-09-2021 11:45 pm, Apelin, Eulogio wrote:
They all come back with 502. 5.5.2 Error: command not recognized
I just tested it again using "ehlo myserver.com" in both upper and lower
case and both work. You have not shown any settings but i
1 - 100 of 564 matches
Mail list logo
