On 2024-02-27 at 16:39:54 UTC-0500 (Tue, 27 Feb 2024 13:39:54 -0800
(PST))
lists--- via Postfix-users
is rumored to have said:
I have a sender_checks file but I don't see that on the postfix.org
website. Is that a deprecated parameter?
The names of Postfix map files are up to you. Their usag
Wietse:
> Your mistake: you are trying to match a SENDER ADDRESS with
> check_CLIENT_access.
lists--- via Postfix-users:
> Well do I put the domain in sender_access or sender_checks?
What do you want to not block: the sender email domain? Then
use check_sender_access (note that is check_sender_
Well do I put the domain in sender_access or sender_checks?
It looks like sender_access with an OK since it acts on the FROK field.
https://www.postfix.org/postconf.5.html
I have a sender_checks file but I don't see that on the postfix.org website. Is
that a deprecated parameter?
Feb 27, 2024
Your mistake: you are trying to match a SENDER ADDRESS with
check_CLIENT_access.
Wietse
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
That should work. Thanks
https://www.postfix.org/access.5.html
Feb 24, 2024 8:05:00 AM Matus UHLAR - fantomas via Postfix-users
:
>>> On 24.02.24 00:49, lists--- via Postfix-users wrote:
I have set up rbl_override for the sender's domain.
> [...]
smtpd_recipient_restrictions =
>>> [..
On 24.02.24 07:43, lists--- via Postfix-users wrote:
https://www.dnswl.org/?page_id=15
I get your point but this is for a different blocking list. That is
spamcop and spamassassin have different blocking lists.
you can still use postscreen which supports multiple weighed block/allow
lists,
On 24.02.24 00:49, lists--- via Postfix-users wrote:
I have set up rbl_override for the sender's domain.
[...]
smtpd_recipient_restrictions =
[...]
check_client_access hash:/etc/postfix/rbl_override,
reject_rbl_client bl.spamcop.net,
check_policy_service unix:private/policy
Feb 24, 2024 6:
On 2024-02-24 at 10:43:36 UTC-0500 (Sat, 24 Feb 2024 07:43:36 -0800
(PST))
lists--- via Postfix-users
is rumored to have said:
https://www.dnswl.org/?page_id=15
I get your point but this is for a different blocking list. That is
spamcop and spamassassin have different blocking lists.
What
https://www.dnswl.org/?page_id=15
I get your point but this is for a different blocking list. That is spamcop and
spamassassin have different blocking lists.
What I really need is a way to make the rbl_override work for the domain name
that has been related.
I am going to review my logs and se
lists--- via Postfix-users skrev den 2024-02-24 09:49:
check_client_access hash:/etc/postfix/client_checks,
check_sender_access hash:/etc/postfix/sender_checks,
check_client_access hash:/etc/postfix/rbl_override,
reject_rbl_client bl.spamcop.net,
check_policy_service unix:private/polic
Sorry for the top post but I am using my phone.
The rbl_override file only contains domain names with "space OK". If I
whitelisted that IP address, I would be whitelisting a Microsoft address that I
assume has multiple users. Also that relay IP address isn't static.
Feb 24, 2024 6:03:54 AM Matu
On 24.02.24 00:49, lists--- via Postfix-users wrote:
I have set up rbl_override for the sender's domain. However it
occasionally gets blocked by spamcop. The user owns a domain but relays
the mail from outlook.
Here is the bounce message the user received:
Remote server returned '550 5.7.514
On Thu, Nov 24, 2022 at 02:48:48PM -0800, Doug Hardie wrote:
> Thanks to all for the assistance. It now works properly. I never
> found reject_unlisted_recipient as it only exists on
> https://www.postfix.com/SMTPD_ACCESS_README.html where it says it is
> on by default. The description above sh
On Nov 24, 2022, at 07:05, Matus UHLAR - fantomas wrote:
>
>
>>
>> Matus UHLAR - fantomas:
>
> Doug:
>
> There's implicit reject_unlisted_recipient at the end of rules when
> smtpd_reject_unlisted_recipient=on (default).
>
> However when this one hits, DNS queries were already sent.
>
> t
Matus UHLAR - fantomas:
reject_unlisted_recipient, of course:
http://www.postfix.org/postconf.5.html#reject_unlisted_recipient
reject_unlisted_recipient
Reject the request when the RCPT TO address is not listed in the list of
valid recipients for its domain class. See the
smtpd_reject
Matus UHLAR - fantomas:
> reject_unlisted_recipient, of course:
>
> http://www.postfix.org/postconf.5.html#reject_unlisted_recipient
>
> reject_unlisted_recipient
>Reject the request when the RCPT TO address is not listed in the list of
>valid recipients for its domain class. See the
>
Dnia 24.11.2022 o godz. 08:44:51 Matus UHLAR - fantomas pisze:
you should use reject_unverified_recipient instead of
reject_unverified_recipient, they have different use which is why
you get DNS lookups prior recipient being rejected.
On 24.11.22 11:34, Jaroslaw Rafa wrote:
Hm... "reject_unver
Dnia 24.11.2022 o godz. 08:44:51 Matus UHLAR - fantomas pisze:
>
> you should use reject_unverified_recipient instead of
> reject_unverified_recipient, they have different use which is why
> you get DNS lookups prior recipient being rejected.
Hm... "reject_unverified_recipient instead of reject_u
Thursday, November 24, 2022, 7:22:09 PM, Doug Hardie wrote:
>> On Nov 23, 2022, at 23:27, Phil Biggs wrote:
>>
>> Thursday, November 24, 2022, 5:24:12 PM, Doug Hardie wrote:
>>
>>
>>> I am trying with the postscreen dns lookup disabled. Here is the main.cf
>>> section:
>>
>>> # pos
> On Nov 23, 2022, at 23:27, Phil Biggs wrote:
>
> Thursday, November 24, 2022, 5:24:12 PM, Doug Hardie wrote:
>
>
>> I am trying with the postscreen dns lookup disabled. Here is the main.cf
>> section:
>
>> # postscreen spam filtering
>> postscreen_greet_action = enforce
>> #postscr
On 23.11.22 22:24, Doug Hardie wrote:
I am trying with the postscreen dns lookup disabled. Here is the main.cf
section:
# Incoming restrictions and Implement postfwd
incoming_smtpd_restrictions =
check_policy_service inet:127.0.0.1:10040,
reject_invalid_hostname,
r
Thursday, November 24, 2022, 5:24:12 PM, Doug Hardie wrote:
> I am trying with the postscreen dns lookup disabled. Here is the main.cf
> section:
> # postscreen spam filtering
> postscreen_greet_action = enforce
> #postscreen_dnsbl_action = enforce
> #postscreen_dnsbl_sites = bl.spamcop
> On Nov 23, 2022, at 4:49 AM, Matus UHLAR - fantomas wrote:
>
> On 23.11.22 01:58, Doug Hardie wrote:
>> I originally had incoming_smtpd_restrictions set to:
>>
>> reject_unverified_recipient
>> reject_rbl_client bl.spamcop.net,
>> reject_rbl_client dnsbl.sorbs.net,
>> r
On 2022-11-23 at 04:58:09 UTC-0500 (Wed, 23 Nov 2022 01:58:09 -0800)
Doug Hardie
is rumored to have said:
I originally had incoming_smtpd_restrictions set to:
reject_unverified_recipient
reject_rbl_client bl.spamcop.net,
reject_rbl_client dnsbl.sorbs.net,
reject_r
On 23.11.22 01:58, Doug Hardie wrote:
I originally had incoming_smtpd_restrictions set to:
reject_unverified_recipient
reject_rbl_client bl.spamcop.net,
reject_rbl_client dnsbl.sorbs.net,
reject_rbl_client zen.spamhaus.org,
permit
Later I added postscreen and co
Just FYI, GMail marked this mail as spam.
Demi
OpenPGP_0xB288B55FFF9C22C1.asc
Description: application/pgp-keys
OpenPGP_signature
Description: OpenPGP digital signature
On 16/10/2020 22:04, David Wells wrote:
I have a postfix-3.3.2 installation (installed from source on
slackware 14.2 from the slackbuilds package) that does rbl checks in
the smtpd_recipient_restrictions section. I have been seeing an
increasing amount of spam coming in so I added more reject_r
On Fri, Oct 16, 2020 at 06:04:20PM -0300, David Wells wrote:
> > smtpd_recipient_restrictions =
> > permit_mynetworks, permit_sasl_authenticated,
> > check_sender_access hash:/etc/postfix/sender_access,
> > check_recipient_access hash:/etc/postfix/protected_destinations,
> > check_
David Wells:
> Hi!
>
> I have a postfix-3.3.2 installation (installed from source on slackware
> 14.2 from the slackbuilds package) that does rbl checks in the
> smtpd_recipient_restrictions section. I have been seeing an increasing
> amount of spam coming in so I added more reject_rbl_client i
On 31 January 2017 at 16:48, Roberto Fulgado wrote:
> Hi Dominic,
>
> Thanks for the reply. I think I got it to work the way I want it by using
> check_sender_access instead of check_client_access in the
> smtpd_recipient_restrictions section. Your suggestion got me
> looking closely at different
Hi Dominic,
Thanks for the reply. I think I got it to work the way I want it by using
check_sender_access instead of check_client_access in the
smtpd_recipient_restrictions section. Your suggestion got me
looking closely at different restrictions. I also found this postifx
restrictions howto:
htt
On 27 January 2017 at 23:47, Roberto Fulgado wrote:
> Hi All,
>
> First of all I wanted to let you know that I just recently started using
> postfix as our
> mail server. We've been using sendmail for a long time. I have a question on
> RBL
> whitelisting. I have done internet search on how to do
* Ralf Hildebrandt :
> * li...@lazygranch.com :
> > body { font-family: "Calibri","Slate
> > Pro",sans-serif,"sans-serif"; color:#262626 } > lang="en-US">I've got this
> > RBLhttps://spamrl.com/ ;that claims my server is
> > doing a dictionary search. I see nothing in the maillog. I have ch
* li...@lazygranch.com :
> body { font-family: "Calibri","Slate
> Pro",sans-serif,"sans-serif"; color:#262626 } lang="en-US">I've got this
> RBLhttps://spamrl.com/ ;that claims my server is
> doing a dictionary search. I see nothing in the maillog. I have checked for
> an open relay using
On Fri, Feb 19, 2016 at 01:18:20PM -0600, Noel Jones wrote:
> On 2/19/2016 1:11 PM, Ruben Safir wrote:
> > Can aanyone clarify what this means? it is happing a lot on my mail server
> >
> > Feb 19 14:09:31 www postfix/smtpd[6978]: warning:
> > 70.14.214.162.list.dsbl.org: RBL lookup error: Host
On 2/19/2016 1:11 PM, Ruben Safir wrote:
> Can aanyone clarify what this means? it is happing a lot on my mail server
>
> Feb 19 14:09:31 www postfix/smtpd[6978]: warning:
> 70.14.214.162.list.dsbl.org: RBL lookup error: Host or domain name not found.
> Name service error for name=70.14.214.162
On Mon, Jul 21, 2014 at 5:51 PM, Noel Jones wrote:
> On 7/21/2014 10:34 AM, Thijssen wrote:
>> smtpd_recipient_restrictions =
>> reject_invalid_hostname,
>> reject_unknown_recipient_domain,
>> reject_unauth_pipelining,
>> permit_mynetworks,
>> permit_sasl_authenticated,
>>
On 7/21/2014 10:34 AM, Thijssen wrote:
> One server I maintain receives huge amounts of spam. In my ongoing
> attempts at killing as many spam-mails as possible, among others I've
> been using dns blacklists under the reject_rbl_client option umbrella.
> For years this worked really well, combined
On Mon, Dec 17, 2012 at 04:01:58PM +0100, Miha Valencic wrote:
> We're using postfix 2.7, so postscreen is out.
Actually not. You could build 2.8 and bring in the postscreen and
dnsblog executables and master.cf configuration; this should work
according to:
http://www.postfix.org/announcements/
On Mon, Dec 17, 2012 at 7:13 PM, Noel Jones wrote:
> postfwd does rate limiting, and many other features. Maybe you can
> consolidate everything into postfwd.
We'll take a deeper look at postfwd for that.
> Additionally, rate limiting is typically done on outgoing mail,
True. But there are som
On 12/17/2012 10:52 AM, Miha Valencic wrote:
> So, since we need some features of policyd as well (rate limiting, for
> instance), and we're already using amavis, do we chain postfwd before
> policyd or vice-versa?
>
> Thanks,
> Miha.
postfwd does rate limiting, and many other features. Maybe
So, since we need some features of policyd as well (rate limiting, for
instance), and we're already using amavis, do we chain postfwd before
policyd or vice-versa?
Thanks,
Miha.
On Mon, Dec 17, 2012 at 4:47 PM, Henrik K wrote:
> Policyd-weight is deprecated and doesn't even have async DNS looku
On Mon, Dec 17, 2012 at 04:39:36PM +0100, Benny Pedersen wrote:
> Miha Valencic skrev den 17-12-2012 14:40:
>
> >Is it possible to add-up scores from different RBL's and reject the
> >incoming message after a certain threshold?
>
> sounds like policyd-weight
>
> >For instance, we have a number
Miha Valencic skrev den 17-12-2012 14:40:
Is it possible to add-up scores from different RBL's and reject the
incoming message after a certain threshold?
sounds like policyd-weight
For instance, we have a number of RBLs configured and would like to
reject email only after a couple of RBLs fa
Wietse, Noel,
thanks for the prompt answers. I've been already looking at postscreen
and postfwd, but wandered if there something in the postfix
*_restrictions as well. We're using postfix 2.7, so postscreen is out.
We're looking into implementing policyd anyway, so that's probably a
good place.
On 12/17/2012 7:40 AM, Miha Valencic wrote:
> Hi!
>
> Is it possible to add-up scores from different RBL's and reject the
> incoming message after a certain threshold?
>
> For instance, we have a number of RBLs configured and would like to
> reject email only after a couple of RBLs fail verificat
Miha Valencic:
> Hi!
>
> Is it possible to add-up scores from different RBL's and reject the
> incoming message after a certain threshold?
Only with postscreen(8). This will not be implemented in
smtpd_mumble_restrictions.
http://www.postfix.org/POSTSCREEN_README.html
http://www.postfix.org/post
On Aug 22, 2012, at 15:47, /dev/rob0 wrote:
> Google Public DNS seems to look up records again before the TTL
> expires in their cache, so you are indeed likely to see a slight
> improvement in your DNS response time without the doubling of your
> external queries, when using their service. But
[ /dev/rob0 wrote on Wed 22.Aug'12 at 8:47:06 -0500 ]
> On Wed, Aug 22, 2012 at 01:23:12PM +0530, DN Singh wrote:
> > I never realized that I had this issue too. But, after running
> > the tests, I found out that my queries were indeed blocked by
> > spamhaus.
> >
> > So, I changed the servers a
/dev/rob0:
> Google Public DNS seems to look up records again before the TTL
> expires in their cache, so you are indeed likely to see a slight
There is an article that shows that different resolvers report
TTL values in different ways.
Begin quote:
For a record initially served with a TTL eq
On Wed, Aug 22, 2012 at 01:23:12PM +0530, DN Singh wrote:
> I never realized that I had this issue too. But, after running
> the tests, I found out that my queries were indeed blocked by
> spamhaus.
>
> So, I changed the servers as pointed out and bingo, spam was
> successfully being blocked.
>
On Tue, Aug 21, 2012 at 7:52 PM, /dev/rob0 wrote:
> On Tue, Aug 21, 2012 at 09:03:47AM -0500,
>Alfonso Alejandro Reyes Jiménez wrote:
> > I've postfix working great but I cant make the rbl works, I have
> > the configuration but when I test the configuration it seems not
> > to be working.
>
On 8/21/12 11:23 AM, Benny Pedersen wrote:
Den 2012-08-21 17:02, Alfonso Alejandro Reyes Jiménez skrev:
Thanks as I was telling I have one, but I think the issue is with the
forwarding it's been made to a public dns server. Should I change it
to a particular one? (ex spamhaus)
no just remove
Den 2012-08-21 17:02, Alfonso Alejandro Reyes Jiménez skrev:
Thanks as I was telling I have one, but I think the issue is with the
forwarding it's been made to a public dns server. Should I change it
to a particular one? (ex spamhaus)
no just remove ALL forwarding !
Den 2012-08-21 16:53, Alfonso Alejandro Reyes Jiménez skrev:
[root@mail ~]# host 107.178.203.192.zen.spamhaus.org
Host 107.178.203.192.zen.spamhaus.org not found: 3(NXDOMAIN)
[root@mail ~]#
dig +trace 107.178.203.192.zen.spamhaus.org
where does it fail ?
then contact the nameservers that rej
On Tue, Aug 21, 2012 at 10:06:34AM -0500, I wrote:
> That was my guess. Now it seems to be confirmed. Remove the
> forwarders from named.conf(5), ensure that recursion is allowed at
> least for "localhost"[1], "rndc reload", test again. If the test
> fails again, you might have to flush the cach
On 8/21/12 10:06 AM, /dev/rob0 wrote:
On Tue, Aug 21, 2012 at 09:45:50AM -0500,
Alfonso Alejandro Reyes Jiménez wrote:
Thanks for the tip but I have bind running and it seems not to be
allowed to make queries to spamhaus:
[root@mail ~]# dig 2.0.0.127.zen.spamhaus.org any
;<<>> DiG 9.8.2rc
Zitat von Alfonso Alejandro Reyes Jiménez :
On 8/21/12 9:57 AM, Ralf Hildebrandt wrote:
* Alfonso Alejandro Reyes Jiménez:
Thanks it seems to be an issue with spamhaus, here's the result:
[root@mail ~]# host 107.178.203.192.zen.spamhaus.org
Host 107.178.203.192.zen.spamhaus.org not found: 3
On Tue, Aug 21, 2012 at 09:45:50AM -0500,
Alfonso Alejandro Reyes Jiménez wrote:
> Thanks for the tip but I have bind running and it seems not to be
> allowed to make queries to spamhaus:
>
> [root@mail ~]# dig 2.0.0.127.zen.spamhaus.org any
>
> ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.
On 8/21/2012 11:02 AM, Alfonso Alejandro Reyes Jiménez wrote:
>
> On 8/21/12 9:57 AM, Ralf Hildebrandt wrote:
>> * Alfonso Alejandro Reyes Jiménez:
>>
>>> Thanks it seems to be an issue with spamhaus, here's the result:
>>>
>>> [root@mail ~]# host 107.178.203.192.zen.spamhaus.org
>>> Host 107.178.2
* Alfonso Alejandro Reyes Jiménez :
> Thanks as I was telling I have one, but I think the issue is with the
> forwarding
Yes. Why are you forwarding at all? Simply let you DNS recurse & cache.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
On 8/21/12 9:57 AM, Ralf Hildebrandt wrote:
* Alfonso Alejandro Reyes Jiménez:
Thanks it seems to be an issue with spamhaus, here's the result:
[root@mail ~]# host 107.178.203.192.zen.spamhaus.org
Host 107.178.203.192.zen.spamhaus.org not found: 3(NXDOMAIN)
[root@mail ~]#
Use a proper DNS se
* Alfonso Alejandro Reyes Jiménez :
> Thanks it seems to be an issue with spamhaus, here's the result:
>
> [root@mail ~]# host 107.178.203.192.zen.spamhaus.org
> Host 107.178.203.192.zen.spamhaus.org not found: 3(NXDOMAIN)
> [root@mail ~]#
Use a proper DNS server (like somebody on this thread al
On 8/21/12 9:46 AM, Ralf Hildebrandt wrote:
* Alfonso Alejandro Reyes Jiménez:
The IP that's testing my mail server is 192.203.178.107, I used the
spamhaus lookup tool to confirm that the IP was listed.
192.203.178.107 is indeed listed.
$ host 107.178.203.192.zen.spamhaus.org
107.178.203.192
On 8/21/12 9:25 AM, Brian Evans - Postfix List wrote:
On 8/21/2012 10:03 AM, Alfonso Alejandro Reyes Jiménez wrote:
Hi everyone.
I've postfix working great but I cant make the rbl works, I have the
configuration but when I test the configuration it seems not to be
working.
I'm testing with htt
* Alfonso Alejandro Reyes Jiménez :
> The IP that's testing my mail server is 192.203.178.107, I used the
> spamhaus lookup tool to confirm that the IP was listed.
192.203.178.107 is indeed listed.
$ host 107.178.203.192.zen.spamhaus.org
107.178.203.192.zen.spamhaus.org has address 127.0.0.2
t
On Tue, Aug 21, 2012 at 09:03:47AM -0500, Alfonso Alejandro Reyes
Jiménez wrote:
I've postfix working great but I cant make the rbl works, I have
the configuration but when I test the configuration it seems not
to be working.
I'm testing with http://www.crynwr.com/spam/ Spamhaus has that ip
addr
On 8/21/12 9:20 AM, Ralf Hildebrandt wrote:
* Alfonso Alejandro Reyes Jiménez:
Hi everyone.
I've postfix working great but I cant make the rbl works, I have the
configuration but when I test the configuration it seems not to be
working.
Logs?
I'm testing with http://www.crynwr.com/spam/ Spam
On 8/21/2012 10:03 AM, Alfonso Alejandro Reyes Jiménez wrote:
> Hi everyone.
>
> I've postfix working great but I cant make the rbl works, I have the
> configuration but when I test the configuration it seems not to be
> working.
>
> I'm testing with http://www.crynwr.com/spam/ Spamhaus has that ip
On Tue, Aug 21, 2012 at 09:03:47AM -0500,
Alfonso Alejandro Reyes Jiménez wrote:
> I've postfix working great but I cant make the rbl works, I have
> the configuration but when I test the configuration it seems not
> to be working.
>
> I'm testing with http://www.crynwr.com/spam/ Spamhaus has
* Alfonso Alejandro Reyes Jiménez :
> Hi everyone.
>
> I've postfix working great but I cant make the rbl works, I have the
> configuration but when I test the configuration it seems not to be
> working.
Logs?
> I'm testing with http://www.crynwr.com/spam/ Spamhaus has that ip
> address listed
lst_ho...@kwsoft.de:
> Hello
>
> we are in progress to get IPv6 working and i like to know how DNSBL
> lookups are handeled by postfix if at all. The only thing i found so
> far is the statement in http://www.postfix.org/IPV6_README.html that
> DNSBL is not supported at the moment and the en
On Fri, Nov 05, 2010 at 09:11:39AM -0500, Stan Hoeppner wrote:
> Henrik K put forth on 11/5/2010 2:49 AM:
>
> > Did you happen to notice the absolutely generic expressions in the SA file,
> > unlike your file which mostly lists specific domains?
>
> The bulk of them are specific to a given ISP.
Henrik K put forth on 11/5/2010 2:49 AM:
> Did you happen to notice the absolutely generic expressions in the SA file,
> unlike your file which mostly lists specific domains?
The bulk of them are specific to a given ISP. I saw a half dozen that
are generic.
> Not that I don't agree the whole SA
On Fri, Nov 05, 2010 at 02:01:19AM -0500, Stan Hoeppner wrote:
> Michael Orlitzky put forth on 11/5/2010 1:39 AM:
> > On 11/05/10 00:11, Stan Hoeppner wrote:
> >> Michael Orlitzky put forth on 11/4/2010 8:06 PM:
> >>> On 11/04/2010 12:39 AM, Stan Hoeppner wrote:
> Ned Slider put forth on 11/3/
On 11/05/10 03:01, Stan Hoeppner wrote:
>>
>> http://svn.apache.org/repos/asf/spamassassin/rules/branches/3.2/20_dynrdns.cf
>
> Did you happen to notice the absolutely tiny number of expressions in
> the SA file, as compared to the ~1600 in the file whose use I promote
> here? Maybe I should get
Michael Orlitzky put forth on 11/5/2010 1:39 AM:
> On 11/05/10 00:11, Stan Hoeppner wrote:
>> Michael Orlitzky put forth on 11/4/2010 8:06 PM:
>>> On 11/04/2010 12:39 AM, Stan Hoeppner wrote:
Ned Slider put forth on 11/3/2010 6:33 PM:
> My other thought was to simply comment (or docum
On 11/05/10 00:11, Stan Hoeppner wrote:
> Michael Orlitzky put forth on 11/4/2010 8:06 PM:
>> On 11/04/2010 12:39 AM, Stan Hoeppner wrote:
>>> Ned Slider put forth on 11/3/2010 6:33 PM:
>>>
My other thought was to simply comment (or document) ranges known to
contain FPs and then the user
Michael Orlitzky put forth on 11/4/2010 8:06 PM:
> On 11/04/2010 12:39 AM, Stan Hoeppner wrote:
>> Ned Slider put forth on 11/3/2010 6:33 PM:
>>
>>> My other thought was to simply comment (or document) ranges known to
>>> contain FPs and then the user can make a judgement call whether they
>>> want
On 11/04/2010 12:39 AM, Stan Hoeppner wrote:
> Ned Slider put forth on 11/3/2010 6:33 PM:
>
>> My other thought was to simply comment (or document) ranges known to
>> contain FPs and then the user can make a judgement call whether they
>> want to comment out that particular regex based on their ci
Ned Slider put forth on 11/3/2010 6:33 PM:
> My other thought was to simply comment (or document) ranges known to
> contain FPs and then the user can make a judgement call whether they
> want to comment out that particular regex based on their circumstances.
> Not a very elegant solution.
I'm sta
I was able to accomplish that as well using fail2ban and some custom
regex rules for it. It can be setup to use iptables or /etc/hosts.deny
http://www.fail2ban.org/
One of my favorite anti spam measures is auto add repeat RBL hits, no PTR
hits, etc. to system firewall.
Here are a few entire network permanent firewall blocks for example as well.
ARIN--Level3-Sendlabs-DynDNS.org___-CIDR[63.209.253.224/27]
ARIN--Level3-Sendlabs-DynDNS.org___-CIDR[63.211.192.12
Hi Jack,
- "Jack" wrote:
> Hello All,
>
>
>
> I'm just checking all my spam settings on my postfix servers and I
> wanted to
> know if anyone is using any newer RBL's than below?
>
> (which have a low false positive rate)
My opinion is of course biased since we run Mailspike IP reputat
> -Original Message-
> From: owner-postfix-us...@postfix.org [mailto:owner-postfix-
> us...@postfix.org] On Behalf Of Stan Hoeppner
> Sent: Wednesday, November 03, 2010 8:05 PM
> To: postfix-users@postfix.org
> Subject: Re: RBL Spam question
>
> Charles Marcus
On 03/11/10 21:54, Stan Hoeppner wrote:
Ned Slider put forth on 11/3/2010 3:11 PM:
Stan, and others who are using this file - have any of you looked at the
overlap with greylisting? I would imaging that the vast majority of
clients with dynamic/generic rDNS would be spambots and as such I would
Ned Slider put forth on 11/3/2010 3:11 PM:
> Stan, and others who are using this file - have any of you looked at the
> overlap with greylisting? I would imaging that the vast majority of
> clients with dynamic/generic rDNS would be spambots and as such I would
> expect greylisting to block the va
On 03/11/10 19:04, Stan Hoeppner wrote:
Charles Marcus put forth on 11/3/2010 8:49 AM:
On 2010-11-02 10:07 PM, Stan Hoeppner wrote:
...
check_client_access pcre:/etc/postfix/fqrdns.pcre
...
I keep meaning to say/ask - thanks for this - and do you update this
frequently
Charles Marcus put forth on 11/3/2010 8:49 AM:
> On 2010-11-02 10:07 PM, Stan Hoeppner wrote:
>> Last, but not least important by any means (understatement), you may
>> wish to try out:
>> http://www.hardwarefreak.com/fqrdns.pcre
>>
>> Implement this as:
>>
>> smtpd_recipient_restrictions
>> p
On 2010-11-02 10:07 PM, Stan Hoeppner wrote:
> Last, but not least important by any means (understatement), you may
> wish to try out:
> http://www.hardwarefreak.com/fqrdns.pcre
>
> Implement this as:
>
> smtpd_recipient_restrictions
> permit_mynetworks
> permit_sasl_authenticated
>
Jack put forth on 11/2/2010 3:56 PM:
> I'm just checking all my spam settings on my postfix servers and I wanted to
> know if anyone is using any newer RBL's than below?
>
> (which have a low false positive rate)
Low FP noted, FSVO "low FP".
>reject_rbl_client zen.spamhaus.org,
>reject_
* Michael Orlitzky :
> How much use do you get out of bogons.cymru.com at the SMTP stage? I was
> considering it once, and talked myself out of it with flowcharts or
> something.
Almost none. I use it for internal clients.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité
* Alex :
> Hi,
>
> >> I'm using zen.spamhaus.org in postscreen and,
>
> Where can I find information on postscreen?
On this mailinglist? In the archives?
> >> reject_rbl_client bl.spamcop.net
> >> reject_rbl_client bogons.cymru.com
>
> I would also be interested in in
Alex put forth on 4/10/2010 7:28 PM:
>> smtpd_recipient_restrictions =
>>...
>>reject_rbl_client zen.spamhaus.org
>>reject_rhsbl_client dbl.spamhaus.org
>>reject_rhsbl_sender dbl.spamhaus.org
>>reject_rhsbl_helo dbl.spamhaus.org
>
> I'm familiar with ze
Noel Jones put forth on 4/10/2010 8:16 PM:
> On 4/10/2010 5:49 PM, Stan Hoeppner wrote:
>> smtpd_recipient_restrictions =
>> ...
>> check_client_access regexp:/etc/postfix/fqrdns.regexp
>> ...
>
>
> You'll probably get more hits using
> check_reverse_client_hostname_access. That
On 4/10/2010 5:49 PM, Stan Hoeppner wrote:
I reject most spam via other methods, mostly pcre/regex and cidr tables. My
dnsbl queries reject less than 1% of my spam load. Plug the following
dynamic/generic rdns regex table into your Postfix configuration and see if
it catches some spam for you.
On Sat, 10 Apr 2010, Alex wrote:
> >> I'm using zen.spamhaus.org in postscreen and,
>
> Where can I find information on postscreen?
postscreen(8) is part of the 2.8 experimental release:
http://www.postfix.org/postscreen.8.html
--
Sahil Tandon
Hi,
>> I'm using zen.spamhaus.org in postscreen and,
Where can I find information on postscreen?
>> reject_rbl_client bl.spamcop.net
>> reject_rbl_client bogons.cymru.com
I would also be interested in info on using the bogons list here. How
does that apply here, consid
On 04/10/2010 03:21 AM, Ralf Hildebrandt wrote:
>
> I'm using zen.spamhaus.org in postscreen and,
>
>reject_rbl_client bl.spamcop.net
>reject_rbl_client bogons.cymru.com
>reject_rhsbl_sender dbl.spamhaus.org
>reject_rhsbl_reverse_client dbl.spamhaus.org
On Sat, Apr 10, 2010 at 8:10 PM, Stan Hoeppner wrote:
>
> Except these aren't fully qualified patterns, can generate FPs, and cause
> other problems. The patterns I shared are fully qualified, so the chance of
> FPs is zero or near zero. Also note the domain specific reject text in my
> patterns
1 - 100 of 230 matches
Mail list logo