[pfx] Re: rbl bounces email that has both rbl_override and client_checks whitelisting

2024-02-28 Thread Bill Cole via Postfix-users
On 2024-02-27 at 16:39:54 UTC-0500 (Tue, 27 Feb 2024 13:39:54 -0800 (PST)) lists--- via Postfix-users is rumored to have said: I have a sender_checks file but I don't see that on the postfix.org website. Is that a deprecated parameter? The names of Postfix map files are up to you. Their usag

[pfx] Re: rbl bounces email that has both rbl_override and client_checks whitelisting

2024-02-27 Thread Wietse Venema via Postfix-users
Wietse: > Your mistake: you are trying to match a SENDER ADDRESS with > check_CLIENT_access. lists--- via Postfix-users: > Well do I put the domain in sender_access or sender_checks? What do you want to not block: the sender email domain? Then use check_sender_access (note that is check_sender_

[pfx] Re: rbl bounces email that has both rbl_override and client_checks whitelisting

2024-02-27 Thread lists--- via Postfix-users
Well do I put the domain in sender_access or sender_checks? It looks like sender_access with an OK since it acts on the FROK field. https://www.postfix.org/postconf.5.html I have a sender_checks file but I don't see that on the postfix.org website. Is that a deprecated parameter? Feb 27, 2024

[pfx] Re: rbl bounces email that has both rbl_override and client_checks whitelisting

2024-02-27 Thread Wietse Venema via Postfix-users
Your mistake: you are trying to match a SENDER ADDRESS with check_CLIENT_access. Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org

[pfx] Re: rbl override doesn't work perhaps due to sender using relay

2024-02-24 Thread lists--- via Postfix-users
That should work. Thanks https://www.postfix.org/access.5.html Feb 24, 2024 8:05:00 AM Matus UHLAR - fantomas via Postfix-users : >>> On 24.02.24 00:49, lists--- via Postfix-users wrote: I have set up rbl_override for the sender's domain. > [...] smtpd_recipient_restrictions = >>> [..

[pfx] Re: rbl override doesn't work perhaps due to sender using relay

2024-02-24 Thread Matus UHLAR - fantomas via Postfix-users
On 24.02.24 07:43, lists--- via Postfix-users wrote: https://www.dnswl.org/?page_id=15 I get your point but this is for a different blocking list. That is spamcop and spamassassin have different blocking lists. you can still use postscreen which supports multiple weighed block/allow lists,

[pfx] Re: rbl override doesn't work perhaps due to sender using relay

2024-02-24 Thread Matus UHLAR - fantomas via Postfix-users
On 24.02.24 00:49, lists--- via Postfix-users wrote: I have set up rbl_override for the sender's domain. [...] smtpd_recipient_restrictions = [...] check_client_access hash:/etc/postfix/rbl_override, reject_rbl_client bl.spamcop.net, check_policy_service unix:private/policy Feb 24, 2024 6:

[pfx] Re: rbl override doesn't work perhaps due to sender using relay

2024-02-24 Thread Bill Cole via Postfix-users
On 2024-02-24 at 10:43:36 UTC-0500 (Sat, 24 Feb 2024 07:43:36 -0800 (PST)) lists--- via Postfix-users is rumored to have said: https://www.dnswl.org/?page_id=15 I get your point but this is for a different blocking list. That is spamcop and spamassassin have different blocking lists. What

[pfx] Re: rbl override doesn't work perhaps due to sender using relay

2024-02-24 Thread lists--- via Postfix-users
https://www.dnswl.org/?page_id=15 I get your point but this is for a different blocking list. That is spamcop and spamassassin have different blocking lists. What I really need is a way to make the rbl_override work for the domain name that has been related. I am going to review my logs and se

[pfx] Re: rbl override doesn't work perhaps due to sender using relay

2024-02-24 Thread Benny Pedersen via Postfix-users
lists--- via Postfix-users skrev den 2024-02-24 09:49: check_client_access hash:/etc/postfix/client_checks, check_sender_access hash:/etc/postfix/sender_checks, check_client_access hash:/etc/postfix/rbl_override, reject_rbl_client bl.spamcop.net, check_policy_service unix:private/polic

[pfx] Re: rbl override doesn't work perhaps due to sender using relay

2024-02-24 Thread lists--- via Postfix-users
Sorry for the top post but I am using my phone. The rbl_override file only contains domain names with "space OK". If I whitelisted that IP address, I would be whitelisting a Microsoft address that I assume has multiple users. Also that relay IP address isn't static. Feb 24, 2024 6:03:54 AM Matu

[pfx] Re: rbl override doesn't work perhaps due to sender using relay

2024-02-24 Thread Matus UHLAR - fantomas via Postfix-users
On 24.02.24 00:49, lists--- via Postfix-users wrote: I have set up rbl_override for the sender's domain. However it occasionally gets blocked by spamcop. The user owns a domain but relays the mail from outlook. Here is the bounce message the user received: Remote server returned '550 5.7.514

Re: RBL timing

2022-11-24 Thread Viktor Dukhovni
On Thu, Nov 24, 2022 at 02:48:48PM -0800, Doug Hardie wrote: > Thanks to all for the assistance. It now works properly. I never > found reject_unlisted_recipient as it only exists on > https://www.postfix.com/SMTPD_ACCESS_README.html where it says it is > on by default. The description above sh

Re: RBL timing

2022-11-24 Thread Doug Hardie
On Nov 24, 2022, at 07:05, Matus UHLAR - fantomas wrote: > >  >> >> Matus UHLAR - fantomas: > > Doug: > > There's implicit reject_unlisted_recipient at the end of rules when > smtpd_reject_unlisted_recipient=on (default). > > However when this one hits, DNS queries were already sent. > > t

Re: RBL timing

2022-11-24 Thread Matus UHLAR - fantomas
Matus UHLAR - fantomas: reject_unlisted_recipient, of course: http://www.postfix.org/postconf.5.html#reject_unlisted_recipient reject_unlisted_recipient Reject the request when the RCPT TO address is not listed in the list of valid recipients for its domain class. See the smtpd_reject

Re: RBL timing

2022-11-24 Thread Wietse Venema
Matus UHLAR - fantomas: > reject_unlisted_recipient, of course: > > http://www.postfix.org/postconf.5.html#reject_unlisted_recipient > > reject_unlisted_recipient >Reject the request when the RCPT TO address is not listed in the list of >valid recipients for its domain class. See the >

Re: RBL timing

2022-11-24 Thread Matus UHLAR - fantomas
Dnia 24.11.2022 o godz. 08:44:51 Matus UHLAR - fantomas pisze: you should use reject_unverified_recipient instead of reject_unverified_recipient, they have different use which is why you get DNS lookups prior recipient being rejected. On 24.11.22 11:34, Jaroslaw Rafa wrote: Hm... "reject_unver

Re: RBL timing

2022-11-24 Thread Jaroslaw Rafa
Dnia 24.11.2022 o godz. 08:44:51 Matus UHLAR - fantomas pisze: > > you should use reject_unverified_recipient instead of > reject_unverified_recipient, they have different use which is why > you get DNS lookups prior recipient being rejected. Hm... "reject_unverified_recipient instead of reject_u

Re: RBL timing

2022-11-24 Thread Phil Biggs
Thursday, November 24, 2022, 7:22:09 PM, Doug Hardie wrote: >> On Nov 23, 2022, at 23:27, Phil Biggs wrote: >> >> Thursday, November 24, 2022, 5:24:12 PM, Doug Hardie wrote: >> >> >>> I am trying with the postscreen dns lookup disabled. Here is the main.cf >>> section: >> >>> # pos

Re: RBL timing

2022-11-24 Thread Doug Hardie
> On Nov 23, 2022, at 23:27, Phil Biggs wrote: > > Thursday, November 24, 2022, 5:24:12 PM, Doug Hardie wrote: > > >> I am trying with the postscreen dns lookup disabled. Here is the main.cf >> section: > >> # postscreen spam filtering >> postscreen_greet_action = enforce >> #postscr

Re: RBL timing

2022-11-23 Thread Matus UHLAR - fantomas
On 23.11.22 22:24, Doug Hardie wrote: I am trying with the postscreen dns lookup disabled. Here is the main.cf section: # Incoming restrictions and Implement postfwd incoming_smtpd_restrictions = check_policy_service inet:127.0.0.1:10040, reject_invalid_hostname, r

Re: RBL timing

2022-11-23 Thread Phil Biggs
Thursday, November 24, 2022, 5:24:12 PM, Doug Hardie wrote: > I am trying with the postscreen dns lookup disabled. Here is the main.cf > section: > # postscreen spam filtering > postscreen_greet_action = enforce > #postscreen_dnsbl_action = enforce > #postscreen_dnsbl_sites = bl.spamcop

Re: RBL timing

2022-11-23 Thread Doug Hardie
> On Nov 23, 2022, at 4:49 AM, Matus UHLAR - fantomas wrote: > > On 23.11.22 01:58, Doug Hardie wrote: >> I originally had incoming_smtpd_restrictions set to: >> >> reject_unverified_recipient >> reject_rbl_client bl.spamcop.net, >> reject_rbl_client dnsbl.sorbs.net, >> r

Re: RBL timing

2022-11-23 Thread Bill Cole
On 2022-11-23 at 04:58:09 UTC-0500 (Wed, 23 Nov 2022 01:58:09 -0800) Doug Hardie is rumored to have said: I originally had incoming_smtpd_restrictions set to: reject_unverified_recipient reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net, reject_r

Re: RBL timing

2022-11-23 Thread Matus UHLAR - fantomas
On 23.11.22 01:58, Doug Hardie wrote: I originally had incoming_smtpd_restrictions set to: reject_unverified_recipient reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client zen.spamhaus.org, permit Later I added postscreen and co

Re: rbl check debug

2020-10-17 Thread Demi M. Obenour
Just FYI, GMail marked this mail as spam. Demi OpenPGP_0xB288B55FFF9C22C1.asc Description: application/pgp-keys OpenPGP_signature Description: OpenPGP digital signature

Re: rbl check debug

2020-10-16 Thread Dominic Raferd
On 16/10/2020 22:04, David Wells wrote: I have a postfix-3.3.2 installation (installed from source on slackware 14.2 from the slackbuilds package) that does rbl checks in the smtpd_recipient_restrictions section. I have been seeing an increasing amount of spam coming in so I added more reject_r

Re: rbl check debug

2020-10-16 Thread Viktor Dukhovni
On Fri, Oct 16, 2020 at 06:04:20PM -0300, David Wells wrote: > > smtpd_recipient_restrictions = > > permit_mynetworks, permit_sasl_authenticated, > > check_sender_access hash:/etc/postfix/sender_access, > > check_recipient_access hash:/etc/postfix/protected_destinations, > > check_

Re: rbl check debug

2020-10-16 Thread Wietse Venema
David Wells: > Hi! > > I have a postfix-3.3.2 installation (installed from source on slackware > 14.2 from the slackbuilds package) that does rbl checks in the > smtpd_recipient_restrictions section. I have been seeing an increasing > amount of spam coming in so I added more reject_rbl_client i

Re: RBL Whitelisting

2017-01-31 Thread Dominic Raferd
On 31 January 2017 at 16:48, Roberto Fulgado wrote: > Hi Dominic, > > Thanks for the reply. I think I got it to work the way I want it by using > check_sender_access instead of check_client_access in the > smtpd_recipient_restrictions section. Your suggestion got me > looking closely at different

Re: RBL Whitelisting

2017-01-31 Thread Roberto Fulgado
Hi Dominic, Thanks for the reply. I think I got it to work the way I want it by using check_sender_access instead of check_client_access in the smtpd_recipient_restrictions section. Your suggestion got me looking closely at different restrictions. I also found this postifx restrictions howto: htt

Re: RBL Whitelisting

2017-01-27 Thread Dominic Raferd
On 27 January 2017 at 23:47, Roberto Fulgado wrote: > Hi All, > > First of all I wanted to let you know that I just recently started using > postfix as our > mail server. We've been using sendmail for a long time. I have a question on > RBL > whitelisting. I have done internet search on how to do

Re: RBL claims I'm doing a dictionary search

2016-07-02 Thread Ralf Hildebrandt
* Ralf Hildebrandt : > * li...@lazygranch.com : > > body { font-family: "Calibri","Slate > > Pro",sans-serif,"sans-serif"; color:#262626 } > lang="en-US">I've got this > > ‎RBLhttps://spamrl.com/ ;that claims my server is > > doing a dictionary search. I see nothing in the maillog. I have ch

Re: RBL claims I'm doing a dictionary search

2016-07-02 Thread Ralf Hildebrandt
* li...@lazygranch.com : > body { font-family: "Calibri","Slate > Pro",sans-serif,"sans-serif"; color:#262626 } lang="en-US">I've got this > ‎RBLhttps://spamrl.com/ ;that claims my server is > doing a dictionary search. I see nothing in the maillog. I have checked for > an open relay using

Re: RBL look up errors

2016-02-19 Thread Ruben Safir
On Fri, Feb 19, 2016 at 01:18:20PM -0600, Noel Jones wrote: > On 2/19/2016 1:11 PM, Ruben Safir wrote: > > Can aanyone clarify what this means? it is happing a lot on my mail server > > > > Feb 19 14:09:31 www postfix/smtpd[6978]: warning: > > 70.14.214.162.list.dsbl.org: RBL lookup error: Host

Re: RBL look up errors

2016-02-19 Thread Noel Jones
On 2/19/2016 1:11 PM, Ruben Safir wrote: > Can aanyone clarify what this means? it is happing a lot on my mail server > > Feb 19 14:09:31 www postfix/smtpd[6978]: warning: > 70.14.214.162.list.dsbl.org: RBL lookup error: Host or domain name not found. > Name service error for name=70.14.214.162

Re: RBL checks seem to be failing

2014-07-21 Thread Thijssen
On Mon, Jul 21, 2014 at 5:51 PM, Noel Jones wrote: > On 7/21/2014 10:34 AM, Thijssen wrote: >> smtpd_recipient_restrictions = >> reject_invalid_hostname, >> reject_unknown_recipient_domain, >> reject_unauth_pipelining, >> permit_mynetworks, >> permit_sasl_authenticated, >>

Re: RBL checks seem to be failing

2014-07-21 Thread Noel Jones
On 7/21/2014 10:34 AM, Thijssen wrote: > One server I maintain receives huge amounts of spam. In my ongoing > attempts at killing as many spam-mails as possible, among others I've > been using dns blacklists under the reject_rbl_client option umbrella. > For years this worked really well, combined

Re: RBL 'weighting'?

2012-12-17 Thread /dev/rob0
On Mon, Dec 17, 2012 at 04:01:58PM +0100, Miha Valencic wrote: > We're using postfix 2.7, so postscreen is out. Actually not. You could build 2.8 and bring in the postscreen and dnsblog executables and master.cf configuration; this should work according to: http://www.postfix.org/announcements/

Re: RBL 'weighting'?

2012-12-17 Thread Miha Valencic
On Mon, Dec 17, 2012 at 7:13 PM, Noel Jones wrote: > postfwd does rate limiting, and many other features. Maybe you can > consolidate everything into postfwd. We'll take a deeper look at postfwd for that. > Additionally, rate limiting is typically done on outgoing mail, True. But there are som

Re: RBL 'weighting'?

2012-12-17 Thread Noel Jones
On 12/17/2012 10:52 AM, Miha Valencic wrote: > So, since we need some features of policyd as well (rate limiting, for > instance), and we're already using amavis, do we chain postfwd before > policyd or vice-versa? > > Thanks, > Miha. postfwd does rate limiting, and many other features. Maybe

Re: RBL 'weighting'?

2012-12-17 Thread Miha Valencic
So, since we need some features of policyd as well (rate limiting, for instance), and we're already using amavis, do we chain postfwd before policyd or vice-versa? Thanks, Miha. On Mon, Dec 17, 2012 at 4:47 PM, Henrik K wrote: > Policyd-weight is deprecated and doesn't even have async DNS looku

Re: RBL 'weighting'?

2012-12-17 Thread Henrik K
On Mon, Dec 17, 2012 at 04:39:36PM +0100, Benny Pedersen wrote: > Miha Valencic skrev den 17-12-2012 14:40: > > >Is it possible to add-up scores from different RBL's and reject the > >incoming message after a certain threshold? > > sounds like policyd-weight > > >For instance, we have a number

Re: RBL 'weighting'?

2012-12-17 Thread Benny Pedersen
Miha Valencic skrev den 17-12-2012 14:40: Is it possible to add-up scores from different RBL's and reject the incoming message after a certain threshold? sounds like policyd-weight For instance, we have a number of RBLs configured and would like to reject email only after a couple of RBLs fa

Re: RBL 'weighting'?

2012-12-17 Thread Miha Valencic
Wietse, Noel, thanks for the prompt answers. I've been already looking at postscreen and postfwd, but wandered if there something in the postfix *_restrictions as well. We're using postfix 2.7, so postscreen is out. We're looking into implementing policyd anyway, so that's probably a good place.

Re: RBL 'weighting'?

2012-12-17 Thread Noel Jones
On 12/17/2012 7:40 AM, Miha Valencic wrote: > Hi! > > Is it possible to add-up scores from different RBL's and reject the > incoming message after a certain threshold? > > For instance, we have a number of RBLs configured and would like to > reject email only after a couple of RBLs fail verificat

Re: RBL 'weighting'?

2012-12-17 Thread Wietse Venema
Miha Valencic: > Hi! > > Is it possible to add-up scores from different RBL's and reject the > incoming message after a certain threshold? Only with postscreen(8). This will not be implemented in smtpd_mumble_restrictions. http://www.postfix.org/POSTSCREEN_README.html http://www.postfix.org/post

Re: ..::Rbl not working::..

2012-08-23 Thread DTNX Postmaster
On Aug 22, 2012, at 15:47, /dev/rob0 wrote: > Google Public DNS seems to look up records again before the TTL > expires in their cache, so you are indeed likely to see a slight > improvement in your DNS response time without the doubling of your > external queries, when using their service. But

Re: ..::Rbl not working::..

2012-08-22 Thread Jamie Paul Griffin
[ /dev/rob0 wrote on Wed 22.Aug'12 at 8:47:06 -0500 ] > On Wed, Aug 22, 2012 at 01:23:12PM +0530, DN Singh wrote: > > I never realized that I had this issue too. But, after running > > the tests, I found out that my queries were indeed blocked by > > spamhaus. > > > > So, I changed the servers a

Re: ..::Rbl not working::..

2012-08-22 Thread Wietse Venema
/dev/rob0: > Google Public DNS seems to look up records again before the TTL > expires in their cache, so you are indeed likely to see a slight There is an article that shows that different resolvers report TTL values in different ways. Begin quote: For a record initially served with a TTL eq

Re: ..::Rbl not working::..

2012-08-22 Thread /dev/rob0
On Wed, Aug 22, 2012 at 01:23:12PM +0530, DN Singh wrote: > I never realized that I had this issue too. But, after running > the tests, I found out that my queries were indeed blocked by > spamhaus. > > So, I changed the servers as pointed out and bingo, spam was > successfully being blocked. >

Re: ..::Rbl not working::..

2012-08-22 Thread DN Singh
On Tue, Aug 21, 2012 at 7:52 PM, /dev/rob0 wrote: > On Tue, Aug 21, 2012 at 09:03:47AM -0500, >Alfonso Alejandro Reyes Jiménez wrote: > > I've postfix working great but I cant make the rbl works, I have > > the configuration but when I test the configuration it seems not > > to be working. >

Re: ..::Rbl not working::..

2012-08-21 Thread Alfonso Alejandro Reyes Jiménez
On 8/21/12 11:23 AM, Benny Pedersen wrote: Den 2012-08-21 17:02, Alfonso Alejandro Reyes Jiménez skrev: Thanks as I was telling I have one, but I think the issue is with the forwarding it's been made to a public dns server. Should I change it to a particular one? (ex spamhaus) no just remove

Re: ..::Rbl not working::..

2012-08-21 Thread Benny Pedersen
Den 2012-08-21 17:02, Alfonso Alejandro Reyes Jiménez skrev: Thanks as I was telling I have one, but I think the issue is with the forwarding it's been made to a public dns server. Should I change it to a particular one? (ex spamhaus) no just remove ALL forwarding !

Re: ..::Rbl not working::..

2012-08-21 Thread Benny Pedersen
Den 2012-08-21 16:53, Alfonso Alejandro Reyes Jiménez skrev: [root@mail ~]# host 107.178.203.192.zen.spamhaus.org Host 107.178.203.192.zen.spamhaus.org not found: 3(NXDOMAIN) [root@mail ~]# dig +trace 107.178.203.192.zen.spamhaus.org where does it fail ? then contact the nameservers that rej

Re: ..::Rbl not working::..

2012-08-21 Thread /dev/rob0
On Tue, Aug 21, 2012 at 10:06:34AM -0500, I wrote: > That was my guess. Now it seems to be confirmed. Remove the > forwarders from named.conf(5), ensure that recursion is allowed at > least for "localhost"[1], "rndc reload", test again. If the test > fails again, you might have to flush the cach

Re: ..::Rbl not working::..

2012-08-21 Thread Alfonso Alejandro Reyes Jiménez
On 8/21/12 10:06 AM, /dev/rob0 wrote: On Tue, Aug 21, 2012 at 09:45:50AM -0500, Alfonso Alejandro Reyes Jiménez wrote: Thanks for the tip but I have bind running and it seems not to be allowed to make queries to spamhaus: [root@mail ~]# dig 2.0.0.127.zen.spamhaus.org any ;<<>> DiG 9.8.2rc

Re: ..::Rbl not working::..

2012-08-21 Thread lst_hoe02
Zitat von Alfonso Alejandro Reyes Jiménez : On 8/21/12 9:57 AM, Ralf Hildebrandt wrote: * Alfonso Alejandro Reyes Jiménez: Thanks it seems to be an issue with spamhaus, here's the result: [root@mail ~]# host 107.178.203.192.zen.spamhaus.org Host 107.178.203.192.zen.spamhaus.org not found: 3

Re: ..::Rbl not working::..

2012-08-21 Thread /dev/rob0
On Tue, Aug 21, 2012 at 09:45:50AM -0500, Alfonso Alejandro Reyes Jiménez wrote: > Thanks for the tip but I have bind running and it seems not to be > allowed to make queries to spamhaus: > > [root@mail ~]# dig 2.0.0.127.zen.spamhaus.org any > > ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.

Re: ..::Rbl not working::..

2012-08-21 Thread Brian Evans - Postfix List
On 8/21/2012 11:02 AM, Alfonso Alejandro Reyes Jiménez wrote: > > On 8/21/12 9:57 AM, Ralf Hildebrandt wrote: >> * Alfonso Alejandro Reyes Jiménez: >> >>> Thanks it seems to be an issue with spamhaus, here's the result: >>> >>> [root@mail ~]# host 107.178.203.192.zen.spamhaus.org >>> Host 107.178.2

Re: ..::Rbl not working::..

2012-08-21 Thread Ralf Hildebrandt
* Alfonso Alejandro Reyes Jiménez : > Thanks as I was telling I have one, but I think the issue is with the > forwarding Yes. Why are you forwarding at all? Simply let you DNS recurse & cache. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin

Re: ..::Rbl not working::..

2012-08-21 Thread Alfonso Alejandro Reyes Jiménez
On 8/21/12 9:57 AM, Ralf Hildebrandt wrote: * Alfonso Alejandro Reyes Jiménez: Thanks it seems to be an issue with spamhaus, here's the result: [root@mail ~]# host 107.178.203.192.zen.spamhaus.org Host 107.178.203.192.zen.spamhaus.org not found: 3(NXDOMAIN) [root@mail ~]# Use a proper DNS se

Re: ..::Rbl not working::..

2012-08-21 Thread Ralf Hildebrandt
* Alfonso Alejandro Reyes Jiménez : > Thanks it seems to be an issue with spamhaus, here's the result: > > [root@mail ~]# host 107.178.203.192.zen.spamhaus.org > Host 107.178.203.192.zen.spamhaus.org not found: 3(NXDOMAIN) > [root@mail ~]# Use a proper DNS server (like somebody on this thread al

Re: ..::Rbl not working::..

2012-08-21 Thread Alfonso Alejandro Reyes Jiménez
On 8/21/12 9:46 AM, Ralf Hildebrandt wrote: * Alfonso Alejandro Reyes Jiménez: The IP that's testing my mail server is 192.203.178.107, I used the spamhaus lookup tool to confirm that the IP was listed. 192.203.178.107 is indeed listed. $ host 107.178.203.192.zen.spamhaus.org 107.178.203.192

Re: ..::Rbl not working::..

2012-08-21 Thread Alfonso Alejandro Reyes Jiménez
On 8/21/12 9:25 AM, Brian Evans - Postfix List wrote: On 8/21/2012 10:03 AM, Alfonso Alejandro Reyes Jiménez wrote: Hi everyone. I've postfix working great but I cant make the rbl works, I have the configuration but when I test the configuration it seems not to be working. I'm testing with htt

Re: ..::Rbl not working::..

2012-08-21 Thread Ralf Hildebrandt
* Alfonso Alejandro Reyes Jiménez : > The IP that's testing my mail server is 192.203.178.107, I used the > spamhaus lookup tool to confirm that the IP was listed. 192.203.178.107 is indeed listed. $ host 107.178.203.192.zen.spamhaus.org 107.178.203.192.zen.spamhaus.org has address 127.0.0.2 t

Re: ..::Rbl not working::..

2012-08-21 Thread Alfonso Alejandro Reyes Jiménez
On Tue, Aug 21, 2012 at 09:03:47AM -0500, Alfonso Alejandro Reyes Jiménez wrote: I've postfix working great but I cant make the rbl works, I have the configuration but when I test the configuration it seems not to be working. I'm testing with http://www.crynwr.com/spam/ Spamhaus has that ip addr

Re: ..::Rbl not working::..

2012-08-21 Thread Alfonso Alejandro Reyes Jiménez
On 8/21/12 9:20 AM, Ralf Hildebrandt wrote: * Alfonso Alejandro Reyes Jiménez: Hi everyone. I've postfix working great but I cant make the rbl works, I have the configuration but when I test the configuration it seems not to be working. Logs? I'm testing with http://www.crynwr.com/spam/ Spam

Re: ..::Rbl not working::..

2012-08-21 Thread Brian Evans - Postfix List
On 8/21/2012 10:03 AM, Alfonso Alejandro Reyes Jiménez wrote: > Hi everyone. > > I've postfix working great but I cant make the rbl works, I have the > configuration but when I test the configuration it seems not to be > working. > > I'm testing with http://www.crynwr.com/spam/ Spamhaus has that ip

Re: ..::Rbl not working::..

2012-08-21 Thread /dev/rob0
On Tue, Aug 21, 2012 at 09:03:47AM -0500, Alfonso Alejandro Reyes Jiménez wrote: > I've postfix working great but I cant make the rbl works, I have > the configuration but when I test the configuration it seems not > to be working. > > I'm testing with http://www.crynwr.com/spam/ Spamhaus has

Re: ..::Rbl not working::..

2012-08-21 Thread Ralf Hildebrandt
* Alfonso Alejandro Reyes Jiménez : > Hi everyone. > > I've postfix working great but I cant make the rbl works, I have the > configuration but when I test the configuration it seems not to be > working. Logs? > I'm testing with http://www.crynwr.com/spam/ Spamhaus has that ip > address listed

Re: RBL and IPv6

2010-11-14 Thread Wietse Venema
lst_ho...@kwsoft.de: > Hello > > we are in progress to get IPv6 working and i like to know how DNSBL > lookups are handeled by postfix if at all. The only thing i found so > far is the statement in http://www.postfix.org/IPV6_README.html that > DNSBL is not supported at the moment and the en

Re: RBL Spam question

2010-11-05 Thread Henrik K
On Fri, Nov 05, 2010 at 09:11:39AM -0500, Stan Hoeppner wrote: > Henrik K put forth on 11/5/2010 2:49 AM: > > > Did you happen to notice the absolutely generic expressions in the SA file, > > unlike your file which mostly lists specific domains? > > The bulk of them are specific to a given ISP.

Re: RBL Spam question

2010-11-05 Thread Stan Hoeppner
Henrik K put forth on 11/5/2010 2:49 AM: > Did you happen to notice the absolutely generic expressions in the SA file, > unlike your file which mostly lists specific domains? The bulk of them are specific to a given ISP. I saw a half dozen that are generic. > Not that I don't agree the whole SA

Re: RBL Spam question

2010-11-05 Thread Henrik K
On Fri, Nov 05, 2010 at 02:01:19AM -0500, Stan Hoeppner wrote: > Michael Orlitzky put forth on 11/5/2010 1:39 AM: > > On 11/05/10 00:11, Stan Hoeppner wrote: > >> Michael Orlitzky put forth on 11/4/2010 8:06 PM: > >>> On 11/04/2010 12:39 AM, Stan Hoeppner wrote: > Ned Slider put forth on 11/3/

Re: RBL Spam question

2010-11-05 Thread Michael Orlitzky
On 11/05/10 03:01, Stan Hoeppner wrote: >> >> http://svn.apache.org/repos/asf/spamassassin/rules/branches/3.2/20_dynrdns.cf > > Did you happen to notice the absolutely tiny number of expressions in > the SA file, as compared to the ~1600 in the file whose use I promote > here? Maybe I should get

Re: RBL Spam question

2010-11-05 Thread Stan Hoeppner
Michael Orlitzky put forth on 11/5/2010 1:39 AM: > On 11/05/10 00:11, Stan Hoeppner wrote: >> Michael Orlitzky put forth on 11/4/2010 8:06 PM: >>> On 11/04/2010 12:39 AM, Stan Hoeppner wrote: Ned Slider put forth on 11/3/2010 6:33 PM: > My other thought was to simply comment (or docum

Re: RBL Spam question

2010-11-04 Thread Michael Orlitzky
On 11/05/10 00:11, Stan Hoeppner wrote: > Michael Orlitzky put forth on 11/4/2010 8:06 PM: >> On 11/04/2010 12:39 AM, Stan Hoeppner wrote: >>> Ned Slider put forth on 11/3/2010 6:33 PM: >>> My other thought was to simply comment (or document) ranges known to contain FPs and then the user

Re: RBL Spam question

2010-11-04 Thread Stan Hoeppner
Michael Orlitzky put forth on 11/4/2010 8:06 PM: > On 11/04/2010 12:39 AM, Stan Hoeppner wrote: >> Ned Slider put forth on 11/3/2010 6:33 PM: >> >>> My other thought was to simply comment (or document) ranges known to >>> contain FPs and then the user can make a judgement call whether they >>> want

Re: RBL Spam question

2010-11-04 Thread Michael Orlitzky
On 11/04/2010 12:39 AM, Stan Hoeppner wrote: > Ned Slider put forth on 11/3/2010 6:33 PM: > >> My other thought was to simply comment (or document) ranges known to >> contain FPs and then the user can make a judgement call whether they >> want to comment out that particular regex based on their ci

Re: RBL Spam question

2010-11-03 Thread Stan Hoeppner
Ned Slider put forth on 11/3/2010 6:33 PM: > My other thought was to simply comment (or document) ranges known to > contain FPs and then the user can make a judgement call whether they > want to comment out that particular regex based on their circumstances. > Not a very elegant solution. I'm sta

Re: RBL Spam question

2010-11-03 Thread Walter Pinto
I was able to accomplish that as well using fail2ban and some custom regex rules for it. It can be setup to use iptables or /etc/hosts.deny http://www.fail2ban.org/

Re: RBL Spam question

2010-11-03 Thread JunkYardMail1
One of my favorite anti spam measures is auto add repeat RBL hits, no PTR hits, etc. to system firewall. Here are a few entire network permanent firewall blocks for example as well. ARIN--Level3-Sendlabs-DynDNS.org___-CIDR[63.209.253.224/27] ARIN--Level3-Sendlabs-DynDNS.org___-CIDR[63.211.192.12

Re: RBL Spam question

2010-11-03 Thread João Gouveia
Hi Jack, - "Jack" wrote: > Hello All, > > > > I'm just checking all my spam settings on my postfix servers and I > wanted to > know if anyone is using any newer RBL's than below? > > (which have a low false positive rate) My opinion is of course biased since we run Mailspike IP reputat

RE: RBL Spam question

2010-11-03 Thread Mark Scholten
> -Original Message- > From: owner-postfix-us...@postfix.org [mailto:owner-postfix- > us...@postfix.org] On Behalf Of Stan Hoeppner > Sent: Wednesday, November 03, 2010 8:05 PM > To: postfix-users@postfix.org > Subject: Re: RBL Spam question > > Charles Marcus

Re: RBL Spam question

2010-11-03 Thread Ned Slider
On 03/11/10 21:54, Stan Hoeppner wrote: Ned Slider put forth on 11/3/2010 3:11 PM: Stan, and others who are using this file - have any of you looked at the overlap with greylisting? I would imaging that the vast majority of clients with dynamic/generic rDNS would be spambots and as such I would

Re: RBL Spam question

2010-11-03 Thread Stan Hoeppner
Ned Slider put forth on 11/3/2010 3:11 PM: > Stan, and others who are using this file - have any of you looked at the > overlap with greylisting? I would imaging that the vast majority of > clients with dynamic/generic rDNS would be spambots and as such I would > expect greylisting to block the va

Re: RBL Spam question

2010-11-03 Thread Ned Slider
On 03/11/10 19:04, Stan Hoeppner wrote: Charles Marcus put forth on 11/3/2010 8:49 AM: On 2010-11-02 10:07 PM, Stan Hoeppner wrote: ... check_client_access pcre:/etc/postfix/fqrdns.pcre ... I keep meaning to say/ask - thanks for this - and do you update this frequently

Re: RBL Spam question

2010-11-03 Thread Stan Hoeppner
Charles Marcus put forth on 11/3/2010 8:49 AM: > On 2010-11-02 10:07 PM, Stan Hoeppner wrote: >> Last, but not least important by any means (understatement), you may >> wish to try out: >> http://www.hardwarefreak.com/fqrdns.pcre >> >> Implement this as: >> >> smtpd_recipient_restrictions >> p

Re: RBL Spam question

2010-11-03 Thread Charles Marcus
On 2010-11-02 10:07 PM, Stan Hoeppner wrote: > Last, but not least important by any means (understatement), you may > wish to try out: > http://www.hardwarefreak.com/fqrdns.pcre > > Implement this as: > > smtpd_recipient_restrictions > permit_mynetworks > permit_sasl_authenticated >

Re: RBL Spam question

2010-11-02 Thread Stan Hoeppner
Jack put forth on 11/2/2010 3:56 PM: > I'm just checking all my spam settings on my postfix servers and I wanted to > know if anyone is using any newer RBL's than below? > > (which have a low false positive rate) Low FP noted, FSVO "low FP". >reject_rbl_client zen.spamhaus.org, >reject_

Re: RBL Usage questions

2010-04-11 Thread Ralf Hildebrandt
* Michael Orlitzky : > How much use do you get out of bogons.cymru.com at the SMTP stage? I was > considering it once, and talked myself out of it with flowcharts or > something. Almost none. I use it for internal clients. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité

Re: RBL Usage questions

2010-04-11 Thread Ralf Hildebrandt
* Alex : > Hi, > > >> I'm using zen.spamhaus.org in postscreen and, > > Where can I find information on postscreen? On this mailinglist? In the archives? > >>    reject_rbl_client           bl.spamcop.net > >>    reject_rbl_client           bogons.cymru.com > > I would also be interested in in

Re: RBL Usage questions

2010-04-10 Thread Stan Hoeppner
Alex put forth on 4/10/2010 7:28 PM: >> smtpd_recipient_restrictions = >>... >>reject_rbl_client zen.spamhaus.org >>reject_rhsbl_client dbl.spamhaus.org >>reject_rhsbl_sender dbl.spamhaus.org >>reject_rhsbl_helo dbl.spamhaus.org > > I'm familiar with ze

Re: RBL Usage questions

2010-04-10 Thread Stan Hoeppner
Noel Jones put forth on 4/10/2010 8:16 PM: > On 4/10/2010 5:49 PM, Stan Hoeppner wrote: >> smtpd_recipient_restrictions = >> ... >> check_client_access regexp:/etc/postfix/fqrdns.regexp >> ... > > > You'll probably get more hits using > check_reverse_client_hostname_access. That

Re: RBL Usage questions

2010-04-10 Thread Noel Jones
On 4/10/2010 5:49 PM, Stan Hoeppner wrote: I reject most spam via other methods, mostly pcre/regex and cidr tables. My dnsbl queries reject less than 1% of my spam load. Plug the following dynamic/generic rdns regex table into your Postfix configuration and see if it catches some spam for you.

Re: RBL Usage questions

2010-04-10 Thread Sahil Tandon
On Sat, 10 Apr 2010, Alex wrote: > >> I'm using zen.spamhaus.org in postscreen and, > > Where can I find information on postscreen? postscreen(8) is part of the 2.8 experimental release: http://www.postfix.org/postscreen.8.html -- Sahil Tandon

Re: RBL Usage questions

2010-04-10 Thread Alex
Hi, >> I'm using zen.spamhaus.org in postscreen and, Where can I find information on postscreen? >>    reject_rbl_client           bl.spamcop.net >>    reject_rbl_client           bogons.cymru.com I would also be interested in info on using the bogons list here. How does that apply here, consid

Re: RBL Usage questions

2010-04-10 Thread Michael Orlitzky
On 04/10/2010 03:21 AM, Ralf Hildebrandt wrote: > > I'm using zen.spamhaus.org in postscreen and, > >reject_rbl_client bl.spamcop.net >reject_rbl_client bogons.cymru.com >reject_rhsbl_sender dbl.spamhaus.org >reject_rhsbl_reverse_client dbl.spamhaus.org

Re: RBL Usage questions

2010-04-10 Thread Reinaldo de Carvalho
On Sat, Apr 10, 2010 at 8:10 PM, Stan Hoeppner wrote: > > Except these aren't fully qualified patterns, can generate FPs, and cause > other problems.  The patterns I shared are fully qualified, so the chance of > FPs is zero or near zero.  Also note the domain specific reject text in my > patterns

  1   2   3   >