Charles Marcus wrote:
> On 12/15/2008, Roland Plüss (rol...@rptd.ch) wrote:
>
>>> Oh... and this is why I put all of my customizations for postfix at the
>>> very end of the file, in its own block... then, even if something slips
>>> in above, my custom settings will override it.
>>>
>>> But,
On 12/15/2008, Roland Plüss (rol...@rptd.ch) wrote:
>> Oh... and this is why I put all of my customizations for postfix at the
>> very end of the file, in its own block... then, even if something slips
>> in above, my custom settings will override it.
>>
>> But, I am always very careful when runnin
Charles Marcus wrote:
> On 12/15/2008 3:13 PM, Charles Marcus wrote:
>
# grep smtpd_recipient_restrictions main.cf
If you see two occurences or more, you have redefined it. postfix only
uses the last.
>
>
>>> Looks like on of the latest etc-update must have smug
On Mon, December 15, 2008 21:13, Charles Marcus wrote:
> Thats gentoo-speak for 'ooops, I fat-fingered the merge when running
> etc-update'... I run gentoo... I know (been there, done that)...
is it worse then run glibc 2.9 ? :)
packages.mask it localy !
--
Benny Pedersen
Need more webspace ?
On 12/15/2008 3:13 PM, Charles Marcus wrote:
>>> # grep smtpd_recipient_restrictions main.cf
>>> If you see two occurences or more, you have redefined it. postfix only
>>> uses the last.
>> Looks like on of the latest etc-update must have smuggled a line in.
> Thats gentoo-speak for 'ooops, I fat
On 12/15/2008 2:44 PM, Roland Plüss wrote:
>> # grep smtpd_recipient_restrictions main.cf
>> If you see two occurences or more, you have redefined it. postfix only
>> uses the last.
> Looks like on of the latest etc-update must have smuggled a line in.
Thats gentoo-speak for 'ooops, I fat-fingere
> # grep smtpd_recipient_restrictions main.cf
> If you see two occurences or more, you have redefined it. postfix only
> uses the last.
>
Looks like on of the latest etc-update must have smuggled a line in. A
second such line had been squashed between two sasl lines. No idea how
it got there bu
> Something is very odd about that. Your config from main.cf does not
> match your postconf -n results at all. Any chance that you
> inadvertently installed multiple copies of postfix?
Nope
> Was it built by you or provided by your vendor?
Me
> Maybe a second copy in /usr/local?
Nope
> Try 'post
> Is this the _entire_ output of 'postconf -n'? If not, please show it.
>
alias_database = hash:/etc/mail/aliases
alias_maps = hash:/etc/mail/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib64/postfix
data_director
On Sat, December 13, 2008 18:50, mouss wrote:
> Last time you showed it, you did not have zen in your config.
blocking forged senders is diff then use a rbl check
--
Benny Pedersen
Need more webspace ? http://www.servage.net/?coupon=cust37098
On Sat, December 13, 2008 16:08, Roland Plüss wrote:
> The problem is that it doesn't seem to work neither the way
> mentioned in the threads nor adding the dns bypass...
> I've got again 20 of those same spam shit in my inbox today.
> It's going on my nerves. Is there no way to stop this?
http:/
Roland Plüss a écrit :
>> There is no "dns bypass". I did not tell you to edit /etc/hosts. I told
>> you to run the following command:
>>
>> host 2.0.0.127.zen.spamhaus.org
>>
>> in short, connect to your postfix server and in the terminal, type the
>> line above, hit "ENTER" and see what the syste
Roland Plüss wrote:
I know what host or nslookup is. I'm not stupid on that front. It gives
2.0.0.127.zen.spamhaus.org has address 127.0.0.4
2.0.0.127.zen.spamhaus.org has address 127.0.0.2
2.0.0.127.zen.spamhaus.org has address 127.0.0.10
It's just that you said they monitor the number of "dns
Roland Plüss schrieb:
It's just that you said they monitor the number of "dns queries". Now by
bypassing a query for the DNS I can put it locally on my machine so no
queries for the DNS goes out to the net. Whatever I removed the line
from /etc/hosts for testing but it still doesn't seem to work.
Roland Pl?ss wrote:
> It's just that you said they monitor the number of "dns queries". Now by
> bypassing a query for the DNS I can put it locally on my machine so no
> queries for the DNS goes out to the net.
If you inhibit DNS queries from going to the spamhaus server, you
defeat the purpose
> There is no "dns bypass". I did not tell you to edit /etc/hosts. I told
> you to run the following command:
>
> host 2.0.0.127.zen.spamhaus.org
>
> in short, connect to your postfix server and in the terminal, type the
> line above, hit "ENTER" and see what the system tells you. "host" is
> simi
Roland Plüss wrote:
The problem is that it doesn't seem to work neither the way mentioned in
the threads nor adding the dns bypass... I've got again 20 of those same
spam shit in my inbox today. It's going on my nerves. Is there no way to
stop this?
Please do not top post. Put your answers bel
Roland Plüss a écrit :
> The problem is that it doesn't seem to work neither the way mentioned in
> the threads nor adding the dns bypass... I've got again 20 of those same
> spam shit in my inbox today. It's going on my nerves. Is there no way to
> stop this?
>
There is no "dns bypass". I did no
The problem is that it doesn't seem to work neither the way mentioned in
the threads nor adding the dns bypass... I've got again 20 of those same
spam shit in my inbox today. It's going on my nerves. Is there no way to
stop this?
Jan P. Kessler wrote:
> Roland Plüss schrieb:
>> I'll try mapping ze
Roland Plüss schrieb:
I'll try mapping zen.spamhaus.org to 127.0.0.2 in my /etc/hosts. This
should not require a DNS lookup and hopefully it works then. Let's see
You must not do this if you want to use zen.spamhaus.org. Please follow
the given advices and read something about how dnsbls wo
> that check only blocks specific spam: spam that uses an address in your
> domain in the envelope sender (MAIL FROM command). this envelope sender
> is what you see in the Return-Path header in the sample you posted.
>
I tried adding the REJECT line to the "check_sender_access
hash:/etc/postfi
Roland Plüss a écrit :
>> so they are not logs. these are reports.
>>
>> next time, connect to your server and grab lines from /var/log/maillog
>> (or whatever file contains postfix logs). not necessary now.
>>
> I don't have such a file. All logs go into the one I posted managed by
> vixie-cron
> so they are not logs. these are reports.
>
> next time, connect to your server and grab lines from /var/log/maillog
> (or whatever file contains postfix logs). not necessary now.
>
I don't have such a file. All logs go into the one I posted managed by
vixie-cron.
> it really depends on your s
Roland Plüss a écrit :
>> so what logs are these? I mean, how were these logs generated?
>>
> vixie-cron
so they are not logs. these are reports.
next time, connect to your server and grab lines from /var/log/maillog
(or whatever file contains postfix logs). not necessary now.
>> if you foll
> so what logs are these? I mean, how were these logs generated?
>
vixie-cron
> if you followed the "mentioned threads", then that mail should have been
> blocked. your sender_access should contain
>
> rptd.ch REJECT not authorized blah blah
>
> do not forget to postmap the file.
Roland Plüss a écrit :
> I only enclosed the HTML tags in the email body with comment marks. The
> logs are unaltered except hidding one email address.
>
so what logs are these? I mean, how were these logs generated?
Dec 10 18:03:41 [postfix/smtpd] connect from
99-206-220-166.pools.spcsdns.net[
SASL is a problem. I tried doing it once but as soon as I enable the
entire system totally breaks. I tried various tuts and howtos but to no
avail. SASL stays broken and I can't get it working. I'm running
hardened 64bit here and postfix crashes left and right if not compiled
with a no-pie compiler
I only enclosed the HTML tags in the email body with comment marks. The
logs are unaltered except hidding one email address.
What goes for zen.spamhaus.org... I've got this one in my config... but
it seems to not work ( host not found ).
mouss wrote:
> Roland Plüss a écrit :
>
>> I tried to fi
Roland Plüss a écrit :
> I tried to find one of the messages in the logs. It's damn hard to find
> it since it's really weird... and it all makes no sense to me. I think
> this email source belongs to the logs below ( added to prevent
> potential damage due to fudged HTML ).
>
Do not edit logs,
Roland Plüss wrote:
`reject_unauthenticated_sender_login_mismatch' ignored: no SASL support
Well, there ya go. There is no restriction that would prevent that
message from being delivered, so of course they get through.
At a very minimum, please add: 'reject_rbl_client zen.spamhaus.org' to
I tried to find one of the messages in the logs. It's damn hard to find
it since it's really weird... and it all makes no sense to me. I think
this email source belongs to the logs below ( added to prevent
potential damage due to fudged HTML ).
email source:
>
>
From - Thu Dec 11 02:09
Roland Plüss a écrit :
> ** Sorry, send to the previous poster instead of the list...
> ** I'm not a fan of mailing lists because of things
> ** like this U.=.U
>
> No idea which log snippets you want to see but the postconf -n one I can
> give already
>
a copy of the headers of one spam would b
** Sorry, send to the previous poster instead of the list...
** I'm not a fan of mailing lists because of things
** like this U.=.U
No idea which log snippets you want to see but the postconf -n one I can
give already
alias_database = hash:/etc/mail/aliases
alias_maps = hash:/etc/mail/aliases
bro
I read now the thread in the archive and tried to apply the proposed
solution. I'm still getting the same amount of spam mails where
sender=receiver. My settings look like this:
disable_vrfy_command = yes
smtpd_helo_required = yes
smtpd_helo_restrictions =
permit_mynetworks,
check_helo_acces
On Sun, 2008-12-07 at 09:51 -0700, Roland Plüss wrote:
> I've got since a couple of weeks a rather nasty spam increase ( in
> fact
> massive ). Some jerk sends forged emails to some address [EMAIL PROTECTED] on
> my
> server with the same email address as the receiver ( hence [EMAIL PROTECTED]
>
I've got since a couple of weeks a rather nasty spam increase ( in fact
massive ). Some jerk sends forged emails to some address [EMAIL PROTECTED] on my
server with the same email address as the receiver ( hence [EMAIL PROTECTED]
receives an email from [EMAIL PROTECTED] ). It's clearly not relay
36 matches
Mail list logo
