New approach with fqrdns.pcre file

2017-05-02 Thread Steve Jenkins
I know many of us have used the fqrdns.pcre in Postfix's smtpd_client_restrictions for many years to help block "low hanging" spam. Long ago, after the project was abandoned by Stan H, I adopted it and moved it to GitHub: https://github.com/stevejenkins/hardwarefreak.com-fqrd

Suggested fqrdns.pcre updates

2015-11-13 Thread Steve Jenkins
I'd rather not have the conversation(s) here on the Postfix list, but I've received two update requests to Stan Hoeppner's fqrdns.pcre file, which many of us are using (I volunteered to host the file on GitHub after Stan went offline). I'd like to invite Postfix users to ch

Re: Stan Hoeppner's fqrdns.pcre file?

2015-05-06 Thread Steve Jenkins
On Wed, May 6, 2015 at 8:21 AM, Bill Cole < postfixlists-070...@billmail.scconsult.com> wrote: > On 6 May 2015, at 10:20, Steve Jenkins wrote: > > On Tue, May 5, 2015 at 11:38 AM, Vijay Rajah wrote: >> >> There was a missing persons report on a Stanley D Hoeppner. This name no >>> longer appear

Re: Stan Hoeppner's fqrdns.pcre file?

2015-05-06 Thread steffan
I have it on good authority that he is still in Missouri but is absent due to a personal nature. I will share more if allowed in time. In the interim, I've been checking to see if I can get his domain back up for everyone again. Thanks, Steffan > On May 6, 2015, at 8:21 AM, Bill Cole > wr

Re: Stan Hoeppner's fqrdns.pcre file?

2015-05-06 Thread Bill Cole
On 6 May 2015, at 10:20, Steve Jenkins wrote: On Tue, May 5, 2015 at 11:38 AM, Vijay Rajah wrote: There was a missing persons report on a Stanley D Hoeppner. This name no longer appears on the active missing persons list. Hope he is ok. FYI: http://i.imgur.com/3oiR3ID.png That's VERY co

Re: Stan Hoeppner's fqrdns.pcre file?

2015-05-06 Thread Steve Jenkins
o I think that is indeed him. I hope the fact that he's no longer on there doesn't mean the worst... > Also, It seems that his server is up and running. there is a single jpg > file with you point the browser to his server IP. > The fqrdns.pcre file is at http://65.41.216.221/

Re: Stan Hoeppner's fqrdns.pcre file?

2015-05-05 Thread Vijay Rajah
nning. there is a single jpg file with you point the browser to his server IP. The fqrdns.pcre file is at http://65.41.216.221/fqrdns.pcre -Vijay

Re: Stan Hoeppner's fqrdns.pcre file?

2015-04-28 Thread DTNX Postmaster
On 28 Apr 2015, at 23:23, Steve Jenkins wrote: > On Tue, Apr 28, 2015 at 2:13 PM, Terry Barnum <mailto:te...@dop.com>> wrote: > github URL for curl: > > $ curl > https://raw.githubusercontent.com/stevejenkins/hardwarefreak.com-fqrdns.pcre/master/

Re: Stan Hoeppner's fqrdns.pcre file?

2015-04-28 Thread Steve Jenkins
On Tue, Apr 28, 2015 at 2:13 PM, Terry Barnum wrote: > github URL for curl: > > $ curl > https://raw.githubusercontent.com/stevejenkins/hardwarefreak.com-fqrdns.pcre/master/fqrdns.pcre Thanks, Terry. The same URL will also work for a wget, and I recommend using the -N option for

Re: Stan Hoeppner's fqrdns.pcre file?

2015-04-28 Thread Terry Barnum
> On Apr 28, 2015, at 1:31 PM, Steve Jenkins wrote: > https://github.com/stevejenkins/hardwarefreak.com-fqrdns.pcre/blob/master/fqrdns.pcre > > Interesting to click the history button and see that it didn't really change > all that much from 2012-2014. > > S

Re: Stan Hoeppner's fqrdns.pcre file?

2015-04-28 Thread Steve Jenkins
at's actually the version I have up there now. :) https://github.com/stevejenkins/hardwarefreak.com-fqrdns.pcre/blob/master/fqrdns.pcre Interesting to click the history button and see that it didn't really change all that much from 2012-2014. SteveJ

Re: Stan Hoeppner's fqrdns.pcre file?

2015-04-28 Thread DTNX Postmaster
On 28 Apr 2015, at 18:04, Alex Regan wrote: > Hi, > >>I should have mentioned that I actually did that, once I couldn't >>find Stan's site: >> >>https://github.com/stevejenkins/hardwarefreak.com-fqrdns.pcre >> >> >> For th

Re: Stan Hoeppner's fqrdns.pcre file?

2015-04-28 Thread Quanah Gibson-Mount
--On Monday, April 27, 2015 10:10 PM -0700 Steve Jenkins wrote: I don't know when Stan did his final update, but if anyone has one newer than Mar 27 2013, please send it to me off-list and I'll update it. Hi Steve, I had just set this up on March 11, 2015. The version I downloaded at that

Re: Stan Hoeppner's fqrdns.pcre file?

2015-04-28 Thread Alex Regan
Hi, I should have mentioned that I actually did that, once I couldn't find Stan's site: https://github.com/stevejenkins/hardwarefreak.com-fqrdns.pcre For those who are using it, I've replaced it with a version from March 2013 instead of March 2012. htt

Re: Stan Hoeppner's fqrdns.pcre file?

2015-04-28 Thread Alex Regan
rt involving my GENERIC_RDNS, so it can't be *that* bad. If it ever causes an issue I'll probably drop the rule entirely. Okay, good point. I did see quite a few FPs when I was rejecting with the fqrdns.pcre file outright, however. Thanks, Alex

Re: Stan Hoeppner's fqrdns.pcre file?

2015-04-27 Thread Steve Jenkins
On Sun, Apr 26, 2015 at 2:20 PM, Steve Jenkins wrote: > I should have mentioned that I actually did that, once I couldn't find > Stan's site: > > https://github.com/stevejenkins/hardwarefreak.com-fqrdns.pcre > For those who are using it, I've replaced it with a v

Re: Stan Hoeppner's fqrdns.pcre file?

2015-04-27 Thread Michael Orlitzky
On 04/27/2015 10:57 PM, Alex Regan wrote: >> >> check_client_access uses the verified name, which is more conservative. >> I wasn't convinced this was a good idea, so I played it safe. > > So check_client_access is performing an additional DNS query on the > hostname to check if it matches the IP

Re: Stan Hoeppner's fqrdns.pcre file?

2015-04-27 Thread Alex Regan
Hi, On 04/27/2015 10:44 PM, Michael Orlitzky wrote: On 04/27/2015 06:55 PM, Alex Regan wrote: Hi, I assume that means you use it in header_checks? It's still a client check; I have smtpd_recipient_restrictions = ... check_client_access pcre:$maps/generic_rdns.pcre, If you

Re: Stan Hoeppner's fqrdns.pcre file?

2015-04-27 Thread Alex Regan
Hi, On 04/27/2015 10:44 PM, Michael Orlitzky wrote: On 04/27/2015 06:55 PM, Alex Regan wrote: Hi, I assume that means you use it in header_checks? It's still a client check; I have smtpd_recipient_restrictions = ... check_client_access pcre:$maps/generic_rdns.pcre, If you

Re: Stan Hoeppner's fqrdns.pcre file?

2015-04-27 Thread Michael Orlitzky
On 04/27/2015 06:55 PM, Alex Regan wrote: > Hi, > >>> I assume that means you use it in header_checks? >> >> It's still a client check; I have >> >>smtpd_recipient_restrictions = >> ... >> check_client_access pcre:$maps/generic_rdns.pcre, > > If you're using a version of postfix lat

Re: Stan Hoeppner's fqrdns.pcre file?

2015-04-27 Thread Alex Regan
Hi, I assume that means you use it in header_checks? It's still a client check; I have smtpd_recipient_restrictions = ... check_client_access pcre:$maps/generic_rdns.pcre, If you're using a version of postfix later than 2.6, you should be using check_reverse_client_hostname_ac

Re: Stan Hoeppner's fqrdns.pcre file?

2015-04-26 Thread Bill Cole
On 26 Apr 2015, at 17:21, Steve Jenkins wrote: On Sun, Apr 26, 2015 at 1:11 PM, E.B. wrote: HasStan stopped hosting/maintaining it? Yes. :( Like I said, it appears Stan has disappeared. His last archived post was to the XFS list in January. I can't find him on social media, and any G

Re: Stan Hoeppner's fqrdns.pcre file?

2015-04-26 Thread Michael Orlitzky
On 04/26/2015 03:55 PM, Wolfgang Zeikat wrote: > > I assume that means you use it in header_checks? > It's still a client check; I have smtpd_recipient_restrictions = ... check_client_access pcre:$maps/generic_rdns.pcre, ... And then in spamassassin, header GENERIC_RDNS exists

Re: Stan Hoeppner's fqrdns.pcre file?

2015-04-26 Thread Steve Jenkins
On Sun, Apr 26, 2015 at 1:11 PM, E.B. wrote: > HasStan stopped hosting/maintaining it? Yes. :( Like I said, it appears Stan has disappeared. I can't find him on social media, and any Google searches for him produce his hardwarefreak.com site... which is now being squatted. SteveJ

Re: Stan Hoeppner's fqrdns.pcre file?

2015-04-26 Thread Steve Jenkins
On Sun, Apr 26, 2015 at 7:07 AM, Patrick Laimbock wrote: > > I would appreciate it if someone with a recent version of fqrdns.pcre > could put it up on github or post it to the mailing list or offline to me > or Steve. I found it very useful and would like to continue to use it. I

Re: Stan Hoeppner's fqrdns.pcre file?

2015-04-26 Thread Wolfgang Zeikat
- On 26 Apr, 2015, at 20:32, Michael Orlitzky mich...@orlitzky.com wrote: > Here's my copy, modified to add a header rather than reject outright. I assume that means you use it in header_checks? Cheers, wolfgang

Re: Stan Hoeppner's fqrdns.pcre file?

2015-04-26 Thread E.B.
HasStan stopped hosting/maintaining it? On Sun, 4/26/15, Michael Orlitzky wrote: Subject: Re: Stan Hoeppner's fqrdns.pcre file? To: postfix-users@postfix.org Date: Sunday, April 26, 2015, 11:32 AM On 04/26/2015 09:07 AM, Patrick Lai

Re: Stan Hoeppner's fqrdns.pcre file?

2015-04-26 Thread Michael Orlitzky
On 04/26/2015 09:07 AM, Patrick Laimbock wrote: > > I would appreciate it if someone with a recent version of fqrdns.pcre > could put it up on github or post it to the mailing list or offline to > me or Steve. I found it very useful and would like to continue to use it. >

Re: Stan Hoeppner's fqrdns.pcre file?

2015-04-26 Thread Patrick Laimbock
at too. It was previously the home of the popular fqrdns.pcre file that many Postfix users incorporated into their spam-fighting efforts. Its maintainer and long-time member of this list Stan Hoeppner also seems to have dropped off the face of the earth. Has someone else taken over management o

Stan Hoeppner's fqrdns.pcre file?

2015-04-20 Thread Steve Jenkins
Hopefully this is still on-topic enough to warrant posting. The hardwarefreak.com site appears to be offline (looks like possibly the domain expired and a domain squatting service snatched it). It was previously the home of the popular fqrdns.pcre file that many Postfix users incorporated into

Re: postscreen supersedes fqrdns.pcre table

2012-01-17 Thread /dev/rob0
On Sun, Jan 15, 2012 at 11:04:21AM -0500, Charles Marcus wrote: > But I'd still be interested in seeing some example postscreen > configs actually in use right now, by you and anyone else > willing to share... I have posted mine here in the past, I think on or around 2011-02-15. It hasn't changed

Re: postscreen supersedes fqrdns.pcre table

2012-01-15 Thread Mark Alan
On Sun, 15 Jan 2012 11:04:21 -0500, Charles Marcus wrote: > But I'd still be interested in seeing some example postscreen configs > actually in use right now, by you and anyone else willing to share... This works pretty well: as root: ## configure Postfix to use postscreen sed -i 's/^smtp .*s

Re: postscreen supersedes fqrdns.pcre table

2012-01-15 Thread Stan Hoeppner
On 1/15/2012 10:04 AM, Charles Marcus wrote: > On 2012-01-14 5:55 PM, Stan Hoeppner wrote: >> On 1/14/2012 6:43 AM, Charles Marcus wrote: >>> Also, Stan - would would be interested in seeing some comparisons of >>> postscreen configurations. I haven't implemented it yet (we use an >>> outsourced a

Re: postscreen supersedes fqrdns.pcre table

2012-01-15 Thread Charles Marcus
On 2012-01-14 5:55 PM, Stan Hoeppner wrote: On 1/14/2012 6:43 AM, Charles Marcus wrote: Also, Stan - would would be interested in seeing some comparisons of postscreen configurations. I haven't implemented it yet (we use an outsourced anti-spam service currently), but am interested in trying it

Re: postscreen supersedes fqrdns.pcre table

2012-01-15 Thread Charles Marcus
On 2012-01-15 6:21 AM, Steve wrote: For me the question is: What does this outsourced anti-spam solution do? Does it block (aka: what postscreen/fqrdns.pcre does) and/or does it tag spam/ham. What other services do they offer that you need/use (qurantine management, anti virus, black

Re: postscreen supersedes fqrdns.pcre table

2012-01-15 Thread Steve
Original-Nachricht > Datum: Sat, 14 Jan 2012 16:55:46 -0600 > Von: Stan Hoeppner > An: postfix-users@postfix.org > Betreff: Re: postscreen supersedes fqrdns.pcre table > On 1/14/2012 6:43 AM, Charles Marcus wrote: > > > Also, Stan - would would be i

Re: postscreen supersedes fqrdns.pcre table

2012-01-14 Thread Stan Hoeppner
On 1/14/2012 6:43 AM, Charles Marcus wrote: > Also, Stan - would would be interested in seeing some comparisons of > postscreen configurations. I haven't implemented it yet (we use an > outsourced anti-spam service currently), but am interested in trying it > out to see if we can lose that service

Re: postscreen supersedes fqrdns.pcre table

2012-01-14 Thread Charles Marcus
On 2012-01-13 6:18 PM, Stan Hoeppner wrote: As fqrdns.pcre has been a topic recently, I feel this needs to be stated again, for those of you who have missed previous threads on this topic. 1. Postscreen rejects most bots BEFORE they reach smtpd processes (fqrdns.pcre is evaluated by

postscreen supersedes fqrdns.pcre table

2012-01-13 Thread Stan Hoeppner
As fqrdns.pcre has been a topic recently, I feel this needs to be stated again, for those of you who have missed previous threads on this topic. 1. Postscreen rejects most bots BEFORE they reach smtpd processes (fqrdns.pcre is evaluated by smtpd) 2. AFAIK postscreen never FP

Re: fqrdns.pcre and IPv6

2011-07-07 Thread Noel Jones
On 7/7/2011 7:37 PM, Steve Jenkins wrote: > I'm currently using Stan's pcre file with check_client_access. But > even after re-reading this while thread and that doc link, I can't > tell whether I should keep it as-is or switch to > check_reverse_client_hostname_access. > > SteveJ Yes, absolutely

Re: fqrdns.pcre and IPv6

2011-07-07 Thread Steve Jenkins
On Thu, Jul 7, 2011 at 2:04 PM, Noel Jones wrote: > On 7/7/2011 3:42 PM, mouss wrote: > >> >> Noel, are you telling me that check_reverse... will match the client IP? >> my understanding is that it will only match against the PTR. > > It's even documented. > http://www.postfix.org/postconf.5.html#

Re: fqrdns.pcre and IPv6

2011-07-07 Thread Stan Hoeppner
On 7/7/2011 10:14 AM, /dev/rob0 wrote: > On Thu, Jul 07, 2011 at 08:24:42AM -0500, Noel Jones wrote: >> On 7/7/2011 7:48 AM, /dev/rob0 wrote: >>> On Thu, Jul 07, 2011 at 06:44:49AM -0500, Stan Hoeppner wrote: On 7/7/2011 5:58 AM, /dev/rob0 wrote: > The anchors at both ends mean you are saf

Re: fqrdns.pcre and IPv6

2011-07-07 Thread Noel Jones
On 7/7/2011 3:42 PM, mouss wrote: > > Noel, are you telling me that check_reverse... will match the client IP? > my understanding is that it will only match against the PTR. It's even documented. http://www.postfix.org/postconf.5.html#check_reverse_client_hostname_access And I can say with auth

Re: fqrdns.pcre and IPv6

2011-07-07 Thread mouss
Le 07/07/2011 22:48, Victor Duchovni a écrit : > On Thu, Jul 07, 2011 at 10:35:56PM +0200, mouss wrote: > >> /^[0-9\.]$/ >> is equivalent to >> any string formed with digits and/or dots > > No, just any single character that is a digit or ".". You left off the > "*" or "+" to make it a strin

Re: fqrdns.pcre and IPv6

2011-07-07 Thread Victor Duchovni
On Thu, Jul 07, 2011 at 10:35:56PM +0200, mouss wrote: > /^[0-9\.]$/ > is equivalent to > any string formed with digits and/or dots No, just any single character that is a digit or ".". You left off the "*" or "+" to make it a string composed of one (or zero) or more of said. > with pcre;

Re: fqrdns.pcre and IPv6

2011-07-07 Thread mouss
Le 06/07/2011 23:14, Noel Jones a écrit : > On 7/6/2011 3:57 PM, mouss wrote: >> Le 06/07/2011 22:52, Noel Jones a écrit : >>> On 7/6/2011 3:44 PM, mouss wrote: >>>> Le 06/07/2011 07:07, Simon Deziel a écrit : >>>>> Hi all, >>>>> >>

Re: fqrdns.pcre and IPv6

2011-07-07 Thread mouss
Le 07/07/2011 13:44, Stan Hoeppner a écrit : > On 7/7/2011 5:58 AM, /dev/rob0 wrote: >> On Thu, Jul 07, 2011 at 03:36:02AM -0500, Stan Hoeppner wrote: >>> I received a request to ignore IPv4 addresses as well in order to >>> improve performance. But given the extensive IF loops it seems >>> we'd

Re: fqrdns.pcre and IPv6

2011-07-07 Thread /dev/rob0
On Thu, Jul 07, 2011 at 08:24:42AM -0500, Noel Jones wrote: > On 7/7/2011 7:48 AM, /dev/rob0 wrote: > > On Thu, Jul 07, 2011 at 06:44:49AM -0500, Stan Hoeppner wrote: > >> On 7/7/2011 5:58 AM, /dev/rob0 wrote: > >>> The anchors at both ends mean you are safe. You start with ^ > >>> and end with $,

Re: fqrdns.pcre and IPv6

2011-07-07 Thread Noel Jones
On 7/7/2011 7:48 AM, /dev/rob0 wrote: > On Thu, Jul 07, 2011 at 06:44:49AM -0500, Stan Hoeppner wrote: >> On 7/7/2011 5:58 AM, /dev/rob0 wrote: >>> The anchors at both ends mean you are safe. You start with ^ and >>> end with $, so nothing else can sneak in between those. >>> >>> A simpler express

Re: fqrdns.pcre and IPv6

2011-07-07 Thread /dev/rob0
On Thu, Jul 07, 2011 at 06:44:49AM -0500, Stan Hoeppner wrote: > On 7/7/2011 5:58 AM, /dev/rob0 wrote: > > The anchors at both ends mean you are safe. You start with ^ and > > end with $, so nothing else can sneak in between those. > > > > A simpler expression to accomplish the same thing: > >

Re: fqrdns.pcre and IPv6

2011-07-07 Thread Stan Hoeppner
On 7/7/2011 5:58 AM, /dev/rob0 wrote: > On Thu, Jul 07, 2011 at 03:36:02AM -0500, Stan Hoeppner wrote: >> I received a request to ignore IPv4 addresses as well in order to >> improve performance. But given the extensive IF loops it seems >> we'd only save something like a few picoseconds of CPU

Re: fqrdns.pcre and IPv6

2011-07-07 Thread /dev/rob0
On Thu, Jul 07, 2011 at 03:36:02AM -0500, Stan Hoeppner wrote: > I received a request to ignore IPv4 addresses as well in order to > improve performance. But given the extensive IF loops it seems > we'd only save something like a few picoseconds of CPU time (<30 > expressions processed). If th

Re: fqrdns.pcre and IPv6

2011-07-07 Thread Stan Hoeppner
On 7/6/2011 12:08 PM, Wietse Venema wrote: > Some table types such as CIDR ignore the domain name. With table > types such as CIDR, regexp and pcre, check_client_access does no > prefix/suffix lookups. > > Given this, a pcre rule with ``/:/ DUNNO'' is sufficient to skip > IPv6 addresses. Thanks

Re: fqrdns.pcre and IPv6

2011-07-06 Thread Noel Jones
On 7/6/2011 3:57 PM, mouss wrote: > Le 06/07/2011 22:52, Noel Jones a écrit : >> On 7/6/2011 3:44 PM, mouss wrote: >>> Le 06/07/2011 07:07, Simon Deziel a écrit : >>>> Hi all, >>>> >>>> Since I started using Stan's fqrdns.pcre file to

Re: fqrdns.pcre and IPv6

2011-07-06 Thread mouss
Le 06/07/2011 22:52, Noel Jones a écrit : > On 7/6/2011 3:44 PM, mouss wrote: >> Le 06/07/2011 07:07, Simon Deziel a écrit : >>> Hi all, >>> >>> Since I started using Stan's fqrdns.pcre file to reduce spam I have some >>> problems rece

Re: fqrdns.pcre and IPv6

2011-07-06 Thread Noel Jones
On 7/6/2011 3:44 PM, mouss wrote: > Le 06/07/2011 07:07, Simon Deziel a écrit : >> Hi all, >> >> Since I started using Stan's fqrdns.pcre file to reduce spam I have some >> problems receiving emails from with IPv6 clients. > > replace > check_cl

Re: fqrdns.pcre and IPv6

2011-07-06 Thread mouss
Le 06/07/2011 15:13, Noel Jones a écrit : > On 7/6/2011 2:32 AM, Henrik K wrote: >> On Wed, Jul 06, 2011 at 12:38:05AM -0500, Noel Jones wrote: >>> On 7/6/2011 12:07 AM, Simon Deziel wrote: >>>> Hi all, >>>> >>>> Since I started us

Re: fqrdns.pcre and IPv6

2011-07-06 Thread mouss
Le 06/07/2011 07:07, Simon Deziel a écrit : > Hi all, > > Since I started using Stan's fqrdns.pcre file to reduce spam I have some > problems receiving emails from with IPv6 clients. replace check_client_access pcre:/etc/postfix

Re: fqrdns.pcre and IPv6

2011-07-06 Thread Noel Jones
On 7/6/2011 12:08 PM, Wietse Venema wrote: > > Given this, a pcre rule with ``/:/ DUNNO'' is sufficient to skip > IPv6 addresses. > > Wietse Thanks. -- Noel Jones

Re: fqrdns.pcre and IPv6

2011-07-06 Thread Noel Jones
On 7/6/2011 8:15 AM, Simon Deziel wrote: > On 07/06/2011 03:32 AM, Henrik K wrote: >> On Wed, Jul 06, 2011 at 12:38:05AM -0500, Noel Jones wrote: >>> On 7/6/2011 12:07 AM, Simon Deziel wrote: >>>> Hi all, >>>> >>>> Since I started us

Re: fqrdns.pcre and IPv6

2011-07-06 Thread Simon Deziel
On 07/06/2011 09:13 AM, Noel Jones wrote: > On 7/6/2011 2:32 AM, Henrik K wrote: >> On Wed, Jul 06, 2011 at 12:38:05AM -0500, Noel Jones wrote: >>> On 7/6/2011 12:07 AM, Simon Deziel wrote: >>>> Hi all, >>>> >>>> Since I started us

Re: fqrdns.pcre and IPv6

2011-07-06 Thread Simon Deziel
On 07/06/2011 03:32 AM, Henrik K wrote: > On Wed, Jul 06, 2011 at 12:38:05AM -0500, Noel Jones wrote: >> On 7/6/2011 12:07 AM, Simon Deziel wrote: >>> Hi all, >>> >>> Since I started using Stan's fqrdns.pcre file to reduce spam I have some >>>

Re: fqrdns.pcre and IPv6

2011-07-06 Thread Noel Jones
On 7/6/2011 2:32 AM, Henrik K wrote: > On Wed, Jul 06, 2011 at 12:38:05AM -0500, Noel Jones wrote: >> On 7/6/2011 12:07 AM, Simon Deziel wrote: >>> Hi all, >>> >>> Since I started using Stan's fqrdns.pcre file to reduce spam I have some >>>

Re: fqrdns.pcre and IPv6

2011-07-06 Thread Henrik K
On Wed, Jul 06, 2011 at 12:38:05AM -0500, Noel Jones wrote: > On 7/6/2011 12:07 AM, Simon Deziel wrote: > > Hi all, > > > > Since I started using Stan's fqrdns.pcre file to reduce spam I have some > > problems receiving emails from with IPv6 clients. > >

Re: fqrdns.pcre and IPv6

2011-07-05 Thread Noel Jones
On 7/6/2011 12:07 AM, Simon Deziel wrote: > Hi all, > > Since I started using Stan's fqrdns.pcre file to reduce spam I have some > problems receiving emails from with IPv6 clients. > > Jul 4 05:19:10 mx postfix/smtpd[10191]: NOQUEUE: reject: RCPT from > mail.python.org

fqrdns.pcre and IPv6

2011-07-05 Thread Simon Deziel
Hi all, Since I started using Stan's fqrdns.pcre file to reduce spam I have some problems receiving emails from with IPv6 clients. Jul 4 05:19:10 mx postfix/smtpd[10191]: NOQUEUE: reject: RCPT from mail.python.org[2001:888:2000:d::a6]: 554 : Client host rejected: Generic - Please relay vi

Re: fqrdns.pcre

2010-12-11 Thread Stefan G. Weichinger
Am 2010-12-10 23:32, schrieb Steve: > > Original-Nachricht >> Datum: Fri, 10 Dec 2010 22:46:35 +0100 Von: "Stefan G. Weichinger" >> An: Steve CC: >> postfix-users@postfix.org Betreff: Re: fqrdns.pcre > >> >> We are getting q

Re: fqrdns.pcre

2010-12-10 Thread Steve
Original-Nachricht > Datum: Fri, 10 Dec 2010 22:46:35 +0100 > Von: "Stefan G. Weichinger" > An: Steve > CC: postfix-users@postfix.org > Betreff: Re: fqrdns.pcre > > We are getting quite off topic here, I assume. > BLs aren't postfix, I

Re: fqrdns.pcre

2010-12-10 Thread Stefan G. Weichinger
We are getting quite off topic here, I assume. BLs aren't postfix, I know. Maybe we should continue off-list, Steve? Am 10.12.2010 20:08, schrieb Steve: >>> zen.spamhaus.org should be the only spamhaus.org DNSBL in your >>> IP blocklist configuration. You should not use ZEN together with >>> oth

Re: fqrdns.pcre

2010-12-10 Thread Steve
Original-Nachricht > Datum: Fri, 10 Dec 2010 18:38:28 +0100 > Von: "Stefan G. Weichinger" > An: postfix-users@postfix.org > Betreff: Re: fqrdns.pcre > Am 2010-12-09 21:59, schrieb Steve: > > > Hacking? Adding one additional BL to polic

Re: fqrdns.pcre

2010-12-10 Thread Stefan G. Weichinger
Am 2010-12-09 21:59, schrieb Steve: > Hacking? Adding one additional BL to policyd-weight.conf is not > hacking. Hacking policyd-weight would be if you add additional > features like OS fingerprinting support, GeoIP support, etc... ok ok, you're right ;-) I just thought of the advice of the au

Re: fqrdns.pcre

2010-12-09 Thread Steve
Original-Nachricht > Datum: Thu, 09 Dec 2010 15:42:48 +0100 > Von: "Stefan G. Weichinger" > An: Stan Hoeppner > CC: postfix-users@postfix.org > Betreff: Re: fqrdns.pcre > Am 09.12.2010 08:19, schrieb Stan Hoeppner: > > Stefan G. Weichin

Re: fqrdns.pcre

2010-12-09 Thread Stan Hoeppner
Paul Cartwright put forth on 12/9/2010 9:38 AM: > mail.info now has this: > Dec 9 10:32:06 paulandcilla postfix/master[17432]: warning: > /usr/lib/postfix/smtpd: bad command startup -- throttling Ok, we need to troubleshoot this as Postfix isn't starting. What do you see in /var/log/mail.log

Re: fqrdns.pcre

2010-12-09 Thread Stefan G. Weichinger
ot;big project" based > on this, but I'd gladly accept any *thoroughly tested* regexes and add > them to the "master" list I currently host at > > http://www.hardwarefreak.com/fqrdns.pcre > > I'd be glad to start new sections of the file for spam source types > other t

Re: Thank you! [was Re: fqrdns.pcre]

2010-12-09 Thread Wietse Venema
Steffan A. Cline: > Weitse, Please take the trouble to spell my name correctly. Thank you. > To me this comment from you, "Stan, go take this discussion off-list or be > removed." is completely out of line. While I understand your complaint and > frustration, I think you forget that Stan provides

Re: fqrdns.pcre

2010-12-09 Thread Paul Cartwright
On 12/09/2010 09:44 AM, Stan Hoeppner wrote: > Everything from here... > > to here > > is being ignored by postfix or will cause errors. These all need to be under > an smtpd_foo_restriction heading. You have most it duplicated once, if not > twice, below. > yeah, well,

Thank you! [was Re: fqrdns.pcre]

2010-12-09 Thread Steffan A. Cline
annotate needed changes. >> >> > then my main.cf: >> > cat /etc/postfix/main.cf >> >> Everything from here... >> ---- >> > permit_sasl_authenticated, reject_unauth_destination >>check_client_access >> > pcre:/etc/postfix

Re: fqrdns.pcre

2010-12-09 Thread Wietse Venema
fix/main.cf > > Everything from here... > > > permit_sasl_authenticated, reject_unauth_destination check_client_access > > pcre:/etc/postfix/fqrdns.pcre, reject_rbl_client dnsbl.sorbs.net, This is PRECISELY why this mailing list instists on posting POSTCONF -N output, because THAT is the onl

Re: fqrdns.pcre

2010-12-09 Thread Stan Hoeppner
_sasl_authenticated, reject_unauth_destination check_client_access > pcre:/etc/postfix/fqrdns.pcre, reject_rbl_client dnsbl.sorbs.net, > reject_rbl_client zen.spamhaus.org, reject_rhsbl_sender dbl.spamhaus.org > reject_rhsbl_helo dbl.spamhaus.org, > reject_unknown_sender_domain,reject_unknown_recipient_d

Re: fqrdns.pcre

2010-12-09 Thread Stefan G. Weichinger
Am 09.12.2010 08:19, schrieb Stan Hoeppner: > Stefan G. Weichinger put forth on 12/8/2010 5:55 PM: >> Am 09.12.2010 00:53, schrieb Stefan G. Weichinger: >> >>> * is it really making greylisting useless? I use postgrey successfully >> >> small correction: on my own servers I run policyd for greylist

Re: fqrdns.pcre

2010-12-09 Thread Stan Hoeppner
Wietse Venema put forth on 12/9/2010 6:10 AM: > Stan, don't encourage people to cut and paste main.cf snippets. > > PLEASE PLEASE PLEASE PLEASE PLEASE PLEASE PLEASE PLEASE PLEASE PLEASE. > > Wietse My apologies. I thought in this case it would be better for the OP and possibly easier on

Re: fqrdns.pcre

2010-12-09 Thread Wietse Venema
Stan Hoeppner: > Noel Jones put forth on 12/8/2010 9:22 PM: > > On 12/8/2010 7:07 PM, Stan Hoeppner wrote: > > > >> While discussing restrictions in main.cf only, and specifically order > >> processing, it would actually be better if you pasted main.cf snippets > >> instead of postconf -n snippets

Re: fqrdns.pcre

2010-12-09 Thread Paul Cartwright
(Debian/GNU) smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_reverse_client_hostname_access pcre:/etc/postfix/fqrdns.pcre check_client_access cidr:/etc/postfix/china.cidr reject_unknown_sender_domain reject_unknown_recipient_domain reject_non_

Re: fqrdns.pcre

2010-12-08 Thread Stan Hoeppner
Stefan G. Weichinger put forth on 12/8/2010 5:55 PM: > Am 09.12.2010 00:53, schrieb Stefan G. Weichinger: > >> * is it really making greylisting useless? I use postgrey successfully > > small correction: on my own servers I run policyd for greylisting, not > postgrey ... ;) just to be correct, an

Re: fqrdns.pcre

2010-12-08 Thread Stan Hoeppner
ng a "big project" based on this, but I'd gladly accept any *thoroughly tested* regexes and add them to the "master" list I currently host at http://www.hardwarefreak.com/fqrdns.pcre I'd be glad to start new sections of the file for spam source types other than consumer rdns

Re: fqrdns.pcre

2010-12-08 Thread Stan Hoeppner
Noel Jones put forth on 12/8/2010 9:22 PM: > On 12/8/2010 7:07 PM, Stan Hoeppner wrote: > >> While discussing restrictions in main.cf only, and specifically order >> processing, it would actually be better if you pasted main.cf snippets >> instead of postconf -n snippets, contrary to the list guid

Re: fqrdns.pcre

2010-12-08 Thread Stan Hoeppner
n reloading. > here is what it looks like now: > smtpd_recipient_restrictions = permit_mynetworks, > permit_sasl_authenticated, reject_unauth_destination, > check_reverse_client_hostname_access pcre:/etc/postfix/fqrdns.pcre > check_client_access cidr:/etc/postfix/china.cidr, >

Re: fqrdns.pcre

2010-12-08 Thread Noel Jones
, check_reverse_client_hostname_access pcre:/etc/postfix/fqrdns.pcre check_client_access cidr:/etc/postfix/china.cidr, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client zen.spamhaus.org

Re: fqrdns.pcre

2010-12-08 Thread Noel Jones
On 12/8/2010 7:07 PM, Stan Hoeppner wrote: While discussing restrictions in main.cf only, and specifically order processing, it would actually be better if you pasted main.cf snippets instead of postconf -n snippets, contrary to the list guidelines. Nonsense. Always use "postconf -n" except

Re: fqrdns.pcre

2010-12-08 Thread Paul Cartwright
sasl_authenticated, reject_unauth_destination, check_reverse_client_hostname_access pcre:/etc/postfix/fqrdns.pcre check_client_access cidr:/etc/postfix/china.cidr, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_rbl_clie

Re: fqrdns.pcre

2010-12-08 Thread Stan Hoeppner
Jack put forth on 12/8/2010 1:30 PM: > FYI I have done this CIDR blocking for years at the firewall level ( people > on the list harassed me about it) with minimal false positives but still > enough to be a pain. > > I have lists from Turkey, Russia and other countries as well, but using the > fir

Re: fqrdns.pcre

2010-12-08 Thread Stan Hoeppner
Paul Cartwright put forth on 12/8/2010 8:21 AM: > I didn't realize they were order specific.. > it now reads: > smtpd_recipient_restrictions = permit_mynetworks > permit_sasl_authenticated, reject_unauth_destination check_client_access > pcre:/etc/postfix/fqrdns.pcr

Re: fqrdns.pcre

2010-12-08 Thread Stefan G. Weichinger
Am 09.12.2010 00:53, schrieb Stefan G. Weichinger: > * is it really making greylisting useless? I use postgrey successfully small correction: on my own servers I run policyd for greylisting, not postgrey ... ;) just to be correct, and maybe there are specific issues with policyd vs. postgrey ...

Re: fqrdns.pcre

2010-12-08 Thread Stefan G. Weichinger
Am 08.12.2010 07:52, schrieb Stan Hoeppner: > I just added installation/usage instructions to the top of the file > yesterday. As mouss stated, you'll see an entry in your mail log file > with detailed optional text, usually identifying the ISP by name. > Pflogsumm or logwatch can help you easily

Re: fqrdns.pcre

2010-12-08 Thread Charles Marcus
On 2010-12-08 3:21 PM, Paul Cartwright wrote: > I'm still getting LOTS of emails in thunderbird that have the "junk > status" flame turned on. Thunderbirds 'Junk' controls are client side - ie, totally separate from server-side spam stuff... and they do not add anything to an emails headers... If

Re: fqrdns.pcre

2010-12-08 Thread Paul Cartwright
On 12/08/2010 02:30 PM, Jack wrote: > I have lists from Turkey, Russia and other countries as well, but > using the > firewall method was rough when people didn't get a rejection so what I did > is I converted to postfix CIDR and use fail2ban to monitor the log. If I > bounce the same IP 4 times w

Re: fqrdns.pcre

2010-12-08 Thread Charles Marcus
On 2010-12-08 9:21 AM, Paul Cartwright wrote: > I didn't realize they were order specific.. > it now reads: > smtpd_recipient_restrictions = permit_mynetworks > permit_sasl_authenticated, reject_unauth_destination check_client_access > pcre:/etc/postfix/fqrdns.pcr

RE: fqrdns.pcre

2010-12-08 Thread Jack
FYI I have done this CIDR blocking for years at the firewall level ( people on the list harassed me about it) with minimal false positives but still enough to be a pain. I have lists from Turkey, Russia and other countries as well, but using the firewall method was rough when people didn't get a r

Re: fqrdns.pcre

2010-12-08 Thread Paul Cartwright
en.spamhaus.org, reject_rhsbl_sender >> > dbl.spamhaus.org reject_rhsbl_helo dbl.spamhaus.org, >> > reject_unknown_sender_domain,reject_unknown_recipient_domain, >> > reject_non_fqdn_sender, >> > reject_non_fqdn_recipient,check_reverse_client_hostname_access >> > pcre:/etc

Re: fqrdns.pcre-HOW-TO block China

2010-12-08 Thread Paul Cartwright
On 12/08/2010 02:00 AM, Stan Hoeppner wrote: > To IP block all of China: > > wget http://ipdeny.com/ipblocks/data/countries/cn.zone > > sed 's/$/ REJECT/g' cn.zone > /etc/postfix/china.cidr > > smtpd_recipient_restrictions > ... > check_client_access cidr:/etc/postfix/china.cidr >

  1   2   >