Dnia 3.12.2021 o godz. 09:14:23 Fourhundred Thecat pisze:
> I have strict helo checks:
>
> smtpd_helo_required = yes
> smtpd_helo_restrictions = reject_non_fqdn_helo_hostname,
>reject_invalid_helo_hostname,
>reject_unknown_helo_hostn
On Fri, Dec 03, 2021 at 11:08:52AM +0100, Jaroslaw Rafa
wrote:
> Dnia 3.12.2021 o godz. 09:14:23 Fourhundred Thecat pisze:
> > Hello,
> >
> > I have strict helo checks:
> >
> > smtpd_helo_required = yes
> > smtpd_helo_restrictions = reject_non_fqdn_helo_hostname,
> >
> "JR" == Jaroslaw Rafa writes:
JR> Dnia 3.12.2021 o godz. 09:14:23 Fourhundred Thecat pisze:
>> Hello,
>>
>> I have strict helo checks:
>>
>> smtpd_helo_required = yes smtpd_helo_restrictions =
>> reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname,
>> reject_unknown_helo_hostname
>>
Dnia 3.12.2021 o godz. 09:14:23 Fourhundred Thecat pisze:
> Hello,
>
> I have strict helo checks:
>
> smtpd_helo_required = yes
> smtpd_helo_restrictions = reject_non_fqdn_helo_hostname,
> reject_invalid_helo_hostname,
> reject_
On 03.12.21 09:14, Fourhundred Thecat wrote:
I have strict helo checks:
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_non_fqdn_helo_hostname,
reject_invalid_helo_hostname,
reject_unknown_helo_hostname
should be
Fourhundred Thecat:
> Hello,
>
> I have strict helo checks:
>
> smtpd_helo_required = yes
> smtpd_helo_restrictions = reject_non_fqdn_helo_hostname,
> reject_invalid_helo_hostname,
> reject_unknown_helo_hostname
Anecdotal: I used to have these exact settin
Hello,
I have strict helo checks:
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_non_fqdn_helo_hostname,
reject_invalid_helo_hostname,
reject_unknown_helo_hostname
now I have noticed mails being rejected:
Hel
On 2018-01-11 11:57, Dominic Raferd wrote:
On 11 January 2018 at 10:15, MRob wrote:
I use reject_unknown_helo_hostname even though it rejects legitimate
mail,
it also catches a reasonable amount of bad things.
I want to whitelist some clients of course. I thought it should be
easy:
/etc/po
MRob:
> I use reject_unknown_helo_hostname even though it rejects legitimate
> mail, it also catches a reasonable amount of bad things.
>
> I want to whitelist some clients of course. I thought it should be easy:
>
> /etc/postfix/main.cf
> smtpd_helo_restrictions =
> reject_invalid_helo_hostna
On 11.01.18 10:15, MRob wrote:
I use reject_unknown_helo_hostname even though it rejects legitimate
mail, it also catches a reasonable amount of bad things.
I want to whitelist some clients of course. I thought it should be easy:
/etc/postfix/main.cf
smtpd_helo_restrictions =
reject_invalid_he
On 11 January 2018 at 10:15, MRob wrote:
> I use reject_unknown_helo_hostname even though it rejects legitimate mail,
> it also catches a reasonable amount of bad things.
>
> I want to whitelist some clients of course. I thought it should be easy:
>
> /etc/postfix/main.cf
> smtpd_helo_restrictions
I use reject_unknown_helo_hostname even though it rejects legitimate
mail, it also catches a reasonable amount of bad things.
I want to whitelist some clients of course. I thought it should be easy:
/etc/postfix/main.cf
smtpd_helo_restrictions =
reject_invalid_helo_hostname
reject_non_fqdn_he
On 13/9/2016 8:52 μμ, Wietse Venema wrote:
I'd use none of these.
Thank you all for your feedback. Following Wietse's advice, I have
removed these directives from the config.
All the best,
Nick
Nikolaos Milas:
> Sep 8 09:35:37 mailgw1 postfix/smtpd[18791]: NOQUEUE: reject: RCPT from
> mail.ipta.demokritos.gr[143.233.230.2]: 450 4.7.1 : Helo
> command rejected: Host not found;
> from= to= proto=ESMTP
> helo=
I don't recommend using reject_unknown_helo_hostname, because there are
many
On 9/13/2016 1:16 PM, Nikolaos Milas wrote:
> Hello,
>
> We are running postfix v2.11.0 on CentOS 6.8 as a gateway server and
> we have recently imposed helo restrictions.
>
> Few servers have problems sending us mail due to the helo restrictions:
>
> Sep 8 09:35:37 mai
On Tue, Sep 13, 2016 at 08:16:30PM +0300, Nikolaos Milas wrote:
> We have notified them that their helo answer is different than their
> mail server name / FQDN (so as to change it) and they say that we
> should not be restricting access due to this:
>
> "The HELO receiver MAY verify that the HELO
Hello,
We are running postfix v2.11.0 on CentOS 6.8 as a gateway server and we
have recently imposed helo restrictions.
Few servers have problems sending us mail due to the helo restrictions:
Sep 8 09:35:37 mailgw1 postfix/smtpd[18791]: NOQUEUE: reject: RCPT from
mail.ipta.demokritos.gr
Am 16.09.2014 um 21:48 schrieb Philip Prindeville:
> On Sep 14, 2014, at 2:17 AM, li...@rhsoft.net wrote:
>
>> Am 14.09.2014 um 01:54 schrieb Philip Prindeville:
>>> On Sep 13, 2014, at 7:35 AM, li...@rhsoft.net wrote:
Am 13.09.2014 um 15:10 schrieb LuKreme:
> On 12 Sep 2014, at 13:55 ,
Philip Prindeville:
>
> On Sep 14, 2014, at 2:17 AM, li...@rhsoft.net wrote:
HEY! Take if off-list.
Wietse
On Sep 14, 2014, at 2:17 AM, li...@rhsoft.net wrote:
>
>
> Am 14.09.2014 um 01:54 schrieb Philip Prindeville:
>> On Sep 13, 2014, at 7:35 AM, li...@rhsoft.net wrote:
>>> Am 13.09.2014 um 15:10 schrieb LuKreme:
On 12 Sep 2014, at 13:55 , li...@rhsoft.net wrote:
> Am 12.09.2014 um 21:49
On Sun, Sep 14, 2014 at 10:17:03AM +0200, li...@rhsoft.net wrote:
> > Yeah, all the time. Each of the company employees when
> > he's out-of-office and connecting remotely.
>
> that is pure bullshit in that case they are using SMTP
> authentication and so they are not affected by MTA rules
> or
Am 14.09.2014 um 01:54 schrieb Philip Prindeville:
> On Sep 13, 2014, at 7:35 AM, li...@rhsoft.net wrote:
>> Am 13.09.2014 um 15:10 schrieb LuKreme:
>>> On 12 Sep 2014, at 13:55 , li...@rhsoft.net wrote:
Am 12.09.2014 um 21:49 schrieb Philip Prindeville:
>> However, any time I connect vi
On Sep 13, 2014, at 7:59 PM, Wietse Venema wrote:
> Philip Prindeville:
>> Who says anything about mail servers? What if it's an MUA doing
>> this?
>
> If the MUA connects to the MX service (port25) then it is an issue.
>
> If the MUA connects to port 587, then the server should not block
> H
On Sep 13, 2014, at 7:59 PM, Wietse Venema wrote:
> Philip Prindeville:
>> Who says anything about mail servers? What if it's an MUA doing
>> this?
>
> If the MUA connects to the MX service (port25) then it is an issue.
>
> If the MUA connects to port 587, then the server should not block
> H
Philip Prindeville:
> Who says anything about mail servers? What if it's an MUA doing
> this?
If the MUA connects to the MX service (port25) then it is an issue.
If the MUA connects to port 587, then the server should not block
HELO, and instead it should require that the client authenticates.
On Sep 13, 2014, at 7:35 AM, li...@rhsoft.net wrote:
>
> Am 13.09.2014 um 15:10 schrieb LuKreme:
>> On 12 Sep 2014, at 13:55 , li...@rhsoft.net wrote:
>>> Am 12.09.2014 um 21:49 schrieb Philip Prindeville:
> However, any time I connect via telnet to this server and specify
> *any* IP add
On Sep 12, 2014, at 1:55 PM, li...@rhsoft.net wrote:
>
> Am 12.09.2014 um 21:49 schrieb Philip Prindeville:
>>> However, any time I connect via telnet to this server and specify
>>> *any* IP address in the form [X.X.X.X], the smtpd_helo_restrictions
>>> won't trigger.
>> This is both legal and r
Am 13.09.2014 um 22:42 schrieb LuKreme:
> On 13 Sep 2014, at 11:48 , li...@rhsoft.net wrote:
>> check_helo_access exists
>
> Exactly, so what is the problem? You seemed very unhappy
the next time you respond to something read the thread
i only commented the "reasonable" until you stepped in
On 13 Sep 2014, at 11:48 , li...@rhsoft.net wrote:
> check_helo_access exists
Exactly, so what is the problem? You seemed very unhappy that neither
reject_non_fqdn_helo_hostname nor reject_unknown_helo_hostname rejected
numerical helos and seemed to be taking the position that they should.
I do
Am 13.09.2014 um 20:19 schrieb Wietse Venema:
> li...@rhsoft.net:
and only because people continue to tell it is reasonable instead block
such connections
>>>
>>> It would be a burden on YOU to convince people (well Wietse) that it is not
>>> reasonable
>>
>> check_helo_access exists
>
li...@rhsoft.net:
> >> and only because people continue to tell it is reasonable instead block
> >> such connections
> >
> > It would be a burden on YOU to convince people (well Wietse) that it is not
> > reasonable
>
> check_helo_access exists
Children, stop quarreling. Postfix already has th
Am 13.09.2014 um 19:12 schrieb LuKreme:
>> On 13 Sep 2014, at 07:35 , li...@rhsoft.net wrote:
>>
>> Am 13.09.2014 um 15:10 schrieb LuKreme:
>>> On 12 Sep 2014, at 13:55 , li...@rhsoft.net wrote:
Am 12.09.2014 um 21:49 schrieb Philip Prindeville:
>> However, any time I connect via telnet
> On 13 Sep 2014, at 07:35 , li...@rhsoft.net wrote:
>
>
> Am 13.09.2014 um 15:10 schrieb LuKreme:
>> On 12 Sep 2014, at 13:55 , li...@rhsoft.net wrote:
>>> Am 12.09.2014 um 21:49 schrieb Philip Prindeville:
> However, any time I connect via telnet to this server and specify
> *any* IP a
Am 13.09.2014 um 15:10 schrieb LuKreme:
> On 12 Sep 2014, at 13:55 , li...@rhsoft.net wrote:
>> Am 12.09.2014 um 21:49 schrieb Philip Prindeville:
However, any time I connect via telnet to this server and specify
*any* IP address in the form [X.X.X.X], the smtpd_helo_restrictions
w
Am 13.09.2014 um 15:10 schrieb LuKreme:
> On 12 Sep 2014, at 13:55 , li...@rhsoft.net wrote:
>> Am 12.09.2014 um 21:49 schrieb Philip Prindeville:
However, any time I connect via telnet to this server and specify
*any* IP address in the form [X.X.X.X], the smtpd_helo_restrictions
wo
On 12 Sep 2014, at 13:55 , li...@rhsoft.net wrote:
> Am 12.09.2014 um 21:49 schrieb Philip Prindeville:
>>> However, any time I connect via telnet to this server and specify
>>> *any* IP address in the form [X.X.X.X], the smtpd_helo_restrictions
>>> won't trigger.
>> This is both legal and reasonab
Am 12.09.2014 um 21:49 schrieb Philip Prindeville:
>> However, any time I connect via telnet to this server and specify
>> *any* IP address in the form [X.X.X.X], the smtpd_helo_restrictions
>> won't trigger.
> This is both legal and reasonable.
>
> If you’re a DHCP’d host running inside a NATtin
On Sep 5, 2014, at 2:36 PM, Edwin Marqe wrote:
> Hi,
>
> I've been doing some tests recently regarding to the EHLO command, and
> I was wondering whether the below detailed behavior is the expected
> one or not.
>
> I have this in my Postfix config:
>
> smtpd_helo_restrictions =
>permit_m
Viktor Dukhovni:
> On Fri, Sep 05, 2014 at 09:36:04PM +0100, Edwin Marqe wrote:
>
> > I've been doing some tests recently regarding to the EHLO command, and
> > I was wondering whether the below detailed behavior is the expected
> > one or not.
> >
> > I have this in my Postfix config:
> >
> > s
On Fri, Sep 05, 2014 at 09:36:04PM +0100, Edwin Marqe wrote:
> I've been doing some tests recently regarding to the EHLO command, and
> I was wondering whether the below detailed behavior is the expected
> one or not.
>
> I have this in my Postfix config:
>
> smtpd_helo_restrictions =
> perm
On 5 Sep 2014, at 21:53, Edwin Marqe wrote:
> But in this case the client IP is *not* listed in $mynetworks, so it
> is not being matched (it's a public IP that is not listed anywhere).
Please post the output of postconf -n. All of it. Unedited. And provide the
actual IP address (not IP!) - no
But in this case the client IP is *not* listed in $mynetworks, so it
is not being matched (it's a public IP that is not listed anywhere).
Edwin
2014-09-05 21:44 GMT+01:00 Jim Reid :
> On 5 Sep 2014, at 21:36, Edwin Marqe wrote:
>
>> I have this in my Postfix config:
>>
>> smtpd_helo_restrictions
On 5 Sep 2014, at 21:36, Edwin Marqe wrote:
> I have this in my Postfix config:
>
> smtpd_helo_restrictions =
>permit_mynetworks
>reject_non_fqdn_helo_hostname
>reject_unknown_helo_hostname
>permit
>
> However, any time I connect via telnet to this server and specify
> *any* IP
Hi,
I've been doing some tests recently regarding to the EHLO command, and
I was wondering whether the below detailed behavior is the expected
one or not.
I have this in my Postfix config:
smtpd_helo_restrictions =
permit_mynetworks
reject_non_fqdn_helo_hostname
reject_unknown_helo_h
On 24-May-2009, at 15:02, mouss wrote:
LuKreme a écrit :
May 23 14:48:17 mail postfix/smtpd[30899]: NOQUEUE: warn: RCPT from
201-88-100-143.gnace704.dsl.brasiltelecom.net.br[201.88.100.143]:
Dynamic DSL looking address; from=
to= proto=ESMTP helo=
note that the IP is listed in zen (PBL and XBL
On 24-May-2009, at 15:05, Sahil Tandon wrote:
Hm, that "warn" does not correspond to what you purportedly have in
your
smtpd_recipient_restrictions; it should have been an outright
rejection.
I'd just changed the WARN to REJECT today and the log entry was from
yesterday. It was while doub
On Sun, 24 May 2009, LuKreme wrote:
> I have the following:
>
> main.cf in smtpd_recipient_restrictions:
> check_helo_access pcre:$config_directory/helo_checks.pcre,
>
> in helo_checks.pcre:
> /(lan|home|example|local)$/ REJECT Mailserver name in
> private namespace
>
> but in
LuKreme a écrit :
> I have the following:
>
> main.cf in smtpd_recipient_restrictions:
> check_helo_access pcre:$config_directory/helo_checks.pcre,
>
> in helo_checks.pcre:
> /(lan|home|example|local)$/ REJECT Mailserver name in
> private namespace
>
> but in logs:
> May 23 14:
I have the following:
main.cf in smtpd_recipient_restrictions:
check_helo_access pcre:$config_directory/helo_checks.pcre,
in helo_checks.pcre:
/(lan|home|example|local)$/ REJECT Mailserver name in
private namespace
but in logs:
May 23 14:48:17 mail postfix/smtpd[30899]: NOQ
49 matches
Mail list logo
