This is the reply to a person who wanted to stay anonymous.
I am posting the reply here, with his name bleached,
because it may help similar readers.
On 12/14/15 4:42 PM, R.H. (privat) wrote:
>http://marc.info/?l=postfix-users&m=144978027304340&w=2
>> Run a "proper" e-mail server, that is,
On 12/10/15 5:19 PM, Viktor Dukhovni wrote:
On Thu, Dec 10, 2015 at 01:10:52PM +0100, sb wrote:
We must find a way to reject telnet-like cloud-based e-mails.
A little knowledge is a dangerous thing. You've convinced yourself
that you thoroughly understand more than you do, and have become
not
On Thu, Dec 10, 2015 at 01:10:52PM +0100, sb wrote:
> We must find a way to reject telnet-like cloud-based e-mails.
A little knowledge is a dangerous thing. You've convinced yourself
that you thoroughly understand more than you do, and have become
noticeably dogmatic about it. You've received t
On 12/9/15 10:59 PM, Tom Hendrikx wrote:
>> unbound-host -rvD spike.porcupine.org
>> unbound-host -rvD postfix.org
>> unbound-host -rvD mail.cloud9.net
> Most DNSxLs are ip based, not hostname based.
In fact I used the reverse IP to query the DNSBL.
> The client's ip is provided by the tcp/ip
On 09-12-15 17:46, sb wrote:
>
> In what follows, "(secure)" means authenticated DNSSEC response,
> "(insecure)" means spoofable DNS response.
>
>> ... Received: from spike.porcupine.org (spike.porcupine.org
>> [IPv6:2604:8d00:189::2]) by english-breakfast.cloud9.net
>> (Postfix) with ESMTP id
sb:
> Is there a good DNSWL we can use?
> Is there a good DNSBL we can use?
Plenty, but the right choice of reputation service depends on your
requirements.
The postfix-users list is probably not the place to collect
authoritative "reputation" information about reputation lists, but
the lists fr
On 12/7/15 7:19 PM, Wietse Venema wrote:
Wietse Venema:
sb:
Our point of view is plain: are we dealing with "proper" e-mail servers?
Good question.
Our emphasis, therefore, is on the DNS, to identify the sender and
its MX RR, because it is the de-facto standard to say "this is
where I rece
On 08/12/15 05:29, sb wrote:
> Our point of view is plain: are we dealing with "proper" e-mail servers?
> Can they *both* send and receive e-mail?
> How else could you tell them apart?
Postscreen was created to do exactly this, but you currently have it
disabled.
DNSBLs is another recommended wa
Wietse Venema:
> sb:
> > Our point of view is plain: are we dealing with "proper" e-mail servers?
>
> Good question.
>
> > Our emphasis, therefore, is on the DNS, to identify the sender and
> > its MX RR, because it is the de-facto standard to say "this is
> > where I receive e-mail".
>
> For th
sb:
> Our point of view is plain: are we dealing with "proper" e-mail servers?
Good question.
> Our emphasis, therefore, is on the DNS, to identify the sender and
> its MX RR, because it is the de-facto standard to say "this is
> where I receive e-mail".
For the envelope sender address, the send
Everybody,
Thank you for your clarifications on postfix terms, I will treasure it,
but let us focus on the problem please.
Legal procedures allow us to take down identified e-mail servers. It is
not possible,
however, to proceed against a botnet of static and dynamic addresses
that send e-mail
On Sun, Dec 06, 2015 at 04:01:23PM +0100, sb wrote:
> >It's now obvious that you're talking about the client hostname, not
> >the sender domain.
Standard email/Postfix terminology:
SMTP *client* - The connecting machine
Envelope *sender* - The email address in the SMTP "MAIL FROM" comman
On 6 Dec 2015, at 10:01, sb wrote:
On 12/5/15 11:28 PM, Noel Jones wrote:
This is the spamming host:
unbound-host -rvD 78-134-2-123.v4.ngi.it
78-134-2-123.v4.ngi.it has address 78.134.2.123 (insecure)
78-134-2-123.v4.ngi.it has no IPv6 address (insecure)
78-134-2-123.v4.ngi.it has no mail ha
On 05/12/15 06:28, sb wrote:
> I received (yet another) SPAM/UCE from an address without MX record.
And you will also receive legitimate mail from servers without an MX,
and sometimes even without an A record. MX (and the fallback to A)
records have nothing to do with what addresses mail is suppo
On 12/5/15 11:28 PM, Noel Jones wrote:
>>This is the spamming host:
>>
>> >unbound-host -rvD 78-134-2-123.v4.ngi.it
>>78-134-2-123.v4.ngi.it has address 78.134.2.123 (insecure)
>>78-134-2-123.v4.ngi.it has no IPv6 address (insecure)
>>78-134-2-123.v4.ngi.it has no mail handler record (insecure)
On 12/5/2015 1:36 PM, sb wrote:
> On 12/4/15 9:39 PM, Noel Jones wrote:
>
>> Is this even the IP the sender domain pointed to?
>> That isn't clear in your posting.
>
> Answered 4h earlier, althoughthe particular case of
> 78-134-2-123.v4.ngi.it was just a conversation starter.
>
> On 12/4/15 6:2
On 12/4/15 9:39 PM, Noel Jones wrote:
Is this even the IP the sender domain pointed to?
That isn't clear in your posting.
Answered 4h earlier, althoughthe particular case of 78-134-2-123.v4.ngi.it was just a conversation
starter.
On 12/4/15 6:28 PM, sb wrote:
This is the spamming host:
>
On 4 Dec 2015, at 13:57, sb wrote:
On 12/4/15 7:08 PM, Noel Jones wrote:
[...]
I had eject_unknown_sender_domain in smtpd_sender_restrictions, and it
did not work.
It is now in smtpd_client_restrictions.
Which is wrong. See 'man 5 postconf' and the file SMTPD_ACCESS_README in
the Postfi
On 12/4/2015 12:57 PM, sb wrote:
> On 12/4/15 7:08 PM, Noel Jones wrote:
>
>> The sender domain must have either an MX or an A record.
>> You can reply to a domain with only an A record.
>
> If I send mail to the above address, there is no server that can
> receive it:
>
>> telnet 78.134.2.123 2
On 12/4/15 7:08 PM, Noel Jones wrote:
> The sender domain must have either an MX or an A record.
> You can reply to a domain with only an A record.
If I send mail to the above address, there is no server that can receive it:
> telnet 78.134.2.123 25
Trying 78.134.2.123...
No response given. Th
On 12/4/2015 11:28 AM, sb wrote:
> Hello,
>
> I received (yet another) SPAM/UCE from an address without MX record.
>
> Although it is not mandatory for a sender to have an MX record,
> this RFC loophole is exploited by spammers. Further, I do not want to
> receive mail from someone I cannot reply
Hello,
I received (yet another) SPAM/UCE from an address without MX record.
Although it is not mandatory for a sender to have an MX record,
this RFC loophole is exploited by spammers. Further, I do not want to
receive mail from someone I cannot reply to.
Before writing a milter, I would need to
22 matches
Mail list logo
