Re: EHLO rejections

DL Neil skrev den 2022-11-02 18:39: The daily pflogsumm report shows that (in recent days) 60~93% of attempts to connect are rejected, and bounce-off Postfix's settings, eg 450 4.7.1 <00nyBxbT>: Helo command rejected: Host not found; proto=SMTP helo=<00nyBxbT> (total: 1) 1 115.2

Re: EHLO rejections

On 03.11.22 06:39, DL Neil wrote: The daily pflogsumm report shows that (in recent days) 60~93% of attempts to connect are rejected, and bounce-off Postfix's settings, eg 450 4.7.1 <00nyBxbT>: Helo command rejected: Host not found; proto=SMTP helo=<00nyBxbT> (total: 1) 1 115.2

Re: EHLO rejections

On 2022-11-02 at 13:39:44 UTC-0400 (Thu, 3 Nov 2022 06:39:44 +1300) DL Neil is rumored to have said: The daily pflogsumm report shows that (in recent days) 60~93% of attempts to connect are rejected, and bounce-off Postfix's settings, eg 450 4.7.1 <00nyBxbT>: Helo command rejected: Host

Re: EHLO rejections

DL Neil: > The daily pflogsumm report shows that (in recent days) 60~93% of > attempts to connect are rejected, and bounce-off Postfix's settings, eg > > 450 4.7.1 <00nyBxbT>: Helo command rejected: Host not found; > proto=SMTP helo=<00nyBxbT> (total: 1) > 1 115.213.249.159 (

EHLO rejections

The daily pflogsumm report shows that (in recent days) 60~93% of attempts to connect are rejected, and bounce-off Postfix's settings, eg 450 4.7.1 <00nyBxbT>: Helo command rejected: Host not found; proto=SMTP helo=<00nyBxbT> (total: 1) 1 115.213.249.159 (<>) The EHLO string

Re: mail.protection.outlook.com rejections

Sadly MS is as fallible as the rest of us. Sent from my iPhone > On Nov 2, 2022, at 4:56 AM, Linkcheck wrote: > > Thanks, Viktor. That's interesting. You'd think someone like MS could get it > right. :( >

Re: mail.protection.outlook.com rejections

Thanks, Viktor. That's interesting. You'd think someone like MS could get it right. :(

Re: mail.protection.outlook.com rejections

Thanks, Bill. That looks rather variable, though. This morning I'm getting 19 ms on the mail server and 163 ms on my desktop. Mail server may have the uri in cache, I suppose. But it does look as if the rejects I get are not my fault.

Re: mail.protection.outlook.com rejections

On Tue, Nov 01, 2022 at 01:25:09PM -0400, Bill Cole wrote: > From where I am, it looks like the Dyn server is answering fast. It's > the Microsoft server resolving the A record that is slow. The "nameservers" (if one can call these barely able to speak DNS systems that) for mail.protection.outloo

Re: mail.protection.outlook.com rejections

On 2022-11-01 at 12:56:42 UTC-0400 (Tue, 1 Nov 2022 16:56:42 +) Linkcheck is rumored to have said: > On 01/11/2022 4:23 pm, Viktor Dukhovni wrote: > >> Note that DNS for the recipient domain is provided by "dyn.com" > > Noted. I suppose that would explain the 1 second plus delay. From where

Re: mail.protection.outlook.com rejections

On Tue, Nov 01, 2022 at 12:37:08PM -0400, Paul Kudla wrote: You really should not speculate nearly so much. > does ubound have a dns query timeout that could be set higher ??? Of course. > bcs.hants.sch.uk seems to be a sub, sub, domain thus going through > multiple dns lookups before it gets

Re: mail.protection.outlook.com rejections

On 01/11/2022 4:23 pm, Viktor Dukhovni wrote: > Note that DNS for the recipient domain is provided by "dyn.com" Noted. I suppose that would explain the 1 second plus delay. Unless you have a good reason to include "native", you probably should not. Thank you, Viktor. Now removed.

Re: mail.protection.outlook.com rejections

ok > (Host or domain name not > found. Name service error for name=bcs.hants.sch.uk type=MX: Host not > found, try again) ok again looking in from out side please note that i am in ontario canada host not found is exactly that, host not found which means no MX, no A records etc were returne

Re: mail.protection.outlook.com rejections

On Tue, Nov 01, 2022 at 04:06:23PM +, Linkcheck wrote: > I could only find 3 lines of log for the transaction - it was part of a > bulk send. It appears the email was actually sent for this one; was it > really? Yes, the message was delivered on the second attempt. > Oct 31 12:54:37 BRISTO

Re: mail.protection.outlook.com rejections

Log and postconf as requested. I could only find 3 lines of log for the transaction - it was part of a bulk send. It appears the email was actually sent for this one; was it really? log entry Oct 31 12:54:37 BRISTOLWEB postfix/smtp[35040]: A123A320136: to=, relay=n

Re: mail.protection.outlook.com rejections

thanks for the info I learned something ! Happy Tuesday !!! Thanks - paul Paul Kudla Scom.ca Internet Services 004-1009 Byron Street South Whitby, Ontario - Canada L1N 4S3 Toronto 416.642.7266 Main 1.866.411.7266 Fax 1.888.892.7266 Email p...@scom.ca On 11/1/20

Re: mail.protection.outlook.com rejections

ok i replyed back on another post but thanbks for at least replying i think i will let everyone else figure this out you are right i was running on experience without any logging info the origional post indicated that mx records were not being returned? when i did a dig on my dns system and

Re: mail.protection.outlook.com rejections

On 2022-11-01 at 10:16:15 UTC-0400 (Tue, 1 Nov 2022 10:16:15 -0400) Paul Kudla is rumored to have said: > well at lest this is starting to make total sense. > > i was unaware of unbound dns and not really sure that would ever work on a > mail server? > > even if it does elsewhere Unbound works

Re: mail.protection.outlook.com rejections

On Tue, Nov 01, 2022 at 10:30:50AM -0400, Paul Kudla wrote: > > The OP, please ignore advice (such as the below) from eager but > > uninformed list contributors. > > if i can please get an explanition on what triggered this comment then > please advise - ie regarding unbound (i presume) Essen

Re: mail.protection.outlook.com rejections

ok i have been doing networking, dns, mail etc postfix for over 22 years mainly on freebsd running an isp. not saying i dont have anything further to learn (in fact that is an ongoing daily experience today) but would appreciate an explination ?? I am not eager - just trying to help based

Re: mail.protection.outlook.com rejections

On Tue, Nov 01, 2022 at 10:16:15AM -0400, Paul Kudla wrote: The OP, please ignore advice (such as the below) from eager but uninformed list contributors. > I was unaware of unbound dns and not really sure that would ever work on > a mail server? > > even if it does elsewhere > > postfix 101 >

Re: mail.protection.outlook.com rejections

well at lest this is starting to make total sense. i was unaware of unbound dns and not really sure that would ever work on a mail server? even if it does elsewhere postfix 101 postfix will always look at the resolv.conf file on a unix system. if all you have is 127.0.0.1 (loopback) and a

Re: mail.protection.outlook.com rejections

On Tue, Nov 01, 2022 at 01:55:37PM +, Linkcheck wrote: > As I said, I use unbound. resolv.conf only has 127.0.0.1. To ask a question on this list in a manner likely to elicit meaningful help follow the advice in: http://www.postfix.org/DEBUG_README.html#mail -- Viktor.

Re: mail.protection.outlook.com rejections

As I said, I use unbound. resolv.conf only has 127.0.0.1. Windows - where does that come in? Haven't used that in years! :)

Re: mail.protection.outlook.com rejections

On 31.10.22 12:39, Paul Kudla wrote: ok look at /etc/resolv.conf on the email server i use : domain scom.ca search scom.ca options timeout:2 options attempts:1 nameserver 10.220.0.2 nameserver 10.220.0.18 nameserver 10.220.0.6 nameserver 10.220.0.16 note that resolv.conf usually supports up t

Re: mail.protection.outlook.com rejections

took approc 200 ms. So I'm now wondering if the problem is resolution time. Is there a time-to-wait value I can set? Can't seem to find one either in ubound nor postfix. Forgot to mention, I get several mail rejections over a short space of time (a client is sending out to his address book). Ubound is set to ipv4 only.

Re: mail.protection.outlook.com rejections

ot to mention, I get several mail rejections over a short space of time (a client is sending out to his address book). Ubound is set to ipv4 only. -- Dave Stiles

Re: mail.protection.outlook.com rejections

scom.ca> 004-1009 Byron Street South Whitby, Ontario - Canada L1N 4S3 Toronto 416.642.7266 Main 1.866.411.7266 Fax 1.888.892.7266 Email p...@scom.ca On 10/31/2022 10:51 AM, Linkcheck wrote: I'm trying to convince myself this is not my fault but I've been getting several rejections over the

mail.protection.outlook.com rejections

I'm trying to convince myself this is not my fault but I've been getting several rejections over the past few months. My mail server has been unmodified for a few years so I THINK it's not that, but sending mail to (for example) bcs.hants.sch.uk results in: (Host or domain

Re: rejections after limiting access to smtp auth

lists skrev den 2019-12-12 03:08: Seriously is there ever a case not to use port 587? On 12.12.19 08:29, Benny Pedersen wrote: depends on content filtering, if all clients is local all can use port 25 even in this case separation of submission port can help much. I prefer postscreen and milt

Re: rejections after limiting access to smtp auth

lists skrev den 2019-12-12 03:08: Seriously is there ever a case not to use port 587? depends on content filtering, if all clients is local all can use port 25

Re: rejections after limiting access to smtp auth

Jason R Cowart skrev den 2019-12-12 01:10: smtpd_recipient_restrictions = check_client_access cidr:/etc/postfix/access/restricted-local-only.cidr, check_recipient_access hash:/etc/postfix/access/recipient, Any thoughts? Thanks in advance. make check_resipient_access reused in ch

Re: rejections after limiting access to smtp auth

Seriously is there ever a case not to use port 587?

Re: rejections after limiting access to smtp auth

On Thu, Dec 12, 2019 at 12:10:07AM +, Jason R Cowart wrote: > We're moving to a configuration that will leverage the check_sasl_access > option to allow only those granted access to authenticate from outside the > local network and relay mail. Your submission users should be using port 587, n

rejections after limiting access to smtp auth

We're moving to a configuration that will leverage the check_sasl_access option to allow only those granted access to authenticate from outside the local network and relay mail. This are mostly working (at least amongst the list of users allowed to send--we'll evaluate the types of things we're

Re: Finding reason for smtpd rejections

output, such as the heading or something else. Depending on how compact you've set the output, it might be hard to identify with the existing information. The heading may give the clue about which rule or control rejected these. Maybe re-running pflogsumm with increasing detail will give hints about which two rejections it's referring to. -- Noel Jones

Re: Finding reason for smtpd rejections

On Thu, 6 Dec 2018, Noel Jones wrote: Wild guess: some spammer used your own address as sender, and the connection was rejected by some of your spam controls, probably an rbl. Noel, There are certainly many rejected by a couple of rbls as well as by other postfix UCE checks. Why these two

Re: Finding reason for smtpd rejections

Rich Shepard: > Today's pflogsumm report includes this rejection: > > Recipient address rejected: Please see http (total: 2) > 2 rshep...@appl-ecosys.com > > Since this is my address I'm curious why two incoming messages were rejected > when many more were passed. I'd appreciat

Re: Finding reason for smtpd rejections

On 12/6/2018 9:59 AM, Rich Shepard wrote: > Today's pflogsumm report includes this rejection: > >     Recipient address rejected: Please see http (total: 2) >    2   rshep...@appl-ecosys.com > > Since this is my address I'm curious why two incoming messages were > rejected > when many mor

Finding reason for smtpd rejections

Today's pflogsumm report includes this rejection: Recipient address rejected: Please see http (total: 2) 2 rshep...@appl-ecosys.com Since this is my address I'm curious why two incoming messages were rejected when many more were passed. I'd appreciate advice on how I can identif

Re: Some people sending to us getting 451 4.3.5 Server configuration rejections

On Wed, Aug 27, 2014 at 7:12 AM, Wietse Venema wrote: > Ian Evans: > > > First. the script should limit the time for DNS lookups. > > > > > > Second, the script should not die after BrokenPipeError exceptions. > > > > > > try: sys.stdout.flush() > > > except BrokenPipeError: pass > > > > > Again,

Re: Some people sending to us getting 451 4.3.5 Server configuration rejections

Ian Evans: > > First. the script should limit the time for DNS lookups. > > > > Second, the script should not die after BrokenPipeError exceptions. > > > > try: sys.stdout.flush() > > except BrokenPipeError: pass > > > Again, since I'm tired, I just want to be sure I understand...are you > suggesti

Re: Some people sending to us getting 451 4.3.5 Server configuration rejections

On Tue, Aug 26, 2014 at 8:21 PM, Wietse Venema wrote: > Ian Evans: > > Aug 26 08:34:05 carson postfix/smtpd[16374]: warning: problem talking to > server private/policy-spf: Connection timed out > > This Postfix SMTP server time limit is specified with the > smtpd_policy_service_timeout parameter

Re: Some people sending to us getting 451 4.3.5 Server configuration rejections

On Tue, Aug 26, 2014 at 8:21 PM, Wietse Venema wrote: > Ian Evans: > > Aug 26 08:34:05 carson postfix/smtpd[16374]: warning: problem talking to > server private/policy-spf: Connection timed out > > This Postfix SMTP server time limit is specified with the > smtpd_policy_service_timeout parameter

Re: Some people sending to us getting 451 4.3.5 Server configuration rejections

Ian Evans: > Aug 26 08:34:05 carson postfix/smtpd[16374]: warning: problem talking to > server private/policy-spf: Connection timed out This Postfix SMTP server time limit is specified with the smtpd_policy_service_timeout parameter (default: 100s). Your SPF script should reply in 10 seconds at

Re: Some people sending to us getting 451 4.3.5 Server configuration rejections

On Tue, Aug 26, 2014 at 7:21 PM, Wietse Venema wrote: > Ian Evans: > > Our mail server is still getting a nice steady supply of email, so I > didn't > > realize anything was wrong. The a freind said that emails from her office > > address were getting rejected. I checked the logs and noticed that

Re: Some people sending to us getting 451 4.3.5 Server configuration rejections

Ian Evans: > Our mail server is still getting a nice steady supply of email, so I didn't > realize anything was wrong. The a freind said that emails from her office > address were getting rejected. I checked the logs and noticed that she > wasn't the only one getting the message. > > Before the li

Some people sending to us getting 451 4.3.5 Server configuration rejections

Our mail server is still getting a nice steady supply of email, so I didn't realize anything was wrong. The a freind said that emails from her office address were getting rejected. I checked the logs and noticed that she wasn't the only one getting the message. Before the line below, my friend's e

Re: Logging DNSBL rejections

On 1 Jul 2014, at 19:41, Benny Pedersen wrote: On 1. jul. 2014 23.15.01 CEST, wie...@porcupine.org wrote: Benny Pedersen: [ Charset UTF-8 unsupported, converting... ] Benny you have no idea what you are talking about. Oh Telnet to 127.0.0.1 25 was imho what you mean, not to 127.0.0.2 ? D

Re: Logging DNSBL rejections

Am 02.07.2014 01:41, schrieb Benny Pedersen: > On 1. jul. 2014 23.15.01 CEST, wie...@porcupine.org wrote: >> Benny Pedersen: >> [ Charset UTF-8 unsupported, converting... ] > >> Benny you have no idea what you are talking about. > > Oh > > Telnet to 127.0.0.1 25 was imho what you mean, not to 1

Re: Logging DNSBL rejections

Benny Pedersen: > On 1. jul. 2014 23.15.01 CEST, wie...@porcupine.org wrote: > >Benny Pedersen: > > >Benny you have no idea what you are talking about. > > Oh > > Telnet to 127.0.0.1 25 was imho what you mean, not to 127.0.0.2 ? See my follow-up post how to "telnet to 127.0.0.2 25", how Postfix

Re: Logging DNSBL rejections

On 1. jul. 2014 23.15.01 CEST, wie...@porcupine.org wrote: >Benny Pedersen: >[ Charset UTF-8 unsupported, converting... ] >Benny you have no idea what you are talking about. Oh Telnet to 127.0.0.1 25 was imho what you mean, not to 127.0.0.2 ? Did i sleep there? >When a client connects from 127

Re: Logging DNSBL rejections

My reply had one typo. This is the fixed version. When a client connects from 127.0.0.2, the Postfix DNSBL client will make a query, for example, for 2.0.0.127.zen.spamhaus.org. 2.0.0.127.zen.spamhaus.org has address 127.0.0.4 2.0.0.127.zen.spamhaus.org has address 127.0.0.10 2.0.0.12

Re: Logging DNSBL rejections

Benny Pedersen: [ Charset UTF-8 unsupported, converting... ] > On 1. jul. 2014 22.00.22 CEST, wie...@porcupine.org wrote: > >Narcis Garcia: > >> At this moment I don't want to check manually if an IP is blacklisted > >or > >> not (I already had made that exercise). > >> > >> I want my Postfix inst

Re: Logging DNSBL rejections

On 1. jul. 2014 22.00.22 CEST, wie...@porcupine.org wrote: >Narcis Garcia: >> At this moment I don't want to check manually if an IP is blacklisted >or >> not (I already had made that exercise). >> >> I want my Postfix installation presents a REJECTION to me. I'm >looking >> for a way to send a ma

Re: Logging DNSBL rejections

Narcis Garcia: > At this moment I don't want to check manually if an IP is blacklisted or > not (I already had made that exercise). > > I want my Postfix installation presents a REJECTION to me. I'm looking > for a way to send a mail because I want to reach my Postfix and it > REJECTS it due to DN

Re: Logging DNSBL rejections

At this moment I don't want to check manually if an IP is blacklisted or not (I already had made that exercise). I want my Postfix installation presents a REJECTION to me. I'm looking for a way to send a mail because I want to reach my Postfix and it REJECTS it due to DNSBL rule. If it cannot be

Re: Logging DNSBL rejections

Narcis Garcia: > if I run mail command or swaks, they both make Postfix to send with SMTP > from 127.0.0.1 or public IP. Never 127.0.0.2 $ telnet 127.0.0.2 25 Then type the SMTP commands. Wietse

Re: Logging DNSBL rejections

On 7/1/2014 2:21 PM, Narcis Garcia wrote: > if I run mail command or swaks, they both make Postfix to send with SMTP > from 127.0.0.1 or public IP. Never 127.0.0.2 > > Can I tell Postfix to make 1 mail sending from 127.0.0.2 ? > If so, I suppose the SMTP service listening at TCP/25 will receive th

Re: Logging DNSBL rejections

if I run mail command or swaks, they both make Postfix to send with SMTP from 127.0.0.1 or public IP. Never 127.0.0.2 Can I tell Postfix to make 1 mail sending from 127.0.0.2 ? If so, I suppose the SMTP service listening at TCP/25 will receive the local communication from 127.0.0.2 (?) Thanks for

Re: Logging DNSBL rejections

Narcis Garcia: > Is there any website or service in internet to send a mail test from a > blacklisted IP? Yes. telnet to 127.0.0.2 port 25. Wietse > > El 01/07/14 19:12, Stan Hoeppner ha escrit: > > On 7/1/2014 11:18 AM, Wietse Venema wrote: > >> Narcis Garcia: > >>> How can I check in s

Re: Logging DNSBL rejections

Is there any website or service in internet to send a mail test from a blacklisted IP? El 01/07/14 19:12, Stan Hoeppner ha escrit: > On 7/1/2014 11:18 AM, Wietse Venema wrote: >> Narcis Garcia: >>> How can I check in some manner that some of these parameters is working? >>> >>> reject_rbl_client

Re: Logging DNSBL rejections

On 7/1/2014 11:18 AM, Wietse Venema wrote: > Narcis Garcia: >> How can I check in some manner that some of these parameters is working? >> >> reject_rbl_client >> reject_rhsbl_reverse_client >> reject_rhsbl_helo >> reject_rhsbl_sender > > How can WE check that you have configured them properly? >

Re: Logging DNSBL rejections

Narcis Garcia: > How can I check in some manner that some of these parameters is working? > > reject_rbl_client > reject_rhsbl_reverse_client > reject_rhsbl_helo > reject_rhsbl_sender How can WE check that you have configured them properly? It is possible to configure these so that they will nev

Re: Logging DNSBL rejections

How can I check in some manner that some of these parameters is working? reject_rbl_client reject_rhsbl_reverse_client reject_rhsbl_helo reject_rhsbl_sender El 01/07/14 17:46, Narcis Garcia ha escrit: > No log to mail.info file about rbl/dnsbl until now. > I've restored chroot option to default

Re: Logging DNSBL rejections

No log to mail.info file about rbl/dnsbl until now. I've restored chroot option to default for smtp service. $ logger -p mail.info this is a test $ cat /var/log/mail.info | grep -e 'a test' 2014-07-01T17:43:17.257348+02:00 hostname username: this is a test El 01/07/14 17:30, Wietse Venema ha e

Re: Logging DNSBL rejections

Narcis Garcia: > Note that with default configuration Potstfix is already logging all > other events, except RBL ones, because in Debian chroot logging by > syslog is well configured in /etc/rsyslog.d/postfix.conf > > I've deactivated temporarily chroot, and I'm still waiting if there is > some ne

Re: Logging DNSBL rejections

Note that with default configuration Potstfix is already logging all other events, except RBL ones, because in Debian chroot logging by syslog is well configured in /etc/rsyslog.d/postfix.conf I've deactivated temporarily chroot, and I'm still waiting if there is some news about reject_rbl_client

Re: Logging DNSBL rejections

Narcis Garcia: > Doing this (unpriv to n) and restarting service I get the following from > /var/log/mail.log : Should be: the chroot column that's fifth. My mistake. > error: incorrect SMTP server privileges: uid=0 euid=0 > fatal: the Postfix SMTP server must run with $mail_owner privileges > wa

Re: Logging DNSBL rejections

Doing this (unpriv to n) and restarting service I get the following from /var/log/mail.log : error: incorrect SMTP server privileges: uid=0 euid=0 fatal: the Postfix SMTP server must run with $mail_owner privileges warning: process /usr/lib/postfix/smtpd pid 14987 exit status 1 warning: /usr/lib/p

Re: Logging DNSBL rejections

Narcis Garcia: > Hello; > > I'm working with Debian GNU/Linux 7 and Postfix 2.9.6 > I've configured a Postfix service with this (real rbl instead of example): > > $ postconf -e 'smtpd_recipient_restrictions = > permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,reject_rbl_clien

Logging DNSBL rejections

Hello; I'm working with Debian GNU/Linux 7 and Postfix 2.9.6 I've configured a Postfix service with this (real rbl instead of example): $ postconf -e 'smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,reject_rbl_client rbl.example.net' $ postcon

Re: rejections

On 6/24/2011 2:08 PM, Jack wrote: Hello All, I am seeing more of these rejections, but can’t put my finger on it. #554 Message refused ## I am finding reference to mcaffee issues, but not anything to help me figure out why a sending address that is not blacklisted is getting this message

rejections

Hello All, I am seeing more of these rejections, but can't put my finger on it. #554 Message refused ## I am finding reference to mcaffee issues, but not anything to help me figure out why a sending address that is not blacklisted is getting this message ( content is OK ) Thanks!

Re: Occasional email rejections with no shown explanation

On 04/12/2011 08:09 PM, Eric Cunningham wrote: Hi, on occassion, I'm noting rejected emails without any specific reason logged. Without a reason, it's hard to pinpoint a fix to allow legit emails through. Here's an example from my mail log: Apr 12 13:15:10 postal2 postfix/smtpd[22543]: conn

Re: Occasional email rejections with no shown explanation

* Eric Cunningham : > Darek M wrote: > >On Tue, Apr 12, 2011 at 3:21 PM, Eric Cunningham wrote: > >>Yes, that's correct, but not intentionally nor explicitly. I've tried > >>explicitly accepting the sender address in my smtpd_recipient_restrictions' > >>final_sender_access file but that has no ef

Re: Occasional email rejections with no shown explanation

On Tue, Apr 12, 2011 at 03:21:06PM -0400, Eric Cunningham wrote: Wietse Venema wrote: Eric Cunningham: Apr 12 13:15:10 postal2 postfix/smtpd[22543]: NOQUEUE: reject: RCPT from hsarelay1t.mail.mylife.com[216.52.223.210]: 554 5.7.1 : Sender address rejected: Access denied; from= to= proto=ESMTP h

Re: Occasional email rejections with no shown explanation

On Tue, Apr 12, 2011 at 03:21:06PM -0400, Eric Cunningham wrote: > Wietse Venema wrote: > >Eric Cunningham: > >>Apr 12 13:15:10 postal2 postfix/smtpd[22543]: NOQUEUE: reject: > >>RCPT from hsarelay1t.mail.mylife.com[216.52.223.210]: 554 5.7.1 > >>: Sender address rejected: Access denied; > >>from=

Re: Occasional email rejections with no shown explanation

Darek M wrote: On Tue, Apr 12, 2011 at 3:21 PM, Eric Cunningham wrote: Yes, that's correct, but not intentionally nor explicitly. I've tried explicitly accepting the sender address in my smtpd_recipient_restrictions' final_sender_access file but that has no effect. -Eric And what's the cont

Re: Occasional email rejections with no shown explanation

On Tue, Apr 12, 2011 at 02:09:11PM -0400, Eric Cunningham wrote: > Hi, on occassion, I'm noting rejected emails without any specific > reason logged. Without a reason, it's hard to pinpoint a fix to > allow legit emails through. Here's an example from my mail log: > > > Apr 12 13:15:10 postal2

Re: Occasional email rejections with no shown explanation

On Tue, Apr 12, 2011 at 3:21 PM, Eric Cunningham wrote: > > Yes, that's correct, but not intentionally nor explicitly.  I've tried > explicitly accepting the sender address in my smtpd_recipient_restrictions' > final_sender_access file but that has no effect. > > -Eric And what's the content of /

Re: Occasional email rejections with no shown explanation

Wietse Venema wrote: Eric Cunningham: Apr 12 13:15:10 postal2 postfix/smtpd[22543]: NOQUEUE: reject: RCPT from hsarelay1t.mail.mylife.com[216.52.223.210]: 554 5.7.1 : Sender address rejected: Access denied; from= to= proto=ESMTP helo= The recipient address is legit and working for other sen

Re: Occasional email rejections with no shown explanation

Eric Cunningham: > Apr 12 13:15:10 postal2 postfix/smtpd[22543]: NOQUEUE: reject: RCPT from > hsarelay1t.mail.mylife.com[216.52.223.210]: 554 5.7.1 > : Sender address rejected: Access denied; > from= to= proto=ESMTP > helo= > The recipient address is legit and working for other senders. You

Occasional email rejections with no shown explanation

Hi, on occassion, I'm noting rejected emails without any specific reason logged. Without a reason, it's hard to pinpoint a fix to allow legit emails through. Here's an example from my mail log: Apr 12 13:15:10 postal2 postfix/smtpd[22543]: connect from hsarelay1t.mail.mylife.com[216.52.223.

Re: GeoIP based rejections

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/12/2011 12:17 PM, Justin Piszcz wrote: > > On Sat, 12 Mar 2011, mouss wrote: > >> - write your own policy server or milter > > Hi, > > There is a GeoIP policy server out there if you search around, it is > called: geoip-policyd-0.01.tar.gz >

Re: GeoIP based rejections

On Sat, 12 Mar 2011, mouss wrote: - write your own policy server or milter Hi, There is a GeoIP policy server out there if you search around, it is called: geoip-policyd-0.01.tar.gz With some modifications, it works quite nicely. Justin.

Re: GeoIP based rejections

Le 10/03/2011 16:35, Mark Watts a écrit : > > I'd like to be able to reject connections from remote IP addresses if > they're from certain countries (or conversely only allow from certain > countries). > > What are my options for doing this in/with postfix? - you can also use http://coun

Re: GeoIP based rejections

Mark Watts wrote: > > I'd like to be able to reject connections from remote IP addresses if > they're from certain countries (or conversely only allow from certain > countries). > > What are my options for doing this in/with postfix? > Perhaps not what you asked for, bur Spamassassin has a way

Re: GeoIP based rejections

Mark Watts put forth on 3/10/2011 9:57 AM: > I'm already using three RBL's (b.barracudacentral.org, zen.spamhaus.org > and dnsbl.sorbs.net) yet I'm still seeing a fair amount of spam coming > in from Russian and Romanian IP ranges that isn't blocked. It would be helpful if you posted your 'postco

Re: GeoIP based rejections

Em 10/3/2011 13:16, Wietse Venema escreveu: > Mark Watts: >> I'd like to be able to reject connections from remote IP addresses if >> they're from certain countries (or conversely only allow from certain >> countries). >> >> What are my options for doing this in/with postfix? > The option is a per-

Re: GeoIP based rejections

Mark Watts: > I'd like to be able to reject connections from remote IP addresses if > they're from certain countries (or conversely only allow from certain > countries). > > What are my options for doing this in/with postfix? The option is a per-country access map, policy plugin, milter, or deep

Re: GeoIP based rejections

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 03/10/2011 03:49 PM, Bas Mevissen wrote: > On Thu, 2011-03-10 at 15:35 +, Mark Watts wrote: >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA1 >> >> >> I'd like to be able to reject connections from remote IP addresses if >> they're from certa

Re: GeoIP based rejections

On Thu, 2011-03-10 at 15:35 +, Mark Watts wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > > I'd like to be able to reject connections from remote IP addresses if > they're from certain countries (or conversely only allow from certain > countries). > > What are my options for do

GeoIP based rejections

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I'd like to be able to reject connections from remote IP addresses if they're from certain countries (or conversely only allow from certain countries). What are my options for doing this in/with postfix? Mark. - -- Mark Watts BSc RHCE Senior Syste

Re: overriding bl rejections: recipient_no_checks ?

Voytek Eymont a écrit : > >> alternatively, use dnswl.org (see www.dnswl.org on how to use it with >> postfix) just before DNSBL checks. > > mouss, thanks > > > smtpd_recipient_restrictions = > ... > check_sender_access hash:/etc/postfix/freemail_access, > check_recipient_access pcre:/etc/p

Re: overriding bl rejections: recipient_no_checks ?

> alternatively, use dnswl.org (see www.dnswl.org on how to use it with > postfix) just before DNSBL checks. mouss, thanks smtpd_recipient_restrictions = ... check_sender_access hash:/etc/postfix/freemail_access, check_recipient_access pcre:/etc/postfix/recipient_checks.pcre, check_helo_

Re: overriding bl rejections: recipient_no_checks ?

Voytek Eymont a écrit : > I have a user getting rejects from several valid senders based on > ix.dnsbl.manitu.net blacklist, like: > > NOQUEUE: reject: RCPT from smtpout6.poczta.onet.pl[213.180.147.166]: 554 > 5.7.1 Service unavailable; Client host [213.180.147.166] blocked using > ix.dnsbl.manitu

overriding bl rejections: recipient_no_checks ?

I have a user getting rejects from several valid senders based on ix.dnsbl.manitu.net blacklist, like: NOQUEUE: reject: RCPT from smtpout6.poczta.onet.pl[213.180.147.166]: 554 5.7.1 Service unavailable; Client host [213.180.147.166] blocked using ix.dnsbl.manitu.net; Spam sent to the mailhost rela

Re: Custom 550 messages for custom rejections reasons.

Ralf Hildebrandt a écrit : > * Jaroslaw Grzabel : >> Ralf Hildebrandt wrote: >>> Use an access(5) map on the client: >>> >>> check_client_access hash:/etc/postfix/nice_reject >>> >>> with: >>> >>> unknown 550 5.1.2 Your reverse DNS entries are off >>> >>> >> Thank you for that Ralf. Do you k

Re: Custom 550 messages for custom rejections reasons.

On 1/20/2010 8:43 AM, Jaroslaw Grzabel wrote: Wietse Venema wrote: If you are concerned that you reject mail from hosts with valid PTR, then I recommend that you choose between: 1) reject_unknown_reverse_client_hostname. As documented, this will accept any reverse name, without checking whe

  1   2   >