* Lists <[EMAIL PROTECTED]>:
> Thanks for the suggestions, sounds like a good idea.
> Which method is the simplest to implement and get up and running?
Depends on the POP/IMAP you want to use. If you use Cyrus IMAP, then sasldb
will probably be the simpliest thing you can do.
If you want to use C
Stephen Liu wrote:
Hi folks,
Postfix
Dovecot
Xen
Debian Etch - Host (desktop, running Gnome)
Debian Etch - Guest
I have >10 domUs (guests) running on the Xen box. All of them running
on Debian Etch base without X. I'm prepared making following test;
Build all them as mail server with diff
Hi mouss,
Thanks for your advice.
Dom0 (host), a workstation, is connected to ISP at fixed IP, e.g.
111.222.333.444. All domUs (guests), having their own hostname, on the
Xen box are running postfix and dovecot on Debian Etch OS. They can
work if I subcribe a range of fixed IPs forwarding the
On Oct 3, 2008, at 2:49 AM, Wietse Venema wrote:
Johan Ström:
Hi
I got a situation where I need to relay ALMOST all mail through
another mail server. The catch is that I want a few specific sender
mail addresses to send directly from the postfix itself (as if I
didn't have a relayhost directi
OK, having successfully got SASL authentication working via Dovecot (as
per Wietse's helpful comments on my previous post), I now have another
query which I can't seem to find the answer to either by reading the
Postfix documentation or Googling.
What I want to do is configure Postfix so that
Stephen Liu wrote:
Hi mouss,
Please do not top post. put your replies after the text you reply to.
google for more infos (in particular, why we prefer bottom posting).
Dom0 (host), a workstation, is connected to ISP at fixed IP, e.g.
111.222.333.444. All domUs (guests), having their own
Mark Goodge wrote:
OK, having successfully got SASL authentication working via Dovecot (as
per Wietse's helpful comments on my previous post), I now have another
query which I can't seem to find the answer to either by reading the
Postfix documentation or Googling.
What I want to do is config
Hi! Victor and Noel,
Many thanks for your replies.
I will try your suggestion.
Many thanks again
Eddy
Message original
Sujet : Re: exclude some senders from anvil restriction
De : Noel Jones <[EMAIL PROTECTED]>
Pour : postfix-users@postfix.org
Date : 2008-10-02 14:06
Victor
Hello All,
I just updated my rbl list since dsbl.org is out and wanted to see if anyone
has any new lists that are conservative enough to use in the war against
spam.
I use in this order the following:
reject_rbl_client zen.spamhaus.org,
reject_rbl_client bl.spamcop.net,
If you really want no relayhost for a list of senders, this is not
easily done with Postfix. sender_dependent_relayhost_maps was
designed to do the exact opposite: specify a relayhost for a list
of senders.
If the sender list is REALLY small, you could use the pcre built-in
negation operator:
/e
mouss wrote:
Mark Goodge wrote:
OK, having successfully got SASL authentication working via Dovecot
(as per Wietse's helpful comments on my previous post), I now have
another query which I can't seem to find the answer to either by
reading the Postfix documentation or Googling.
What I want
--- mouss <[EMAIL PROTECTED]> wrote:
> Stephen Liu wrote:
> > Hi mouss,
> >
>
> Please do not top post. put your replies after the text you reply to.
>
> google for more infos (in particular, why we prefer bottom posting).
Noted. Sorry
> > Dom0 (host), a workstation, is connected to ISP
Stephen Liu wrote:
I arrange the hostname and domain in this way;
e.g.
domU1 (guest1)
domain - domain1.com
hostname - xen1.domain1.com
domU2 (guest2)
domain - domain2.com
hostname - xen2.domain2.com
domU3 (guest3)
domain - domain3.com
hostname - xen3.domain3.com
etc.
xen1, xen2, xen3 .
Joey schrieb:
I use in this order the following:
reject_rbl_client zen.spamhaus.org,
reject_rbl_client bl.spamcop.net,
for us bl.spamcop.net has produced quite a lot false positives in the
past, that's why we only use it for scoring, but things may have changed.
re
On Fri, October 3, 2008 11:07 pm, Udo Rader wrote:
> Joey schrieb:
>
>> I use in this order the following:
we use these:
blocked using bl.spamcop.net (total: 491)
blocked using combined.njabl.org (total: 77)
blocked using dsn.rfc-ignorant.org (total: 368)
blocked using dul.dnsbl
Frank Bonnet wrote:
hello
Our site is regulary rejected by HOTMAIL/LIVE during several
days then it stop to be rejected then rejected again and so on ...
This happens ONLY with HOTMAIL
Anyone has the same trouble ?
the rejection message is like the following
host mx1.hotmail.com[65.54.244.8
On Fri, Oct 03, 2008 at 08:32:16AM -0400, Joey wrote:
> Hello All,
>
>
>
> I just updated my rbl list since dsbl.org is out and wanted to see if anyone
> has any new lists that are conservative enough to use in the war against
> spam.
>
Try barracuda, read the whole thread:
http://marc.info/
Voytek Eymont wrote:
On Fri, October 3, 2008 11:07 pm, Udo Rader wrote:
Joey schrieb:
I use in this order the following:
we use these:
blocked using bl.spamcop.net (total: 491)
blocked using combined.njabl.org (total: 77)
blocked using dsn.rfc-ignorant.org (total: 368)
rfci i
On Fri, October 3, 2008 11:36 pm, mouss wrote:
> Voytek Eymont wrote:
> rfci is not safe for smtp rejection. It is not intended for such use.
mouss, thanks
so, should be like this ?
smtpd_sender_restrictions = reject_rhsbl_sender dsn.rfc-ignorant.org
>> blocked using dul.dnsbl.sorbs.net (to
Hello,
I've googled around and been playing with relay_recipient_maps. I have
it as follows:
relay_recipient_maps =
hash:/etc/postfix/LDAPaddressbook.txt
ldap:/etc/postfix/ldap-users.cf
Where /etc/postfix/LDAPaddressbook.txt is a local list of the valid
mailboxes, and ldap:/etc/post
I'm curious about the use of X509v3 Subject Alternative Name in
certificates, and if they pose any problems when used in production.
For example, if I obtain a certificate with the Common Name of
www.example.com for primary use over HTTP, and add an X509v3 Subject
Alternative Name of mail.example.
* Voytek Eymont <[EMAIL PROTECTED]>:
> > rfci is not safe for smtp rejection. It is not intended for such use.
>
>
> mouss, thanks
>
> so, should be like this ?
>
> smtpd_sender_restrictions = reject_rhsbl_sender dsn.rfc-ignorant.org
That's STILL smtp rejection - he was thinking of using it f
Mark Goodge wrote:
mouss wrote:
in the submission service (in master.cf), use something like:
submission ... ... smtpd
...
-o smtpd_sasl_auth_enable=${submission_sasl_auth_enable}
and in main.cf
submission_sasl_auth_enable = yes
(don't enable smtpd_sasl_auth_enable as this one app
>
> * Voytek Eymont <[EMAIL PROTECTED]>:
>
> > > rfci is not safe for smtp rejection. It is not intended for such use.
> >
> >
> > mouss, thanks
> >
> > so, should be like this ?
> >
> > smtpd_sender_restrictions = reject_rhsbl_sender dsn.rfc-ignorant.org
>
> That's STILL smtp rejection - he was
Nicolás Velásquez O. wrote:
Hello,
I've googled around and been playing with relay_recipient_maps. I have
it as follows:
relay_recipient_maps =
hash:/etc/postfix/LDAPaddressbook.txt
ldap:/etc/postfix/ldap-users.cf
Where /etc/postfix/LDAPaddressbook.txt is a local list of the valid
Wietse Venema:
> If you really want no relayhost for a list of senders, this is not
> easily done with Postfix. sender_dependent_relayhost_maps was
> designed to do the exact opposite: specify a relayhost for a list
> of senders.
>
> If the sender list is REALLY small, you could use the pcre buil
* Joey <[EMAIL PROTECTED]>:
> > That's STILL smtp rejection - he was thinking of using it from e.g.
> > SpamAssassin. But I personally think that dsn.rfc-ignorant.org is safe
> > for smtp rejection :)
>
> We had a lot of problems when we used rfc-ignorant.org because of Exchange
> servers not be
Hi folks,
i have a postfix that generates errors of anvil process.
All seems fine, but in some minuts anvil proces seems unavailable.
I've never seen somethink like that and i don't know how to solve it.
I've searched by google, but i haven't found any solution.
there is no problems with "post
Hi folks,
i have a postfix that generates errors of anvil process.
All seems fine, but in some minuts anvil proces seems unavailable.
I've never seen somethink like that and i don't know how to solve it.
I've searched by google, but i haven't found any solution.
there is no problems with "post
Ralf Hildebrandt wrote:
* Voytek Eymont <[EMAIL PROTECTED]>:
rfci is not safe for smtp rejection. It is not intended for such use.
mouss, thanks
so, should be like this ?
smtpd_sender_restrictions = reject_rhsbl_sender dsn.rfc-ignorant.org
That's STILL smtp rejection - he was thinking of
Hi PostFixers,
I'm now running postfix/dovecot/mysql in SUSE Linux Enterprise 10 SP2
and I wanted to secure the SMTP connections. I've tried to follow one
or more tutorials, but so far to no avail. The server is up and running
and Thunderbird seems to use SMTP over TLS but when I issue a telnet
--- mouss <[EMAIL PROTECTED]> wrote:
> Stephen Liu wrote:
> > I arrange the hostname and domain in this way;
> >
> > e.g.
> >
> > domU1 (guest1)
> > domain - domain1.com
> > hostname - xen1.domain1.com
> >
> >
> > domU2 (guest2)
> > domain - domain2.com
> > hostname - xen2.domain2.com
> >
>
Joey wrote:
* Voytek Eymont <[EMAIL PROTECTED]>:
rfci is not safe for smtp rejection. It is not intended for such use.
mouss, thanks
so, should be like this ?
smtpd_sender_restrictions = reject_rhsbl_sender dsn.rfc-ignorant.org
That's STILL smtp rejection - he was thinking of using it from
Stephen Liu wrote:
--- mouss <[EMAIL PROTECTED]> wrote:
Stephen Liu wrote:
I arrange the hostname and domain in this way;
e.g.
domU1 (guest1)
domain - domain1.com
hostname - xen1.domain1.com
domU2 (guest2)
domain - domain2.com
hostname - xen2.domain2.com
domU3 (guest3)
domain - domain3
Stephen Holmes wrote, at 10/03/2008 11:44 AM:
> Hi PostFixers,
>
> I'm now running postfix/dovecot/mysql in SUSE Linux Enterprise 10 SP2
> and I wanted to secure the SMTP connections. I've tried to follow one
> or more tutorials, but so far to no avail. The server is up and running
> and Thunder
Jorey Bump wrote:
> Stephen Holmes wrote, at 10/03/2008 11:44 AM:
>
>> Hi PostFixers,
>>
>> I'm now running postfix/dovecot/mysql in SUSE Linux Enterprise 10 SP2
>> and I wanted to secure the SMTP connections. I've tried to follow one
>> or more tutorials, but so far to no avail. The server is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Stephen Holmes wrote:
> Doh! That makes sense. Looks good. Thanks Jorey. Issued the command
> and now see AUTH PLAIN and AUTH=PLAIN. I guess that's okay? Should I
> have more authentication types?
There's no real need. Unencrypted auth is no go
Stephen Holmes wrote, at 10/03/2008 12:01 PM:
> Jorey Bump wrote:
>> You've wisely configured postfix to offer AUTH only via STARTTLS, so it
>> won't appear until the session is renegotiated and encrypted. telnet is
>> not up to troubleshooting this task. You've confirmed with a client that
>> it w
On Fri, Oct 03, 2008 at 10:22:59AM -0400, Jorey Bump wrote:
> I'm curious about the use of X509v3 Subject Alternative Name in
> certificates, and if they pose any problems when used in production.
No, these are preferred to CommonName when used to verify DNS names.
See RFC 5280.
> For example, i
Hi friends:
I'm sorry but my english isn't good yet.
I'm running Postfix with some smtpd restrictions like these:
smtpd_delay_reject = no
smtpd_client_restrictions =
permit_mynetworks,
sleep 25,
permit_sasl_authenticated
smtpd_helo_restrictions =
permit_mynetworks,
permit_sasl_authentica
Oh, something else:
If I disable reject_non_fqdn_hostname then Outlook users aren't affected
by I don't want to disable that restriction since stops so many spammers.
Thanks :)
Jason Voorhees escribió:
> Hi friends:
>
> I'm sorry but my english isn't good yet.
>
> I'm running Postfix with some
Victor Duchovni wrote, at 10/03/2008 12:35 PM:
> On Fri, Oct 03, 2008 at 10:22:59AM -0400, Jorey Bump wrote:
>
>> I'm curious about the use of X509v3 Subject Alternative Name in
>> certificates, and if they pose any problems when used in production.
>
> No, these are preferred to CommonName when
Jason Voorhees wrote:
Hi friends:
I'm sorry but my english isn't good yet.
I'm running Postfix with some smtpd restrictions like these:
smtpd_delay_reject = no
smtpd_client_restrictions =
permit_mynetworks,
sleep 25,
so you're wasting the resources of all other people? This is a bit
har
Jason Voorhees wrote:
Hi friends:
I'm sorry but my english isn't good yet.
I'm running Postfix with some smtpd restrictions like these:
smtpd_delay_reject = no
smtpd_client_restrictions =
permit_mynetworks,
sleep 25,
permit_sasl_authenticated
This is very unfriendly. You're penalizing
On Fri, Oct 03, 2008 at 01:10:30PM -0400, Jorey Bump wrote:
> However, user mail clients will attempt to verify the certificate (for
> SMTP and IMAP), as will web browsers (for HTTPS). Since this is becoming
> increasingly more difficult to overcome for nontechnical users as these
> clients become
> Oct 3 16:32:03 asav5 principal/smtpd[26120]: warning:
> problem talking to server private/anvil: Resource temporarily unavailable
...
> default_process_limit = 2500
It is possible that 2500 clients is more than one anvil daemon
process can handle.
With the current Postfix implementation. there
Thanks for your replies.
Actually I'm already using greylisting, but I can see how delay greeting
reduces an extra bit the amount of spam received.
I work at a Consulting company with offer support and manteinance
services to other companies so I cannot monitor all day postfix servers
of all my c
Jason Voorhees wrote:
I know that all your replies are valid alternatives but I just wanted to
know if this Outlook's behavior against smtpd_delay_reject has a
solution while keeping my settings as they are.
Please don't top post.
Please do pay attention to what I said earlier:
Your error re
Jorey/Barney: thanks for you help, you guys rock!
S.
Jorey Bump wrote:
> Stephen Holmes wrote, at 10/03/2008 12:01 PM:
>
>> Jorey Bump wrote:
>>
>>> You've wisely configured postfix to offer AUTH only via STARTTLS, so it
>>> won't appear until the session is renegotiated and encrypted.
For the record, in case this patch is missed at the end of a very
long message.
> Of course we could introduce a hack where a special lookup result
> of "NONE" (or some other magic string) means don't use a relayhost.
>
> Postfix would then look like this:
>
> /etc/postfix/main.cf:
> relayh
On Sat, October 4, 2008 1:03 am, Ralf Hildebrandt wrote:
> That's STILL smtp rejection - he was thinking of using it from e.g.
> SpamAssassin. But I personally think that dsn.rfc-ignorant.org is safe
> for smtp rejection :)
thanks, Ralf
(after all, it was your suggestion from
http://www.rfc-ig
Our CommuniGate server batches mail going out to Yahoo and at times
accumulates enough to exceed the limit of 5 messages per SMTP connection that
Yahoo has and the connection is dropped. I would like to now if relaying
through Postfix can resolve this problem.
Yahoo info "Are there any guideli
On Fri, Oct 03, 2008 at 09:09:56PM -0700, David Koski wrote:
> Our CommuniGate server batches mail going out to Yahoo and at times
> accumulates enough to exceed the limit of 5 messages per SMTP connection that
> Yahoo has and the connection is dropped. I would like to now if relaying
> throug
Hello Viktor,
On Friday 03 October 2008 21:37, Victor Duchovni wrote:
> On Fri, Oct 03, 2008 at 09:09:56PM -0700, David Koski wrote:
> > Our CommuniGate server batches mail going out to Yahoo and at times
> > accumulates enough to exceed the limit of 5 messages per SMTP connection
> > that Yahoo h
54 matches
Mail list logo
