Re: Weird disconnections after RCPT using TLS

Victor Duchovni escribió: On Mon, Dec 15, 2008 at 01:31:37PM -0700, Jes?s Manuel Loaiza Vidal wrote: Yes, all the verbose logging is just hiding the TLS issues. If you have a TLS transport issue, the problem is a communications problem, and we need to focus primarily on the communications. T

Re: fight spam problem: sender equal to receiver

Charles Marcus wrote: > On 12/15/2008 3:13 PM, Charles Marcus wrote: > # grep smtpd_recipient_restrictions main.cf If you see two occurences or more, you have redefined it. postfix only uses the last. > > >>> Looks like on of the latest etc-update must have smug

Re: fight spam problem: sender equal to receiver

On 12/15/2008, Roland Plüss (rol...@rptd.ch) wrote: >> Oh... and this is why I put all of my customizations for postfix at the >> very end of the file, in its own block... then, even if something slips >> in above, my custom settings will override it. >> >> But, I am always very careful when runnin

Re: Weird disconnections after RCPT using TLS

On Mon, Dec 15, 2008 at 03:00:27PM -0700, Jes?s Manuel Loaiza Vidal wrote: > >Dec 15 13:19:43 [postfix/smtpd] > > E21D752FB7: client=auxiliares.chapule.ich.edu.mx[192.168.10.4], > > sasl_method=PLAIN, sasl_username=test > > > >Dec 15 13:19:43 [postfix/smtpd] > > > auxiliares.ch

Re: Large volume configuration

On Mon, December 15, 2008 22:46, Jeffrey Shawn Klotz wrote: > I think my postfix can use some configuration adjustments. so you think, then empty main.cf for a start or show us the postconf -n now whats the problem you see in logs ? -- Benny Pedersen Need more webspace ? http://www.servage.ne

Re: Weird disconnections after RCPT using TLS

On Mon, Dec 15, 2008 at 05:28:45PM -0500, Victor Duchovni wrote: > I am sorry, please provide *corresponding* logs and PCAP files, one > of each for a successful delivery and an unsuccessful one. The logs > must include the clear-text of all client server SMTP interactions. > You can drop the smtp

Re: Weird disconnections after RCPT using TLS

On Mon, Dec 15, 2008 at 05:59:52PM -0500, Victor Duchovni wrote: > > > > and the exact corresponding PCAP capture. > > In the capture you provide: > > 14:52:49.198960 192.168.10.4.4052 > 192.168.10.248.587: P 582:635(53) ack 5831 > 14:52:49.200609 192.168.10.248.587 > 192.168.10.4.4052: . ack 6

Re: fight spam problem: sender equal to receiver

Charles Marcus wrote: > On 12/15/2008, Roland Plüss (rol...@rptd.ch) wrote: > >>> Oh... and this is why I put all of my customizations for postfix at the >>> very end of the file, in its own block... then, even if something slips >>> in above, my custom settings will override it. >>> >>> But,

Re: Weird disconnections after RCPT using TLS

Victor Duchovni escribió: On Mon, Dec 15, 2008 at 05:59:52PM -0500, Victor Duchovni wrote: and the exact corresponding PCAP capture. In the capture you provide: 14:52:49.198960 192.168.10.4.4052 > 192.168.10.248.587: P 582:635(53) ack 5831 14:52:49.200609 192.168.10.248.587 > 192.16

helo being rejected

Hello All, I have a clients who's email server is getting a lot of helo rejects from it (windows box). The client has a .NET domain for their servers ( hardware ) and a .COM for their email address. I manually had a conversation with my postfix server that has these settings: reje

RE: helo being rejected

From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of Joey Sent: Tuesday, 16 December 2008 1:05 PM To: postfix-users@postfix.org Subject: helo being rejected Hello All, I have a clients who's email server is getting a lot of helo rejects fro

Send all outbound mail to one address

Hi, For our dev server we'd like to direct any outbound messages to a single address on an external postfix server. Can anyone suggest the best way to configure this? i.e. mail to anyu...@anydomain all goes to receiving.acco...@example.com Thanks, Russell.

Re: RBL & Postfix

2008/12/15 Udo Rader : > neugi schrieb: >> >> how can i check if users use sasl or not? >> are there any special settings in the mailclient? >> >> best >> >> 2008/12/15 Charles Marcus : >>> >>> On 12/15/2008, neugi (neu...@gmail.com) wrote: smtpd_recipient_restrictions = permit_sasl_authe

Re: Weird disconnections after RCPT using TLS

On Mon, Dec 15, 2008 at 05:53:24PM -0700, Jes?s Manuel Loaiza Vidal wrote: > Here is the log with smtpd_tls_loglevel = 4 (with a retry just after the > error) and the corresponding pcap file: > postfix-2.txt > tcp-2.cap

header_checks vs. content_filter?

A quick question: If I have.. content_filter = scan:[127.0.0.1]:10025 in main.cf (plus the corresponding 'scan' entry in master.cf), and.. 192.168.1.97:25 inet n - n - - smtpd -o smtpd_client_restrictions=${smtpd_client_restrictions_spamfilter} -o smtpd_recipient_

Re: header_checks vs. content_filter?

Ville Walveranta a écrit : > A quick question: > > If I have.. > > content_filter = scan:[127.0.0.1]:10025 > > in main.cf (plus the corresponding 'scan' entry in > master.cf ), and.. > > 192.168.1.97:25 inet n - n -

Re: header_checks vs. content_filter?

On Mon, Dec 15, 2008 at 2:36 AM, mouss wrote: > Once mail is passed to a content filter, postfix no more sees it! so > it's header_checks before. Excellent! I was hoping it would be that way so that I can be sure a particular header no longer exists when the content filter receives the content.

Re: RBL & Postfix

Hi, permit_sasl_authenticated is already the first entry ;) right now i looks like this: smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_rbl_client sbl.spamhaus.org, reject_unauth_destination, reject_non_fqdn_r

Re: RBL & Postfix

2008/12/15 : > Zitat von neugi : > >> 2008/12/15 : >>> >>> Zitat von neugi : >>> Hi, permit_sasl_authenticated is already the first entry ;) right now i looks like this: smtpd_recipient_restrictions = permit_sasl_authenticated, permit_m

Re: RBL & Postfix

2008/12/15 : > Zitat von neugi : > >> Hi, >> >> permit_sasl_authenticated is already the first entry ;) >> >> right now i looks like this: >> >> smtpd_recipient_restrictions = >> permit_sasl_authenticated, >> permit_mynetworks, >> reject_rbl_client sbl.spamhaus.org, >>

Re: RBL & Postfix

Hi, thx, sasl is already active. i'll give it a try by adding zen.spamhaus.org best 2008/12/15 Udo Rader > neugi schrieb: > >> Hi, >> >> i want to use RBL Blocking with postfix. but i've got a small i've many >> users that work with mobile internet (UMTS Modem from T-Mobile) and often >> the

how to control send rate to a destination[ip] in a fixed time

Is it possible, or does someone know of a way to control send rate to a destination[ip], ex: less than 30 mails can be sent to hotmail in one minute. Thanks for any comments. TONY.

Re: how to control send rate to a destination[ip] in a fixed time

tony liu: > Is it possible, or does someone know of a way to control send rate to a > destination[ip], ex: less than 30 mails can be sent to hotmail in one > minute. Thanks for any comments. > With Postfix 2.5 and later: /etc/postfix/main.cf: smtp_destination_rate_delay = 2 This feature is

Re: RBL & Postfix

Udo Rader schrieb: neugi schrieb: Hi, i want to use RBL Blocking with postfix. but i've got a small i've many users that work with mobile internet (UMTS Modem from T-Mobile) and often they are listed and users are complaining that they cannot send emails out. my question is now. can i res

Re: RBL & Postfix

On 12/15/2008, neugi (neu...@gmail.com) wrote: > smtpd_recipient_restrictions = permit_sasl_authenticated, > permit_mynetworks, reject_rbl_client sbl.spamhaus.org, > reject_unauth_destination, reject_non_fqdn_recipient, > reject_non_fqdn_sender, reject_unauth_pipelining, > reject_unknown_re

Re: RBL & Postfix

Zitat von neugi : Hi, permit_sasl_authenticated is already the first entry ;) right now i looks like this: smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_rbl_client sbl.spamhaus.org, reject_unauth_destination,

Re: RBL & Postfix

On Mon, Dec 15, 2008 at 11:11:07AM CET, lst_ho...@kwsoft.de said: > Zitat von neugi : > >> Hi, >> >> thx, sasl is already active. > > In this case you have the wrong order of restrictions. The > "permit_sasl_authenticated" must be before any RBL and other spam tests. > Most of the time it is bes

Re: RBL & Postfix

neugi a écrit : > Hi, > > permit_sasl_authenticated is already the first entry ;) > > right now i looks like this: > > smtpd_recipient_restrictions = > permit_sasl_authenticated, > permit_mynetworks, > reject_rbl_client sbl.spamhaus.org , >

Re: RBL & Postfix

how can i check if users use sasl or not? are there any special settings in the mailclient? best 2008/12/15 Charles Marcus : > On 12/15/2008, neugi (neu...@gmail.com) wrote: >> smtpd_recipient_restrictions = permit_sasl_authenticated, >> permit_mynetworks, reject_rbl_client sbl.spamhaus.org, >>

RBL & Postfix

Hi, i want to use RBL Blocking with postfix. but i've got a small i've many users that work with mobile internet (UMTS Modem from T-Mobile) and often they are listed and users are complaining that they cannot send emails out. my question is now. can i restrict rbl only to incoming mails or is th

Re: RBL & Postfix

On 12/15/2008, neugi (neu...@gmail.com) wrote: > complete config: Always show output of postconf -n, not copy/paste from main.cf... Someone else recently discovered they were editing the wrong main.cf file this way...

Re: RBL & Postfix

neugi schrieb: how can i check if users use sasl or not? are there any special settings in the mailclient? best 2008/12/15 Charles Marcus : On 12/15/2008, neugi (neu...@gmail.com) wrote: smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_rbl_client sbl.spamh

Re: RBL & Postfix

2008/12/15 Charles Marcus : > On 12/15/2008, neugi (neu...@gmail.com) wrote: >> complete config: > > Always show output of postconf -n, not copy/paste from main.cf... > > Someone else recently discovered they were editing the wrong main.cf > file this way... > > output of postconf -n alias_datab

Re: RBL & Postfix

Zitat von neugi : Hi, thx, sasl is already active. In this case you have the wrong order of restrictions. The "permit_sasl_authenticated" must be before any RBL and other spam tests. Most of the time it is best to set it on top of all restrictions. This way for SASL authenticated user n

RE: User unknown in relay recipient table (SOLVED)

> Rocco Scappatura a écrit : > >>> Dec 12 16:55:33 av1 postfix/smtpd[25586]: NOQUEUE: reject: RCPT > from > >>> unknown[]: 550 5.1.1 > >>> : Recipient address rejected: User unknown in > >> relay > >>> recipient table; from= to=< u...@extdomain.tld> > >>> proto=ESMTP helo= > >> The error message in

Re: RBL & Postfix

Zitat von neugi : 2008/12/15 : Zitat von neugi : Hi, permit_sasl_authenticated is already the first entry ;) right now i looks like this: smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_rbl_client sbl.spamhaus.org, re

Re: RBL & Postfix

neugi schrieb: Hi, i want to use RBL Blocking with postfix. but i've got a small i've many users that work with mobile internet (UMTS Modem from T-Mobile) and often they are listed and users are complaining that they cannot send emails out. my question is now. can i restrict rbl only to in

Re: fight spam problem: sender equal to receiver

> Is this the _entire_ output of 'postconf -n'? If not, please show it. > alias_database = hash:/etc/mail/aliases alias_maps = hash:/etc/mail/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/lib64/postfix data_director

Re: RBL & Postfix

On Mon, December 15, 2008 11:19, neugi wrote: > smtpd_recipient_restrictions = smtpd_recipient_restrictions = reject_non_fqdn_sender, reject_unknown_sender_domain, permit_sasl_authenticated, permit_mynetworks, reject_non_fqdn_recipient,

Re: fight spam problem: sender equal to receiver

> Something is very odd about that. Your config from main.cf does not > match your postconf -n results at all. Any chance that you > inadvertently installed multiple copies of postfix? Nope > Was it built by you or provided by your vendor? Me > Maybe a second copy in /usr/local? Nope > Try 'post

Re: fight spam problem: sender equal to receiver

> # grep smtpd_recipient_restrictions main.cf > If you see two occurences or more, you have redefined it. postfix only > uses the last. > Looks like on of the latest etc-update must have smuggled a line in. A second such line had been squashed between two sasl lines. No idea how it got there bu

Re: Canonical Rewriting

Victor Duchovni wrote: On Fri, Dec 12, 2008 at 11:07:15AM -0800, Corey Chandler wrote: I'm attempting to rewrite all source addresses from our server farm via a canonical map. Use smtp_generic_maps for this. Not canonical_maps. Upgrade to a Postfix that supports this feature if necess

Re: Canonical Rewriting

Corey Chandler wrote: Victor Duchovni wrote: On Fri, Dec 12, 2008 at 11:07:15AM -0800, Corey Chandler wrote: I'm attempting to rewrite all source addresses from our server farm via a canonical map. Use smtp_generic_maps for this. Not canonical_maps. Upgrade to a Postfix that supports

Re: Canonical Rewriting

Noel Jones wrote: Corey Chandler wrote: Victor Duchovni wrote: On Fri, Dec 12, 2008 at 11:07:15AM -0800, Corey Chandler wrote: I'm attempting to rewrite all source addresses from our server farm via a canonical map. Use smtp_generic_maps for this. Not canonical_maps. Upgrade to a Po

Re: RBL & Postfix

On 12/15/2008 2:34 PM, Benny Pedersen wrote: > On Mon, December 15, 2008 11:19, neugi wrote: > >> smtpd_recipient_restrictions = > > > smtpd_recipient_restrictions = >reject_non_fqdn_sender, >reject_unknown_sender_domain, >permit_sasl_authenticated, >

Re: fight spam problem: sender equal to receiver

On 12/15/2008 2:44 PM, Roland Plüss wrote: >> # grep smtpd_recipient_restrictions main.cf >> If you see two occurences or more, you have redefined it. postfix only >> uses the last. > Looks like on of the latest etc-update must have smuggled a line in. Thats gentoo-speak for 'ooops, I fat-fingere

Re: fight spam problem: sender equal to receiver

On 12/15/2008 3:13 PM, Charles Marcus wrote: >>> # grep smtpd_recipient_restrictions main.cf >>> If you see two occurences or more, you have redefined it. postfix only >>> uses the last. >> Looks like on of the latest etc-update must have smuggled a line in. > Thats gentoo-speak for 'ooops, I fat

Re: Canonical Rewriting

On Mon, December 15, 2008 20:54, Corey Chandler wrote: > The ultimate goal is to remap anyu...@host.example.com to > anyu...@example.com. myorigin=example.com -- Benny Pedersen Need more webspace ? http://www.servage.net/?coupon=cust37098

Re: RBL & Postfix

On Mon, December 15, 2008 21:11, Charles Marcus wrote: > reject_unauth_destination should definitely be before > reject_rbl_client ups i forget this when writed it > (move it up to right after 'permit_mynetworks) - and > reject_unauth_pipelining is useless here... not my mailserver -- Benny

Re: fight spam problem: sender equal to receiver

On Mon, December 15, 2008 21:13, Charles Marcus wrote: > Thats gentoo-speak for 'ooops, I fat-fingered the merge when running > etc-update'... I run gentoo... I know (been there, done that)... is it worse then run glibc 2.9 ? :) packages.mask it localy ! -- Benny Pedersen Need more webspace ?

Re: Weird disconnections after RCPT using TLS

Victor Duchovni escribió: On Thu, Dec 11, 2008 at 06:02:34PM -0700, Jes?s Manuel Loaiza Vidal wrote: Please send plain-text email, not HTML. Please post the requested logging and PCAP file, using one of the real clients (not s_client) would be ideal. Normal logging without -v p

Re: Canonical Rewriting

On Monday, December 15, 2008 at 21:16 CET, Benny Pedersen wrote: > On Mon, December 15, 2008 20:54, Corey Chandler wrote: > > > The ultimate goal is to remap anyu...@host.example.com to > > anyu...@example.com. You don't need wildcard generic rewriting for that. http://www.postfix.org/pos

Re: Weird disconnections after RCPT using TLS

On 12/15/2008, Jesús Manuel Loaiza Vidal (jloa...@ich.edu.mx) wrote: > Here is the log > > postfix-1.txt It would be much easeir to help you if you'd paste the logs into the email body.. -- Best regards, Charles

Re: Canonical Rewriting

On Monday, December 15, 2008 at 21:07 CET, Corey Chandler wrote: > Noel Jones wrote: > > > Don't use a regexp map for this. Generic(5) wildcard rewriting > > expects a hash: or other indexed table. > > > > hash table wildcard example: > > @host.example.com @example.com > > Thanks, Noel--

Re: Canonical Rewriting

On Mon, Dec 15, 2008 at 09:39:54PM +0100, Magnus B?ck wrote: > On Monday, December 15, 2008 at 21:07 CET, > Corey Chandler wrote: > > > Noel Jones wrote: > > > > > Don't use a regexp map for this. Generic(5) wildcard rewriting > > > expects a hash: or other indexed table. > > > > > > hash

Re: Weird disconnections after RCPT using TLS

On Mon, Dec 15, 2008 at 01:31:37PM -0700, Jes?s Manuel Loaiza Vidal wrote: > >Yes, all the verbose logging is just hiding the TLS issues. If you > >have a TLS transport issue, the problem is a communications problem, > >and we need to focus primarily on the communications. Try: > > > > # The h

Large volume configuration

Can anyone recommend any articles / guides / etc to configure a server for large volume? I have a server that consistently maxes out it's T1 connection. I'd like to be sure I've got things configured to make the most of it. It's not uncommon when the circuit is has a lot of traffic for me to