Re: Question about anvil settings

* LuKreme : > I was looking at the default levels for anvil and unless I am > misunderstanding (likely) they seem really high. > >smtpd_client_connection_count_limit (default: 50) >The maximum number of connections that an SMTP client >may make simultaneously. > > So, a single client

Re: address rewriting with pcre?

On 17-Mar-2009, at 08:52, Victor Duchovni wrote: On Tue, Mar 17, 2009 at 10:01:53AM -0400, Charles Marcus wrote: On 3/17/2009 9:43 AM, Erwan David wrote: You may generate the pcre file with a line /recipient_([...@_]+)@localdomain/recipient+$...@localdomain for each valid recipient. This w

Re: address rewriting with pcre?

On 19-Mar-2009, at 04:14, Charles Marcus wrote: On 3/19/2009 5:55 AM, LuKreme wrote: I came up with this one liner: $ ls -1 /usr/local/virtual/ | grep "@" | sed 's/^\([...@]*\)@\(.*\)$/\/^\1_\(.*\)@\2$\/ \1+$...@\2/' testu...@example.com => /^testuser_(.*)@example.com$/ testuser+$...@example.c

Re: Question about anvil settings

LuKreme: > My server is pretty light weight, and I don't tend to get too many > floods of spammers, but are these defaults reasonable to mitigate the > damage that a flood might do? Are these defaults anything a normal > user is ever going to hit? A normal user is NEVER going to hit these l

Re: address rewriting with pcre?

LuKreme: > On 17-Mar-2009, at 08:52, Victor Duchovni wrote: > > On Tue, Mar 17, 2009 at 10:01:53AM -0400, Charles Marcus wrote: > >> On 3/17/2009 9:43 AM, Erwan David wrote: > >>> You may generate the pcre file with a line > >>> /recipient_([...@_]+)@localdomain/recipient+$...@localdomain > >>>

Re: address rewriting with pcre?

On 3/19/2009 5:55 AM, LuKreme wrote: You may generate the pcre file with a line /recipient_([...@_]+)@localdomain/recipient+$...@localdomain for each valid recipient. This would preserve the validation of recipient at RCPT TO stage. >>> Interesting... and maybe a good

Re: address rewriting with pcre?

On 19-Mar-2009, at 04:45, Wietse Venema wrote: $ ls -1 /usr/local/virtual/ | grep "@" | sed 's/^\([...@]*\)@\(.*\)$/ \/ ^\1_\(.*\)@\2$\/ \1+$...@\2/' testu...@example.com => /^testuser_(.*)@example.com$/ testuser+$...@example.com This is BROKEN. You are not escaping any of the regexp metacha

Re: Question about anvil settings

LuKreme wrote: On 19-Mar-2009, at 04:44, Wietse Venema wrote: LuKreme: My server is pretty light weight, and I don't tend to get too many floods of spammers, but are these defaults reasonable to mitigate the damage that a flood might do? Are these defaults anything a normal user is ever going

Re: Question about anvil settings

On 19-Mar-2009, at 04:44, Wietse Venema wrote: LuKreme: My server is pretty light weight, and I don't tend to get too many floods of spammers, but are these defaults reasonable to mitigate the damage that a flood might do? Are these defaults anything a normal user is ever going to hit? A norm

Re: address rewriting with pcre?

LuKreme: > On 19-Mar-2009, at 04:45, Wietse Venema wrote: > >> $ ls -1 /usr/local/virtual/ | grep "@" | sed 's/^\([...@]*\)@\(.*\)$/ > >> \/ > >> ^\1_\(.*\)@\2$\/ \1+$...@\2/' > >> > >> testu...@example.com => /^testuser_(.*)@example.com$/ > >> testuser+$...@example.com > > > > This is BROKEN. Y

Change failure code for opportunistic TLS

If I'm reading the documentation correctly, when using smtp_tls_policy_maps for specific domains, if no servers are available the email will be deferred? Is there a way to change this to a permanent failure? ~Cory Coager -

Postfix + DovecotSASL

Hello everybody, I'm running in a very strange problem. I've used postfix with saslauthd for a long time but as my server hosts a local domain and a few virtual domains I could only authenticate local domain with smtp auth plain, cause I'm using virtual domains flat files. So my virtual users ca

Re: Change failure code for opportunistic TLS

Cory Coager: > If I'm reading the documentation correctly, when using > smtp_tls_policy_maps for specific domains, if no servers are available > the email will be deferred? Is there a way to change this to a > permanent failure? There exists no code to convert a TLS failure into a permanent er

Looking for Anti-spam setting: local username/external IP

Hello All, I've been getting spam messages passing through my server because they are "from" a local user account (spoofed). However, the connection came from an external source. I'm trying to see if there is a setting in master.cf (or other .cf file) which will reject any email from an external

Re: Looking for Anti-spam setting: local username/external IP

On Thursday, March 19, 2009 at 20:28 CET, "David A. Gershman" wrote: > I've been getting spam messages passing through my server because they > are "from" a local user account (spoofed). However, the connection > came from an external source. I'm trying to see if there is a setting > in ma

Re: Postfix + DovecotSASL

You have to enable "login" auth mechanism. In dovecot.conf: auth default { # Space separated list of wanted authentication mechanisms: # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi # NOTE: See also disable_plaintext_auth setting. mechanisms = plain login Steve On

Performance tuning

We send out a pretty volume of emails right now using a combination of SQL and IIS SMTP. We get rates now of about 5,000/min. We're looking to not only improve the rates, but incorporate DKIM/Domainkey signing into the process. The choice has been made to go with postfix along with a queue direc

instance= in check_policy_service

Hello, my old postfix version (postfix-2.2.8) send the instance that match with this regexp [a-f0-9]+\.[a-f0-9]+\.[a-f0-9] the version(postfix-2.5.5) that I'm using now [a-f0-9]+\.[a-f0-9]+\.[a-f0-9]+\.[a-f0-9] is it possible to change the instance= format? Thanks, Danilo Paffi Monteiro

Re: instance= in check_policy_service

Danilo Paffi Monteiro: > Hello, > > my old postfix version (postfix-2.2.8) send the instance that match > with this regexp [a-f0-9]+\.[a-f0-9]+\.[a-f0-9] > > the version(postfix-2.5.5) that I'm using now > [a-f0-9]+\.[a-f0-9]+\.[a-f0-9]+\.[a-f0-9] > > is it possible to change the instance= forma

Re: Performance tuning

Brandon Hilkert: > We send out a pretty volume of emails right now using a combination > of SQL and IIS SMTP. We get rates now of about 5,000/min. We're > looking to not only improve the rates, but incorporate DKIM/Domainkey > signing into the process. The choice has been made to go with > postfix

how to create a filter in amavisd

Hi Im configuring a server with postfix amavisd and spamassassin and appears a problem with the antispam rules. There are one application that uses the server to send to different clients mails but the amavisd detect howo to spam this mails. How I can create an exception? I would like to create a

Re: Issue with pipe mail to script

Simon a écrit : > On Thu, Mar 19, 2009 at 10:39 AM, mouss wrote: >> Simon a écrit : >>> On Tue, Mar 17, 2009 at 7:57 AM, Simon wrote: On Mon, Mar 16, 2009 at 11:35 PM, Wietse Venema wrote: > You are expanding the virtual aliase BEFORE the Amavis filter, > and another time afte

Re: modify incoming mail

Cedric Zeline a écrit : > Hi all, > > I need some help. I would like to modify incoming emails. > I need to add a link at top of the incoming mail body, in order to allow > employees that received their email to click on this link and connect > directly to our data base to check the client's data.

Re: whitelist from spamhaus

Wietse Venema a écrit : > /dev/rob0: >> On Wed March 18 2009 03:06:40 Pascal Volk wrote: can i whitelist one domain from checking spamhaus ? thanks >>> smtpd_recipient_restrictions = >>> ... >>> reject_unauth_destination >>> ... >>> check_client_access hash:/etc/postfix/whitelist_

Re: Sender vs recipient restrictions.

Paweł Leśniak a écrit : > W dniu 2009-03-18 14:23, Costin Guşă pisze: >> On Wed, Mar 18, 2009 at 3:11 PM, wrote: >> >>> I've been reading today about; >>> >>> reject_unknown_sender_domain >>> >>> and I'm wondering if it is only allowed under 'smtpd_sender_restrictions' >>> whereas I've had it

Re: how to create a filter in amavisd

deconya a écrit : > Hi > > Im configuring a server with postfix amavisd and spamassassin and > appears a problem with the antispam rules. There are one application > that uses the server to send to different clients mails but the amavisd > detect howo to spam this mails. How I can create an except

Re: Performance tuning

Thanks for the response. Our test system is a pretty standard SATA disk with 2GB memory. If disk is the necessary resource, would we see an immediate benefit by going to a SCSI disk or even a SCSI array, or does that hardware benefit flatten out at some point? As I mentioned, we're using the

Re: Performance tuning

On Thu, Mar 19, 2009 at 09:52:42PM -0400, Brandon Hilkert wrote: > I understand what you mean about sending to one server. I'm going to try > and setup a few more receiving servers so that I can more accurately > simulate sending it out to the internet. Did you at least take time to rule out th

Re: Change failure code for opportunistic TLS

On Thu, Mar 19, 2009 at 01:37:31PM -0400, Cory Coager wrote: > If I'm reading the documentation correctly, when using smtp_tls_policy_maps > for specific domains, if no servers are available That is no servers offer TLS, or do offer TLS, but with unsatisfactory certificates. > the email will be

Re: whitelist from spamhaus

On Thu, Mar 19, 2009 at 11:58:52PM +0100, mouss wrote: > I would suggest separating relay control from other checks. something like > > smtpd_relay_restrictions = > permit_mynetworks > permit_sasl_authenticated This has been proposed before. http://archives.neohapsis.com/archive