Re: Rate Limiting

> Throttling is not the solution to fight spam originating within your network. If you know who is doing it, boot him. If you don't, identify who it is, then boot him. Period. Why are you playing paddy cakes with a spammer on your network? Its not user on my network, rather a stolen password whic

Re: Rate Limiting

Punit Jain put forth on 5/19/2010 4:19 AM: > >> Throttling is not the solution to fight spam originating within your > network. If you know who is doing it, boot him. If you don't, identify > who it is, then boot him. Period. Why are you playing paddy cakes with a > spammer on your network? > > I

User unknown in virtual alias table

Hi, Since this morning I get these error messages in maillog. This happens for all our users: May 19 12:43:08 stevie.youngguns.nl postfix/error[23550]: [ID 197553 mail.info] EFEAC1C176: to=, relay=none, delay=5511, delays=5509/1.6/0/0.04, dsn=4.0.0, status=SOFTBOUNCE (User unknown in virtual alia

Re: reject_unverified_sender in postfix woud like to over ride with email address

On 2010-05-18 6:44 PM, Josh Cason wrote: > reject unverified sender is nice way to block spam. It's also considered abuse by most mail admins and if your server is anything other than a vanity server - meaning, handles real mail of any volume - you will most likely eventually end up on black lists

Disable Connection Cache for local filters

Does the following http://www.postfix.org/CONNECTION_CACHE_README.html apply to : When postfix sents a RSET smtp command, and delivers a new mail using the same connection ? I understand that by default it will use smtp_connection_cache_on_demand on a high queue (what number exactly?). Howeve

Re: Rate Limiting

On 2010-05-19 6:33 AM, Stan Hoeppner wrote: > Then just delete the 20K messages from the queue using postsuper > within a script and reset the password on the compromised account. He wasn't asking how to delete the queued messages, he was looking for a way to limit the damage if a user account get

Re: User unknown in virtual alias table

# /opt/csw/sbin/postmap -q mart...@youngguns.nl hash:/opt/csw/etc/postfix/maps/virtual martijn-youngguns.nl so that seems to work? On Wed, May 19, 2010 at 12:48 PM, Martijn de Munnik wrote: > Hi, > > Since this morning I get these error messages in maillog. This happens > for all our users: > >

Re: Disable Connection Cache for local filters

Harakiri: > However, i would like to disable this for local filters > (anti/spam/virus) because sometimes they may get confused and do > not support this behaviour. This is an example from http://www.postfix.org/FILTER_README.html, with an extra command-line option to turn off connection caching f

Re: User unknown in virtual alias table

My master.cf: # # Postfix master process configuration file. For details on the format # of the file, see the Postfix master(5) manual page. # # == # service type private unpriv chroot wakeup maxproc command + args #

Modifying body content before delivering

Hi, Where can I go to find information on how to modify the content of the body of an email before delivering? I would like to experiment with changing "curse words" or removing URLs like "" ? I realize there are all kinds of problems with doing this, such as modifying the signature and size of

Re: Rate Limiting

On Wed, May 19, 2010 at 07:03:12AM -0400, Charles Marcus wrote: > On 2010-05-19 6:33 AM, Stan Hoeppner wrote: > > Then just delete the 20K messages from the queue using postsuper > > within a script and reset the password on the compromised account. > > He wasn't asking how to delete the queued me

Re: Rate Limiting

On 2010-05-19 8:23 AM, Kenneth Marshall wrote: > On Wed, May 19, 2010 at 07:03:12AM -0400, Charles Marcus wrote: >> He wasn't asking how to delete the queued messages, he was looking for a >> way to limit the damage if a user account gets compromised in the future >> (this subject has come up befor

Re: Modifying body content before delivering

On 5/19/2010 6:50 AM, Alex wrote: Hi, Where can I go to find information on how to modify the content of the body of an email before delivering? I would like to experiment with changing "curse words" or removing URLs like "" ? I realize there are all kinds of problems with doing this, such as

Re: User unknown in virtual alias table

Martijn de Munnik: > Hi, > > Since this morning I get these error messages in maillog. This happens > for all our users: > > May 19 12:43:08 stevie.youngguns.nl postfix/error[23550]: [ID 197553 > mail.info] EFEAC1C176: to=, relay=none, > delay=5511, delays=5509/1.6/0/0.04, dsn=4.0.0, status=SOFTB

Re: confused about different smtpd information in main.cf

On 5/18/2010 5:43 PM, Josh Cason wrote: > I'm confused about the following in the main.cf > > smtpd_receipient_restrictions > smtpd_sender_restrictions > smtpd_client_restrictions > smtpd_data_restrictions this I pretty much get > smtpd_helo_restrictions this I pretty much get > > Now w

Re: looking for an SMTP testing tool

On Tue, May 18, 2010 at 17:45, Stefan Foerster < cite+postfix-us...@incertum.net > wrote: > Perhaps "swaks" is the right tool for you: > > http://jetmore.org/john/code/swaks/ > Yes, that looks very much like it would be a great tool. Thanks.

Using -o smtpd_end_of_data_restrictions=check_policy_service unix:private/policy not working in master.cf

I can use smtpd_end_of_data_restrictions=check_policy_service unix:private/policy just fine in the main.cf. However this has the drawback that i need to add -o smtpd_end_of_data_restrictions= to each filter in the master.cf which should not use the policy service again. When i try to only set

translating just the domain name (for all users in the domain)

I want to translate a domain (foo.myohiovalley.net) to another domain ( myohiovalley.net) such that for all users (xy...@foo.myohiovalley.net) they will be delivered (I'm using virtual_mailbox_domains, etc) as in the target domain (xy...@myohiovalley.net). I thought this would be accomplished by p

RE: Rate Limiting

>I am using Postfix as an MTA but I see nowadays lot of spam going out of my >system. I have used transport based throttling for a domain but I am looking >for options for per sender based rate limiting. Can I achieve per user based >throttling using postfix or I have to use some 3rd party sof

Re: Using -o smtpd_end_of_data_restrictions=check_policy_service unix:private/policy not working in master.cf

Harakiri wrote: > I can use > > smtpd_end_of_data_restrictions=check_policy_service unix:private/policy > > just fine in the main.cf. However this has the drawback that i need to > add > > -o smtpd_end_of_data_restrictions= > > to each filter in the master.cf which should not use the policy ser

Re: translating just the domain name (for all users in the domain)

On 5/19/2010 10:42 AM, Phil Howard wrote: I want to translate a domain (foo.myohiovalley.net ) to another domain (myohiovalley.net ) such that for all users (xy...@foo.myohiovalley.net ) they will be delivere

Delayed email after leaving my server?

I don't know how to explain this. Have you guys every heard of a problem were email is sent to another server and go stray for hours before being delivered? The only network I had problems on was verizion text message. You send a text msg from your e-mail and it goes into the verizion serve

Re: Delayed email after leaving my server?

On 5/19/2010 1:03 PM, Josh Cason wrote: > I don't know how to explain this. Have you guys every heard of a problem > were email is sent to another server and go stray for hours before being > delivered? The only network I had problems on was verizion text message. > You send a text msg from your e-

Duplicating e-mail to another server

We are going to have an off-site e-mail archiving solution that needs to receive e-mail for certain domains only. How can I have postfix copy e-mail bound for only certain domains to another server (as well as deliver it locally)? -- Mike A. Leonetti As warm as green tea

Re: Duplicating e-mail to another server

On 5/19/2010 1:28 PM, Mike A. Leonetti wrote: > We are going to have an off-site e-mail archiving solution that needs to > receive e-mail for certain domains only. How can I have postfix copy > e-mail bound for only certain domains to another server (as well as > deliver it locally)? > Mike, al

Re: Duplicating e-mail to another server

Matt, My only qualm with that is the other server isn't concerned with ALL domains, just a few. So BCCing every domain would cause a much larger load. Mike A. Leonetti As warm as green tea On 05/19/10 13:37, Matt Hayes wrote: > On 5/19/2010 1:28 PM, Mike A. Leonetti wrote: > >> We are going

Re: Duplicating e-mail to another server

On 5/19/2010 1:56 PM, Mike A. Leonetti wrote: > Matt, > > My only qualm with that is the other server isn't concerned with ALL > domains, just a few. So BCCing every domain would cause a much larger load. > > Mike A. Leonetti > As warm as green tea > Look at recipient_bcc_maps[1] [1]http://ww

Re: Duplicating e-mail to another server

On 5/19/2010 2:00 PM, Brian Evans - Postfix List wrote: > On 5/19/2010 1:56 PM, Mike A. Leonetti wrote: >> Matt, >> >> My only qualm with that is the other server isn't concerned with ALL >> domains, just a few. So BCCing every domain would cause a much larger load. >> >> Mike A. Leonetti >> As wa

Re: Postfix, SASL and LDAPDB

On Wed, May 19, 2010 at 08:19:40AM +0200, Julien Vehent wrote: > > What is in the IMAP server SASL configuration file? > > The following: > > > # grep -E "sasl|ldap" /etc/imapd.conf |grep -v "^#" > sasl_pwcheck_method: auxprop > sasl_auxprop_plugin: ldapdb > sasl_auto_transition: no > sasl_

Re: translating just the domain name (for all users in the domain)

On Wed, May 19, 2010 at 12:10, Noel Jones wrote: > While postfix does support wildcard domain > domain rewriting, it is highly > discouraged because it disables recipient validation -- that tends to fill > your queue with undeliverable mail and will get you blacklisted as a > backscatter source.

Re: translating just the domain name (for all users in the domain)

On Wed, May 19, 2010 at 3:45 PM, Phil Howard wrote: > On Wed, May 19, 2010 at 12:10, Noel Jones wrote: >> >> While postfix does support wildcard domain > domain rewriting, it is >> highly discouraged because it disables recipient validation -- that tends to >> fill your queue with undeliverable m

Re: translating just the domain name (for all users in the domain)

Phil Howard: [ Charset ISO-8859-1 unsupported, converting... ] > On Wed, May 19, 2010 at 12:10, Noel Jones wrote: > > > While postfix does support wildcard domain > domain rewriting, it is highly > > discouraged because it disables recipient validation -- that tends to fill > > your queue with un

Re: translating just the domain name (for all users in the domain)

On 5/19/2010 1:45 PM, Phil Howard wrote: On Wed, May 19, 2010 at 12:10, Noel Jones mailto:njo...@megan.vbhcs.org>> wrote: While postfix does support wildcard domain > domain rewriting, it is highly discouraged because it disables recipient validation -- that tends to fill your queue

Re: translating just the domain name (for all users in the domain)

On Wed, May 19, 2010 at 15:13, Wietse Venema wrote: > Don't do that. > > Postfix will accept mail for addresses that don't exist and later > bounce that mail to innocent people. > Of course I don't want to do that. Sounds like what I need is something that will map the address at RCPT TO time,

Re: translating just the domain name (for all users in the domain)

On Wed, May 19, 2010 at 15:14, Noel Jones wrote: > If smtp_generic_maps suit your needs, they will not affect recipient > validation, and may be easier to implement. > Isn't that a client mapping that would apply to sender addresses on outgoing?

Re: Duplicating e-mail to another server

Awesome. Thanks guys. Mike A. Leonetti As warm as green tea On 05/19/10 14:04, Matt Hayes wrote: > On 5/19/2010 2:00 PM, Brian Evans - Postfix List wrote: > >> On 5/19/2010 1:56 PM, Mike A. Leonetti wrote: >> >>> Matt, >>> >>> My only qualm with that is the other server isn't concerned w

Re: translating just the domain name (for all users in the domain)

On 5/19/2010 2:49 PM, Phil Howard wrote: On Wed, May 19, 2010 at 15:14, Noel Jones mailto:njo...@megan.vbhcs.org>> wrote: If smtp_generic_maps suit your needs, they will not affect recipient validation, and may be easier to implement. Isn't that a client mapping that would apply to sen

Re: translating just the domain name (for all users in the domain)

On Wed, May 19, 2010 at 16:00, Noel Jones wrote: > On 5/19/2010 2:49 PM, Phil Howard wrote: > >> On Wed, May 19, 2010 at 15:14, Noel Jones > > wrote: >> >>If smtp_generic_maps suit your needs, they will not affect recipient >>validation, and may be easier to

Re: Modifying body content before delivering

Hi, > You can use smtp_header_checks and smtp_body_checks with the REPLACE action > to make minor changes to mail content during delivery.  These are rather > simple tools by design, best suited for easily defined transformations. Thanks for the notes. If I were to do it the right way, how would

Re: translating just the domain name (for all users in the domain)

On 5/19/2010 3:44 PM, Phil Howard wrote: > On Wed, May 19, 2010 at 15:13, Wietse Venema > wrote: > > Don't do that. > > Postfix will accept mail for addresses that don't exist and later > bounce that mail to innocent people. > > > Of course I don't want to

Re: Modifying body content before delivering

On 5/19/2010 3:30 PM, Alex wrote: Hi, You can use smtp_header_checks and smtp_body_checks with the REPLACE action to make minor changes to mail content during delivery. These are rather simple tools by design, best suited for easily defined transformations. Thanks for the notes. If I were to

Re: translating just the domain name (for all users in the domain)

On 5/19/2010 3:10 PM, Phil Howard wrote: But it sounds like what I need is something to rewrite envelope recipient address at SMTPD RCPT TO time. Like maybe (this does not exist) smtpd_recipient_map and (also does not exist) smtpd_recipient_domain_map ?? What I would envision this doing is app

Re: Postfix, SASL and LDAPDB

On Wed, 19 May 2010 14:36:24 -0400, Victor Duchovni wrote: > > This looks different from my recollection of the the smtpd.conf you > posted, you may want to make sure that the "sasl_ldapdb_id" and > passwords are the same, and I don't know what "auto_transition" > does, but it may be pertinent al

Re: Modifying body content before delivering

On 05/19/2010 10:30 PM, Alex wrote: Hi, You can use smtp_header_checks and smtp_body_checks with the REPLACE action to make minor changes to mail content during delivery. These are rather simple tools by design, best suited for easily defined transformations. Thanks for the notes. I

Re: confused about different smtpd information in main.cf

Josh Cason a écrit : > I'm confused about the following in the main.cf > > smtpd_receipient_restrictions > smtpd_sender_restrictions > smtpd_client_restrictions > smtpd_data_restrictions this I pretty much get > smtpd_helo_restrictions this I pretty much get > > Now with postfix all o

Re: Postfix, SASL and LDAPDB

On Thu, May 20, 2010 at 12:23:46AM +0200, Julien Vehent wrote: > On Wed, 19 May 2010 14:36:24 -0400, Victor Duchovni > wrote: > > > > This looks different from my recollection of the the smtpd.conf you > > posted, you may want to make sure that the "sasl_ldapdb_id" and > > passwords are the same

virtual not working anymore

Guys, I have been using the virtual file for a long time, but now it not working. Below is what my virtual settings are, I am not using mysql, just the /etc/postfix/virtual. Is there something I can test to see why it not working any more? Payne virtual_alias_domains = hash:/etc/postfix/virtual

Re: virtual not working anymore

On 5/19/2010 7:58 PM, pa...@magi.magidesign.com wrote: Guys, I have been using the virtual file for a long time, but now it not working. Below is what my virtual settings are, I am not using mysql, just the /etc/postfix/virtual. Is there something I can test to see why it not working any more?

virtual_transport not delivering

I'm trying to have messages delivered via the $virtual_transport but it keeps being delivered by the mailbox_command. The $virtual_alias_maps should have all of the e-mail addresses for the system, but when the actual e-mail addresses get resolved they look like this: barbara-userdomain@domain.

Re: virtual_transport not delivering

On 5/19/2010 10:27 PM, Mike A. Leonetti wrote: > I'm trying to have messages delivered via the $virtual_transport but it > keeps being delivered by the mailbox_command. The $virtual_alias_maps > should have all of the e-mail addresses for the system, but when the > actual e-mail addresses get resol

Re: Postfix, SASL and LDAPDB

* Julien Vehent : > On Wed, 19 May 2010 14:36:24 -0400, Victor Duchovni > wrote: > > > > This looks different from my recollection of the the smtpd.conf you > > posted, you may want to make sure that the "sasl_ldapdb_id" and > > passwords are the same, and I don't know what "auto_transition" > >

Re: Rate Limiting

> Anything is possible. I'm working on a similar idea for controlling this, where I track the message count over a period of time, for each sender, and if it goes beyond a threshold, they are suspended until it's resolved (or they stop sending). > General idea is to catch the SASL sender on before

RE: Rate Limiting

> I came across Policyd. It seems to follow similar Perl script for rate > limiting. Does that sound like a solution ? If it fits your needs, then yes.