On 01/11/2012 08:38 PM, Gary Smith wrote:
>> Restarting postfix, saslauthd and authdaemon seems to get it working again,
>> at least for a while.
>>
> Are you using pam_mysql by chance?
Yes, I am.
Zitat von Robert Krig :
On 01/11/2012 08:38 PM, Gary Smith wrote:
Restarting postfix, saslauthd and authdaemon seems to get it working again,
at least for a while.
Are you using pam_mysql by chance?
Yes, I am.
Too bad, pam_mysql is known to leak memory. We have used it some time
ago a
On 11 jan. 2012, at 16:12, email builder wrote:
>> http://www.hardwarefreak.com/fqrdns.pcre <-- Stan's big list
>
> So who is using Stan's list? What do people have to say about
> it? What should I consider in regard to possibly implementing it?
We use a modified version as a HELO blacklist. T
I am in the process of moving MTA/MS from a single openvz server instance to
instances replicated across mutliple (initially two) servers.
This means I would have one virtual server running postgres, dovecot et.al
and accepting inbound email and a second offline copy (stopped?).
The idea is that
On 2012-01-13 4:48 AM, DTNX/NGMX Postmaster wrote:
We use a modified version as a HELO blacklist. This avoids the false
positives we saw while testing it as a reverse DNS restriction but,
because the use of the reverse hostname as the HELO string is a
common pattern in spam attempts from comprom
On Friday 13 January 2012 01:10:41 Morten Frederik Kallesøe wrote:
> I think you misunderstood the direction of the mail i want to
> limit. i wanted to limit "To" and not "From"
Your original attempt was check_sender_access which checks the
envelope sender address. To lookup the recipient address
Jacqui Caren:
> I am in the process of moving MTA/MS from a single openvz server instance to
> instances replicated across mutliple (initially two) servers.
>
> This means I would have one virtual server running postgres, dovecot et.al
> and accepting inbound email and a second offline copy (stopp
On 1/13/2012 1:10 AM, Morten Frederik Kallesøe wrote:
> Ty for you reply
>
> I think you misunderstood the direction of the mail i want to limit. i
> wanted to limit "To" and not "From"
You referred repeatedly to "sender".
...
>
> I went with the header_checks solution
Be aware this will be un
On 01/13/2012 09:52 AM, lst_ho...@kwsoft.de wrote:
> Zitat von Robert Krig :
>
>>
>>
>> On 01/11/2012 08:38 PM, Gary Smith wrote:
Restarting postfix, saslauthd and authdaemon seems to get it
working again,
at least for a while.
>>> Are you using pam_mysql by chance?
>>
>> Yes,
On 1/13/2012 3:48 AM, DTNX/NGMX Postmaster wrote:
> On 11 jan. 2012, at 16:12, email builder wrote:
>
>>> http://www.hardwarefreak.com/fqrdns.pcre <-- Stan's big list
>>
>> So who is using Stan's list? What do people have to say about
>> it? What should I consider in regard to possibly implement
>> We use a modified version as a HELO blacklist. This avoids the false
>> positives we saw while testing it as a reverse DNS restriction but,
>> because the use of the reverse hostname as the HELO string is a
>> common pattern in spam attempts from compromised hosts, it's still
>> very effec
Hi All;
If I set smtpd_sasl_security_options = CRAM-MD5 instead of noanonymous, then
what will happen in this case?
And if I used: smtpd_use_tls = yes and did not use certificate, then they
password will be sent encrypted or not?
Also, what if I used this also? smtpd_tls_auth_only = yes
Is it
Hi,
On Jan 12, 2012, at 3:57 AM, Egoitz Aurrekoetxea Aurre wrote:
On Thu, 12 Jan 2012, Stan Hoeppner wrote:
On 1/11/2012 11:15 PM, Al Zick wrote:
Hi,
For a while we ran Qmail. Qmail would accept all emails regardless,
creating a very serious backscatter problem. Of course, switching to
P
* bilal ghayyad :
> Hi All;
>
> If I set smtpd_sasl_security_options = CRAM-MD5 instead of noanonymous, then
> what will happen in this case?
The server will throttle. CRAM-MD5 is not a valid option for
smtpd_sasl_security_options.
Set this instead:
# main.cf
smtpd_sasl_security_options = noan
On 1/13/2012 2:13 PM, email builder wrote:
>>> We use a modified version as a HELO blacklist. This avoids the false
>> Interesting... can you provide specific details on what you mean by
>> 'modified version'?
>
> I second that. I'm feeling convinced enough to use it as it was
> intended, BUT
As fqrdns.pcre has been a topic recently, I feel this needs to be stated
again, for those of you who have missed previous threads on this topic.
1. Postscreen rejects most bots BEFORE they reach smtpd processes
(fqrdns.pcre is evaluated by smtpd)
2. AFAIK postscreen never FP's
3. postscreen
On Friday 13 January 2012 16:57:21 Al Zick wrote:
> On Jan 12, 2012, at 3:57 AM, Egoitz Aurrekoetxea Aurre wrote:
> > Apart from this if you use some trustable RBL, perhaps
^
> > greylisting and you update Spamassassin rules regularly...
> > you shoul
On 1/13/2012 4:57 PM, Al Zick wrote:
> If I don't whitelist these servers, then if it bounces an email that has
> been sent because of a .forward, then the server with the .forward tries
> to redeliver the email for something like 5 days to my server. Is there
> another solution to this? I don't h
On Thu, 12 Jan 2012 17:31:17 +0100, Jiri Vitek wrote:
slow_destination_concurrency_limit = 2
slow_destination_concurrency_limit = 2
ymvw, only one line is needed :)
On Sat, Jan 14, 2012 at 12:03:01AM +0100, Patrick Ben Koetter wrote:
> > And if I used: smtpd_use_tls = yes and did not use certificate, then they
> > password will be sent encrypted or not?
>
> This forces TLS on all clients. You must not do it on a publicly available MX
> according to RFCs.
No
20 matches
Mail list logo
