Benny Pedersen:
> Bogdan Enache skrev den 2013-06-08 12:09:
>
> > mx1 postfix/smtpd[1069]: warning: unknown[89.xx.xx.xx]: SASL LOGIN
> > authentication failed: UGFzc3dvcmQ6
> > Which is perfectly normal.
>
> normal in what way ?
>
> i have seen this here aswell with that user
>
> > But how can
Hi list.
On 09.06.2013 03:35, LuKreme wrote:
> On 08 Jun 2013, at 04:09 , Bogdan Enache wrote:
>
>> But how can I also show the username that was tried in the logs? I want
>> to see:
>> 1. Which user keeps entering the wrong password.
>> 2. What user is someone else trying to hijack.
> Are you us
On 2013-06-08 6:09 AM, Bogdan Enache wrote:
But how can I also show the username that was tried in the logs? I want
to see:
1. Which user keeps entering the wrong password.
2. What user is someone else trying to hijack.
Since you left out the critical fact that you are using dovecot sasl, I
d
Thanks very much Victor for your time, it is much appreciated.
Before my responses to your questions, I believe I've narrowed this down
(with the help of Mark Sapiro on the mailman list). It only happens when
multiple messages are simultaneously sent invoking postfix/local - which
according to
On Sunday, June 9, 2013 at 10:09 PM, Charles Marcus wrote:
>
> Dovecot uses login_log_format_elements to determine what it logs for
> login attempts... you'll find the variables it supports here:
>
> http://wiki2.dovecot.org/Variables?highlight=%28login_log_format_elements%29
>
> Mine (which
On Sun, 09 Jun 2013 16:44:13 +0300
Bogdan Enache articulated:
> Unfortunately if I try lowering it from 10 to 3 I will receive like 20
> phone calls a day about users that don't know how to check when CAPS
> LOCK is on or off.
20 calls from 20,000 users would be insignificant. From 100 users, a
t
On 2013-06-09 10:34 AM, Zhang Huangbin wrote:
On Sunday, June 9, 2013 at 10:09 PM, Charles Marcus wrote:
Dovecot uses login_log_format_elements to determine what it logs for
login attempts... you'll find the variables it supports here:
http://wiki2.dovecot.org/Variables?highlight=%28login_log_
Is using 'reject_non_fqdn_helo_hostname' and
'reject_invalid_helo_hostname' even neccessary when using
'reject_unknown_helo_hostname'?
The way I see it is if there is no FQDN and the host name is invalid,
then 'reject_unknown_helo_hostname' won't be able to verify the DNS A
and MX record anyw
On 2013-06-09 10:21 AM, Charles Marcus wrote:
postfix/master[6406]: warning: master_wakeup_timer_event: service
tlsmgr(private/tlsmgr): Resource temporarily unavailable
with respect to this warning, I've found a reference to postfix needing
a non-blocking random device...
Could /dev/urando
Would verbose logs maybe shed more light on this?
On 2013-06-09 10:21 AM, Charles Marcus wrote:
To recap the warnings I'm getting when the problem occurs...
The postfix/master warning only shows up rarely - 11 times since I got
the system back up, and within 5 or 10 minutes (but usually with
Charles Marcus:
> Would verbose logs maybe shed more light on this?
No, that would not explain why a connection fails with resource
temporarily available, because THAT problem happens inside the
KERNEL.
What would help is increase the KERNEL system-wide (not: per process)
limits on the number of
On Mon, Jun 10, 2013 at 01:17:19AM +1000, Nikolas Kallis wrote:
> Is using 'reject_non_fqdn_helo_hostname' and
> 'reject_invalid_helo_hostname' even neccessary when using
> 'reject_unknown_helo_hostname'?
You seem to have decided that the client HELO name is a silver
bullet against spam and the e
Quoting wie...@porcupine.org:
Per olof Ljungmark:
Hi all,
Hopefully I can explain this good enough for someone to understand and
perhaps even suggest a solution.
Our email system is built from a LDAP directory that contains all the
necessary information about our users. A box receives mail f
On Sun, Jun 09, 2013 at 07:00:54PM +0200, Per olof Ljungmark wrote:
> Quoting wie...@porcupine.org:
>
> >http://www.postfix.org/postconf.5.html#transport_maps
> >http://www.postfix.org/transport.5.html
> >
> > Wietse
>
> Yes, but the problem seems to be that the address is rewritten to
> uid
On 10/06/13 03:00, Viktor Dukhovni wrote:
On Mon, Jun 10, 2013 at 01:17:19AM +1000, Nikolas Kallis wrote:
Is using 'reject_non_fqdn_helo_hostname' and
'reject_invalid_helo_hostname' even neccessary when using
'reject_unknown_helo_hostname'?
You seem to have decided that the client HELO name i
On Mon, Jun 10, 2013 at 03:07:59AM +1000, Nikolas Kallis wrote:
> >>Is using 'reject_non_fqdn_helo_hostname' and
> >>'reject_invalid_helo_hostname' even neccessary when using
> >>'reject_unknown_helo_hostname'?
> >
> >You seem to have decided that the client HELO name is a silver
> >bullet against
Quoting Viktor Dukhovni :
On Sun, Jun 09, 2013 at 07:00:54PM +0200, Per olof Ljungmark wrote:
Quoting wie...@porcupine.org:
>http://www.postfix.org/postconf.5.html#transport_maps
>http://www.postfix.org/transport.5.html
>
>Wietse
Yes, but the problem seems to be that the address is rewr
On 10/06/13 03:11, Viktor Dukhovni wrote:
On Mon, Jun 10, 2013 at 03:07:59AM +1000, Nikolas Kallis wrote:
Is using 'reject_non_fqdn_helo_hostname' and
'reject_invalid_helo_hostname' even neccessary when using
'reject_unknown_helo_hostname'?
You seem to have decided that the client HELO name i
Nikolas Kallis:
> On 10/06/13 03:11, Viktor Dukhovni wrote:
> > On Mon, Jun 10, 2013 at 03:07:59AM +1000, Nikolas Kallis wrote:
> >
> Is using 'reject_non_fqdn_helo_hostname' and
> 'reject_invalid_helo_hostname' even neccessary when using
> 'reject_unknown_helo_hostname'?
> >>>
> >>>
This thread is terminated, as is the poster's membership.
Wietse
Wietse Venema:
> This thread is terminated, as is the poster's membership.
>
> Wietse
On 2013-06-09 11:39 AM, wie...@porcupine.org (Wietse Venema)
wrote:
Charles Marcus:
Would verbose logs maybe shed more light on this?
No, that would not explain why a connection fails with resource
temporarily available, because THAT problem happens inside the
KERNEL.
What would help is incre
Per olof Ljungmark:
> Quoting wie...@porcupine.org:
>
> > Per olof Ljungmark:
> >> Hi all,
> >>
> >> Hopefully I can explain this good enough for someone to understand and
> >> perhaps even suggest a solution.
> >>
> >> Our email system is built from a LDAP directory that contains all the
> >> nec
Quoting wie...@porcupine.org:
Per olof Ljungmark:
Quoting wie...@porcupine.org:
> Per olof Ljungmark:
>> Hi all,
>>
>> Hopefully I can explain this good enough for someone to understand and
>> perhaps even suggest a solution.
>>
>> Our email system is built from a LDAP directory that contains
On 6/9/2013 12:00 PM, Viktor Dukhovni wrote:
> On Mon, Jun 10, 2013 at 01:17:19AM +1000, Nikolas Kallis wrote:
>
>> Is using 'reject_non_fqdn_helo_hostname' and
>> 'reject_invalid_helo_hostname' even neccessary when using
>> 'reject_unknown_helo_hostname'?
>
> You seem to have decided that the cl
Hello,
I have written a small policy service.
But I whish to not use it for those emails which are rejected. Only permited
emails (permit_mynetworks and permit_sasl_authenticated)
Any ideas?
smtpd_recipient_restrictions = check_policy_service unix:private/policy,
Am 2013-06-10 07:13, schrieb j...@soe.se:
I have written a small policy service.
But I whish to not use it for those emails which are rejected. Only
permited emails (permit_mynetworks and permit_sasl_authenticated)
Any ideas?
smtpd_recipient_restrictions = check_policy_service
unix:private/po
>Any ideas?
>
>smtpd_recipient_restrictions = check_policy_service unix:private/policy,
> permit_mynetworks,
> permit_sasl_authenticated,
> reject_unauth_destination,
>
Am 2013-06-10 08:43, schrieb Timo Röhling:
Am 2013-06-10 07:13, schrieb j...@soe.se:
I have written a small policy service.
But I whish to not use it for those emails which are rejected. Only
permited emails (permit_mynetworks and permit_sasl_authenticated)
Any ideas?
smtpd_recipient_restricti
29 matches
Mail list logo
