Am 27.05.2014 07:59, schrieb Tom Kinghorn:
> Is it possible to limit port 587 access to users who are known to be
> traveling outside your network (foreign
> countries)?
>
> We have a user who cannot access port 25 and as such I am looking at the
> submission port, however, do not want to
> ope
On Mon, 26 May 2014 17:33:52 -0500
Noel Jones wrote:
> On 5/26/2014 6:19 AM, mancyb...@gmail.com wrote:
> > Hi I wrote this script: http://pastebin.com/BZGNDcdn
> > which is configured in postfix in transport_maps like this:
> > emailtocatcherr...@example.com myCustomScript:dummy
> > and is suppo
Noel Jones:
> Perhaps a simple content_filter will fit your needs better than a
> transport. Or maybe not.
> http://www.postfix.org/FILTER_README.html#simple_filter
mancyb...@gmail.com:
> If you configure the script as a FILTER, instead of a transport_map, you'll
> not be able to catch bounced e
On Tue, 27 May 2014 06:41:22 -0400 (EDT)
wie...@porcupine.org (Wietse Venema) wrote:
> Noel Jones:
> > Perhaps a simple content_filter will fit your needs better than a
> > transport. Or maybe not.
> > http://www.postfix.org/FILTER_README.html#simple_filter
>
> mancyb...@gmail.com:
> > If you co
On Tue, May 27, 2014 at 11:36:46AM +0200, mancyb...@gmail.com wrote:
> Hi Noel, thanks for your suggestion but unfortunately I've already been there.
And yet Noel is right. Transport overrides that direct mail to a
script are NOT compatible with re-injection of the message back
into the same Pos
On Tue, 27 May 2014 13:02:20 +
Viktor Dukhovni wrote:
> On Tue, May 27, 2014 at 11:36:46AM +0200, mancyb...@gmail.com wrote:
>
> > Hi Noel, thanks for your suggestion but unfortunately I've already been
> > there.
>
> And yet Noel is right. Transport overrides that direct mail to a
> scri
Noel Jones:
> Perhaps a simple content_filter will fit your needs better than a
> transport. Or maybe not.
> http://www.postfix.org/FILTER_README.html#simple_filter
mancyb...@gmail.com:
> If you configure the script as a FILTER, instead of a transport_map, you'll
> not be able to catch bounced em
Hi all,
I use postfix for a while as a "direct" mailer, but I have to setup a
postfix box as relay ... and It look like postfix rewrite the
Return-Path header. I use PHPMailer to send the mail to postfix (on an
other port than 25) and postfix make the final delivery (it's working
fine except
On Tue, May 27, 2014 at 03:23:02PM +0200, mancyb...@gmail.com wrote:
> Hi I've explained my goal here:
> http://marc.info/?l=postfix-users&m=139932881701528&w=2
If you're trying to capture bounced messages for list maintenance,
you can certainly configure the bounce address (envelope sender of
o
St?phane MERLE:
> I use postfix for a while as a "direct" mailer, but I have to setup a
> postfix box as relay ... and It look like postfix rewrite the
> Return-Path header.
The Return-Path header is READ-ONLY.
Setting the Return-Path header HAS NO EFFECT.
The Return-Path header shows the ENVE
On 26 May 2014, at 23:59 , Tom Kinghorn wrote:
> Is it possible to limit port 587 access to users who are known to be
> traveling outside your network (foreign countries)?
You setup port 587 with authenticated submission, which allows only your users
to submit email. It would be very difficult
Hi Wietse,
Le 27/05/2014 16:12, Wietse Venema a écrit :
St?phane MERLE:
I use postfix for a while as a "direct" mailer, but I have to setup a
postfix box as relay ... and It look like postfix rewrite the
Return-Path header.
The Return-Path header is READ-ONLY.
Setting the Return-Path header H
St?phane MERLE:
> in fact, I use PHPMailer because it can handle the connexion directly in
> SMTP and not with the php mail() function.
>
> if I understood you correctly, what i am doing right now (and since
> about 8 years ...) is wrong. I got this kind of headers (sender domain
> <> return pa
Hello,
I am experiencing an issue where hosts that do not have reverse DNS see an
extended delay (45-60 seconds for ssl or non-ssl connections) before they get
the initial 220 greeting. Hosts that do have properly registered entries get in
immediately. I have downloaded the source, and the pro
Joe Shamblin:
> I am experiencing an issue where hosts that do not have reverse
> DNS see an extended delay (45-60 seconds for ssl or non-ssl
> connections) before they get the initial 220 greeting. Hosts that
> do have properly registered entries get in immediately. I have
> downloaded the source,
On May 27, 2014, at 2:38 PM, Wietse Venema wrote:
> Joe Shamblin:
>> I am experiencing an issue where hosts that do not have reverse
>> DNS see an extended delay (45-60 seconds for ssl or non-ssl
>> connections) before they get the initial 220 greeting. Hosts that
>> do have properly registered
Joe Shamblin:
> > Please TURN OFF chroot in master.cf.
> >
> > The master.cf entry should look like this:
> >
> > smtp inet n - n - - smtpd
> >
> > Then do "postfix reload".
> >
> > More information: http://www.postfix.org/DEBUG_README.html#no_chroot
>
> Yes
Without going into a lot of detail and without naming names I wish to know if,
at the time of connection to Postfix, there exists any feasible means of
determining the registrar used by the connecting domain? As well, I would
like to know is there any practical means of determining at the time of
Two thoughts.
I've received legitimate email from a registrar where I was listed as a contact
for a domain. If no one uses an email address in your domain to register,
that's not a problem.
And second, whois is the way I query to find out about a domain, answers to
questions like who registe
Hi.
I wanna know why Postfix is reject mail with temp error (4xx) and not 5xx
for Relay access denied.
Here is the log:
May 27 12:11:34 postfix/smtpd[31197]: NOQUEUE: reject: RCPT from
mx2.mydomain.com.br[XXX.XXX.XXX.37]: 454 4.7.1 <
return-58306-110-...@otherdomain.com.br>: Relay access den
James B. Byrne:
> Without going into a lot of detail and without naming names I wish to know if,
> at the time of connection to Postfix, there exists any feasible means of
> determining the registrar used by the connecting domain? As well, I would
Beware, some whois servers enforce rate limits, s
M. Rodrigo Monteiro:
> Hi.
> I wanna know why Postfix is reject mail with temp error (4xx) and not 5xx
> for Relay access denied.
>
> Here is the log:
>
> May 27 12:11:34 postfix/smtpd[31197]: NOQUEUE: reject: RCPT from
> mx2.mydomain.com.br[XXX.XXX.XXX.37]: 454 4.7.1 <
Maybe the SMTP serve
2014-05-27 16:43 GMT-03:00 Wietse Venema :
>
> Maybe the SMTP server has soft_bounce turned on.
>
>
# postconf soft_bounce
soft_bounce = no
> Maybe the server has logged a DNS temporary lookup error prior to
> this reject.
>
>
No.
> Wietse
>
On Tue, May 27, 2014 at 04:38:31PM -0300, M. Rodrigo Monteiro wrote:
> Hi.
> I wanna know why Postfix is reject mail with temp error (4xx) and not 5xx
> for Relay access denied.
What version of Postfix is this?
> Here is the conf:
Generally, you should post the output of "postconf -n" rather th
On 27 May 2014, at 13:19 , James B. Byrne wrote:
> Without going into a lot of detail and without naming names I wish to know if,
> at the time of connection to Postfix, there exists any feasible means of
> determining the registrar used by the connecting domain?
Not really.
Even if you wrote
Hi there,
Is possible to create a hash map file with IPs to allow relay in my outbound
server?
But I can not use the mynetworks entry to this.
I know that in 2.10 exist smtpd_relay_restrictions, but my version is 2.9.6.
Is there another way?
Thanks.
Am 27.05.2014 21:19, schrieb James B. Byrne:
> Without going into a lot of detail and without naming names I wish to know if,
> at the time of connection to Postfix, there exists any feasible means of
> determining the registrar used by the connecting domain? As well, I would
> like to know is the
Whois should definitely not be implemented in automated systems - read ToS
of RIPE, ARIN, LACNIC etc.
A special-made milter that will dig for details during the connection time
is not applicable.
A secondary benefit of greylist is IP rotation. That will provide you an
insight about some networks ,
On Tue, May 27, 2014 15:32, Bennett Todd wrote:
> Two thoughts.
>
> I've received legitimate email from a registrar where I was listed as a
> contact for a domain. If no one uses an email address in your domain to
> register, that's not a problem.
I am attempting to be circumspect with respect to
On 05/27/2014 11:33 PM, James B. Byrne wrote:
On Tue, May 27, 2014 15:32, Bennett Todd wrote:
>Two thoughts.
>
>I've received legitimate email from a registrar where I was listed as a
>contact for a domain. If no one uses an email address in your domain to
>register, that's not a problem.
Well y
Hello!
I'm looking for a way to detect and distinguish different kinds of auth
failures. Right now, I'm feeling a bit stuck by my inability to get all the
data I'd like in one place at the same time.
Right now, we're using SASL authentication with pwcheck. pwcheck, of course,
only gets two data
Alfredo Saldanha:
> Hi there,
>
> Is possible to create a hash map file with IPs to allow relay in my outbound
> server?
Yes this is possible.
http://www.postfix.org/postconf.5.html#mynetworks.
...You can also specify "/file/name" or "type:table" patterns. A
"/file/name" pattern is replaced by
Am 27.05.2014 22:45, schrieb Ricardo Signes:
> I'm looking for a way to detect and distinguish different kinds of auth
> failures. Right now, I'm feeling a bit stuck by my inability to get all the
> data I'd like in one place at the same time.
>
> Right now, we're using SASL authentication with
li...@rhsoft.net:
> the problem ist that postfix has no idea of the SASL internals and should
> not need to - in case of dovecot i asked a few days ago to log the username
> because in case of using dovecot as SASL provider that's the only instance
> which decodes the input and verify it against th
Am 27.05.2014 23:04, schrieb Wietse Venema:
> li...@rhsoft.net:
>> the problem ist that postfix has no idea of the SASL internals and should
>> not need to - in case of dovecot i asked a few days ago to log the username
>> because in case of using dovecot as SASL provider that's the only instance
On Tue, May 27, 2014 16:26, Marius Gologan wrote:
>
> Whois should definitely not be implemented in automated systems - read ToS
> of RIPE, ARIN, LACNIC etc.
> A special-made milter that will dig for details during the connection time
> is not applicable.
> A secondary benefit of greylist is IP ro
* Wietse Venema [2014-05-27T17:04:32]
> li...@rhsoft.net:
> > the problem ist that postfix has no idea of the SASL internals and should
> > not need to - in case of dovecot i asked a few days ago to log the username
> > because in case of using dovecot as SASL provider that's the only instance
> >
Given the situation, perhaps you could set up a resolver that blocks, or
that's behind a packet filter that blocks, the IPs of the name servers
they're using. That would catch it at the NS lookup, and would be no extra
traffic, unlike whois.
Ricardo Signes:
> a. one IP, the same username, many different passwords
> d. one IP, the same username, the same (wrong) password repeatedly
I suppose that one would log a password hhas, just to be sure.
> I definitely understand the point about not wanting to deal with the SASL
> inte
* James B. Byrne :
> Without going into a lot of detail and without naming names I wish to know if,
> at the time of connection to Postfix, there exists any feasible means of
> determining the registrar used by the connecting domain? As well, I would
> like to know is there any practical means of
There are RBLs for domains (aka DBL) that block recent domains (<= 5 or 7
days).
Indeed they need some time after "first-seen". Large RBL providers may rely
on their own old/large database. If the domain is not there, it must be new
(1). If they see multiple queries from different places (reliable)
* Wietse Venema [2014-05-27T17:48:03]
> Ricardo Signes:
> > a. one IP, the same username, many different passwords
> > d. one IP, the same username, the same (wrong) password repeatedly
>
> I suppose that one would log a password hhas, just to be sure.
Yes, something like a truncated h
Hello,
As per the Postfix documentation
"
*smtpd_hard_error_limit (default: normal: 20, overload: 1)*
The maximal number of errors a remote SMTP client is allowed to make
without delivering mail. The Postfix SMTP server disconnects when the limit
is exceeded. Normally the default limit is 20, but
On Wed, May 28, 2014 at 10:20:56AM +0530, tejas sarade wrote:
> As per the Postfix documentation
> "
> *smtpd_hard_error_limit (default: normal: 20, overload: 1)*
>
> The maximal number of errors a remote SMTP client is allowed to make
> without delivering mail. The Postfix SMTP server disconnect
44 matches
Mail list logo
