On 03-10-2014 23:27, Viktor Dukhovni wrote:
On Fri, Oct 03, 2014 at 11:19:24PM +0200, Henrik Larsson wrote:
If you reject a message in helo, sender or recipient restrictions, the
specific restriction is shown in the reject message as shown below:
554 5.7.1 : Helo command rejected: Rejected
554
Henrik Larsson:
> On 03-10-2014 23:27, Viktor Dukhovni wrote:
> > On Fri, Oct 03, 2014 at 11:19:24PM +0200, Henrik Larsson wrote:
> >
> >> If you reject a message in helo, sender or recipient restrictions, the
> >> specific restriction is shown in the reject message as shown below:
> >> 554 5.7.1 :
On 05-10-2014 13:27, Wietse Venema wrote:
Can you show quantitative evidence that this would actually make a
measurable difference in the volume of unwanted email, or is this
just about warm fuzzy feelings? There are better ways to achieve
the latter than tweaking an email delivery system. Throw
Am 05.10.2014 um 14:40 schrieb Henrik Larsson:
On 05-10-2014 13:27, Wietse Venema wrote:
Can you show quantitative evidence that this would actually make a
measurable difference in the volume of unwanted email, or is this
just about warm fuzzy feelings? There are better ways to achieve
the latt
How would I go about setting up a Postfix configuration whereby
there is a separate alias file for each domain that I host mail
for? One where I can set permissions such that different users
have rights to edit different alias files?
In Exim, I do this by having a router which looks something like
On 05-10-2014 13:27, Wietse Venema wrote:
> Can you show quantitative evidence that this would actually make a
> measurable difference in the volume of unwanted email, or is this
> just about warm fuzzy feelings? There are better ways to achieve
> the latter than tweaking an email delivery system.
try again with a subject matching the topic
On 10/05/2014 05:40 AM, Henrik Larsson wrote:
> I'm sure not able to give you any evidence that this would lower the
> amount of spam. But giving a spammer, or a malicious user a clue about
> why the mail was blocked, could make him try to find ways around it.
>
> Even if it is just about my warm
Mike Cardwell:
> How would I go about setting up a Postfix configuration whereby
> there is a separate alias file for each domain that I host mail
> for? One where I can set permissions such that different users
> have rights to edit different alias files?
With Postfix you should use an LDAP or *S
Am 05.10.2014 um 15:36 schrieb Stephen Satchell:
> My own analysis
> of some of the spam-sending software is that they don't have any
> significant form of logging
Ack, in most cases its fire and forget, i guess the only major problem
of a bot spammer is the danger loosing a lot of botsbut tha
Stephen Satchell:
> That said, if you don't want to expose the reason for the rejection,
> PostFix gives you that ability, although not necessarily the way that
> you want it. The way to do that is to write a policy filter that will
> detect the problems, and return status to PostFix to say "rejec
Hello,
Having some issues with messages from yahoo.com
They seem to fail dkim and dmarc verification.
Dmarc from gmail.com (for example) works just fine.
Any clue if Yahoo is having some problems?
Can't seem to find any on my side.
Oct 5 17:55:35 ns4 postfix/smtpd[5789]: connect from
n
Am 05.10.2014 um 17:05 schrieb Inteq Solution - Dep. tehnic:
> Hello,
>
>
>
> Having some issues with messages from yahoo.com
>
> They seem to fail dkim and dmarc verification.
>
> Dmarc from gmail.com (for example) works just fine.
>
> Any clue if Yahoo is having some problems?
>
> Can’t s
Inteq Solution - Dep. tehnic:
> Oct 5 17:55:44 ns4 opendkim[3861]: A2CCA44674: s=s2048 d=yahoo.com SSL
> error:04091068:rsa routines:INT_RSA_VERIFY:bad signature
If this were a common problem then there would be many reports, so
I presume that you are receiving corrupted email.
Do you have a s
No security appliance in front of Postifix.
I use SpamAssassin that tags with X-Spam.
I have disabled AV scanning. No luck
I have disabled dkim-milter. No luck
Weird thing is that from other dmarc enabled domains, the result is pass and
email delivery is OK.
Only from yahoo.com I have this proble
On Sun, Oct 05, 2014 at 07:30:20PM +0300, Inteq Solution - Dep. tehnic wrote:
> No security appliance in front of Postifix.
> I use SpamAssassin that tags with X-Spam.
>
> I have disabled AV scanning. No luck
> I have disabled dkim-milter. No luck
>
> Weird thing is that from other dmarc enabled
Inteq Solution - Dep. tehnic:
> No security appliance in front of Postifix.
> I use SpamAssassin that tags with X-Spam.
>
> I have disabled AV scanning. No luck
> I have disabled dkim-milter. No luck
>
> Weird thing is that from other dmarc enabled domains, the result is pass and
> email delivery
Am 05.10.2014 um 17:52 schrieb Wietse Venema:
> Inteq Solution - Dep. tehnic:
>> Oct 5 17:55:44 ns4 opendkim[3861]: A2CCA44674: s=s2048 d=yahoo.com SSL
>> error:04091068:rsa routines:INT_RSA_VERIFY:bad signature
yes that ssl stuff looks broken somekind, perhaps thats the reason
>
> If this were
Am 05.10.2014 um 18:47 schrieb Wietse Venema:
Inteq Solution - Dep. tehnic:
No security appliance in front of Postifix.
I use SpamAssassin that tags with X-Spam.
I have disabled AV scanning. No luck
I have disabled dkim-milter. No luck
Weird thing is that from other dmarc enabled domains, the
On Sun, Oct 05, 2014 at 07:00:20PM +0200, Robert Schetterer wrote:
> Am 05.10.2014 um 17:52 schrieb Wietse Venema:
> > Inteq Solution - Dep. tehnic:
> >> Oct 5 17:55:44 ns4 opendkim[3861]: A2CCA44674: s=s2048 d=yahoo.com SSL
> >> error:04091068:rsa routines:INT_RSA_VERIFY:bad signature
>
> yes t
Am 05.10.2014 um 19:01 schrieb li...@rhsoft.net:
>
> Am 05.10.2014 um 18:47 schrieb Wietse Venema:
>> Inteq Solution - Dep. tehnic:
>>> No security appliance in front of Postifix.
>>> I use SpamAssassin that tags with X-Spam.
>>>
>>> I have disabled AV scanning. No luck
>>> I have disabled dkim-mi
Am 05.10.2014 um 19:16 schrieb Viktor Dukhovni:
> On Sun, Oct 05, 2014 at 07:00:20PM +0200, Robert Schetterer wrote:
>
>> Am 05.10.2014 um 17:52 schrieb Wietse Venema:
>>> Inteq Solution - Dep. tehnic:
Oct 5 17:55:44 ns4 opendkim[3861]: A2CCA44674: s=s2048 d=yahoo.com SSL
error:04091068
wietse:
Do you have a so-called security appliance in the path? Many have
a history of tampering with email.
Do you have other anti-spam software in the path that modifies
mail headers such as X-Spam:?
To be complete: there is an easy way to invalidate DKIM-Signatures:
don't announce SMTP
I am in the process of setting up postfix 2.9.6, postgrey, and dovecot
2.1.7 on a clean install of Debian wheezy 7.6 AMD. I'm doing this very
systematically in a VirtualBox virtual machine, which lets me experiment
and screw up the settings, since I just recreate the VM if I makes things
unusable.
* Mail List :
> I am in the process of setting up postfix 2.9.6, postgrey, and dovecot
> 2.1.7 on a clean install of Debian wheezy 7.6 AMD. I'm doing this very
> systematically in a VirtualBox virtual machine, which lets me experiment
> and screw up the settings, since I just recreate the VM if I
It seems I stumbled upon a bug in opendkim.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=695145
I am using Ubuntu 12.04.
Using Backport also and the latest opendkim version is 2.6.8
In opendkim.conf I have added "LogWhy Yes"
Now, in mail.log I can see:
Oct 5 22:08:17 ns4 opendkim[25822]: 392
On 10/05/2014 08:47 PM, A. Schulze wrote:
>> Do you have a so-called security appliance in the path? Many have
>> a history of tampering with email.
>
>> Do you have other anti-spam software in the path that modifies
>> mail headers such as X-Spam:?
>
> To be complete: there is an easy way to inv
On Sun, 5 Oct 2014 21:05:26 +0200, Patrick Ben Koetter wrote:
> * Mail List :
>> I am in the process of setting up postfix 2.9.6, postgrey, and dovecot
>> 2.1.7 on a clean install of Debian wheezy 7.6 AMD. I'm doing this very
>> systematically in a VirtualBox virtual machine, which lets me
experi
A. Schulze:
> smtp_note_content_recode (default: no)
> Log the hostname of a remote SMTP server that does not offer 8BITMIME,
> and the content must be recoded.
>
> That way an administrator could at least notice if the well formated
> and signed messages
> must be recoded to be sent t
* Mail List :
> On Sun, 5 Oct 2014 21:05:26 +0200, Patrick Ben Koetter wrote:
> > * Mail List :
> >> I am in the process of setting up postfix 2.9.6, postgrey, and dovecot
> >> 2.1.7 on a clean install of Debian wheezy 7.6 AMD. I'm doing this very
> >> systematically in a VirtualBox virtual machi
On Sun, Oct 05, 2014 at 03:23:45PM -0400, Mail List wrote:
> Thanks for your suggestion Patrick! Changing the mode didn't work, but I
> think you are on the right track. I played around with permissions on the
> socket. Here is the directory entry for the socket file:
>
> srw--- 1 root roo
Viktor Dukhovni:
> On Sun, Oct 05, 2014 at 03:23:45PM -0400, Mail List wrote:
>
> > Thanks for your suggestion Patrick! Changing the mode didn't work, but I
> > think you are on the right track. I played around with permissions on the
> > socket. Here is the directory entry for the socket file:
On Sun, 5 Oct 2014 21:43:52 +0200, Patrick Ben Koetter wrote:
> * Mail List :
>> On Sun, 5 Oct 2014 21:05:26 +0200, Patrick Ben Koetter
wrote:
>> > * Mail List :
>> >> I am in the process of setting up postfix 2.9.6, postgrey, and
dovecot
>> >> 2.1.7 on a clean install of Debian wheezy 7.6 AMD.
Am 05.10.2014 um 19:23 schrieb Robert Schetterer:
> Am 05.10.2014 um 19:01 schrieb li...@rhsoft.net:
>>
>> Am 05.10.2014 um 18:47 schrieb Wietse Venema:
>>> Inteq Solution - Dep. tehnic:
No security appliance in front of Postifix.
I use SpamAssassin that tags with X-Spam.
I have
On October 5, 2014 8:47:17 PM "A. Schulze" wrote:
To be complete: there is an easy way to invalidate DKIM-Signatures:
don't announce SMTP extension 8BITMIME ...
Bingo, make postfix disable this before msg is sent to opendkim signer, so
it not signed 8bitmime, then downstream mailserver would
Ronald F. Guilmette wrote:
These days, whenever one builds any kind of tool that does
anything with e-mail, it is necessary to think about this
new-fangled phenomenon of Internationalized Domain Names,
so...
In what (if any) mail headers generated by Postfix might one
reasonably expect to find e
Mark Martinec:
> Btw, amavisd since 2.10.0 converts ACE domain names to UTF-8
> for presentation purposes (logging, JSON structured report,
> DNS and admin notfications), and encodes non-ASCII UTF-8 domains
> in sender and recipient addresses into ACE if the next hop MTA
> (e.g. back-end postfix) d
Wietse wrote:
Mark Martinec:
Btw, amavisd since 2.10.0 converts ACE domain names to UTF-8
for presentation purposes (logging, JSON structured report,
DNS and admin notfications), and encodes non-ASCII UTF-8 domains
in sender and recipient addresses into ACE if the next hop MTA
(e.g. back-end pos
38 matches
Mail list logo
