Hi,
How can force postfix to reject emails from mail servers which doesn't
have a reverse dns entry ?
and is this correct thing to do according to the standards?
Thank you.
Michael Peter
On Wed, Jun 17, 2015 at 8:23 PM, Noel Jones wrote:
> Postfix plays well with both of these, there should be no unexpected
> behavior whichever you choose.
>
> I personally think dovecot is easy to set up and simple to interface
> with postfix, so that's the way I lean. Dovecot may have other
> ad
Michael Peter:
> Hi,
>
> How can force postfix to reject emails from mail servers which doesn't
> have a reverse dns entry ?
You can use reject_unknown_reverse_client_hostname or
reject_unknown_client_hostname, depending on the appropriate
definition of "unknown". Note that the outcome of these d
Once upon a time, Eric Broch said:
> that courier chokes on large mailboxes, but I never experienced that. It
> always performed well for me.
I recently switched an install of about 55,000 mailboxes (mostly
telco/ISP customers) from Courier to Dovecot. The mail spool is on a
backend accessed ove
Thanks to everyone on their feedback. I'm going with Dovecot.
Michael Munger, dCAP, MCPS, MCNPS, MBSS
High Powered Help, Inc.
Microsoft Certified Professional
Microsoft Certified Small Business Specialist
Digium Certified Asterisk Professional
mich...@highpoweredhelp.com
On 06/18/2015 10:28 AM, Ch
On 16 Jun 2015, at 12:04, Noel Jones wrote:
If all users must authenticate, it's common to set main.cf
mynetworks = 127.0.0.1, [::1]
so that local processes can submit mail. It's up to you to determine
if local processes require submission on your server. If not
required in you environment, set
On Thu, Jun 18, 2015 at 11:24:24AM -0400, Bill Cole wrote:
> On 16 Jun 2015, at 12:04, Noel Jones wrote:
>
> >If all users must authenticate, it's common to set main.cf
> >mynetworks = 127.0.0.1, [::1]
> >so that local processes can submit mail. It's up to you to determine
> >if local processes r
On 17 Jun 2015, at 3:00, Michael Peter wrote:
Hi,
I understand that postfix send bounces or failed delivered
notifications
using empty sender.
As does every MTA which in compliance with the SMTP standards of the
past >25 years.
See https://tools.ietf.org/html/rfc5321 and its linked ances
On 17 Jun 2015, at 22:07, PGNd wrote:
postscreen is one layer in a multi-layer defense. It does not have
to stop all unwanted email. That is what the other layers are for.
Certainly. That does not warrant blindly stacking layers upon one
another simply because one can.
There are certainly
I've a 2-postfix setup.
The frontend
is open to 'net only on port 25
receives email for my domains from 'net
applies restrictions
forwards to backend if PASS
serves as outbound SMARTHOST to backend; accepts no direct submission
generates log entries
On Thu, Jun 18, 2015, at 09:00 AM, Bill Cole wrote:
> It varies from site to site, but if you have the wrong sort of target
> domains you can see things like ...
...
> A tool like fail2ban may not be able to act fast enough to cut off
> the first attack from bots acting like Cutwail, but if con
PGNd:
> It seems that response codes & log syntax have changed for postscreen,
> and the examples and pkg-included f2b bits make a bunch of outdated
> assumptions that result in no-hits.
Some tools understand smtpd logging very well, but they need to be
updated because postscreen logging is differ
On 18/06/2015 14:44, Wietse Venema wrote:
Some tools understand smtpd logging very well, but they need to be
updated because postscreen logging is different. Wietse
Is there any "recent" Howto or like, for fail2ban and postfix
(postscreen, sasl, user unknow, etc...)?
Regards,
Hi,
I'm trying to understand how to reject mail not within my domain
claiming it's from my domain. I understand body_checks can be used to
block mail "From:" my domain, and check_sender_access can be used to
block "MAIL FROM" my domain, but don't understand the implications of
doing that.
I
Greetings!
I implemented a rule with transport_maps to block all public email delivery
except whitelisted domains as below:
/etc/postfix/main.cf
=
transport_maps = hash:/etc/postfix/transport
/etc/postfix/transport
==
trustedcompany.com :
mycompany.com :
* error
On 6/18/2015 1:21 PM, Alex Regan wrote:
> Hi,
>
> I'm trying to understand how to reject mail not within my domain
> claiming it's from my domain. I understand body_checks can be used
> to block mail "From:" my domain, and check_sender_access can be used
> to block "MAIL FROM" my domain, but don't
Hi,
I'm trying to understand how to reject mail not within my domain
claiming it's from my domain. I understand body_checks can be used
to block mail "From:" my domain, and check_sender_access can be used
to block "MAIL FROM" my domain, but don't understand the
implications of doing that.
I hav
Steve Zeng:
> Is there any way to make the alias map take preference to the transport map?
Fundamentally not possible. The transport chooses the delkiery
agent. The local delivery agent expands alias_maps.
The precedence is described in ADDRESS_REWRITING_README a.k.a.
http://www.postfix.org/ADDRE
On Thu, Jun 18, 2015 at 07:53:58PM +, Steve Zeng wrote:
> transport_maps = hash:/etc/postfix/transport
>
> /etc/postfix/transport
> ==
> trustedcompany.com :
> mycompany.com :
> * error:5.1.2 recipient domains not allowed
>
> It works quite well until it is reported that the
On Thu, 18 Jun 2015 11:36:01 Bill Cole wrote:
> On 17 Jun 2015, at 3:00, Michael Peter wrote:
> > Hi,
> >
> > I understand that postfix send bounces or failed delivered
> > notifications
> > using empty sender.
>
> As does every MTA which in compliance with the SMTP standards of the
> past >25 ye
Virtual alias sounds like a better idea. I just implemented a workaround
solution by adding an extra line below to white list all subdomain of
mycompany.com at /etc/postfix/transport:
mycompany.com :
.mycompany.com :
Will try it out. Thanks a lot.
Steve
Sent from my BlackBerry 10 smartphon
I've setup a Postfix store & forward frontend gateway that forwards all mail
for valid domains (DDD1.com -> DDDN.com) to a Postfix backend.
-- The frontend serves as an outbound smarthost for all backend domains.
-- Transport, and recipient verification, TO the backend, and all smarthost
sends F
22 matches
Mail list logo
