Re: Problem with ldap failover

Yes, these three are FreeIPA DS servers. Ldap in Dovecot running on the same server works fine. Regards, Michal. 21. října 2016 23:46:46 CEST, "A. Schulze" napsal: > > >Am 21.10.2016 um 13:49 schrieb MichalZ: >> server_host = ldaps://ldap3.img.local:636 >> ldaps://ldap2.img.loc

chrooting cleanup process ?

Hello all, I have been trying to build a canonical address mapping through ldap, in order to replace login names by better-looking addresses, as stated in the ADDRESS_REWRITING_README, and I stumbled upon a weird behaviour : with the canonical_maps on, every time a mail is sent to my server,

RE: Open relay, found it

Hai Paul, I saw you got it fixed, comprimized pass as i suspected. ;-) I saw also this in you log. from [127.0.0.1] (87-92-55-206.bb.dnainternet.fi [87.92.55.206] This should never be allowed. ( from 127.0.0.1 ) ( on the external ip ) Thats impossible imo. To fix that you can use something

How to limite incoming email with defined mail sender?

Hi guys, I want to set up only the defined mail sender from outside can send mail to defined user on my server, and reject the undefined sender, how to do it? thanks.

Blacklisting googlegroups

Hello, I am using: smtpd_recipient_restrictions = ... check_sender_access hash:/etc/postfix/blacklisted_senders ... to blacklist certain senders in blacklisted_senders file. I would like to block a certain spam googlegroups mailing list but sender is not constant; it's like:

RE: Blacklisting googlegroups

Hi, Can't you use REGEX to write a rule to catch them, and then decide what you want to do with those emails ? Maybe: /etc/postfix/catch_spammer file has this: /^oursuperclub-members(.*)@googlegroups.com ${1}@spammer.google.bad Not sure where you add the file to do the rejection, maybe mynetw

Re: Blacklisting googlegroups

* Nikolaos Milas : > On 24/10/2016 5:15 μμ, Fazzina, Angelo wrote: > > > Can't you use REGEX to write a rule to catch them, and then decide what you > > want to do with those emails ? > > Would the following be valid? > > smtpd_recipient_restrictions = > ... > check_sender_access hash

RE: Blacklisting googlegroups

Personally I have a test postfix server, so I try all my configs to confirm they do what I want. Use telnet to send an email to trigger the rule is my advice. Also my REGEX example may not be the best solution. I got the idea from this line in my server, it's part of the virtual_alias_maps= set

Re: Blacklisting googlegroups

On 24/10/2016 5:15 μμ, Fazzina, Angelo wrote: Can't you use REGEX to write a rule to catch them, and then decide what you want to do with those emails ? Would the following be valid? smtpd_recipient_restrictions = ... check_sender_access hash:/etc/postfix/blacklisted_senders head

Strange behavior on virtual_alias

Hi, my problem is this: i have in my postfix (ver. 2.11.3 installed on a debian stable box) installation placed in front of a dovecot server a virtual_alias_map like this local_recipient_maps = $virtual_alias_maps virtual_mailbox_domains = mail.cgilfe.it, cgilfe.it virtual_alias_maps = mysql

Re: How to limite incoming email with defined mail sender?

For example; only allow receiving sender j...@example.com from example.com to send mail to my server foo.com, and user only alex can receive it. a...@foo.com how to configure postfix/main.cf ? Thanks. On 星期一, 24 十月 2016 06:02:32 -0700vod vos wrote

Re: chrooting cleanup process ?

On 10/24/2016 3:58 AM, Mickaël DEQUIDT wrote: > Hello all, > > I have been trying to build a canonical address mapping through > ldap, in order to replace login names by better-looking addresses, > as stated in the ADDRESS_REWRITING_README, and I stumbled upon a > weird behaviour : with the canoni

Re: How to limite incoming email with defined mail sender?

On 10/24/2016 8:02 AM, vod vos wrote: > Hi guys, > > I want to set up only the defined mail sender from outside can send > mail to defined user on my server, and reject the undefined sender, > > how to do it? > > thanks. > perhaps you're looking for the smtpd_reject_unlisted_sender parameter.

Re: Blacklisting googlegroups

On 10/24/2016 9:24 AM, Nikolaos Milas wrote: > On 24/10/2016 5:15 μμ, Fazzina, Angelo wrote: > >> Can't you use REGEX to write a rule to catch them, and then decide >> what you want to do with those emails ? > > Would the following be valid? > > smtpd_recipient_restrictions = > ... > che

OT: "X-PHP-Script" header

Over the weekend I had three spam messages get through to my in-box. Two contained an "X-PHP-Script" header one was X-PHP-Script: folar.org/wp-content/plugins/the-events-calendar/src/Tribe/Aggregator/uploader.php for 110.83.63.152 and the other X-PHP-Script: 118k.org/wp-content/plugins/formidabl

Re: OT: "X-PHP-Script" header

On 24/10/16 18:29, Allen Coates wrote: > > Over the weekend I had three spam messages get through to my in-box. Two > contained an "X-PHP-Script" header > > one was > X-PHP-Script: > folar.org/wp-content/plugins/the-events-calendar/src/Tribe/Aggregator/uploader.php > for 110.83.63.152 > > and th

Re: OT: "X-PHP-Script" header

On 24/10/16 17:37, Jan Ceuleers wrote: > On 24/10/16 18:29, Allen Coates wrote: >> Over the weekend I had three spam messages get through to my in-box. Two >> contained an "X-PHP-Script" header >> >> one was >> X-PHP-Script: >> folar.org/wp-content/plugins/the-events-calendar/src/Tribe/Aggregator

Re: Blacklisting googlegroups

On 24/10/2016 6:46 μμ, Noel Jones wrote: header_checks can't be used there. Use a second check_sender_access instead. Thank you Noel, Your suggestion worked fine! The only change I did was to escape the + sign: /^oursuperclub-members\+bnc(.*)@googlegroups\.com$/ REJECT All the best, Nick

(Semi OT) RBL shakedown

If you use the uceprotect RBL, note that they are involved in a shakedown to solicit money to be removed from their list. Much like spamrl, I'd suggest not using them since they have an obvious false positive problem. http://www.uceprotect.net/en/rblcheck.php?ipr=107.170.248.198 Their own system

SV: (Semi OT) RBL shakedown

Agreed, they even list AS23456 , which is a reserved AS used for BGP32 routers to annouce themselves to BGP16 routers. (the BGP32 ASN is then embedded in the payload of the BGP16 packet, which result that when this BGP16 router then further annouce themselves to a BGP32 router, the real 32 bit ASN

Re: (Semi OT) RBL shakedown

li...@lazygranch.com [2016-10-24 13:20 -0700] : > If you use the uceprotect RBL, note that they are involved in a > shakedown to solicit money to be removed from their list. Much like > spamrl, I'd suggest not using them since they have an obvious false > positive problem. > > http://www.uceprot

Re: (Semi OT) RBL shakedown

‎So you block all of AS14061 because there supposedly is a spammer in the block? I grumblingly agreed when Wietse said it was proper to block a specific IP when only one user was spamming, but this seems excessive. One of the reasons I went VPS is not to be lumped in with spammers nor the occas

Re: (Semi OT) RBL shakedown

li...@lazygranch.com [2016-10-24 13:54 -0700] : > ‎So you block all of AS14061 because there supposedly is > a spammer in the block? I grumblingly agreed when Wietse said > it was proper to block a specific IP when only one user was > spamming, but this seems excessive. No, I personally don't. An

Re: (Semi OT) RBL shakedown

Oh, I didn't me YOU as in you personally. Sorry about that. Maybe it is an American was of speaking.  The reply from Digital Ocean is just to change my IP. I'm shocked they don't want to defend their IP space. I suppose if I actually get blocked, I will go though the hassle of changing the IP.

Re: (Semi OT) RBL shakedown

li...@lazygranch.com [2016-10-24 14:52 -0700] : > Oh, I didn't me YOU as in you personally. Sorry about that. > Maybe it is an American was of speaking.  No offenSe taken. ;-) > The reply from Digital Ocean is just to change my IP. I'm > shocked they don't want to defend their IP space. I suppos

incoming queue question: 'not found'

I monitor Postfix queue with Cacti, normally see warning on deffered queue, charts in red, sends treshold warning, when there is some issues today, first time ever saw that, I see incoming queue in Cacti growing, up to 14/16, (charts blue) never observed that before...? mailq gives nothing, pfque

Re: OT: "X-PHP-Script" header

On 24 Oct 2016, at 12:29, Allen Coates wrote: Over the weekend I had three spam messages get through to my in-box. Two contained an "X-PHP-Script" header one was X-PHP-Script: folar.org/wp-content/plugins/the-events-calendar/src/Tribe/Aggregator/uploader.php for 110.83.63.152 and the other

Re: (Semi OT) RBL shakedown

On 24 Oct 2016, at 16:54, li...@lazygranch.com wrote: So you block all of AS14061 because there supposedly is a spammer in the block? The relevant TXT record in that DNSBL asserts 276 "abusers" on AS14061 in the past week. Eyeballing the visible routes for AS14061, that seems to be something

Understanding reject_unknown_(recipient|sender)_domain

Hi, Reading the postconf explanation of reject_unknown_recipient_domain and reject_unknown_sender_domain, I'm having trouble understanding where these find their use. For incoming mail: The first test criteria for both is that Postfix not be the final destination for the recipient/sender dom

Re: [Feature-request] (smtpd_)milter_exceptions

ding on the client. > > > > I'll think about it. > > I've implemented the second variant. If you maintain configurations > by hand, then excluding mynetworks will be a bit of extra work. I > recommend that configurations aren't maintained by hand. Listed o