-Original Message-
>2.6.6, though many years past EOL, is indeed later than 2.6, so WHEN [the
>listed headers are] NOT >PRESENT they are added ONLY WHEN CLIENTS MATCH THE
>local_header_rewrite_clients >PARAMETER SETTING. That's the default setting
>of "no" for always_add_missing_head
Viktor Dukhovni:
>
>
> > On Mar 21, 2018, at 9:46 PM, Wietse Venema wrote:
> >
> > Just like the SMTP conection cache service, the tlsproxy service
> > must not try to do clever things. It receives TLS requirements,
> > does a TLS handshake, and returns TLS session properties that can
> > later
> On Mar 22, 2018, at 10:54 AM, Wietse Venema wrote:
>
> Currently, the Postfix SMTP client does a bunch of TLS initialization,
> once per TLS session.
The expensive stuff for SSL_CTX happens only once in tls_client_init().
You're only looking at tls_client_start(), which uses a previously
ini
Viktor Dukhovni:
>
>
> > On Mar 22, 2018, at 10:54 AM, Wietse Venema wrote:
> >
> > Currently, the Postfix SMTP client does a bunch of TLS initialization,
> > once per TLS session.
>
> The expensive stuff for SSL_CTX happens only once in tls_client_init().
> You're only looking at tls_client_s
> On Mar 22, 2018, at 1:22 PM, Wietse Venema wrote:
>
> Well, each Postfix SMTP client creates SSL_CTX once, then reuses
> it across multiple TLS sessions. I suppose that tlsproxy can share
> this object among all sessions that tlsproxy creates for SMTP clients
> with similar parameters. This i
Hi all,
This postfix 2.9.6 from wheezy. I have added to main.cf:
smtpd_recipient_restrictions = check_recipient_access
hash:/etc/postfix/blacklisted_domains, permit_mynetworks,
reject_unauth_destination, permit
and /etc/postfix/blacklisted_domains contains just one line:
mail.ru R
> On Mar 22, 2018, at 7:35 PM, mj wrote:
>
> This postfix 2.9.6 from wheezy. I have added to main.cf:
>
>> smtpd_recipient_restrictions = check_recipient_access
>> hash:/etc/postfix/blacklisted_domains, permit_mynetworks,
>> reject_unauth_destination, permit
>
> and /etc/postfix/blacklisted
Hi Viktor,
On 03/23/2018 12:42 AM, Viktor Dukhovni wrote:
Almost certainly bounces, which did not come in via SMTP, they are originated
locally, when inbound mail from mail.ru is undeliverable, and sent outbound
via the smarthost.
Yes, they are originated locally, yes, using a webform that is cu
> On Mar 22, 2018, at 7:58 PM, mj wrote:
>
> On 03/23/2018 12:42 AM, Viktor Dukhovni wrote:
>> Almost certainly bounces, which did not come in via SMTP, they are originated
>> locally, when inbound mail from mail.ru is undeliverable, and sent outbound
>> via the smarthost.
> Yes, they are origi
On 03/23/2018 12:58 AM, mj wrote:
Is there perhaps also another error code we can use, that blackholes the
email, instead of politely bouncing it with a "Diagnostic-Code:
X-Postfix; Destination domain blacklisted"?
I just found the "discard" option.
Thanks you again, Viktor!
MJ
On 03/23/2018 01:06 AM, Viktor Dukhovni wrote:
Yes, but the right answer is turn off the webform until you can replace it
with something that is not open to abuse.
We will install a captcha tomorrow. (it's after midnight now)
It's also not *that* harmful: they s u b s c r i b e to a wordpres
11 matches
Mail list logo
