Hi,
still not work, i put in there into the file sender_bloqueados this rule:
ferozo-admin.com.ar dunno
I try with "OK" but not work.
Dec 17 07:57:40 smarthost01-ded postfix/pickup[20690]: 30AF44882E: uid=0
from=
Dec 17 07:57:40 smarthost01-ded postfix/cleanup[21286]: 30AF44882E:
Dear, I have a Postfix server and I have SPF and DKIM TXT records in my
DNS. Everything works OK.
But now I want to implement DMARC, but somebody tells me not to do it
because I'd have some problems and I'll have to use a whitelist for several
emai addresses, and it's a heavy additional work.
Ple
Hi,
So i inherited an old postfix setup and we have:
smtpd_client_restrictions =
check_client_access hash:$conf_dir/whitelist,
reject_rbl_client blah
reject_rbl_client blahblah
etc
And it still blocks the domains i put in the whitelist. Google says to have
this in recipient restrictions
On 17.12.19 16:24, Ieva Dav wrote:
smtpd_client_restrictions =
check_client_access hash:$conf_dir/whitelist,
reject_rbl_client blah
reject_rbl_client blahblah
etc
And it still blocks the domains i put in the whitelist. Google says to have
this in recipient restrictions instead, but that does
On 17.12.19 08:03, Emanuel wrote:
still not work, i put in there into the file sender_bloqueados this rule:
ferozo-admin.com.ar dunno
Dec 17 07:57:40 smarthost01-ded postfix/smtp[20790]: 30AF44882E:
to=, relay=none, delay=0.02, delays=0.02/0/0/0,
dsn=5.4.4, status=bounced (Host o
Ieva Dav skrev den 2019-12-17 15:24:
So i inherited an old postfix setup and we have:
smtpd_client_restrictions =
check_client_access hash:$conf_dir/whitelist,
change hash to cidr mapping
check_client_access is not domain names imho
reject_rbl_client blah
reject_rbl_client blahblah
> No idea. One could equally-well argue for setting it to zero.
Noted.
It was changed here long-ago, guessing for a reason, but I've no current
metrics to convince me, or not, that there's a problem (anymore).
My inclination is to stick with Postfix's 'new(er)' default/standard == 998,
for no
Emanuel:
> Dec 17 07:57:40 smarthost01-ded postfix/pickup[20690]: 30AF44882E: uid=0
> from=
This messsage is submitted with the POSTFIX SENDMAIL command.
> ## Restricciones de sender ## No enviar nunca desde ciertos sender
> smtpd_sender_restrictions =??? check_sender_access
Not for mail r
> On Dec 17, 2019, at 8:14 AM, Roberto Carna wrote:
>
> Dear, I have a Postfix server and I have SPF and DKIM TXT records in my DNS.
> Everything works OK.
>
> But now I want to implement DMARC, but somebody tells me not to do it because
> I'd have some problems and I'll have to use a whitelis
On 17 Dec 2019, at 06:14, Roberto Carna wrote:
> I have a Postfix server and I have SPF and DKIM TXT records in my DNS.
> Everything works OK.
Good. You might look into DNSSEC as well if you haven’;t done that. The setup
is a bit tricky butane it’s setup it just works.
> But now I want to impl
> DMARC policy is best avoided unless you're a bank, or other brand
> that is concerned about phishing of your customers.
or have a domain that spammers use as the from/reply-to address
- On Dec 17, 2019, at 8:14 AM, Roberto Carna
wrote:
Dear, I have a Postfix server and I have SPF and DKIM TXT records in my DNS.
Everything works OK.
But now I want to implement DMARC, but somebody tells me not to do it because
I'd have some problems and I'll have to use a whitelist fo
Thanks to all of you.I'll try DMARC with p=none some days and in this
way I can analyze the behaviour of this mechanism.
Regards !!!
El mar., 17 dic. 2019 a las 14:11, Chris Wedgwood () escribió:
> > DMARC policy is best avoided unless you're a bank, or other brand
> > that is concerned abou
On Tue, 17 Dec 2019 at 17:35, Dave Goodrich wrote:
>
> - On Dec 17, 2019, at 8:14 AM, Roberto Carna
> wrote:
>
> Dear, I have a Postfix server and I have SPF and DKIM TXT records in my DNS.
> Everything works OK.
> But now I want to implement DMARC, but somebody tells me not to do it becaus
- On Dec 17, 2019, at 12:40 PM, Dominic Raferd domi...@timedicer.co.uk
wrote:
> On Tue, 17 Dec 2019 at 17:35, Dave Goodrich
> wrote:
>>
>> - On Dec 17, 2019, at 8:14 AM, Roberto Carna
>> wrote:
>>
>> Dear, I have a Postfix server and I have SPF and DKIM TXT records in my DNS.
>> Eve
* Dominic Raferd:
> This is exactly what DMARC (p=reject) helps with.
I'm pretty sure you meant to say p=none there, didn't you?
-Ralph
On 17 Dec 2019, at 9:24, Ieva Dav wrote:
Hi,
So i inherited an old postfix setup and we have:
smtpd_client_restrictions =
check_client_access hash:$conf_dir/whitelist,
reject_rbl_client blah
reject_rbl_client blahblah
etc
And it still blocks the domains i put in the whitelist.
Note
* Dave Goodrich:
> I can't force another server to use my policy.
True, you cannot enforce your DMARC policies. Then again, you are also
unable to force third parties to pay attention to your SPF or DKIM
settings. The decision about how to process your messages will always
lie with the recipient.
> > Yes. Do any Postfix administrators with busy systems rely on NFS?
>
> That seems like a really bad idea, honestly.
Coy Hile also said:
> I haven't used mail systems that had, e.g. /var/mail
> on NFS in more than 20 years.
So NFS is a poor, outdated choice for mail storage in 2020 for a small
> > > Yes. Do any Postfix administrators with busy systems rely on NFS?
> > That seems like a really bad idea, honestly.
>
> So NFS is a poor, outdated choice for mail storage in 2020 for a small/medium
> enterprise?
The problem is one of data consistency and locking. Running a farm of IMAP
serve
> > > > Yes. Do any Postfix administrators with busy systems rely on NFS?
> > > > That seems like a really bad idea, honestly.
> >
> > So NFS is a poor, outdated choice for mail storage in 2020 for a
> > small/medium
> > enterprise?
>
> On any large number of users some kind of hash is used to d
Hi
I saw some providers' dmarc setup using returnpath.net as contact email.
For example,
_dmarc.yandex.com. 3600IN TXT "v=DMARC1; p=none; fo=1;
rua=mailto:dmarc_...@auth.returnpath.net,mailto:dmarc-...@yandex.ru;
ruf=mailto:dmarc_a...@auth.returnpath.net";
_dmarc.laposte.net.
* Tom Blackwood:
> What does "***@auth.returnpath.net" here stand for?
These are just email addresses, nothing special about them. Returnpath
offers what they call "email fraud defense", and aggregating DMARC
reports for their customers is probably a part of that.
-Ralph
23 matches
Mail list logo
