Hello,
This is a bit of an odd question, and I don't see an obvious way to do
this, but perhaps there's a non-obvious way.
We're looking to try Postfix out in some queues that would benefit
from Postfix's throttling and rate-limiting features, and I'm trying
to model this after our current qmail
On Feb 10, 2012, at 3:42 PM, Jorge Luis Gonzalez wrote:
> I'm posting this to the postfix list rather than the FreeBSD list
> because I've found the level of expertise here to be almost
> unsurpassed.
>
> In trying to substitute postfix for sendmail on FreeBSD 8.0, I've come
> across a problem w
On Feb 10, 2012, at 10:29 PM, Jorge Luis Gonzalez wrote:
> On Fri, Feb 10, 2012 at 10:15 PM, Wietse Venema wrote:
What happens when you execute /usr/sbin/mailwrapper by hand?
(it should complain about no mapping in /etc/mail/mailer.conf).
>>>
>>> [jorge@satyr ~]$ /usr/sbin/mailwrapper
Hello,
Sorry for the broad question, but is there any sort of best common practice
these days regarding limiting outbound email? We recently had a customer's
account compromised (not sure if it was brute-forced or keylogged) and then the
perp proceeded to use their credentials to smtp-auth the
On Jul 24, 2012, at 1:24 AM, Stan Hoeppner wrote:
> On 7/23/2012 4:16 PM, CSS wrote:
>
>> I'd like to take some measures to limit what an authenticated sender can do
>> but not limit legitimate use.
>
> See:
> http://www.postfix.org/postconf.5.html#smtpd_clien
On Jul 24, 2012, at 2:37 AM, Stan Hoeppner wrote:
> On 7/24/2012 12:44 AM, CSS wrote:
>>
>> On Jul 24, 2012, at 1:24 AM, Stan Hoeppner wrote:
>>
>>> On 7/23/2012 4:16 PM, CSS wrote:
>>>
>>>> I'd like to take some measures to limit
On Jul 24, 2012, at 6:23 AM, Len Conrad wrote:
> At 04:16 PM 7/23/2012, you wrote:
>> Hello,
>>
>> Sorry for the broad question, but is there any sort of best common practice
>> these days regarding limiting outbound email? We recently had a customer's
>> account compromised (not sure if it wa
On Oct 17, 2012, at 4:51 PM, /dev/rob0 wrote:
> On Wed, Oct 17, 2012 at 03:41:08PM -0500, Thomas E Lackey wrote:
>> I am looking into a system where one of the [virtual] mail accounts
>> was compromised.
>>
>> Apparently the account, once compromised, was used to send spam
>> from overseas host
On Oct 20, 2012, at 4:08 PM, Jan P. Kessler wrote:
> Hey guys,
>
>> if [ `$mailq_count` -gt 50 ]; then echo "Mail count on Server is"
>> `$mailq_count`|/usr/sbin/sendmail -f r...@example.com repo...@example.com ;
>> fi
>
> I'm not sure, if sending an e-mail about a "full mailqueue"-condition i
Hello,
I was just digging through the documentation on running various postfix
processes chrooted. I found the recommendation that at least the
network-facing daemons be chrooted, but it appears that almost everything in
master.cf can be. What's the current BCP for what to chroot and what not
Hello,
I'm having trouble chasing down an occasional delay in our submission service.
We run policyd to enforce sending quotas, and I sometimes see a 1 minute to 2
minute delay between the "connect from…" line in the postix log and the line
from cbpolicyd that lists the information it's insert
On May 27, 2013, at 5:58 PM, Wietse Venema wrote:
> CSS:
>> Hello,
>>
>> I'm having trouble chasing down an occasional delay in our submission
>> service. We run policyd to enforce sending quotas, and I sometimes
>> see a 1 minute to 2 minute delay betw
On Feb 25, 2014, at 9:50 AM, Noel Jones wrote:
> On 2/25/2014 4:44 AM, Eivind Olsen wrote:
>> Hello (or should that be EHLO? :))
>>
>> It has been a while since I've had a need to change my Postfix
>> configuration, so I'm a bit rusty. I have searched, checked the
>> configuration, etc. No luck
On Feb 25, 2014, at 7:35 PM, Noel Jones wrote:
> On 2/25/2014 6:06 PM, CSS wrote:
>>
>> On Feb 25, 2014, at 9:50 AM, Noel Jones wrote:
>>
>>> On 2/25/2014 4:44 AM, Eivind Olsen wrote:
>>>> Hello (or should that be EHLO? :))
>>>>
>&
On Aug 24, 2014, at 12:18 PM, D'Arcy J.M. Cain wrote:
> On Sun, 24 Aug 2014 16:06:36 +
> Viktor Dukhovni wrote:
>> Postfix 2.11 or later has a new feature:
>>
>>http://www.postfix.org/postconf.5.html#check_sasl_access
>>
>> If your relay restrictions look like:
>>
>>main.cf:
>>
On Sep 8, 2015, at 11:20 PM, Wolfe, Robert wrote:
> The best one I've found and what I use to host other people's spam filtering
> is
> http://www.virtualtothecore.com/en/efa-nice-free-spam-filter-virtual-appliance/
>
> I have a separate VM with this set up and all mail goes through that befo
http://intothesymmetry.blogspot.com/2016/01/openssl-key-recovery-attack-on-dh-small.html
It seems that there are a number of factors (that I do not understand) that
determine whether an application is vulnerable. For example, Apache/mod_ssl is
not.
Is there enough information here to determine
> On Jan 28, 2016, at 8:38 PM, Viktor Dukhovni
> wrote:
>
> On Thu, Jan 28, 2016 at 08:36:02PM -0500, CSS wrote:
>
>> http://intothesymmetry.blogspot.com/2016/01/openssl-key-recovery-attack-on-dh-small.html
>>
>> It seems that there are a number of factors (
> On Feb 22, 2016, at 5:11 PM, Rich Wales wrote:
>
> Regarding port 465 --
>
> The last time I checked, iPhones and iPads refused to do STARTTLS on
> mail submission. Since I use an iPad, I had no choice but to enable
> submission via port 465 (SSL) on my mail server -- in addition to
> STARTT
Hello,
I know it’s fairly common for people to use postfix as a spam-eating/tagging
gateway in environments where Exchange or some other MTA is mandatory. In my
case, I’m fronting an old qmail/vpopmail setup which is probably never going to
go away. Right now I have basic transport rules that
Quick question…
I finally decided to build a web UI for our support guys to be able to manually
kill relaying for compromised accounts using the new check_sasl_access
(http://www.postfix.org/postconf.5.html#check_sasl_access) feature introduced
in 2.11.
A thread regarding this is here:
htt
On Sep 17, 2014, at 2:19 PM, Wietse Venema wrote:
>> CSS:
>> Quick question?
>>
>> I finally decided to build a web UI for our support guys to be
>> able to manually kill relaying for compromised accounts using the
>> new check_sasl_access
>&g
On Sep 22, 2014, at 2:43 PM, Viktor Dukhovni wrote:
> On Mon, Sep 22, 2014 at 01:29:37PM -0500, Noel Jones wrote:
>
>> My thought: there are popular distros that have set this explicitly
>> to "no" for years, and yet we get very few questions here where the
>> artificial "no" setting causes a p
Im having a hard time copying something I did in qmail (using some
random patch).
Ive got four postfix instances, two used exclusively for submission
(all outbound email from us), two as mxers (all inbound email,
primary then forwards to an old qmail/vpopmail setup).
Im looking to have a list of
On Sep 23, 2014, at 3:40 AM, Robert Schetterer wrote:
> Am 23.09.2014 um 09:28 schrieb CSS:
>> Im having a hard time copying something I did in qmail (using some
>> random patch).
>>
>> Ive got four postfix instances, two used exclusively for submission
>> (al
My apologies for top-posting here, but I’m going to ask for something related
to this thread…
I’ve subscribed to this list for some time, and it’s full of good information,
including things that don’t really have anything to do with Postfix. I’m fine
with that, but these threads do sometimes g
Google’s not feeding me much on doing this on a per-user basis…
I’d like to give users the option to block emails with certain attachments -
zip, exe, etc.
I know that server-wide the simplest option is header checks. I’m open to
adding another milter to my chain of milters. I already have sq
On Apr 28, 2015, at 1:04 PM, Terry Barnum wrote:
>>
>> On Apr 28, 2015, at 1:47 AM, Marius Gologan wrote:
>>
>> Hi Terry,
>>
>> I use amavisd-new/spamassassin in post-queue configuration with few
>> adjustments: increased score for SPF_FAIL, DKIM_ADSP_DISCARD, Bayes_80,
>> Bayes_95, Bayes_99,
On May 24, 2015, at 9:28 AM, Viktor Dukhovni wrote:
> On Sun, May 24, 2015 at 06:38:50AM -0400, Postfix User wrote:
>
>>> smtpd_tls_protocols = !SSLv2, !SSLv3
>>> smtp_tls_protocols = !SSLv2, !SSLv3
>>
>> Wouldn't the following be more secure:
>>
>> smtpd_tls_protocols=!SSLv2, !SSLv3,
Hi all,
I have a handful of personal domains that I host myself - both as a place to
experiment a bit (I roll new things out here before using them on paying
clients), and a place to play with things that don’t scale well. As of now, I
just have a single MXer with a pretty standard Postfix set
ou can use a special network between "droplets"
> (VMs) that is local. There is no transit cost. Perhaps Vultr does the same
> thing.
>
> Vultr has a free DNS.
>
> If I wasn't running FreeBSD, I'd probably be on Linode.
> https://www.vpsbenchmarks.com/
&g
> On Apr 29, 2017, at 1:12 PM, CSS wrote:
>
>
>> On Apr 29, 2017, at 6:41 AM, li...@lazygranch.com wrote:
>>
>> I've never used rsync in daemon mode (if that is the right way to phrase
>> it), but wouldn't that do everything automatically?
>
> On Jun 23, 2017, at 8:11 PM, Wietse Venema wrote:
>
> Daniel Miller:
>> I had a couple of accounts with too simple passwords hacked. And obviously
>> my mail server is entirely too efficient - I think about 50k spams got
>> blasted out before I caught it (because we got in the DNSBL's).
>>
33 matches
Mail list logo
