picious of this. Could it be that this DNS name
forms the basis of a simple DNS spoof attack that somehow confuses
Postfix into thinking that the traffic comes from localhost and
therefore, allows the relay to proceed?
We would appreciate your thoughts.
Jamie
Borja
I am pretty sure of it. After I blocked the ip address, the spam stopped
coming. It is no co-incidence that 113.167.239.162 resolves to localhost
(see: http://remote.12dt.com/ for confirmation).
I am fairly certain that our mail server has not been hacked.
Regards
Jamie
On 2013/02
As requested, here is our configuration. I added the helo restrictions
after seeing the relay problem, but it didn't help.
*** main.cf ***
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
Robert
Thanks for the ideas. I'll try out your recommendations.
Like I said, as soon as I blocked the troublesome IP's the problem went away.
Thus, it cannot be a local script. Furthermore,
we are not even running Apache. We are running Tomcat with custom developed
Java apps.
I also ran tcpd
Sure... the log entries are not altered in any way.
*** /etc/hostname ***
serve.stimulussoft.com
*** /etc/hosts ***
127.0.0.1localhost.localdomain localhost
71.6.200.51serve.stimulussoft.com serve.mailarchiva.com
*** postfix configuration ***
alias_database = hash:/etc/aliases
alias
I ran chkrootki with clean results.
For kicks: I sent a test email to myself from a web mail client. It
seems connect from localhost.localdomain[127.0.0.1] is outputted under
normal circumstances. Thus, it must be something to do with the way in
which postfix passed mails along to the antivir
On 2013/02/26 4:59 PM, Deeztek.com Support wrote:
in your /etc/hosts file if you were to change it to the actual
servername.domain.tld of your server, then the log should report the
actual server name vs. localhost.localdomain. I would unblock the IP
address and see if the same thing happens an
Thanks Lorens. I'll consider that.
On 2013/02/27 9:29 PM, Lorens Kockum wrote:
On Tue, Feb 26, 2013 at 05:16:20PM +0200, Jamie wrote:
I unblocked the IP and the problem came back.
In another mail you said you'd used tcpdump. Why don't you set
tcpdump to record everything from
Noel
On 2013/02/27 9:48 PM, Noel Jones wrote:
If you would send postfix logs and current "postconf -n" to the list
as requested several times, we could likely clear this all up pretty
quickly.
If you look back earlier in the thread, you will see that I had posted
it already.
s
when our replies don't seem sugar-coated enough for your tastes: we
really DO want to help this poster, and especially to help the
Internet be rid of some more spam. Jamie is not following directions
and is wasting our time. This thread has gone on for days, but if
proper information had been available we would have solved it long
ago.
ther.
I know I've made a mistake but i can't see what it is, i'm stuck. I'm wondering
if someone on list could give some guidance. My postconf -n is below, thank you.
Jamie.
-
fix# /usr/pkg/sbin/postconf -n
biff = no
body_checks = pcre:/usr/pkg/etc/postfi
t using the $smtpd_sender_restrictions parameter would be
the right way to whitelist this domain for what i'm trying to achieve, have I
got that right?
Jamie.
my Web
> browser anyway.)
Yeah I feel thefrustration with that too. I mean, the fuss i've gone to today
just to get one message through my server; and the fact it's the ISP i'm paying
that has send it is not very encouraging.
Thanks again for your time and help.
Jamie.
* Ned Slider [2013-01-17 04:25:04 +]:
> On 16/01/13 22:20, Erwan David wrote:
> >Le 16/01/2013 23:17, Terry Gilsenan a écrit :
> >>>-Original Message-
> >>>From: owner-postfix-us...@postfix.org [mailto:owner-postfix-
> >>>us...@postfix.org] On Behalf Of TFML
> >>>Sent: Thursday, 17 Ja
Hi,
I'm moving from qmail to postfix. I have numerous .qmail forwarding email
lists. Is there a easy way to convert these to postfix .forward files? I
haven't been able to find a lot of information on .forward file syntax.
Thanks!
Jamie
jamie.how...@somedomain.com
How would I do this in postfix? Would I still use .forward files? Note- the
mail servers do not have local users set up.
Many thanks,
Jamie
On Sun, Nov 24, 2013 at 8:35 AM, Benny Pedersen wrote:
> Jamie Winter skrev den 2013-11-24 15:05:
>
> I'm mov
working with the postfix (2.11) server.
Any help would be appreciated.
Thanks,
Jamie
. Some guidance would be greatly appreciated.
--
Jamie Bohr
SPECT_DIR does not exist; exit $EX_TEMPFAIL; }
cat >in.$$ || {
echo Cannot save mail to file; exit $EX_TEMPFAIL; }
# Specify your content filter here.
# filter /tmp/tmp.msg.$$
$SENDMAIL "$@" wrote:
> Jamie Bohr:
>> Hello,
>>
>> I am a newbie for advanced Postfix con
This may help
https://www.icann.org/dns-resolvers-checking-current-trust-anchors
Jamie
October 11, 2018 11:59 AM, "Viktor Dukhovni" wrote:
> On Thu, Oct 11, 2018 at 10:27:57AM -0700, pg...@dev-mail.net wrote:
>
>> Can you comment just a bit further on 'ready'
> > amavisd-new/spamassassin/spamassassin-fuzzyocr/clamav. Would
> > it behoove me to run Postgrey, too?
You could consider using OpenBSD's spamd - i find it works well for me.
jamie
== Stan Hoeppner wrote on Fri 10.Aug'12 at 10:57:24 -0500 ==
> On 8/10/2012 8:31 AM, li...@sbt.net.au wrote:
>
> > what are current 'recommended' rbl lists that people use ?
>
> This thread could potentially explode with responses. Probably best to
> nip it in the bud now. This subject is deci
[ Mikkel Bang wrote on Tue 21.Aug'12 at 21:06:20 +0200 ]
> Thanks for the reply Francis!
>
> Here on OpenBSD, spamd takes care of the greylisting so I'm all set there.
>
> After much going back and forth regarding amavisd-new+spamassassin, I came
> to the conclusion that it was an overly complex
[ Daniele Nicolodi wrote on Tue 21.Aug'12 at 23:22:20 +0200 ]
> On 21/08/2012 19:34, Mikkel Bang wrote:
> > Thanks a lot everyone! After thinking long and hard about all your
> > advice I finally ended up with:
> >
> > OpenBSD + postfix-anti-UCE.txt + undeadly's spamd setup (which
> > includes gr
[ /dev/rob0 wrote on Wed 22.Aug'12 at 8:47:06 -0500 ]
> On Wed, Aug 22, 2012 at 01:23:12PM +0530, DN Singh wrote:
> > I never realized that I had this issue too. But, after running
> > the tests, I found out that my queries were indeed blocked by
> > spamhaus.
> >
> > So, I changed the servers a
[ Patrick Ben Koetter wrote on Fri 14.Sep'12 at 7:31:10 +0200 ]
> * Chris Adams :
> > I'm configuring Postfix with SpamAssassin, using Spampd as a
> > before-queue filter. I put "/^X-Spam-Flag: YES/ REJECT Spam detected"
> > in /etc/postfix/header_checks, and that works (spam is rejected during
[ Renato wrote on Wed 17.Oct'12 at 16:06:40 +0200 ]
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hi, I'm new to postfix and MTAs in general; I'd like to set it up for
> local delivery only on my Archlinux box. I've followed the instructions
> on the archwiki [1] and my configuration file
[ Noel Jones wrote on Wed 17.Oct'12 at 16:32:28 -0500 ]
> > I'm almost changing by cyrus.
>
> I doubt cyrus will be any easier to configure, but use whatever
> works for you.
Stick with Dovecot - cyrus is more tricky in my experience, especially
as you are having trouble with your current set-up
/ Wietse Venema wrote on Thu 1.Nov'12 at 7:48:44 -0400 /
> Han Boetes:
> > After that postscreen gets to deal with whatever comes next. Now incase
> > postscreen decides that the ip is a zombie it's being blacklisted by
> > postscreen. In that case I'd like to hand the ip back to OpenBSD spamd.
/ Alex wrote on Thu 1.Nov'12 at 9:03:00 -0400 /
> Hi,
>
> >> I have a fc15 server with postfix-2.8.10 and have enabled postscreen.
> >> I've enabled it before without any difficulty, so I'm not sure what
> >> I'm doing wrong in this case. For some reason it is printing these
> >> errors periodi
/ Han Boetes wrote on Fri 2.Nov'12 at 6:08:20 +0100 /
> I look with great fright upon the day that the format of that dbase will
> change. The mailflow on my private server will be completely undone!
>
> Anyway. No worries, I'll check the code and see what I can come up with.
>
> It's just my
/ Han Boetes wrote on Thu 1.Nov'12 at 15:15:51 +0100 /
> Consider setting up a caching nameserver like unbound on your server.
> Having a local cache on a mailserver is good thing™
I do have a name server running on my lan. I wouldn't set up a mailserver
system without it. I have been doing tha
/ Reindl Harald wrote on Fri 2.Nov'12 at 11:57:15 +0100 /
> Am 02.11.2012 08:38, schrieb Jamie Paul Griffin:
> > / Han Boetes wrote on Thu 1.Nov'12 at 15:15:51 +0100 /
> > I do have a name server running on my lan. I wouldn't set up a mailserver
> > syste
/ David Rees wrote on Thu 8.Nov'12 at 14:59:01 -0800 /
> On Thu, Nov 8, 2012 at 8:25 AM, Daniele Nicolodi wrote:
> > I think I have a problem with my simple mail server. I noticed several
> > bounce mails in the queue, which postfix in unable to deliver.
>
> You're seeing the same issue as was
/ Daniele Nicolodi wrote on Fri 9.Nov'12 at 10:06:14 +0100 /
> On 09/11/2012 08:40, Jamie Paul Griffin wrote:
> > / David Rees wrote on Thu 8.Nov'12 at 14:59:01 -0800 /
> >
> >> On Thu, Nov 8, 2012 at 8:25 AM, Daniele Nicolodi
> >> wrote:
> &g
/ Daniele Nicolodi wrote on Fri 9.Nov'12 at 11:01:54 +0100 /
> On 09/11/2012 10:35, Jamie Paul Griffin wrote:
> > / Daniele Nicolodi wrote on Fri 9.Nov'12 at 10:06:14 +0100 /
> >
> >> On 09/11/2012 08:40, Jamie Paul Griffin wrote:
> >>>
> >
/ IMAP List Administration wrote on Tue 13.Nov'12 at 21:55:11 +0100 /
> [example of delivery failure]
> Nov 13 15:10:29 dna prefilter/smtpd[9340]: connect from unknown[8.7.42.206]
I've been getting client requests from this ip as well, i've put it into a
permenant spamd(8) blacklist.
[ Stan Hoeppner Wrote On Thu 22.Nov'12 at 8:19:21 GMT ]
> On 11/21/2012 7:01 PM, Alex wrote:
>
> > I pulled the IPs out of the logs for these 'lost connection' errors
> > over the last 24hrs, and it does appear that there are multiple IPs in
> > the same network losing the connection. This also
your UCE controls.
Wouldn't it be better to put $reject_unauth_destination closer to
the top of the restriction class: i.e. after $check_recipient_access?
and then $permit_mynetworks after that?
Like so:
smtpd_recipient_restrictions =
check_recipient_access hash:/etc/postfix/relay_domains,
reject_unauth_destination,
permit_mynetworks,
...
Jamie
39 matches
Mail list logo
