On 29/05/17 16:00, Hubro wrote:
> The problem with that is that you're passing all the mail file paths right in
> the command line.
No, he's not, go look up the xargs man page and see what it does.
It's basically a variation on the find solution I just gave you.
Peter
On 30/05/17 19:40, Geert Stappers wrote:
> On Mon, May 29, 2017 at 05:02:36PM +1200, Peter wrote:
>> On 29/05/17 16:57, Peter wrote:
>>> find "$(postconf -h queue_directory)/deferred/)" -type f -exec postcat
>>> -e {} + | your_program | postsuper -d -
>>
On 06/06/17 05:08, Wietse Venema wrote:
> It says: "yum install cyrus-sasl-plain". Nowadays one would use "dnf".
CentOS 7 (being several years old now) still uses yum.
Peter
n as a "delete" button!
So at the end of the day, it doesn't matter how aggressive you are,
there is at least some chance that google will flag your server as a
source of SPAM.
Peter
you have to customize depend largely on your exact setup,
and how people set up postfix can vary widely. I can say that I have
yet to run across a setup where I had to resort to disabling selinux
entirely.
Peter
d it yourself. See:
http://ghettoforge.org/index.php/Postfix3
Peter
source and you will continue to get
updates from Ghettoforge without having to worry about rebuilding
yourself every time a new version comes out with bug or security fixes,
plus you won't have to worry about when 2.11 goes EOL sometime early
next year.
Here's the link again for you:
http://ghettoforge.org/index.php/Postfix3
Peter
count.
Correct, Google will fetch from POP3 but not from IMAP. You pretty much
need to do it with POP3.
Peter
On 27/07/17 21:54, Nikolaos Milas wrote:
> Hello,
>
> We are moving to a new (virtual) server (from CentOS 5 with Postfix
> 2.11.6 to CentOS 7 with Postfix 3.2.2).
Where did you get Postfix 3.2 from?
Peter
rom,
I get the feeling he installed it from source directly.
Peter
hat email to another server so it's sent
out from there?
Cheers,
Peter
On 28/07/17 01:51, Nikolaos Milas wrote:
> On 27/7/2017 1:50 μμ, Peter wrote:
>
>>> http://ghettoforge.org/index.php/Packages
>> Right, that one is highly recommended, much better than attempting to
>> install from source.
>
> OK, I followed your advi
still wondering about the possible cause of the startup problem I
> faced.
I can't say for sure, but it looks to be permissions-related to me. It
might have to do with the way you built and subsequently installed
postfix, or it might be an selinux issue that simply isn't present in
the GhettoForge packages (assuming you haven't disabled selinux).
Peter
ns on this
list, or you can reach me at the #postfix or #ghettoforge Freenode IRC
channels.
Peter
h command states what the requirements are for
running it.
Peter
setting for port 587 is STARTTLS.
Peter
Hi guys,
I send my emails via different gateways based on my transport file. Many
domains, however, use the same email providers, such as outlook or
gmail. Is there a way to check the MX records before the email is sent
and transport it using a specific gateway?
Cheers,
Peter
w.
Also I cannot say for certain how this affects IPv6 addresses, they do
seem to be returned correctly with ifconfig, but you'd have to check on
your own system(s) to be certain.
If you need this then you may very well be better off just dumping the
list of IPs to a file and loading them into the mynetworks setting instead.
Peter
h a separate logical
> interface.
So it would seem that the reference to ifconfig should be ignored at
this point and probably removed from the docs?
Peter
almost as bad as being an open relay as
spammers will take advantage of it.
Peter
o fix it so it rejects instead of bounces. That is how you
avoid becoming a source of backscatter.
Peter
_mappings in submission_overrides is preventing
always_bcc from working ^^^^^.
Peter
build dependencies.
Mock is available from both the CentOS extras repo and epel.
The sources are also freely available from GhettoForge if you want to
look them over.
Peter
check your IP reputation with Microsoft, if
it's blocked you can contact support and they should remove the block.
Good Luck,
Peter
On 07/01/18 11:42, Yuval Levy wrote:
> On 2018-01-06 02:19 AM, Peter wrote:
>> It's not the first time I've seen MS accused of dropping mail.
>
> Mine (first post in thread) were not accusations. They were
> corroborated test results.
I understand that bein
t it has been zapped.
I certainly agree with you on these points, but again I don't read
anything malicious against you personally.
> I am still thinking how to react. For now I will advise my clients that
> I cannot communicate by email if they are using Microsoft services.
I would suggest, as others have, that if you cannot resolve this
directly then you use a relayhost for messages that go out to Microsoft
clients, then you should at least be able to get your mail through.
Good Luck,
Peter
On 08/01/18 19:56, Yuval Levy wrote:
> On 2018-01-07 04:32 AM, Peter wrote:
>> So to put it simply, they're basically saying that their black box
>> thinks that your IP(s) are sending SPAM.
>
> That's not how I read my conversation with them. My understanding ba
essary from Cyrus for the client SASL support.
Peter
On 24/01/18 19:32, john wrote:
> Is there a write up of how to setup up postscreen for maximum spam control.
Of course there's the official docs, POSTSCREEN_README and
postscreen(8). I also recommend this:
http://rob0.nodns4.us/postscreen.html
Peter
e. Also setting an
older client to require encryption would mitigate it as well.
This, I believe would be the strongest reason to prefer SMTPS
connections, but it only applies to older clients that are not well
configured.
Peter
attack vector more dangerous, imo
because it would not become apparent to the user that anything is wrong
when this happens or when the MITM goes away, it would all appear to
just work normally the entire time.
Peter
over all error cases without
bailing on commands that return non-zero but aren't errors, therefore it
has all sorts of crazy rules about what is and isn't an error and much
of the time will not do what you think it does. The safe way is to use
|| exit 1 as Wietse said above. See:
http://mywiki.wooledge.org/BashFAQ/105
Peter
telling the remote server to try again. Spam or not the
remote server is doing what you're telling it to do.
Peter
try to brute-force an
SHA1 hash collision in order to send out SPAM?
Good Luck,
Peter
with a recipient of mydomain.com on hold as
soon as postfix accepts them. BTW, it can be shortened to:
smtpd_recipient_restrictions = check_recipient_access
inline:{example.com=HOLD}
...or if you really want to put ALL inbound mail on hold:
smtpd_recipient_restrictions = check_recipient_access static:HOLD
Peter
fix and *does* look for the postfix config.
Peter
expired to me.
Peter
be a FQDN in this context.
https://en.wikipedia.org/wiki/Hostname
RFC952
Peter
it is formatted. It is impossible for the former case and very
difficult for the latter case to strip the link.
Peter
tire websites could look different or break entirely. None of this is
to even mention the DKIM issues previously brought up, or the multipart
formatting issues.
Really this is an idea best left alone.
Peter
On 18/02/19 04:41, Wietse Venema wrote:
What distribution runs Linux 5 kernels? I would like to do a smoke
test for due diligence (does it build and run).
Fedora Rawhide is on 5.0.0
Peter
k.
This is off-topic form your original question, but since you mention it...
If you're running any of the after-220 tests in postscreen then you are
now delaying mail twice by also greylisting. If you're not running
after-220 tests then you're limiting postscreen's effectiveness.
Peter
e
to continue to build for CentOS 6.
Peter
On 28/02/19 14:57, Peter wrote:
On 28/02/19 14:21, Wietse Venema wrote:
* Postfix 3.4 drops support for OpenSSL 1.0.1 (end-of-life was
December 31, 2016) and all earlier releases. Postfix 3.3 and
earlier still support older OpenSSL APIs.
Any possibility I can get you to
environment. You will probably also
have to install some -devel packages and possibly others, standard stuff
for most linux distros.
Peter
3.4
to date I will be delaying moving it from gf-testing to gf-plus until I
feel that the latest release is relatively stable.
Peter
basically just says not to enforce any DMARC policies, it
satisfies ESPs recommendation for setting DMARC but otherwise does nothing.
Also you should sign up for dnswl.org which is free to do and has been
known to help sometimes.
Peter
On 24/03/19 05:49, Alice Wonder wrote:
I have gotten then where they displayed throwaway passwords I used only
once for one site (and thus I know that site doesn't hash passwords and
never use it again)
This is not necessarily true. A hashed password can be brute-forced.
Peter
ut add in a
warning that fires on startup if this setting is 0 to try to encourage
people to change it?
Peter
exp
socketmap
static
tcp
texthash
unionmap
unix
That's missing ldap and pcre as well. Looks like a corrupted postfix3
install. This might fix it:
yum --enablerepo=gf-plus reinstall postfix3
Peter
f-plus clean all
yum --enablerepo=gf-plus reinstall postfix3
...should fix it properly.
Peter
On 19/04/19 11:16 PM, Nick wrote:
You might want to consider reducing the list of headers in your DKIM
signatures. E.g. your signed-headers list includes 'sender' but the
mailing list adds its own 'sender', which is enough to invalidate your
signature.
This is going to be an ongoing problem be
o say that the mailing list is DKIM
compliant just as long as the DKIM signature doesn't include certain
headers, some of which are actually recommended to be included by the
relevant RFCs. When looked at in that light it becomes more clear that
the DKIM compliance of the mailing list is spotty at best.
Peter
On 20/04/19 3:15 PM, Peter wrote:
I'm not disagreeing with any of this. It simply boils down to that when
a current RFC recommends a certain practice you shouldn't be surprised
that people will follow that recommendation. What then follows is that
people who use google, microsof
ded in the appropriate standards documents, and when
they don't it's their fault for actually following the standards? Ummm, ok.
Peter
e will always be another sender who breaks the
rules or doesn't get it, or can't actually control this stuff for their
email.
Peter
googleusercontent.com/search?q=cache:JmE1tzw6qqYJ:ghettoforge.org/index.php/Postfix3+&cd=1&hl=en&ct=clnk&gl=nz&client=firefox-b-e
With this version you will have SNI support.
Peter
hange.
Peter
dress some of the issues with major ESPs such as google and the
after-220 tests.
Peter
that postgrey defers does not
mean it caught spam, it means it may be spam and it is delaying the
message further to try to check. If postscreen is catching the vast
majority of these then all you're seeing is unnecessary delay on
legitimate mail.
Peter
On 24/06/19 3:38 AM, Chris Pollock wrote:
I still have some that are going to /var/spool/mail/nobody however.
Headers below:
And your logs show what exactly?
Peter
nd it
would pay to ask if the handful of messages getting through (that might
be caught by another anti-spam solution later in your pipeline) is worth
catching for the delay you are introducing with such a setting.
Peter
probably due to similar security concerns.
Peter
lly you can add in a directory and file
and import it into systemd so it takes precedence over but does not
overwrite the postfix service file that comes packaged with postfix.
Let me know if you need any more help.
Regards,
Peter Ajamian
o the list that
they used to sign up with. Google may see multiple variants as
equivalent but that does not mean that other servers need do the same.
Peter
but let's wait until it
fixes more distros than it breaks.
Peter
all, plus the benefits of
having a backup MX are almost non-existent nowadays. In short, just
don't do it.
Peter
everything listed before you attempt to contact the ESP services
for help.
Peter
On 8/10/19 12:04 AM, Jaroslaw Rafa wrote:
Dnia 7.10.2019 o godz. 23:54:41 Peter pisze:
Also sign up for ESP-specific programs such as
feedback loops, Google postmaster tools and Microsoft's SNDS. Check
the individual postmaster pages for each ESP that you're having
problems with to
h the EHLO banner as well?
Peter
why spf is not have a max ip in there rfc :(
Don't be ridiculous.
Peter
On 9/10/19 11:02 PM, martin f krafft wrote:
Quoting "Peter", who wrote on 2019-10-09 at 10:54 Uhr +1300:
Does ambassador.madduck.net match the EHLO banner as well?
Yes, of course. ;)
% swaks -q EHLO -s ambassador.madduck.net
=== Trying ambassador.madduck.net:25...
=== Co
You can whitelist with dnswl.org. See:
http://rob0.nodns4.us/postscreen.html
Peter
On 13/11/19 12:26 AM, Roland Freikamp wrote:
Hi,
I'm using postscreen on a mailserver.
Unfortunately, this does not work with some bigger mail providers, since
they send the mail from a random host in
--- 354 Start mail input; end with .
C ---> .
S <--- 250 Message accepted for delivery
C ---> RSET
S <--- 250 Reset state
C ---> MAIL FROM:
S <--- 501 The first command in a session must be the HELO command
BR
Peter
---
Stavebna faku
On Fri, 23 Jan 2009 08:10:25 -0600, Noel Jones wrote
> Peter Micunek wrote:
> > Hi,
> > I have a strange problem with some email sessions.
> > Postfix 2.5.2 is configured like email router.
> > It receives emails from many sources and sends them to one destinati
gcc is version 4.1.2 20070925 (Red Hat 4.1.2-27) .
previous version compiled+running without this problem was 2.6-20080903 .
any idea what to do?
thank you and best regards from hamburg, germany
peter
http://stats.dnsbl.com/
As victor said, ZEN is usually enough for most people, but it's always
good to know why you're not using the rest.
On Thu, Feb 12, 2009 at 2:02 PM, Linux Addict wrote:
> Please see below my smtpd_recipient_restrictions. On my rbl client list I
> have multiple entries, but
Including every solicited bulk email. They usually create unique
bounce addresses to track dead target mailboxes etc.
On Wed, Feb 11, 2009 at 9:30 AM, Michael Katz
wrote:
> Ilo Lorusso wrote:
>> Hi
>>
>>
>> is their a way I can reject messages when its from address does not
>> match the envelope
smtpd_delay_reject = no ?
On Wed, Feb 18, 2009 at 3:09 PM, Alexey V Paramonov
wrote:
> Hi,
> I'm looking for a good solution to make my postfix server operate faster.
> My setup is Postfix + Policyd-weight + fail2ban, but nothing helps under
> heavy load, and the problem is not with the server pe
On Wed, Feb 18, 2009 at 3:59 AM, Rocco Scappatura
wrote:
> My aim, anyway, is to apply a such policy for outgoing messages
> (including internal-to-internal messages). So I have to define a group
> which contains the IPs enabled for relay through my mail server.
smtpd_end_of_data_restrictions =
It's easier to do with a src-nat within network gear. But let me tell
you that this is referred to as "snowshoeing" as it expands your IP
footprint, and is seen in the deliverability world as a slimy thing to
do.
People do it to mitigate the effects of their IP addresses being
blacklisted. But t
On Thu, Feb 19, 2009 at 9:02 AM, Rocco Scappatura
wrote:
> Thanks Peter,
>
>> > My aim, anyway, is to apply a such policy for outgoing messages
>> > (including internal-to-internal messages). So I have to define a
>> group
>> > which contains the IPs e
I'm certain that you should rephrase that to:
Best way to NOT setup an open relay
Feel free to test your config against:
http://www.abuse.net/relay.html
To ensure that your host isn't an open-relay to the Internet (Say hi
to "hinet" if it is)
On Thu, Feb 19, 2009 at 2:42 PM, Rich wrote:
0/0 is the entire internet.
Take the approach of least privileges. The idea that laptop users VPN
in if they want to be given a free ride (no auth) etc works, since you
can place your VPN subnet into mynetworks.
Perhaps your initial posting was too ambiguous.
On Thu, Feb 19, 2009 at 3:00 PM, Ri
On Thu, Feb 19, 2009 at 3:15 PM, Bokhan Artem wrote:
> Peter Blair пишет:
>>
>> It's easier to do with a src-nat within network gear.
>
> I understand, I just wanted to know if there is an intelligence way to bind
> every ip address its own helo.
Well, you could pl
True enough-- but that won't help your HELO matching up with the
reverse of the IP that its bound to.
2009/2/19 Bokhan Artem :
> Peter Blair пишет:
>>
>> Well, you could place a slim smtp proxy between postfix and the
>> Internet.
>
> It's easier to write a
2009/2/19 Bokhan Artem :
>>> smtp1 unix - - n - 100 smtp -o
>>> smtp_helo_name=smtpout1.do -o smtp_bind_address=1.1.1.1
>>> smtp2 unix - - n - 100 smtp -o
>>> smtp_helo_name=smtpout2.do -o smtp_bind_address=2.2.2.2
>>>
>>>
>
>
On Mon, Feb 23, 2009 at 12:00 PM, Chris Dos wrote:
> I've been tasked to figure out a way for our three postfix relay servers to
> intercept every hard bounced back
> e-mail and process it for our web application.
>
> We have about nine servers relaying mail through our three postfix servers.
>
sends it to the address in the envelope.
On Mon, Feb 23, 2009 at 1:23 PM, Chris Dos wrote:
> Peter Blair wrote:
>> On Mon, Feb 23, 2009 at 12:00 PM, Chris Dos wrote:
>>> I've been tasked to figure out a way for our three postfix relay servers to
>>> intercept ev
If the exchange server is doing anti-spam analysis, then can't you
setup the exchange server to be a before queue content filter? This
will mean that your postfix server will still do all of the RBL and
recipient checks, but the 5XX series block sent by postfix will be
relayed via postfix to the u
On Thu, Mar 19, 2009 at 3:28 PM, David A. Gershman
wrote:
> from an external source. I'm trying to see if there is a setting in
> master.cf (or other .cf file) which will reject any email from an
> external IP (other than my own) *and* is claiming to be from a local
> user account.
You'll block
On Thu, Mar 26, 2009 at 12:55 PM, LuKreme wrote:
> Obviously I can't disable the account as it is required, but is there
> something that I can do to stop the connections for messages like this:
>
> Return-Path:
> X-Original-To: postmas...@covisp.net
> Delivered-To: postmas...@covisp.net
> Recei
On Sat, Apr 4, 2009 at 3:27 AM, Oguz Yilmaz wrote:
> On my postfix mail server I have RBL definitions at
> smtpd_client_restrictions phase. At the moment 2 of 4 rbl's waiting until
> tcp timeout without an answer when I try with nslookup.
It sounds like your dns recursor is having problems. Ens
On Mon, Apr 13, 2009 at 3:59 PM, Tashfeen Ekram wrote:
> I have installed Postfix on Ubuntu to use to only send emails for my rails
> application. My rails application is not able to connect to it. Could this
> be because sendmail is listeneing at port 20?
> also, what configuration would suit me
/mysql.cf
I would prefer that it was possible to supply some kind of variable name
because I have to change this in several mysql.cf files.
I would prefer an ENVIROMENT variable.
Would that be possible??
Best regards
Peter Sørensen
Hi,
I know this is well documented and is now the default in postfix, but I'm
tearing my hair out trying to figure out why it won't work with my setup.
If I telnet to my mail server, anyth...@mydomain.com is accepted. If I
turn up the logging verbosity, I see:
maps_find: virtual_alias_maps: @myd
--- In postfix-us...@yahoogroups.com, Pascal Volk
wrote:
>
> On 06/05/2009 02:25 AM Peter Smith wrote:
> > If I telnet to my mail server, anyth...@... is accepted. If I
> > turn up the logging verbosity, I see:
>
> How do you telnet to your server?
> `telnet loc
> On Friday 05 June 2009 09:24:54 Peter Smith wrote:
>>
>> virtual_mailbox_domains = $transport_maps
>
> Whats this for?
>
> Are the problem domains listed in /etc/postfix/transport for some reason.
I have an entry in transport:
mydomain.commaildrop:
Is this the problem?
All solved now - thanks for your help guys! The changes I made were:
virtual_mailbox_domains = $transport_maps
to:
virtual_mailbox_domains = mydomain.com
Added:
virtual_transport = maildrop
virtual_mailbox_maps = hash:/etc/postfix/virtual
Hi,
I want to catch if a message is signed and if change the destination.
Is this possible within postfix ?
Regards
Peter Sørensen/Univ Of Sothern Denmark/email: mas...@sdu.dk
401 - 500 of 905 matches
Mail list logo
