are you just considering this as a display problem?
Terry
rosalie" to refer to two
distinct users, or are you just considering this as a display
problem?
Terry
Thanks, I discovered this and I personally consider this a bug. In
these days, users names need to be mixed case for security reasons.
If I have a domain name I could just run thr
o the application directory without a valid login.
The http auth box is ugly and somewhat annoying, however there's a lot
to be set for a very stable, low-level, simple authentication mechanism.
Terry
pt parse it, and block users that
send too much spammy-looking mail, until they've been reviewed by an
admin.
Terry
f course itself undeliverable, since it's in response to spam.
Anybody have any idea how this is happening?
Thanks,
Terry
local_recipient_maps = unix:passwd.byname $alias_maps
alias_maps = hash:/etc/aliases
There is no user or alias named "squirrel".
Feb 2 06:54:05 wormhol
rejected at the rcpt to: command,
while badu...@whatever.cnysupport.com is accepted, then causes an NDR.
Anybody have any ideas?
I have no valid subdomains, so simply rejecting anything sent to one
would be just fine.
Thanks,
Terry
postconf -n:
alias_maps = hash:/etc/aliases
command_direct
elp, but I'm either
misunderstanding the docs or something is behaving improperly.
Terry
lways
welcomed, but not always accepted.
I'll pass on updating the docs. Considering that I misinterpreted
them, I'm probably not the right person to submit a change.
Thanks again.
Terry
of mail to AOL or a few users click the
"SPAM" button, suddenly you won't be able to send any mail to AOL, and
getting this fixed takes work, which you may or may not want to do.
Terry
primary mx is down,
the backup mx might not have anything to query.
You might want to have the primary mx export a list of valid users
periodically as a text file, then have the backup server pick it up
with rsync, then postfix can use it to validate recipients.
Terry
"postconf -n |grep sender_access" turns up something.
In any case, I'm not sure that refusing to talk to a single hotmail
server will accomplish anything useful.
What are you trying to do?
Terry
ered to check MX records isn't
anybody's problem except the sender.
In fact, just like spambots, broken clients that send to the wrong MX
tend to end up on RBLs fairly quickly, making them even less of a
problem.
Terry
Hey friend!
Check this out http://bigobjectbase.com/so.php?1a
te...@dop.com
That's a great idea assuming you want to be on every known RBL when you
return.
The "from" and "sender" addresses on almost all spam is forged, so
you'll be spamming them all with "Sorry, we're not here right now . . .".
Most won't appreciat
ot of
spammers use it without every trying the primary, specifically because a
lot of people implement the backup without filtering.
Terry
stfix to a content scanner, then to exchange. I'd like
to have internally generated messages (notifications, etc.) go directly
to exchange.
Anybody have any ideas?
Thanks,
Terry
etty much it.
So would it be correct to change:
content_filter=amavisfeed:[127.0.0.1]:10024
to
content_filter=cidr:/special_routing.cidr
then,
special_routing.cidr:
127.0.0.1/32 smtp:exchange server ip
0.0.0.0/0 amavisfeed:[127.0.0.1]:10024
Terry
are you accepting mail that you can't deliver?
Terry
DATA (0 bytes) from unknown[202.70.195.135]
Shouldn't this be rejected by reject_unknown_reverse_client_hostname instead of
making it all the way to the zen.spamhaus.org RBL, or is the smtpd_delay_reject
causing all the restrictions to execute before rejecting the message?
Terry
ient_hostname should be rejecting the connection?
Terry
unknown[202.70.195.135]"
... or ...
"RCPT from security.cnysupport.com[202.70.195.135]" ??
That makes more sense. Thanks!
Terry
ram wrote:
Sometimes my mailq gets cluttered with lot of undelivearble mails.
Because end servers are not accepting
I wish to bounce back some messages ( not delete them ) from queue
How do I do it ?
The mail will bounce on it's own when it's maximal_queue_lifetime expires.
Terry
ket, or switch postfix and MySQL to
use a TCP socket.
If you're running chroot'ed the socket needs to be where postfix can
find it.
Terry
Terry Carmen wrote:
Jeff Weinberger wrote:
Hello again:
One more issue on which I would appreciate any help anyone can offer:
Yesterday I upgraded my postfix installation from 2.5.2 to 2.5.5 and
my MySQL installation from 5.0.51b to 5.0.75. Immediately after
restarting everything (the
sn't going to make them happy.
However if you really want to do this, you can set maxproc to 1 for smtp
in master.cf.
Terry
that I should be looking at? (There's nothing in
those two)
If there's nothing in the mail.log file, then you haven't found the
correct file. At the very least you should have an entry for the
delivery attempt, regardless of whether or not it was successful.
Terry
level code in whatever string library is used. If you can tell
the difference, someone did a horrible job.
Terry
Multilinks.com is undeliverable for some reason.
postqueue -p will tell you why, however unless it's a routing problem,
you don't need to do anything. As the messages get older, they'll expire
and be returned to the sender.
Terry
punit jain wrote:
Hi All,
My mail server
n or other mailing list managers.
Terry
g else.)
Terry
transport"
If you really mean sender, I'm not sure what you would use.
Terry
--
Terry Carmen
CNY Support, LLC
315.382.3939
http://cnysupport.com
er as quickly as possible and if the exchange server is
down, it will wait until it's back up again.
If you're saying that there is actual broken client software (Outlook,
etc.) that's "loosing" mail, why not configure it for IMAP instead of
POP so the mail will remain on the Exchange server?
Terry
will claim no responsibility or knowledge of the situation.
Terry
issing on a
precompiled version of postfix. If you actually need mysql, you should
make sure that mysql and the mysql client libraries are installed.
Terry
--
Terry Carmen
CNY Support, LLC
http://cnysupport.com
t.net,
reject_rbl_client 2.0.0.127.b.barracudacentral.org
the /etc/postfix/whitelist file (yes its been mapped to .cf)
Assuming you're making a hash file, postmap outputs a ".db" file.
Terry
David Cottle wrote:
Sent from my iPhone
On 09/02/2009, at 10:38, Terry Carmen wrote:
David Cottle wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
I have got RBL tests and I got a client on godaddy. Naturally their
outgoing server (secureserver.net) is listed. I made
he recipients is spamt...@mydomain, that the message will only be
delivered to spamt...@mydomain?
Terry
off its checks?
Have you considered allowing the use of an existing instance of Postfix?
Many people tend to not consider packages that require and ship with
their own versions of externally maintained packages.
Terry
want to be positive.
Exchange doesn't like your server or something about the message it
tried to send.
That's about as specific as you'll be able to get unless you can talk to
the Exchange admin and ask him/her what the problem is.
Terry
21684]: 8BA1AF50:
from=, size=4839, nrcpt=1 (queue active)
I've replace the actual username.
There should be nothing in procmail that prevents delivery so I'm
really
puzzled where these went.
Thanks,
Rich
What do you get with:
grep E4041AAE /var/log/maillog
and
postqueue -p
?
T
Rich Shepard wrote:
On Wed, 11 Feb 2009, Terry Carmen wrote:
What do you get with:
grep E4041AAE /var/log/maillog
Terry,
Feb 9 11:43:58 salmo postfix/smtpd[17963]: E4041AAE:
client=vms173007pub.verizon.net[206.46.173.7]
Feb 9 11:43:59 salmo postfix/cleanup[17966]: E4041AAE:
message-id
Rich Shepard wrote:
On Wed, 11 Feb 2009, Terry Carmen wrote:
Postfix delivered it to procmail, so postfix is done with it.
I saw that, but there's nothing in ~/procmail/log since 2007.
Time to look further.
Yep.
That's definitely a good place to start. At a minimum the pr
Schwalbe, Oliver wrote:
Hello Newsgroup,
i will implement a holiday/out of office message in my postfix.
the user should sent a message to holiday@ and the
holiday/out of office notification for the mailsender are active.
with a 2. mail to holiday@ the notification will be inactive.
Can any
header
like
From: "Jon Doe" <mailto:john...@somethingsomething.com>>
This is a mail client issue, not a server issue.
You need to fix the "from" address in whatever is creating the message.
Terry
--
Terry Carmen
CNY Support, LLC
315.382.3939
http://cnysupport.com
from unknown[122.110.167.253]: 554 5.7.1 ters.com>: Relay access denied; from=
to= proto=SMTP helo=<122.110.167.253.
optusnet.com.au>
Terry
discarding the mail somewhere or
...?
any suggestions including alternate mail lists or google search terms very
much appreciated.
Ray
Post the appropriate section of /var/log/maillog showing the misbehaving
transfer.
Terry
c.), there will still be a log entry showing where postfix
accepted or rejected the message. No log entry means you're looking in
the wrong place.
Terry
make this work, it's still a bad idea, since the
outbound SMTP server will be blacklisted for sending to too many invalid
addresses. Because it ignores bounces, the mailing list will never be
updated to remove invalid recipients.
Terry
Is it possible to implement multiple HOLD queues for different types of
content that requires inspection (spam, file attachments, etc?)
Thanks!
Terry
ts contain:
syslog_facility = mail
What do you get with:
grep mail /etc/syslog.conf
Terry
--
Terry Carmen
CNY Support, LLC
http://cnysupport.com
mark it as spam.
Any solution that accepts mail and them bounces it later will make you a
bounce-back spam source and get your servers blacklisted. Any solution
that accepts mail and deletes it will have the users at your door with
pitchforks and torches.
Terry
ck and see where the problem actually is,
since I'd be amazed if postfix is actually disk-bound. It's more likely
to be another process or something with log-level set too high. If it
turns out to be logging and you can't reduce the log data, you could try
moving syslog to a difference machine.
Terry
Brandon Hilkert wrote:
So tmpfs does use the ram ? I as able to get tmpfs to work, but there
was some notion that it too uses the disk.
It uses RAM, but will swap to disk if it needs to. There's no guarantee
that it won't cause disk activity.
Terry
have better luck asking your IMAP vendor.
Terry
address translation to
/etc/postfix/generic
(don't forget to postmap and reload config)
If you really want to not deliver it, you can add:
badsen...@yourdomain.tlderror:mail from badsender is not deliverable
to your transport table.
Terry
Terry
Martin Strand wrote:
On Mon, 23 Mar 2009 15:28:03 +0100, Terry Carmen wrote:
Martin Strand wrote:
Is it possible to make a header_checks rule apply only to a certain client?
I've got an annoying piece of software which sends messages through Postfix.
This software insis
27;s
usually a really quick and simple build, and has been much easier to
maintain than the packaged builds.
Terry
legitimate
emails look like.
Terry
art would be to model your app after syslogd, which
will report "last message repeated times", so instead of becoming a
DDOS attack on your intended recipients, they would get a single email
that says "Found string '" 34,100 times in the last 20 minutes"
In any case, this isn't a postfix problem.
Terry
il what's going on.
Terry
/etc/aliases and some use /etc/postfix/aliases. If you make changes to
the wrong one, it won't work properly.
Terry
nder
address/IP. in this case, can you get the headers from a supposed spam?
Terry
uot;deny access"?
Are you trying to stop internal users from sending mail using a certain
email address as the sender or reject incoming mail that lists that
email address as a recipient (a distribution list, for example)?
Terry
Res wrote:
Hi Terry,
On Fri, 27 Mar 2009, Terry Carmen wrote:
I have an internal requirement to deny access to an email address,
which I'd like to do via access, however, we'd also like to accept
that message for storage somewhere, I was thinking of the access BCC
method, but then
ccepted messages to the user's maildir on whatever machine they live
on. You could give them the same priority mx records if you want
load-balancing.
In this case, you could lose a whole data center and still accept mail
and have it delivered to the users.
Terry
s currently in production HOLDing messages that are too large
for a client's exchange server.
Terry
---
Mark's message follows:
If all you need to do is to add two header fields based on mail size,
the simplest way is to call a
osted were both rejected.
Terry
Carlos Williams wrote:
On Mon, Mar 30, 2009 at 11:07 AM, Terry Carmen wrote:
You'll need to post log entries showing the message being accepted. The two
you posted were both rejected.
Terry
Sorry. Does this help? It was basically everything I found in my log.
mail:~# cat /va
gt;>>> by smtp.cnysupport.com (Postfix) with SMTP id CEBF7303FB
for ; Mon, 30 Mar 2009 13:29:32 -0400 (EDT)
You're looking for this: by smtp.cnysupport.com (Postfix) with SMTP id
*CEBF7303FB*
and can then:
grep CEBF7303FB /var/log/maillog
to find out how it was processed.
Terry
setting in
postfix (which probably won't help a
lot), you should see about getting whitelisted with Yahoo, which would almost
certainly take care of the problem.
Terry
Does anybody know what practical limits are for cidr files?
Specifically, would there be any problem loading it with something like
uceprotect, which currently has around 2M entries?
Thanks,
Terry
> Terry Carmen:
>> Does anybody know what practical limits are for cidr files?
>
> Postfix CIDR patterns are executed in the specified order. Therefore
> the run-time processing time is linear in the number of rules.
>
> Each process also spends some time compi
ubuntu.
By default postfix will only relay mail from IPs in "mynetworks" Make sure you
check mynetworks in main.cf to make sure it only contains 127.0.0.1, so you
don't end up relaying for everybody on your local network.
Terry
> How I can get more information about the messages through the different
> queues ?
> For example, information like input/output time.
>
>
> How many queues, Postfix have? 5 or 6 ?
> 1. active
> 2. deferred
> 3. hold
> 4. incoming
> 5. maildrop
>
> 6. corrupt (is a queue ?)
http://www.postfix.o
0.39, dsn=2.0.0, status=sent (250 2.0.0 n3L350sk01923f Message
accepted for delivery)
Terry
working. When doing
>
> bash:# telnet localhost 25
> Trying ::1...
^
I'm guessing that something in the mix isn't properly configured for IPv6.
I's probably configurable, but unless you really need IPv6, I'd suggest just
disabling IPv6 in your network stack, commenting out any IPv6 references in
Postfix and trying again.
Terry
or this spam, as well as the output
from postconf -n, I'm sure you'll get a lot of good suggestions.
Some well-chosen restrictions will let even a small machine handle a really
significant volume of mail. The trick is to reject as much spam as possible
during the initial SMTP connection.
entially be slowing down pickup. And apparently there are no hardware
> issues
>
> How do I debug the pickup process ?
>
>
Adding a -v to the end of the "pickup" line your master.cf file and restarting
postfix seems to work although I don't see the -v switch listed in the pickup
man page.
Terry
entially be slowing down pickup. And apparently there are no hardware
> issues
>
> How do I debug the pickup process ?
>
PS. Don't forget to "postfix reload"
Terry
takes a little
more work. The most reliable method I've tried is SASL Authentication:
http://www.postfix.org/postconf.5.html#permit_sasl_authenticated
Terry
.
What you're looking for requires that your email interface (webmail, forms,
etc) only accept mail from authenticated users. This would typically be a
function of your website, not postifx. The sending application would then need
to authenticate with Postfix, or be part of MyNe
lines from /var/log/maillog that show postfix accepting and
not delivering your message.
Terry
where else, you'll need to
add it's IP address to MyNetworks or configure an authentication method like
SASL and have your web server authenticate itself when sending.
Terry
ss wrong mess up or something changes in postfix and breaks
your stuff, *everybody* will know.
Terry
his
isn't worth the time involved since it will work only until the ISP discovers
what you're doing.
Terry
--
CNY Support, LLC
Web. Database. Business
http://www.cnysupport.com
st don't
> seem to be getting all the pieces right. . . . I have a transport file
> and I've postmapped it. Does an additional directive go in main.cf or
> master.cf and what might that look like when implemented?
>
Add an entry like:
"verision.net error:Invalid Domain Name. did you mean verizon.net?"
To /etc/postfix/transport, then requeue the message as described above.
Terry
--
CNY Support, LLC
Web. Database. Business
http://www.cnysupport.com
>
> Thanks for the reply...
>
> but i didnt get any explanation on how it sends to a domain which he didnt
> find the MX entry?
>
>
If no MX record is found, the A record is used.
http://tools.ietf.org/html/rfc5321
Terry
> Really thanks to ruben and terry...
>
> Let me set this setting...
>
> by the way, i am curious to know, if i want to delete a particular mail from
> the queue (may be in active or in deferred) how can we do that.
postsuper -d QUEUE_ID
For more info: man postsuper
you ca
o notify
users that you deleted their mail, you'll need to do it yourself.
However if all you want to do is bounce undeliverable messages, you don't need
to do anything. Just configure whatever maximal_queue_lifetime you find
reasonable and leave postfix alone. When the message expires postfix will
notify the sender.
Terry
that causes problems with
legitimate email and doesn't stop spam.
I'd suggest rejecting anybody with no reverse DNS, and if you're feeling
adventurous, some regular expressions to reject dynamic addresses you don't
want to talk to, then checking a few carefully selected RBLs. Give
well against dictionary
attacks and will stop backscatter spam in it's tracks.
After a number of invalid user attempts, it adds a firewall rule to drop
packets from the sending address for a predetermined amount of time.
Terry
#x27;t feel bad. It's almost never a postfix issue.
Terry
smtp on the old server
- use imapsync again to pull any new email from old server to new postfix server
- turn off old server
Is this a reasonable approach?
Thanks,
-Terry
Terry Barnum
digital OutPost
San Diego, CA
http://www.dop.com
800/464-6434
On Feb 24, 2010, at 5:08 PM, Adrian Overbury wrote:
> Terry Barnum wrote:
> >
> > - configure new postfix/dovecot server to be in correct domain (conf files,
> > certificates)
> > - setup users and passwords on new postfix/dovecot server
> > - use imapsync to
duyz
仍然们
ent from my HTC
-Original Message噢
From: Wietse Venema 万维网
Sent: Thursday, 25 March 2010 6:29 AM
To: Postfix users
Subject: Re: Relaying and backskatter problem
Sean Reifschneider:
> On 03/24/2010 10:36 AM, Randy wrote:
> > EX:
> > : Sender address rejected: Domain not found (in
> >
Sent from my HTC
-Original Message-
From: Frank Bonnet
Sent: Thursday, 25 March 2010 6:22 PM
To: postfix-users@postfix.org
Subject: reject forged emails
Hello
Is there a possibility to reject that kind of forged email
I have one domain, say domain.com and I want to reject emails
tha
l_uid_maps = static:102
Thanks,
-Terry
x_maps.cf
virtual_minimum_uid = 102
virtual_transport = dovecot
virtual_uid_maps = static:102
-Terry
On Mar 30, 2010, at 1:26 PM, Noel Jones wrote:
> On 3/30/2010 2:46 PM, Terry Barnum wrote:
>> I moved our company over to postfix (v2.6.2) last Friday and have been
>> mesmerized by the log. One thing I'm seeing is a lot of 'lost connections
>> from unknown[ I
On Mar 30, 2010, at 2:08 PM, Terry Barnum wrote:
On Mar 30, 2010, at 1:26 PM, Noel Jones wrote:
> On 3/30/2010 2:46 PM, Terry Barnum wrote:
>> I moved our company over to postfix (v2.6.2) last Friday and have been
>> mesmerized by the log. One thing I'm seeing is a lot
1 - 100 of 238 matches
Mail list logo
