.
--
Les Mikesell
[EMAIL PROTECTED]
d knows
how to remove attachments you might consider dangerous and replace them
with a warning message.
--
Les Mikesell
[EMAIL PROTECTED]
already has hooks
for almost everything you'd want a mail scanner to do and an
active mailing list of users so it will solve a lot of
other problems if it works.
--
Les Mikesell
[EMAIL PROTECTED]
450 Connecting host started transmitting before SMTP greeting
Is there an RFC requirement that the connecting host MUST
wait before sending anything? Also, in a glance at RFC 821
it did not look like a 450 was valid in the connect phase - it
only mentions 421. Has this been changed in later RFC's?
--
Les Mikesell
[EMAIL PROTECTED]
On Fri, 2006-01-06 at 13:24, Matt Sergeant wrote:
> On 6 Jan 2006, at 13:58, Les Mikesell wrote:
>
> > I'm running an ancient network monitoring tool called 'spong' and
> > it's test for a working smtp service is to connect to the
> > port, send
works which
sendmail handles with entries in the access db.
It would be kind of nice to be able to combine the need for
this check with one for greylisting in a local database.If
a given sending IP address has passed the tests once there's not
much sense in imposing any delay again for a while.
--
Les Mikesell
[EMAIL PROTECTED]
lready knows how to do this stuff? And
with MimeDefang running as a milter you can control everything
in perl anyway. It would be kind of bizarre, but maybe you
could glue the backend delivery out of qpsmptd into MimeDefang
and just discard everthing at the sendmail level if you
don't trust
and the
> other... :(
I think I missed how you keep this from being an open relay if
someone finds the ssl port. Can you at least cover that part?
Do you require a matching client cert for stunnel? I don't
see how you can require smtp auth for connections coming from
the local host without
On Fri, 2006-02-17 at 15:45, Ask Bjørn Hansen wrote:
> On Feb 17, 2006, at 9:43 AM, Les Mikesell wrote:
>
> > Wouldn't it at some point be simpler to run sendmail as the
> > front end since it already knows how to do this stuff?
>
> It depends.
>
> I run qma
t; with that?
It didn't just drop in and I haven't spent the time it would take
to glue them together. Due to some business changes, the place
where I thought I might want the combination isn't going to need
it. It still seems like an interesting project, though.
--
Les Mikesell
[EMAIL PROTECTED]
ed on sender/recipients and an assortment of
circumstances happens much faster than anything you can do
in perl.
--
Les Mikesell
[EMAIL PROTECTED]
ler group and was watching this list to see how
people were doing the same things with qpsmtpd. And I
still think that MimeDefang and qpsmtpd could share a lot
of code since they need to do many of the same things
in perl.
--
Les Mikesell
[EMAIL PROTECTED]
y been done. At least glance through the
mail list archives to see the problems that have come up
and think about how qpsmtpd will handle the same situations.
And there's still the option to run mimedefang itself
through qpsmtpd's milter interface which might not be
difficult if someone has time to try it.
--
Les Mikesell
[EMAIL PROTECTED]
before the
SMTP accept happens. If, in fact mimedefang will work
with the qpsmtpd milter interface, none of this part
would be exclusive to sendmail.
--
Les Mikesell
[EMAIL PROTECTED]
ang with qpsmtpd's
queue delivery code glued in. I suppose you'd get the
worst of all possible methods that way but it sounds crazy
enough to work if you can tell sendmail to skip its own
queue/delivery step.
--
Les Mikesell
[EMAIL PROTECTED]
On Sat, 2006-02-18 at 22:57, Les Mikesell wrote:
> > Just what does sendmail exclusively have, and show
> > me its realtime smtp protocol filtering.
Forgot to mention: converts annoying quoted-printable or
base64 encodings back to normal 8-bit on the fly. I
don't think t
On Sun, 2006-02-19 at 05:33, Bernd Petrovitsch wrote:
> On Sat, 2006-02-18 at 11:48 -0600, Les Mikesell wrote:
> []
> > That was all true until the milter interface worked reliably. Now
> > if you can't do what you want by pasting a few well-known lines
> > i
in or email address.
Anyway the point was just that while you can do that kind
of stuff in the mimedefang/milter code you also have the
option to use the stock sendmail features if it is
more convenient.
--
Les Mikesell
[EMAIL PROTECTED]
at least makes sense to be aware of the
prior art and use as much as you can from it. But,
I'm not saying that the project shouldn't exist, just that
sendmail has a lot of functionality to duplicate, and that
if your reason for not using sendmail was that it did not
let you control it in perl, that's not true any more.
--
Les Mikesell
[EMAIL PROTECTED]
On Mon, 2006-02-20 at 11:38, Robin Bowes wrote:
> Les Mikesell said the following on 02/20/2006 05:16 PM:
> > Qmail has caused me enough pain in the past that I'd never run it by
> > choice again although qpsmtpd solves one of it's problems.
>
> Care to elabor
mail can easily bury a fractional-T frame by itself and email
isn't our only use for it. And my users like to complain. How
do you control outbound bandwidth use when qmail explodes the
copies?
> Sendmail isn't complicated; nor is postfix, exim, or qmail.
OK, that makes one of us that thinks that...
--
Les Mikesell
[EMAIL PROTECTED]
code affects
people's attitudes. I haven't done much coding for a long time
but you might find my name (possibly misspelled) in attributions
on some old things that nobody cares about anymore. I'm not that
good at it and it's been more productive to avoid customizing
things as much as possible.
--
Les Mikesell
[EMAIL PROTECTED]
l of it. Also,
that the mimedefang mail list would be a valuable resource
for the discussions of how different approaches have worked
out in practice.
> All you seem to be doing is arguing senndmail vs. qmail.
I thought I was responding to misconceptions about sendmail.
I think everyone knows now tha
x the broken server to toss it's copy of large
attachments into files instead of the database instead of
having to make that work with all the rest of the world.
--
Les Mikesell
[EMAIL PROTECTED]
of disk space, but you might consider
setting up an SME server (http://www.contribs.org) which would
give you an ftp/http server and webmail (as well as pop/imap)
server all with the same simple web-form user/group management
tool. And internally you'd have windows file shares corresponding
in-house for some of the "shared mailbox"
> accounts (sales queries, webmaster stuff). If I do, I may wind up ginning up
> some support for doing it that way...
If you build your RT queues around the groups of people watching
them and move the ticket to the appropriate queue at different
times you get the same effect.
--
Les Mikesell
[EMAIL PROTECTED]
-think the social implications of imposing an intentional
delay on every delivery to your server.
--
Les Mikesell
[EMAIL PROTECTED]
adding an intentional delay to their reception.
--
Les Mikesell
[EMAIL PROTECTED]
list, and
fedora is often busier than that. If some other delay puts
you behind a dozen messages, you've added at least an hour to
the time you catch up. How is that nonsense?
--
Les Mikesell
[EMAIL PROTECTED]
ase so that once you know
a sender follows the rules you don't make him prove it on
every connection.
--
Les Mikesell
[EMAIL PROTECTED]
unprofessional to people reporting such issues.
[...]
> So, sorry, but i won't install software from a author who keeps blatant
> security holes secret by purpose.
So, no Linux for you, eh?
http://www.securityfocus.com/columnists/35
--
Les Mikesell
[EMAIL PROTECTED]
-based wiki).
--
Les Mikesell
[EMAIL PROTECTED]
on't get to the DATA step.
One of the domains I handle has been getting about 50,000 messages
a day to invalid addresses in what appears to be a distributed
dictionary attack for the last several years. What qmail did with
them was no fun at all.
--
Les Mikesell
[EMAIL PROTECTED]
ny hosts are multi-homed (and these days, behind NAT) and there
is no reason to expect/require a correspondence between a DNS name and
the sending IP.
It does make sense to require a resolvable From: address, though.
--
Les Mikesell
[EMAIL PROTECTED]
their records.
SPF is one of those things that can't possibly work:
http://homepages.tesco.net./~J.deBoynePollard/FGA/smtp-spf-is-harmful.html
--
Les Mikesell
[EMAIL PROTECTED]
m. allan noah wrote:
On 6/6/07, Les Mikesell <[EMAIL PROTECTED]> wrote:
Guy Hulbert wrote:
> On Tue, 2007-06-05 at 17:43 -0700, Meng Weng Wong wrote:
>> That said, don't use +all as an absolute indicator. There may be
>> good domains that do a +all too.
>
> T
il 'from' these accounts and the person
controlling the relevant DNS has no way to know where you are (nor is it
really any of their business...).
--
Les Mikesell
[EMAIL PROTECTED]
can tell
us where we can and can't connect.
--
Les Mikesell
[EMAIL PROTECTED]
ent relays didn't
forge the whole thing.
--
Les Mikesell
[EMAIL PROTECTED]
? SRS defines a kludge to make things work, but it
has to run at the forwarding site which has no requirement to do so. If
you create a new message with the old as an attachment, you'd have to
supply new non-envelope headers as well. Who is the From: for this new
message?
--
Les Mik
ay sendmail and
MimeDefang work?
--
Les Mikesell
[EMAIL PROTECTED]
forged senders of
messages to recipients that don't exist. Which is probably the big
reason why a lot of people run qpsmtpd.
--
Les Mikesell
[EMAIL PROTECTED]
Is the license change on qmail likely to change the direction of
qpsmtpd? (Now you can fix it instead of replacing parts...).
http://cr.yp.to/qmail/dist.html
--
Les Mikesell
[EMAIL PROTECTED]
multiplexing step-wise
operations to a small number of backend processes means that variables
don't hold values for the entire delivery process.
--
Les Mikesell
[EMAIL PROTECTED]
ecause
it stores reference counts that change even when the values don't. And
the binary itself is shared text either way. There is probably still
some difference but not as much as you might expect.
--
Les Mikesell
[EMAIL PROTECTED]
45 matches
Mail list logo
