... The result is pretty much that they deny any further email with 4XX codes AND penalize further connections. It just stops accepting any new mail. ... Ok,...
275930
Vincent Lefevre
vincent@...
Apr 1, 2011 7:47 am
... I really think it is a bad idea to use reject_unknown_helo_hostname. Some machines sending mail are on a local network, so that resolving their hostname...
275931
Murray S. Kucherawy
msk@...
Apr 1, 2011 8:01 am
... Those machines should be talking to a public-facing MTA that tolerates unqualified names; they shouldn't be talking to the public Internet with an...
275932
Reindl Harald
h.reindl@...
Apr 1, 2011 8:03 am
... your users has to use SASL and are not affected as long your machine is useable configured, every other out there dealing directly as MTA has to have a...
275933
Vincent Lefevre
vincent@...
Apr 1, 2011 9:15 am
... The main smarthost of my ISP gets blacklisted by some lists each time someone sends spam (this is a small ISP, so that it gets blacklisted much easier than...
275934
Reindl Harald
h.reindl@...
Apr 1, 2011 9:31 am
... if your MTA is not reachable you can not send mail at this moment so simple it goes in days of SPF/DKIM no MUA there is really no reason for any workaround...
275935
Selcuk Yazar
selcuk.yazar@...
Apr 1, 2011 10:17 am
Hi, is it possible to create rule or script in postfix that one user can't send email totaly more than a 100 emails ? expect sending a group ? we have ...
275936
Robert Schetterer
robert@...
Apr 1, 2011 10:54 am
... you need a policy server for that http://www.apolicy.org/cgi-bin/moin.cgi seems to have such --snip What can be done with ACL Policy Daemon: Greylisting ...
275937
vadim korsak
pxdlbxq@...
Apr 1, 2011 12:02 pm
Instead of using AD Global Catalog (port 3268) can be used, this somehow helped. search_base must be empty resulting map file looks: server_host =...
... The script itself contains the patterns. It reads the logfile line by line and checks for the patterns. So basically it's something like that: while...
275940
Vincent Lefevre
vincent@...
Apr 1, 2011 3:07 pm
... Perhaps in your case, but when sending mail directly (i.e. without using SASL), I get a reject only once every few weeks. So, yes, there is a reason for a...
275941
Reindl Harald
h.reindl@...
Apr 1, 2011 3:15 pm
... if you send mail directly you have to make sure a static-ip, ptr, matching HELO if this is not possible simply send not mails directly ok you can, but do...
275942
Vincent Lefevre
vincent@...
Apr 1, 2011 3:33 pm
... This is not (always) possible, and I have no choice to send mail directly when the relay server is down. ... Experience shows that most mail won't be...
275943
Reindl Harald
h.reindl@...
Apr 1, 2011 3:45 pm
... when the server is down you can not send mails and you really will not die, if it would be so imortant you need redundancy on the relay-server (failover,...
275944
Vernon A. Fort
vfort@...
Apr 1, 2011 4:22 pm
I'm trying to find a way to block/reject inbound messages forging our internal email addresses. Meaning their inbound messages using MY email address but...
275945
Drizzt
drizzt@...
Apr 1, 2011 4:36 pm
... With restriction classes you can drop this spoofing. Key is to first seperate your own server(s) (e.g. by giving them an OK before this check). Afterwards...
275946
Victor Duchovni
Victor.Duchovni@...
Apr 1, 2011 4:50 pm
... So instead of gently nudging you to the right sending rate, the DoS their service and require the whole planet to hand-tune transports for their domain,...
275947
jason hirsh
hirshj@...
Apr 1, 2011 5:01 pm
... ]I am trying to back top basics.. 1) There is no record of rejection in my logs... so I may not be able to do anything at all 2) Assuming that I am...
275948
Wietse Venema
wietse@...
Apr 1, 2011 5:39 pm
... You'll have to use a combination of /etc/postfix/main.cf: slow_destination_rate_delay=x (this forces concurrency == 1) slow_destination_recipient_limit=y ...
275949
Victor Duchovni
Victor.Duchovni@...
Apr 1, 2011 5:51 pm
... Of course, if their policy is that they only accept a trickle of mail from sites that are not their important business partners, the correct place to make...
275950
Noel Jones
njones@...
Apr 1, 2011 6:17 pm
... No need for a restriction class. Just blacklist your own domain after permit_mynetworks, permit_sasl_authenticated. Note: this may reject a small amount...
275951
Noel Jones
njones@...
Apr 1, 2011 6:23 pm
... If you log doesn't record *any* rejections (other than google), consider the possibility that your logging is broken. Consider the possibility of a...
275952
Vernon A. Fort
vfort@...
Apr 1, 2011 6:33 pm
... This check the envelope sender, correct? The Return-path: is an external address. Its the From: in the message header i am battling with. I assume its a...
275953
Jerry
postfix-user@...
Apr 1, 2011 6:50 pm
On Fri, 01 Apr 2011 13:33:15 -0500 ... I have used "postfwd" to alleviate that problem. http://postfwd.org/ -- Jerry ✌ postfix-user@... ...
275954
Noel Jones
njones@...
Apr 1, 2011 7:09 pm
... No, checking the From: header will have a very high false positive rate, such as your posts to this and other mail lists. You can use something like that...
275955
Ultrabug
ultrabug@...
Apr 1, 2011 9:07 pm
... I see indeed, I shall try this out on monday at work. ... It's not an american public host thanksfully (but french host, maybe that's why) :) ... Many...
275956
mouss
mouss@...
Apr 1, 2011 9:33 pm
... yep. but in a public list, "you" is "others" ;-p as usual, thanks for reporting offenders......
275957
mouss
mouss@...
Apr 1, 2011 9:51 pm
... we're not asking them to resolve their hostname. we're only asking them to use a "real" name. it's as easy as myhostname = joe.example.com with a...
275958
Alex
mysqlstudent@...
Apr 2, 2011 5:18 am
Hi, I have a fedora14 box that I'm trying to configure for use with postfix with dovecot and TLS, permitting only TLS connections after authenticating with...
