Re: SpamD, Postfix and mobile users
* [EMAIL PROTECTED] [EMAIL PROTECTED] [2006-02-03 15:11]: Thanks a bunch fella's. I got TLS working. Except for the fact that I cannot use port 587 in (yes I know) Outlook Express. If I keep it at port 25, everything runs like a charm. The server is listening on port tcp 587. However, the connection get's shut right after the first connect. Perhaps it's an Outlook Express bug. I'll test it with firefox tomorrow. Thanks again. It is also, exactly, what we do here. Our users use port 587 for this, NOT port 25 Outhouse express is a wormy pile of moose faeces.. Having said that our users also use it - and for this reason we also speak smtps on port 465 - we just use it just like port 587 - Outhouse express (and regular Outhouse) will use port 465 just fine, and it's not terribly hard to get users to use it: http://www.ualberta.ca/HELP/email/outlook.html?menu=3-8:0 has our version of the 8x10 color glossy screenshots with circles and arrows and a paragraph on the back of each one explaining what each one is that seems to be necessary to teach windows users anything more complicated than washing their hands after wiping their butts. -Bob
Re: SpamD, Postfix and mobile users
Thanks for all the advice. I've setup TLS on port 587 like Peter suggested and it's working great. Only thing you have to keep in mind when you use Microsoft Outlook. It needs a restart after the e-mail account settings change. Go figure :). Thanks again guys. Nils -Original Message- From: Peter Hessler [mailto:[EMAIL PROTECTED] Sent: vrijdag 3 februari 2006 20:44 To: [EMAIL PROTECTED] Subject: Re: SpamD, Postfix and mobile users Have them send to port 587. That will bypass greylisting, as well as port 25 blocking. enable the following line in your master.cf file. submission inet n - - - - smtpd -o smtpd_enforce_tls=yes -o smtpd_sasl_auth_enable=yes On Fri, 3 Feb 2006 20:07:18 +0100 [EMAIL PROTECTED] wrote: : Hi all, : : I'm running Postfix 2.3.20050716-sasl2 (chrooted) and : cyrus-sasl-2.1.20p4 on OpenBSD 3.8 stable. Everything is running : peachy. My roaming users are able to connect and send e-mail. : Now I wish to enable the fantastic SpamD feature in OpenBSD. However, : I'm foreseeing a problem. I do not want my roaming users to be : greylisted every time they send e-mail. They are roaming and do not : have a static IP. : : Is there a way for SASL authenticated users to bypass the SpamD : daemon? : : Thanks for your thoughts. : : Nils : : = : A disclaimer applies to this email and any attachments. : Refer to http://www.sparkholland.com/emaildisclaimer for the full : text of this disclaimer. : -- The human mind ordinarily operates at only ten percent of its capacity -- the rest is overhead for the operating system.
Re: SpamD, Postfix and mobile users
On 2/3/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Hi all, I'm running Postfix 2.3.20050716-sasl2 (chrooted) and cyrus-sasl-2.1.20p4 on OpenBSD 3.8 stable. Everything is running peachy. My roaming users are able to connect and send e-mail. Now I wish to enable the fantastic SpamD feature in OpenBSD. However, I'm foreseeing a problem. I do not want my roaming users to be greylisted every time they send e-mail. They are roaming and do not have a static IP. Is there a way for SASL authenticated users to bypass the SpamD daemon? I have a second instance of postfix running on port 2525. --Bryan
SpamD, Postfix and mobile users
Hi all, I'm running Postfix 2.3.20050716-sasl2 (chrooted) and cyrus-sasl-2.1.20p4 on OpenBSD 3.8 stable. Everything is running peachy. My roaming users are able to connect and send e-mail. Now I wish to enable the fantastic SpamD feature in OpenBSD. However, I'm foreseeing a problem. I do not want my roaming users to be greylisted every time they send e-mail. They are roaming and do not have a static IP. Is there a way for SASL authenticated users to bypass the SpamD daemon? Thanks for your thoughts. Nils = A disclaimer applies to this email and any attachments. Refer to http://www.sparkholland.com/emaildisclaimer for the full text of this disclaimer.
Re: SpamD, Postfix and mobile users
Thanks for your quick response Maxim. Sure, I could enforce TLS connections for my roaming (outside/internet) users. That might be a good solution and I would bypass SpamD. I could also setup another postfix instance on another port and allow sasl_authenticated only. But I was hoping SpamD had some kind of understanding of SASL. As far as I know spamd catches incomming. Put a second postfix on SSL port - make it relay only. On Friday 03 February 2006 20:07, you wrote: Hi all, I'm running Postfix 2.3.20050716-sasl2 (chrooted) and cyrus-sasl-2.1.20p4 on OpenBSD 3.8 stable. Everything is running peachy. My roaming users are able to connect and send e-mail. Now I wish to enable the fantastic SpamD feature in OpenBSD. However, I'm foreseeing a problem. I do not want my roaming users to be greylisted every time they send e-mail. They are roaming and do not have a static IP. Is there a way for SASL authenticated users to bypass the SpamD daemon? Thanks for your thoughts. Nils == === A disclaimer applies to this email and any attachments. Refer to http://www.sparkholland.com/emaildisclaimer for the full text of this disclaimer. -- Best regards Maxim Bourmistrov
Re: SpamD, Postfix and mobile users
On 2006/02/03 20:28, [EMAIL PROTECTED] wrote: But I was hoping SpamD had some kind of understanding of SASL. I'm quite glad it *doesn't*. Port 587 (msa/submission) is the right answer here. I wouldn't want a daemon that's intended to talk to bad connections having such high access to the system...
Re: SpamD, Postfix and mobile users
* Stuart Henderson [EMAIL PROTECTED] [2006-02-03 13:16]: On 2006/02/03 20:28, [EMAIL PROTECTED] wrote: But I was hoping SpamD had some kind of understanding of SASL. I'm quite glad it *doesn't*. Port 587 (msa/submission) is the right answer here. I wouldn't want a daemon that's intended to talk to bad connections having such high access to the system... This is the right solution for roaming users, and is why I will *not* make spamd ever have a notion of sasl :) It is also, exactly, what we do here. Our users use port 587 for this, NOT port 25 -Bob
Re: SpamD, Postfix and mobile users
Thanks a bunch fella's. I got TLS working. Except for the fact that I cannot use port 587 in (yes I know) Outlook Express. If I keep it at port 25, everything runs like a charm. The server is listening on port tcp 587. However, the connection get's shut right after the first connect. Perhaps it's an Outlook Express bug. I'll test it with firefox tomorrow. Thanks again. Nils -Original Message- From: Kurt Mosiejczuk [mailto:[EMAIL PROTECTED] Sent: vrijdag 3 februari 2006 22:31 To: misc@openbsd.org Subject: Re: SpamD, Postfix and mobile users Bob Beck wrote: This is the right solution for roaming users, and is why I will *not* make spamd ever have a notion of sasl :) It is also, exactly, what we do here. Our users use port 587 for this, NOT port 25 Doing it this way also helps those users who have ISPs who block outbound port 25 traffic. (Of which I have a number) --Kurt = A disclaimer applies to this email and any attachments. Refer to http://www.sparkholland.com/emaildisclaimer for the full text of this disclaimer.