Re: Best way to block X-Mail-Agent
I added header_checks (regexp) to main.cf. I will test it. Thank you. On Fri, Sep 5, 2014 at 2:56 PM, Alberto Lepe d...@alepe.com wrote: One of my customers is receiving a huge amount of very specific spam not blocked by my regular postfix's spam control rules: The spam is coming from several ip addresses. All mails have this client: X-Mail-Agent: BSMTP DLL Feb 11 2001 by Tatsuo Baba Which would be the best way to block it? Using amavis, postfix or spamassasin? Thanks.
Re: Blocked via Spamhaus
Am 04.09.2014 um 18:23 schrieb LuKreme: dwl.spamhaus.org=127.0.2.[2;3]*-3 swl.spamhaus.org=127.0.2.[12;13]*-3 AFAIR someone posted a few months ago that those lists are empty. Has that changed? Nope. They are still empty. I just checked my fresh data feed and they only have one test record. On Thu, Sep 4, 2014 at 1:45 PM, Alex JOST jost+postfix...@dimejo.at wrote: Am 04.09.2014 um 18:23 schrieb LuKreme: dwl.spamhaus.org=127.0.2.[2;3]*-3 swl.spamhaus.org=127.0.2.[12;13]*-3 AFAIR someone posted a few months ago that those lists are empty. Has that changed? -- Alex JOST
Why does EHLO [X.X.X.X] always pass helo restrictions?
Hi, I've been doing some tests recently regarding to the EHLO command, and I was wondering whether the below detailed behavior is the expected one or not. I have this in my Postfix config: smtpd_helo_restrictions = permit_mynetworks reject_non_fqdn_helo_hostname reject_unknown_helo_hostname permit However, any time I connect via telnet to this server and specify *any* IP address in the form [X.X.X.X], the smtpd_helo_restrictions won't trigger. # telnet remotepostfix.mydomain.com 25 Trying Y.Y.Y.Y... Connected to remotepostfix.mydomain.com. Escape character is '^]'. 220 remotepostfix.mydomain.com ESMTP Postfix (Ubuntu) EHLO [8.8.8.8] 250-remotepostfix.mydomain.com 250-PIPELINING 250-SIZE 3072 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN MAIL FROM: whate...@address.com 250 2.1.0 Ok RCPT TO: destinat...@mydomain.com 250 2.1.5 Ok DATA 354 End data with CRLF.CRLF Hi! . 250 2.0.0 Ok: queued as 853B21202582 quit 221 2.0.0 Bye Connection closed by foreign host. Is this the expected behavior? Shouldn't it match any of 'reject_non_fqdn_helo_hostname' or 'reject_unknown_helo_hostname'? Thanks, Edwin
Re: Why does EHLO [X.X.X.X] always pass helo restrictions?
On 5 Sep 2014, at 21:36, Edwin Marqe edwinma...@gmail.com wrote: I have this in my Postfix config: smtpd_helo_restrictions = permit_mynetworks reject_non_fqdn_helo_hostname reject_unknown_helo_hostname permit However, any time I connect via telnet to this server and specify *any* IP address in the form [X.X.X.X], the smtpd_helo_restrictions won't trigger. Well what do you expect would happen when the first of these restrictions is permit_mynetworks? From TFM: permit_mynetworks Permit the request when the client IP address matches any network ornetwork address listed in $mynetworks. Note that this check is on the IP address that connects to the server, not what it says in the HELO/EHLO handshake. Those checks come later in your config. But they won't get tried when the connecting IP address has already matched something in $mynetworks.
Re: Why does EHLO [X.X.X.X] always pass helo restrictions?
But in this case the client IP is *not* listed in $mynetworks, so it is not being matched (it's a public IP that is not listed anywhere). Edwin 2014-09-05 21:44 GMT+01:00 Jim Reid j...@rfc1035.com: On 5 Sep 2014, at 21:36, Edwin Marqe edwinma...@gmail.com wrote: I have this in my Postfix config: smtpd_helo_restrictions = permit_mynetworks reject_non_fqdn_helo_hostname reject_unknown_helo_hostname permit However, any time I connect via telnet to this server and specify *any* IP address in the form [X.X.X.X], the smtpd_helo_restrictions won't trigger. Well what do you expect would happen when the first of these restrictions is permit_mynetworks? From TFM: permit_mynetworks Permit the request when the client IP address matches any network ornetwork address listed in $mynetworks. Note that this check is on the IP address that connects to the server, not what it says in the HELO/EHLO handshake. Those checks come later in your config. But they won't get tried when the connecting IP address has already matched something in $mynetworks.
Re: Why does EHLO [X.X.X.X] always pass helo restrictions?
On 5 Sep 2014, at 21:53, Edwin Marqe edwinma...@gmail.com wrote: But in this case the client IP is *not* listed in $mynetworks, so it is not being matched (it's a public IP that is not listed anywhere). Please post the output of postconf -n. All of it. Unedited. And provide the actual IP address (not IP!) - none of this X.X.X.X silliness.
Re: Why does EHLO [X.X.X.X] always pass helo restrictions?
On Fri, Sep 05, 2014 at 09:36:04PM +0100, Edwin Marqe wrote: I've been doing some tests recently regarding to the EHLO command, and I was wondering whether the below detailed behavior is the expected one or not. I have this in my Postfix config: smtpd_helo_restrictions = permit_mynetworks reject_non_fqdn_helo_hostname reject_unknown_helo_hostname permit Both of these restriction features explicitly skip domain literals, which are legal alternative forms of the EHLO argument. -- Viktor.
Re: Why does EHLO [X.X.X.X] always pass helo restrictions?
Viktor Dukhovni: On Fri, Sep 05, 2014 at 09:36:04PM +0100, Edwin Marqe wrote: I've been doing some tests recently regarding to the EHLO command, and I was wondering whether the below detailed behavior is the expected one or not. I have this in my Postfix config: smtpd_helo_restrictions = permit_mynetworks reject_non_fqdn_helo_hostname reject_unknown_helo_hostname permit Both of these restriction features explicitly skip domain literals, which are legal alternative forms of the EHLO argument. The reasoning is that [ipaddress] is not a hostname. Therefore, reject_*_hostname do not apply. Wietse
Re: Relay to another MTA on the same host
I've changed $myhostname to value not listed in hosts file and cleaned $mynetworks. Problem solved. Thank you. 2014-09-04 19:49 GMT+03:00 Wietse Venema wie...@porcupine.org: Konstantin: Hello, I need to configure a second MTA on the same server. You can tell that this does not make sense but this is a workaround for one issue i have. Postfix listen on port 225 and another MTA on port 25. postfix has transport_maps enabled transport_maps = hash:/etc/postfix/transport * smtp:[127.0.0.1]:25 The problem is after postfix accept message it is bounced with following error: Sep 4 16:15:44 localhost postfix/smtp[19281]: 3hpnDw0zVmz3NyKq: to= u...@domain.com, relay=none, delay=0.11, delays=0.11/0/0/0, dsn=5.4.6, status=bounced (mail for 127.0.0.1 loops back to myself) You need to do these two: 1a) Remove 127.0.0.1 from the sending MTA's mynetworks. 1b) Use a different myhostname setting in the sending MTA. Or this one: 2) Send to a TCP port other than 25. Wietse -- *This message was delivered using 100% recycled electrons*.
