How to block incoming emails with ZIP attachments containing EXE
Hi All, I'm not sure if this is the correct group to ask so apologies if it's not. I wanted to ask if anyone has a good way of sending emails that have ZIP attachments that contain EXE files to QUARANTINE. I am using POSTFIX sending to PROCMAIL and CLAMAV. I've looked into procmail recipies and clamav options but nothing seems to work well for me. Thank you in advance for any assistance. Regards, -Andreas Andreas Freyvogel ecmarket Customer Solutions Manager E: afreyvo...@ecmarket.com P: 604.638.2300 x147 C: 604.603.3319
Postfix Question: strange issue with mx record lookup
I have a bit of an odd problem and hoped you might be able to offer some assistance or point me in the right direction. Yesterday, my server was unable to send emails to 3M (u...@mmm.com). The logs shows: status=deferred (delivery temporarily suspended: connect to mmm.com[192.28.34.26] When I did a lookup of mmm.com it resolves to 192.28.34.26, however, the MX record for 3M shows: Authoritative answers can be found from: mmm.com nameserver = pigseye.mmm.com. mmm.com nameserver = ns.3m.com. 3m.com.inbound15.mxlogic.netinternet address = 208.65.144.12 3m.com.inbound15.mxlogic.netinternet address = 208.65.144.13 3m.com.inbound15.mxlogic.netinternet address = 208.65.145.12 3m.com.inbound15.mxlogic.netinternet address = 208.65.145.13 3m.com.inbound15.mxlogicmx.net internet address = 208.65.144.13 3m.com.inbound15.mxlogicmx.net internet address = 208.65.145.12 3m.com.inbound15.mxlogicmx.net internet address = 208.65.144.12 Does anyone know why/how Postfix would be getting the response of 192.28.34.26 instead of one of the above mail server IP addresses? Is this on part of my server or to do with the DNS configuration of 3M? The fix I have in place was to put 208.65.144.12 mmm.com in my /etc/hosts file. Thank you in advance for any assistance. Regards, -Andreas Andreas Freyvogel ecmarket Customer Solutions Manager E: afreyvo...@ecmarket.com P: 604.638.2300 x147 C: 604.603.3319
RE: Postfix Question: strange issue with mx record lookup
The email address to which we are sending is u...@mmm.com. Output of my postconf -n: alias_database = hash:/etc/postfix/aliases alias_maps = hash:/etc/postfix/aliases body_checks = regexp:/etc/postfix/body_checks command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 1 default_destination_concurrency_limit = 10 default_privs = nobody header_checks = regexp:/etc/postfix/header_checks html_directory = no inet_interfaces = all local_destination_concurrency_limit = 2 mail_owner = postfix mailbox_command = /usr/bin/procmail mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, $mydomain, /etc/postfix/domains mydomain = ecmarket.com myhostname = ecmailer2.ecmarket.com mynetworks = /etc/postfix/relay-domains myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix notify_classes = delay, resource, software queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.2.10/README_FILES relay_domains = $mydestination, /etc/postfix/relay-domains sample_directory = /usr/share/doc/postfix-2.2.10/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_enforce_tls = no smtp_tls_loglevel = 2 smtp_use_tls = yes smtpd_client_restrictions = permit_mynetworks, check_client_access hash:/etc/postfix/access_clientip, reject_non_fqdn_hostname, reject_invalid_hostname smtpd_helo_required = yes smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/access, reject_non_fqdn_sender,reject_rbl_client bl.spamcop.net smtpd_tls_CApath = /etc/postfix/CERTS smtpd_tls_cert_file = /etc/postfix/wildcard.conexiom.net-2011.cer smtpd_tls_key_file = /etc/postfix/wildcardKey-nopass.pem smtpd_tls_loglevel = 2 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 450 Thank you, -Andreas -Original Message- From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of Wietse Venema Sent: Monday, September 12, 2011 12:07 PM To: Postfix users Subject: Re: Postfix Question: strange issue with mx record lookup Andreas Freyvogel: I have a bit of an odd problem and hoped you might be able to offer some assistance or point me in the right direction. Yesterday, my server was unable to send emails to 3M (u...@mmm.com). The logs shows: status=deferred (delivery temporarily suspended: connect to mmm.com[192.28.34.26] mmm.com is not an MX host for 3M.com. I therefore suspect that you have a non-default configuration that forces Postfix to look up MMM.com instead of 3M.com. This would be a good time to provide postconf -n command output. Wietse
RE: Postfix Question: strange issue with mx record lookup
Yes, the version is older and needs to be updated. I am running Fedora Core release 6 (Zod). -Original Message- From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of Reindl Harald Sent: Monday, September 12, 2011 12:18 PM To: postfix-users@postfix.org Subject: Re: Postfix Question: strange issue with mx record lookup Am 12.09.2011 21:11, schrieb Andreas Freyvogel: The email address to which we are sending is u...@mmm.com. Output of my postconf -n: readme_directory = /usr/share/doc/postfix-2.2.10/README_FILES relay_domains = $mydestination, /etc/postfix/relay-domains sample_directory = /usr/share/doc/postfix-2.2.10/samples are you really using postfix 2.2.10? this is totally outdated and you probably hit a bug which was years ago a topic
RE: Postfix Question: strange issue with mx record lookup
Am I to understand that Postfix will first try to lookup the MX record via DNS and if should that fail it will use the value configured in the /etc/hosts file? -Andreas -Original Message- From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of Wietse Venema Sent: Monday, September 12, 2011 12:36 PM To: Postfix users Subject: Re: Postfix Question: strange issue with mx record lookup Andreas Freyvogel: The email address to which we are sending is u...@mmm.com. Postfix will send to the A record for mmm.com if MX lookup is disabled, or if MX lookup results in a not found response (either NXDOMAIN or NODATA). Postfix does not send to the A record if MX fails due to any other error such as timeout or server failure. If your MX lookups by hand succeed and Postfix still sends to the /etc/hosts address, then something is broken at your end. Perhaps you have an outdated (or missing) etc/resolv.conf file in the Postfix queue. With a missing etc/resolv.conf file, some resolvers will contact the DNS server on 127.0.0.1. And with an outdated etc/resolv.conf, anything could happen. Wietse
