DSN only for SASL-Authenticated users ?
Hi list, I have disabled globally DSN in my main.cf: smtpd_discard_ehlo_keyword_address_maps = cidr:/etc/postfix/dsn_access /etc/postfix/dsn_access: # block folllowing 0.0.0.0/0 silent-discard, dsn ::/0silent-discard, dsn Would it be possible to allow "outgoing" DSN only for my (sasl-authenticated) users? Cheers, Marek
Re: SASL with/without TLS in logs
W dniu 2016-07-07 o 19:04, Wietse Venema pisze: Marek Salwerowicz: However, I would like to find sooner or later clients that don't use STARTTLS befoe authentication. How can I configure postfix to see differences in logs? Assuming that no sane client sends AUTH *before* sending STARTTLS, all you need is to set "smtpd_tls_loglevel=1" in main.cf (and do "postfix reload") to log the completion of the STARTTLS handhake. Thanks a lot ! Marek Wietse
Re: SASL with/without TLS in logs
W dniu 2016-07-07 o 15:55, Marek Salwerowicz pisze: Hi list, I am performing a migration from a legacy mail server to a new one. I am afraid that due to "backward compatibility" I have to leave SASL authentication available over an unencrypted channel. However, I would like to find sooner or later clients that don't use STARTTLS befoe authentication. How can I configure postfix to see differences in logs? For now every authentication attempt looks the same: client=moj.server[::1], sasl_method=LOGIN, sasl_username=moj.u...@mojadomena.pl forgot to mention: I am running Postfix 2.10 under CentOS 7 Thanks in advance! Cheers, Marek
SASL with/without TLS in logs
Hi list, I am performing a migration from a legacy mail server to a new one. I am afraid that due to "backward compatibility" I have to leave SASL authentication available over an unencrypted channel. However, I would like to find sooner or later clients that don't use STARTTLS befoe authentication. How can I configure postfix to see differences in logs? For now every authentication attempt looks the same: client=moj.server[::1], sasl_method=LOGIN, sasl_username=moj.u...@mojadomena.pl Thanks in advance! Cheers, Marek
Messagelabs rejects mails from my MTA - how to debug ?
Hi list, Yesterday I was informed by Users, that they can't send e-mails to one of the banking institutions (so it's a little 'urgent' in businesses manner). The mails are rejected by Messagelabs / Symantec Cloud System, but do not provide any relevant information: *Diagnostic information for administrators:* Generating server: ccd1.root4.net first_name.last_n...@bankdomain.com #550 5.7.1 Delivery not authorized, message refused ## Original message headers: Return-Path: X-Env-Sender:user@my_domain.pl X-Msg-Ref: server-7.tower-206.messagelabs.com!1426588985!11238237!1 X-Originating-IP: [my_mta_ip] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.13.4; banners=-,-,- X-VirusChecked: Checked X-Virus-Scanned: Debian amavisd-new atmy_mta.my_domain.pl Message-ID: <55080532.7090208@my_domain.pl> Date: Tue, 17 Mar 2015 11:42:58 +0100 From:User User Reply-To: User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: Subject:msg_subject Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 8bit I've already sent e-mails to postmas...@bankdomain.com, but not sure if anyone is going to answer it.. Do you have any ideas / online tools so I could check my MTA configuration ? BTW: The reverse DNS and SPF record are set correctly Best regards, -- Marek Salwerowicz
Re: email with multiple senders in From:
W dniu 2012-04-19 10:35, José Luís Faria pisze: Hello ppl, I'm using postfix has relay and sometimes appear some messages with multiple senders, from outside but with my domain, like From: j...@domain.xx, a...@domain.xx, ... How can I avoid/delete this messages or mark them like spam in spamassassin? thanks in advance Hi, I am having the same issue for the last time. What I made was to do regexp check: header_checks = regexp:/etc/postfix/header_checks and in file header_checks: /^From:[ ]*[a-zA-Z0-9]*\@domain.xx[,]*.*$/ REJECT Sorry! No domain.xx in FROM Regards, -- Marek
Re: Rejecting Email by using RBL's
W dniu 2011-09-29 20:39, Kaleb Hosie pisze: This seems like it should be a simple task but for some reason Postfix isn't rejecting email by using RBL lookups. Here is my smtpd configuration: smtpd_recipient_restrictions = reject_non_fqdn_sender, reject_unknown_recipient_domain, reject_unauth_pipelining, reject_non_fqdn_recipient, reject_rbl_client sbl.spamhaus.org, reject_rbl_client xbl.spamhaus.org, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, permit_auth_destination, permit Can anyone see the reason why RBL lookups aren't happening? Thanks! Kaleb Add the same to smtpd_client_restrictions Regards, -- Marek Salwerowicz
Blacklists for you MTA
Hi all, I am new to Postfix-users mailing list so would like to say hello to everyone ;) I am wondering what rbl's are you using to prevent your MTAs against spam? My current config is as follows: reject_rbl_client zen.spamhaus.org, reject_rbl_client t1.dnsbl.net.au, reject_rbl_client dnsbl.njabl.org, reject_rbl_client sbl.spamhaus.org, reject_rbl_client cbl.abuseat.org, reject_rbl_client dul.dnsbl.sorbs.net, reject_rbl_client psbl.surriel.com, reject_rbl_client bl.spamcop.net, Since one month I have benn receiveing more spam so I started thinking about adding other (if there are any) rbl's - what do you suggest? Regards, -- Marek Salwerowicz