subject:"Re\: How can I block this user..."

Re: How can I block this user...

2016-03-05 Thread Robert Chalmers

@Bill Cole

I’m pretty sure I have postscreen and postfix working right now… not too sure 
if i’ts blocking what I wanted blocked - or if they just went away. However, 
there are others - endlessly - trying. So something to do in my spare time?

Also, I can see that pfctl -e turns it on - enables it, but I can’t see how 
that is put in place automatically. On re boot, it’s once again disabled, and 
pf is not working. Even though the plist is loading.

reboot
sudo pfctl -s info
No ALTQ support in kernel
ALTQ related functions disabled
Status: Disabled  Debug: Urgent

sudo pfctl -e
sudo pfctl -s info
No ALTQ support in kernel
ALTQ related functions disabled
Status: Enabled for 0 days 00:00:12   Debug: Urgent

any ideas?
Robert

> On 5 Mar 2016, at 00:42, Bill Cole 
>  wrote:
> 
> On 4 Mar 2016, at 9:47, Robert Chalmers wrote:
> 
>> thanks, that seems to work - how to make it permanent next …
>> 
>> but, it should be working in postfix in any case shouldn’t it?
>> 
> 
> Which is the three active rules that would be generated by having this at the 
> end of /etc/pf.conf when it was last reloaded:
> 
>   block return in log quick proto tcp from 174.46.142.137 to any port 
> {25,465,587}
> 
> Your rule may differ in small ways, yet be entirely reasonable. If you have a 
> rule in pf.conf that doesn't seem to have resulted in one or more in the 
> active listing, maybe you just forgot to reload:
> 
>   pfctl -f /etc/pf.conf
> 
> Or if the rule shows in the active list but isn't working, maybe this will 
> help:
> 
>   pfctl -e
> 

Robert Chalmers
rob...@chalmers.com .au  Quantum Radio: 
http://tinyurl.com/lwwddov
Mac mini 6.2 - 2012, Intel Core i7,2.3 GHz, Memory:16 GB. El-Capitan 10.11.  
XCode 7.2.1
2TB: Drive 0:HGST HTS721010A9E630. Upper bay. Drive 1:ST1000LM024 HN-M101MBB. 
Lower Bay

Re: How can I block this user...

2016-03-05 Thread Robert Chalmers


ok, thanks Bill

I am still learning about pf.conf - and by adding your fix, I now get this. 
Which seems entirely reasonable now :-)

Thanks, I’ll keep learning …
Robert

zeus:etc robert$ sudo pfctl -vnf /etc/pf.conf
pfctl: Use of -f option, could result in flushing of rules
present in the main ruleset added by the system at startup.
See /etc/pf.conf for further details.

table  persist file "/etc/badguys1" file "/etc/badguys2"
scrub-anchor "/*" all fragment reassemble
nat-anchor "/*" all
rdr-anchor "/*" all
anchor "/*" all
anchor "emerging-threats" all
pass in proto tcp from any to any port = 21 flags S/SA keep state
pass in proto tcp from any to any port = 22 flags S/SA keep state
pass in proto tcp from any to any port = 23 flags S/SA keep state
pass in proto tcp from any to any port = 25 flags S/SA keep state
pass in proto tcp from any to any port = 53 flags S/SA keep state
pass in proto udp from any to any port = 53 keep state
pass in proto tcp from any to any port = 110 flags S/SA keep state
pass in proto tcp from any to any port = 143 flags S/SA keep state
pass in proto tcp from any to any port = 194 flags S/SA keep state
pass in proto tcp from any to any port = 389 flags S/SA keep state
pass in proto tcp from any to any port = 443 flags S/SA keep state
pass in proto tcp from any to any port = 445 flags S/SA keep state
pass in proto tcp from any to any port = 465 flags S/SA keep state
pass in proto tcp from any to any port = 587 flags S/SA keep state
pass in proto tcp from any to any port = 993 flags S/SA keep state
pass in proto tcp from any to any port = 5900 flags S/SA keep state
pass in proto tcp from any to any port = 6112 flags S/SA keep state
pass in proto udp from any to any port = 6277 keep state
pass in proto udp from any to any port = 1023 keep state
block drop on en1 from  to any
block return in log quick inet proto tcp from 174.46.142.137 to any port = 25
block return in log quick inet proto tcp from 174.46.142.137 to any port = 465
block return in log quick inet proto tcp from 174.46.142.137 to any port = 587
dummynet-anchor "/*" all

Loading anchor com.apple from /etc/pf.anchors/com.apple
anchor "/*" all
anchor "/*" all

Loading anchor emerging-threats from /etc/pf.anchors/emerging-threats
table  persist file "/etc/emerging-Block-IPs.txt"
block drop from  to any



> On 5 Mar 2016, at 00:42, Bill Cole 
>  wrote:
> 
> block return in log quick proto tcp from 174.46.142.137 to any port 
> {25,465,587}

Robert Chalmers
rob...@chalmers.com .au  Quantum Radio: 
http://tinyurl.com/lwwddov
Mac mini 6.2 - 2012, Intel Core i7,2.3 GHz, Memory:16 GB. El-Capitan 10.11.  
XCode 7.2.1
2TB: Drive 0:HGST HTS721010A9E630. Upper bay. Drive 1:ST1000LM024 HN-M101MBB. 
Lower Bay

Re: How can I block this user...

2016-03-05 Thread Robert Chalmers

Ok, thanks Bill.

I have postscreen enabled. 

master.cf


smtp  inet  n   -   n   -   1   postscreen



However, I had the postscreen_access_list setting set to ignore ….. so learning 
all the time :-)

Now to look at pf. Thanks for the excellent tips there.

Robert


> On 5 Mar 2016, at 00:42, Bill Cole 
>  wrote:
> 
> On 4 Mar 2016, at 9:47, Robert Chalmers wrote:
> 
>> thanks, that seems to work - how to make it permanent next …
>> 
>> but, it should be working in postfix in any case shouldn’t it?
>> 
>> Wep, weekend coming up.
>> Robert
>> 
>>> On 4 Mar 2016, at 13:48, L.P.H. van Belle  wrote:
>>> 
>>> Very simple, route it to localhost.
>>> 
>>> Like :
>>> route add -host 174.46.142.137 127.0.0.1
> 
> That's really a sloppy fix. It works (until your next reboot) but routing 
> packets to the loopback interface isn't scalable and ignores other problems 
> that you clearly have:
> 
> 1. You have a lot of postscreen settings but don't seem to actually have 
> postscreen enabled, although it may be that you just didn't show the 
> postscreen log lines. If you do have postscreen actually working, you can use 
> the postscreen_access_list setting that you already have to blacklist that IP 
> in the cidr map you seem to intend to be using.
> 
> 2. In reference to this:
>> Mac. OSX 10.11
>> Postfix.
>> 
>> I’ve even tried setting it in the firewall - but I’m missing something, 
>> because there it
>> is again...
>> 
>> I have the domain IP in a blacklist on both the pf.conf firewall
> 
> I offer my condolences. Part of why I still run some things (including my 
> personal Postfix instance) on older MacOS is that the newer and objectively 
> better pf firewall has persistently confused me and I have all these little 
> tools for ipfw that work around even the Apple-custom breakages in it. 
> However, I do have *some* familiarity with pf so I can try to help.
> 
> If you THINK you have the IP blocked by a rule in pf.conf yet clearly do not, 
> that's a serious problem. Either pf is turned off or there's a rule ordering 
> problem or something more arcane, but in any case pf isn't doing what you 
> think it should be doing, and that's never a good thing in a firewall. The 
> first thing to check is whether you actually have an active pf rule or rules 
> related to that IP, which you might not. Easy enough to check with the 
> command:
> 
>   pfctl -v -s rules
> 
> That will list your rules with some stats, and near the end of the list 
> should be something like these:
> 
>   block return in log quick inet proto tcp from 174.46.142.137 to any 
> port = 25
>[ Evaluations: 15858 Packets: 0 Bytes: 0 States: 0 ]
>[ Inserted: uid 0 pid 77467 ]
>   block return in log quick inet proto tcp from 174.46.142.137 to any 
> port = 465
>[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
>[ Inserted: uid 0 pid 77467 ]
>   block return in log quick inet proto tcp from 174.46.142.137 to any 
> port = 587
>[ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
>[ Inserted: uid 0 pid 77467 ]
> 
> Which is the three active rules that would be generated by having this at the 
> end of /etc/pf.conf when it was last reloaded:
> 
>   block return in log quick proto tcp from 174.46.142.137 to any port 
> {25,465,587}
> 
> Your rule may differ in small ways, yet be entirely reasonable. If you have a 
> rule in pf.conf that doesn't seem to have resulted in one or more in the 
> active listing, maybe you just forgot to reload:
> 
>   pfctl -f /etc/pf.conf
> 
> Or if the rule shows in the active list but isn't working, maybe this will 
> help:
> 
>   pfctl -e
> 

Robert Chalmers
rob...@chalmers.com .au  Quantum Radio: 
http://tinyurl.com/lwwddov
Mac mini 6.2 - 2012, Intel Core i7,2.3 GHz, Memory:16 GB. El-Capitan 10.11.  
XCode 7.2.1
2TB: Drive 0:HGST HTS721010A9E630. Upper bay. Drive 1:ST1000LM024 HN-M101MBB. 
Lower Bay

Re: How can I block this user...

2016-03-04 Thread Bill Cole


On 4 Mar 2016, at 9:47, Robert Chalmers wrote:


thanks, that seems to work - how to make it permanent next …

but, it should be working in postfix in any case shouldn’t it?

Wep, weekend coming up.
Robert


On 4 Mar 2016, at 13:48, L.P.H. van Belle  wrote:

Very simple, route it to localhost.

Like :
route add -host 174.46.142.137 127.0.0.1


That's really a sloppy fix. It works (until your next reboot) but 
routing packets to the loopback interface isn't scalable and ignores 
other problems that you clearly have:


1. You have a lot of postscreen settings but don't seem to actually have 
postscreen enabled, although it may be that you just didn't show the 
postscreen log lines. If you do have postscreen actually working, you 
can use the postscreen_access_list setting that you already have to 
blacklist that IP in the cidr map you seem to intend to be using.


2. In reference to this:

Mac. OSX 10.11
Postfix.

I’ve even tried setting it in the firewall - but I’m missing 
something, because there it

is again...

I have the domain IP in a blacklist on both the pf.conf firewall


I offer my condolences. Part of why I still run some things (including 
my personal Postfix instance) on older MacOS is that the newer and 
objectively better pf firewall has persistently confused me and I have 
all these little tools for ipfw that work around even the Apple-custom 
breakages in it. However, I do have *some* familiarity with pf so I can 
try to help.


If you THINK you have the IP blocked by a rule in pf.conf yet clearly do 
not, that's a serious problem. Either pf is turned off or there's a rule 
ordering problem or something more arcane, but in any case pf isn't 
doing what you think it should be doing, and that's never a good thing 
in a firewall. The first thing to check is whether you actually have an 
active pf rule or rules related to that IP, which you might not. Easy 
enough to check with the command:


pfctl -v -s rules

That will list your rules with some stats, and near the end of the list 
should be something like these:


	block return in log quick inet proto tcp from 174.46.142.137 to any 
port = 25

 [ Evaluations: 15858 Packets: 0 Bytes: 0 States: 0 ]
 [ Inserted: uid 0 pid 77467 ]
	block return in log quick inet proto tcp from 174.46.142.137 to any 
port = 465

 [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
 [ Inserted: uid 0 pid 77467 ]
	block return in log quick inet proto tcp from 174.46.142.137 to any 
port = 587

 [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ]
 [ Inserted: uid 0 pid 77467 ]

Which is the three active rules that would be generated by having this 
at the end of /etc/pf.conf when it was last reloaded:


	block return in log quick proto tcp from 174.46.142.137 to any port 
{25,465,587}


Your rule may differ in small ways, yet be entirely reasonable. If you 
have a rule in pf.conf that doesn't seem to have resulted in one or more 
in the active listing, maybe you just forgot to reload:


pfctl -f /etc/pf.conf

Or if the rule shows in the active list but isn't working, maybe this 
will help:


pfctl -e

Re: How can I block this user...

2016-03-04 Thread Christian Kivalo



On 2016-03-04 14:39, Robert Chalmers wrote:

How can I block this user from even attempting to access the mail
server?
Mac. OSX 10.11
Postfix.

I’ve even tried setting it in the firewall - but I’m missing
something, because there it is again...

I have the domain IP in a blacklist on both the pf.conf firewall, and
the postfix blacklist, and in spamassassin … impossible. I can not
stop this sucker.


What do you take as identifier for the user?

IP? Hostname?

Do you have more logs that show connections for this user / the same 
user?



Mar  4 12:41:48 zeus postfix/smtpd[1811]: connect from mail.bmwlaw.com
[1][174.46.142.137]
Mar  4 12:41:48 zeus postfix/smtpd[1811]: setting up TLS connection
from mail.bmwlaw.com [1][174.46.142.137]
Mar  4 12:41:48 zeus postfix/smtpd[1811]: mail.bmwlaw.com
[1][174.46.142.137]: TLS cipher list
"aNULL:-aNULL:ALL:!EXPORT:!LOW:+RC4:@STRENGTH:!SSLv2:!aNULL:!ADH:!eNULL"
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:before/accept
initialization
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read client
hello A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write
server hello A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write
certificate A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write key
exchange A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write
server done A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 flush data
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read client
certificate A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read client
key exchange A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read
certificate verify A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read
finished A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write
change cipher spec A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write
finished A
Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 flush data
Mar  4 12:41:48 zeus postfix/smtpd[1811]: Anonymous TLS connection
established from mail.bmwlaw.com [1][174.46.142.137]: TLSv1 with
cipher ECDHE-RSA-AES256-SHA (256/256 bits)
Mar  4 12:41:49 zeus postfix/smtpd[1811]: NOQUEUE: reject: RCPT from
mail.bmwlaw.com [1][174.46.142.137]: 450 4.7.1 : Helo command rejected: Host not found; from=<>
to= proto=ESMTP
helo=
Mar  4 12:41:51 zeus postfix/smtpd[1811]: disconnect from
mail.bmwlaw.com [1][174.46.142.137] ehlo=2 starttls=1 mail=1 rcpt=0/1
quit=1 commands=5/6


You should leave smtpd_tls_loglevel set to the default of "1". Makes the 
logs easier to read.



The only thing I can think, is that soemthing is turning it back on,
after being turned off.?

postconf -n below.

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
biff = no
broken_sasl_auth_clients = yes
command_directory = /usr/local/sbin
compatibility_level = 2
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
default_rbl_reply = $rbl_code Service unavailable; $rbl_class
[$rbl_what] blocked using $rbl_domain${rbl_reason?; $rbl_reason} - see
http://$rbl_domain.
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
home_mailbox = Mail/Dovecot/
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
inet_protocols = all
lmtp_tls_ciphers = $smtpd_tls_ciphers
lmtp_tls_mandatory_ciphers = $smtpd_tls_mandatory_ciphers
mail_owner = _postfix
mailbox_command = /usr/bin/procmail -a "$EXTENSION"
mailbox_size_limit = 0
mailq_path = /usr/local/bin/mailq
manpage_directory = /usr/share/man
message_size_limit = 0
meta_directory = /usr/local/etc/postfix
milter_default_action = accept
mydestination = localhost mail.$mydomain, www.$mydomain
myhostname = zeus.chalmers.com.au [3]
mynetworks_style = host
newaliases_path = /usr/local/bin/newaliases
non_smtpd_milters = inet:127.0.0.1:8891
postscreen_access_list = permit_mynetworks,
cidr:/usr/local/etc/postfix/postscreen_access.cidr,
cidr:/usr/local/etc/postfix/postscreen_spf_whitelist.cidr
postscreen_bare_newline_action = ignore
postscreen_bare_newline_enable = no
postscreen_bare_newline_ttl = 30d
postscreen_blacklist_action = drop
postscreen_cache_cleanup_interval = 12h
postscreen_cache_map = btree:$data_directory/postscreen_cache
postscreen_cache_retention_time = 7d
postscreen_client_connection_count_limit =
$smtpd_client_connection_count_limit
postscreen_command_count_limit = 20
postscreen_command_filter =
postscreen_command_time_limit = ${stress?10}${stress:300}s
postscreen_disable_vrfy_command = $disable_vrfy_command
postscreen_discard_ehlo_keyword_address_maps =
$smtpd_discard_ehlo_keyword_address_maps
postscreen_discard_ehlo_keywords = $smtpd_discard_ehlo_keywords
postscreen_dnsbl_action = enforce
postscreen_dnsbl_reply_map =

Re: How can I block this user...

2016-03-04 Thread Phil Stracchino

On 03/04/16 08:39, Robert Chalmers wrote:
> How can I block this user from even attempting to access the mail server?
> Mac. OSX 10.11
> Postfix.
> 
> I’ve even tried setting it in the firewall - but I’m missing something,
> because there it is again...
> 
> I have the domain IP in a blacklist on both the pf.conf firewall, and
> the postfix blacklist, and in spamassassin … impossible. I can not stop
> this sucker.

If you've blocked the source IP at your firewall, and it's still coming
through, then either you applied the block incorrectly, or the IP is
spoofed and you're blocking the wrong source IP.  You need to spend some
quality time with your firewall and Postfix logs and tcpdump/wireshark.

-- 
  Phil Stracchino
  Babylon Communications
  ph...@caerllewys.net
  p...@co.ordinate.org
  Landline: 603.293.8485

Re: How can I block this user...

2016-03-04 Thread Robert Chalmers

thanks, that seems to work - how to make it permanent next …

but, it should be working in postfix in any case shouldn’t it?

Wep, weekend coming up.
Robert

> On 4 Mar 2016, at 13:48, L.P.H. van Belle  wrote:
> 
> Very simple, route it to localhost. 
>  
> Like : 
> route add -host 174.46.142.137 127.0.0.1 
>  
> Have a nice weekend ;-) 
>  
>  
> Greetz, 
>  
> Louis
>  
>  
> Van: rob...@chalmers.com.au [mailto:owner-postfix-us...@postfix.org] Namens 
> Robert Chalmers
> Verzonden: vrijdag 4 maart 2016 14:39
> Aan: Postfix users
> Onderwerp: How can I block this user...
>  
> How can I block this user from even attempting to access the mail server?
> Mac. OSX 10.11
> Postfix.
>  
> I’ve even tried setting it in the firewall - but I’m missing something, 
> because there it is again...
>  
> I have the domain IP in a blacklist on both the pf.conf firewall, and the 
> postfix blacklist, and in spamassassin … impossible. I can not stop this 
> sucker.
>  
>  
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: connect from 
> mail.bmwlaw.com[174.46.142.137]
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: setting up TLS connection from 
> mail.bmwlaw.com[174.46.142.137]
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: mail.bmwlaw.com[174.46.142.137]: 
> TLS cipher list 
> "aNULL:-aNULL:ALL:!EXPORT:!LOW:+RC4:@STRENGTH:!SSLv2:!aNULL:!ADH:!eNULL"
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:before/accept 
> initialization
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read client hello A
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write server hello 
> A
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write certificate A
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write key exchange 
> A
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write server done A
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 flush data
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read client 
> certificate A
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read client key 
> exchange A
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read certificate 
> verify A
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 read finished A
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write change 
> cipher spec A
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 write finished A
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: SSL_accept:SSLv3 flush data
> Mar  4 12:41:48 zeus postfix/smtpd[1811]: Anonymous TLS connection 
> established from mail.bmwlaw.com[174.46.142.137]: TLSv1 with cipher 
> ECDHE-RSA-AES256-SHA (256/256 bits)
> Mar  4 12:41:49 zeus postfix/smtpd[1811]: NOQUEUE: reject: RCPT from 
> mail.bmwlaw.com[174.46.142.137]: 450 4.7.1 : Helo 
> command rejected: Host not found; from=<> 
> to= proto=ESMTP 
> helo=
> Mar  4 12:41:51 zeus postfix/smtpd[1811]: disconnect from 
> mail.bmwlaw.com[174.46.142.137] ehlo=2 starttls=1 mail=1 rcpt=0/1 quit=1 
> commands=5/6
>  
>  
> The only thing I can think, is that soemthing is turning it back on, after 
> being turned off.?
>  
>  
> postconf -n below.
>  
> alias_database = hash:/etc/aliases
> alias_maps = hash:/etc/aliases
> biff = no
> broken_sasl_auth_clients = yes
> command_directory = /usr/local/sbin
> compatibility_level = 2
> content_filter = smtp-amavis:[127.0.0.1]:10024
> daemon_directory = /usr/local/libexec/postfix
> data_directory = /var/lib/postfix
> debug_peer_level = 2
> debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb 
> $daemon_directory/$process_name $process_id & sleep 5
> default_rbl_reply = $rbl_code Service unavailable; $rbl_class [$rbl_what] 
> blocked using $rbl_domain${rbl_reason?; $rbl_reason} - see http://$rbl_domain.
> disable_vrfy_command = yes
> dovecot_destination_recipient_limit = 1
> home_mailbox = Mail/Dovecot/
> html_directory = /usr/share/doc/postfix/html
> inet_interfaces = all
> inet_protocols = all
> lmtp_tls_ciphers = $smtpd_tls_ciphers
> lmtp_tls_mandatory_ciphers = $smtpd_tls_mandatory_ciphers
> mail_owner = _postfix
> mailbox_command = /usr/bin/procmail -a "$EXTENSION"
> mailbox_size_limit = 0
> mailq_path = /usr/local/bin/mailq
> manpage_directory = /usr/share/man
> message_size_limit = 0
> meta_directory = /usr/local/etc/postfix
> milter_default_action = accept
> mydestination = localhost mail.$mydomain, www.$mydomain
> myhostname = zeus.chalmers.com.au
> mynetworks_style = host
> newaliases_path = /usr/local/bin/newaliases
> non_smtpd_milters = inet:127.0.0.1:8891
> postscreen_access_list = permit_mynetworks, 
> cidr:/usr/local/etc/postfix/postscreen_access.cidr, 
> cidr:/usr/local/etc/postfix/postscreen_spf_whitelist.cidr
> postscreen_bare_newline_action = ignore
> postscreen_bare_newline_enable = no
> postscreen_bare_newline_ttl = 30d
> postscreen_blacklist_action = drop
> postscreen_cache_cleanup_interval = 12h
> postscreen_cache_map = btree:$data_directory/postscreen_ca

Re: How can I block this user...

Re: How can I block this user...

Re: How can I block this user...

Re: How can I block this user...

Re: How can I block this user...

Re: How can I block this user...

Re: How can I block this user...

7 matches

Site Navigation

Mail list logo

Footer information