Hello Guys,
Probably a stupid question . but it the amavisd patch required
for policyd v2.0.1 (cluebringer) to runs properly or it's only optional ??
Why is this amavisd patch for anyway ?? Which features are added on
amavisd with cluebringer integration ?
--
Atenci
Jordi Moles escreveu:
However, if i run, for
example, a perl or php script which calls function mail(), policyd just
doesn't do anything, it doesn't even write anything in the logs.
Of course you can modify your PHP scripts to 'connect on port 25'
instead of delivering through sendmai
John Baker escreveu:
> Hi all,
>
> Much of why I setup MailWatch was to easily feed the bayes filter but
> I'm having some trouble with the Message Operations search. When I use
> it to try and learn mail I get an error like this.
>
> Message ID 20B4F17805C_EE6C5 not found.
>
> The message list
Thomas Neubauer escreveu:
> Hello Sam,
>
>
>> Is it possible to blacklist a subnet as 81.93.255.128/26 and why ?
>>
>
> To blacklist the subnet like you want it to do,
> you would have to put every single IP you want to block into your blacklist
> table and
> leave the netblocking-param
Compiler is claiming it cannot found mysql.h, MySQL header file. As
the header file is not a binary, this problem has absolutely nothing
related to PATH. You can change PATH for whatever you want and the
compile process wont work the same way.
First of all make sure you have mysql deve
Geert Hendrickx escreveu:
On Sun, Feb 10, 2008 at 04:09:22PM -0200, Leonardo Rodrigues Magalhães wrote:
i have done some changes on policyd to allow those statistics to be directly
stored on a new MySQL table, thus making it available in 'real time' and
avoiding the logs processi
Jan-Frode Myklebust escreveu:
In lack of an "official" policyd mib, I try to summarize all policyd
statuses logged to syslog, publish them trough an snmpd enterprise oid,
and plot them trough zenoss as:
http://tanso.net/policyd/mx.png
http://tanso.net/policyd/smarthost.png
I h
Hello Guys,
As we expected, some day spammers would start 'sending again' and
then workingaround greylist techniques.
Lately i have seen a LOT of SPAM resending with almost exact 10
minutes of difference. For example:
Feb 3 07:51:06 hermes policyd: rcpt=876, greylist=new,
host=1
Tobias Kreidl escreveu:
Rianto Wahyudi wrote on 2007-10-07 01:25:
| %yahoo.com%|
Shouldn't that read "%yahoo.com" (no trailing "%")?
Yeah ... the trailing % really seems to be a mistyped character.
Anyway, it would match even with that extra trailing %:
mysql>
Cami Sardinha escreveu:
Once your
system starts processing 10 000 concurrent connections to your
MX then you need to start raising limits.
My mail systems probably doesnt handle 1 connections in a whole
day . 10k concurrent connections are a huge insane idea to me :)
--
John Beaver escreveu:
Question is . having check_policy_service right after
permit_mynetworks would allow connections trying to send email to
unknown users to be greylisted ? I was thinking on having this:
smtpd_recipient_restrictions =
reject_unknown_recipient_domain,
Hello Guys,
My policyd is being called on smtpd_recipient_restrictions for
greylist and some other features. My smtpd_recipient_restrictions is
configured like this:
smtpd_recipient_restrictions =
reject_unknown_recipient_domain,
permit_sasl_authenticated,
permi
Welcome Nigel !! We're hoping (and i hope helping as well) that
you'll make a great job on maintaning this fantastic piece of software :) !
Cami Sardinha escreveu:
> Hi All,
>
> With immediate effect, I'm happy to announce that
> Nigel Kukard ([EMAIL PROTECTED]) will be taking over
> Policyd
Cami Sardinha escreveu:
> Chris Covington wrote:
>
>> hello list, Cami,
>>
>> I've been using policyd since July 2005 and it's been the best thing
>> since sliced bread for us. I would like to make a feature request (or
>> perhaps this can be configured without changing policyd). I would
>>
Cami Sardinha escreveu:
> Geert Hendrickx wrote:
>
>> I have a question about the auto-whitelisting algorithm; why is it
>> implemented in greylist.c and not in cleanup.c? The way it is done now
>> (synchronously) means an extra query ('SELECT COUNT(*) FROM triplet
>> WHERE _host='%s' AND _co
Cami Sardinha escreveu:
> Geert Hendrickx wrote:
>
>> I have a question about the auto-whitelisting algorithm; why is it
>> implemented in greylist.c and not in cleanup.c? The way it is done now
>> (synchronously) means an extra query ('SELECT COUNT(*) FROM triplet
>> WHERE _host='%s' AND _co
possible to do this small modification ?
jibie escreveu:
> I just changed the default error messages in all modules to read
> exception triggered by policyd.
>
>
> Leonardo Rodrigues Magalhães wrote:
>
>> Can you show us exactly in which variable of policyd.conf th
e: censor.com and censored.de are obfuscated addresses as is
> ??.??.??.??=)
>
> Leonardo Rodrigues Magalhães wrote:
>
>> jibie escreveu:
>>
>>
>>> Hey thanks for your time
>>>
>>> But I actually never enabled greylisting. It's
jibie escreveu:
> Hey thanks for your time
>
> But I actually never enabled greylisting. It's currently and has always
> been disabled for my installation of policyd.
> It's all very curious =)
>
> Leonardo Rodrigues Magalhães wrote:
>
>> I real
jibie escreveu:
> Does policyd only accept null senders generated from the localhost?
>
> I have one machine set up to receive email only (mx machine) running policyd
>
> I have one machine set up to send email only. Any bounces generated by
> sending machine is delivered by postfix in the usual
jibie escreveu:
> Right now policyd rejects the null address. I was curious if the null
> address rejection is also rejecting bounce messages generated by postfix
> and then queued for delivery.
>
> Is there a way around this?
>
>
policyd does NOT reject null addresses. It's a normal se
Sure !! Just change the port on policyd.conf, grab a free port and
get it running !
#
# port to bind to:
#
# port which the policy daemon will listen on
#
BINDPORT=10031
Wire James escreveu:
> Hi Members
>
> I am new to this list and Policyd. Can you let me know if I can have
> Policy
Cami escreveu:
> Hugo Monteiro wrote:
>
>> Hello all,
>>
>> i've noticed that there aren't any indexes defined whatsoever, besides
>> the ones automatically created for keys.
>>
>
> That is false information. Please provide proof.
>
Yeah . last time i checked, the few indexes
Tom Scrape escreveu:
>
> If Postfix is just getting a DUNNO, that would be what I want since I have
> several more spam checks after policyd. But if it's getting an OK, that would
> break any further spam checks.
>
According to the documentation, and at least my configurations,
check_po
Yes . it's already there in policyd.conf
#
# whitelist null sender: default: off
#
# null senders are normally used for bounce messages. many
# viruses use null senders so its wise to leave this disabled.
#
#
Policyd applies all whitelists before blacklists. Are you sure some
other rule of whitelisting (sender/recipient/address/dnsname) allows the
connection ?
Are you sure blacklist feature is activated in policyd.conf ??? The
entry can be correct on the table. If the feature is disabled in
nyone interesting in this besides me ? If you're
interesting, are you using cacti ?? Is anyone interested on generating
these graphs with other tool than cacti ? Is anyone already getting some
graphs with another tool ?
Leonardo Rodrigues Magalhães escreveu:
I have made a initial patc
I have made a initial patch for getting this new feature it's
running for me. Please take a look ...
http://www.solutti.com.br/policyd-v1.80-statistics.diff.gz
Dont forget to check DATABASE.mysql for creating the table
statistics and initialize the action entries, and policyd.conf
Yeah but changing colors is the easiest part :)
In fact I was thinking graphs with several values (more than 6)
tends to be somehow unreadable. I was thinking on creating several cacti
templates for holding all those datas: one graph for whitelist actions,
other for blacklist
great idea ? Cami, would you
accept a patch for this idea ? If yes, i can try
Leonardo Rodrigues Magalhães escreveu:
> Now i have to wait some hours and see what is going to happen in
> business hours :)
>
> Get me one or two week day and i'll probably post what i got
> would be nice to see what it's doing with all the lists.
>
> -Rob
>
> On Jan 7, 2007, at 7:49 PM, Leonardo Rodrigues Magalhães wrote:
>
>>
>> Hi Cami,
>>
>> I'm rewatching my logfiles and rebuilding my whitelist and blacklist
>&
Hi Cami,
I'm rewatching my logfiles and rebuilding my whitelist and blacklist
dnsnames entries.
While i was doing that, i was thinking of maybe an easy way of
monitoring policyd accept/blocking of messages, basically for getting
this information and throwing at some Cacti/RRDTool
Daniel Mayer [COUGA.net] escreveu:
> Hi,
>
> We are running postfix in an ISP mass-webhosting environment with
> several customers per server. We'd like to limit the amount of mail a
> user is allowed to send from its web pages (like php, cgi scripts etc.).
> Processes of all users are running un
Hi People,
I have found a minor problem in my logs, regarding policyd.
I noticed some errors like:
Jan 2 10:18:35 topserver2 policyd: invalid triplet_array[11][5]:
(blacklist helo):
Jan 2 10:18:35 topserver2 policyd: invalid triplet_array[11][5]:
(blacklist helo):
Jan 2 10:19
Benny Pedersen escreveu:
> On Thu, November 16, 2006 11:38, Leonardo Rodrigues Magalhães wrote:
>
>
>> How to solve the ML always-different addresses problems ?? Just
>> watch your logs and issue some whitelists to fit them ! I had to do that
>>
>
> wh
Evan Roberts escreveu:
> It would appear that the limit within the "_from" and "_rcpt" columns in
> "triplet" are "char(60)", and so is the "_blacklist" column in
> "blacklist_senders". I've already increased their character limit to
> "char(120)", but I am wondering where I can change those valu
Xavier Beaudouin escreveu:
>
> Because whitelist_dnsname can be. forged for example.
>
Absolutely not. At least not as easy as you may be thinking. Postfix
only gives the hostname to policyd if the IP has what i call a 'perfect
reverse'. Policyd does not resolve IPs/hosts. That info
Xavier Beaudouin escreveu:
> Hi there,
>
> Hum... Is there any plans to add SPF support and use it to
> autowhitelist some trusted / big mail farms (eg for example
> gmail.com, aol.com, etc...)..
>
> Eg : if IP is in the whitelist of SPF record, then whitelist the ip
> without adding it man
38 matches
Mail list logo
