* Lists [EMAIL PROTECTED]:
Thanks for the suggestions, sounds like a good idea.
Which method is the simplest to implement and get up and running?
Depends on the POP/IMAP you want to use. If you use Cyrus IMAP, then sasldb
will probably be the simpliest thing you can do.
If you want to use
On Oct 3, 2008, at 2:49 AM, Wietse Venema wrote:
Johan Ström:
Hi
I got a situation where I need to relay ALMOST all mail through
another mail server. The catch is that I want a few specific sender
mail addresses to send directly from the postfix itself (as if I
didn't have a relayhost
OK, having successfully got SASL authentication working via Dovecot (as
per Wietse's helpful comments on my previous post), I now have another
query which I can't seem to find the answer to either by reading the
Postfix documentation or Googling.
What I want to do is configure Postfix so that
Stephen Liu wrote:
Hi mouss,
Please do not top post. put your replies after the text you reply to.
google for more infos (in particular, why we prefer bottom posting).
Dom0 (host), a workstation, is connected to ISP at fixed IP, e.g.
111.222.333.444. All domUs (guests), having their own
Hello All,
I just updated my rbl list since dsbl.org is out and wanted to see if anyone
has any new lists that are conservative enough to use in the war against
spam.
I use in this order the following:
reject_rbl_client zen.spamhaus.org,
reject_rbl_client bl.spamcop.net,
If you really want no relayhost for a list of senders, this is not
easily done with Postfix. sender_dependent_relayhost_maps was
designed to do the exact opposite: specify a relayhost for a list
of senders.
If the sender list is REALLY small, you could use the pcre built-in
negation operator:
mouss wrote:
Mark Goodge wrote:
OK, having successfully got SASL authentication working via Dovecot
(as per Wietse's helpful comments on my previous post), I now have
another query which I can't seem to find the answer to either by
reading the Postfix documentation or Googling.
What I
Joey schrieb:
I use in this order the following:
reject_rbl_client zen.spamhaus.org,
reject_rbl_client bl.spamcop.net,
for us bl.spamcop.net has produced quite a lot false positives in the
past, that's why we only use it for scoring, but things may have changed.
Voytek Eymont wrote:
On Fri, October 3, 2008 11:07 pm, Udo Rader wrote:
Joey schrieb:
I use in this order the following:
we use these:
blocked using bl.spamcop.net (total: 491)
blocked using combined.njabl.org (total: 77)
blocked using dsn.rfc-ignorant.org (total: 368)
rfci
On Fri, October 3, 2008 11:36 pm, mouss wrote:
Voytek Eymont wrote:
rfci is not safe for smtp rejection. It is not intended for such use.
mouss, thanks
so, should be like this ?
smtpd_sender_restrictions = reject_rhsbl_sender dsn.rfc-ignorant.org
blocked using dul.dnsbl.sorbs.net
Hello,
I've googled around and been playing with relay_recipient_maps. I have
it as follows:
relay_recipient_maps =
hash:/etc/postfix/LDAPaddressbook.txt
ldap:/etc/postfix/ldap-users.cf
Where /etc/postfix/LDAPaddressbook.txt is a local list of the valid
mailboxes, and
* Voytek Eymont [EMAIL PROTECTED]:
rfci is not safe for smtp rejection. It is not intended for such use.
mouss, thanks
so, should be like this ?
smtpd_sender_restrictions = reject_rhsbl_sender dsn.rfc-ignorant.org
That's STILL smtp rejection - he was thinking of using it from e.g.
Mark Goodge wrote:
mouss wrote:
in the submission service (in master.cf), use something like:
submission ... ... smtpd
...
-o smtpd_sasl_auth_enable=${submission_sasl_auth_enable}
and in main.cf
submission_sasl_auth_enable = yes
(don't enable smtpd_sasl_auth_enable as this one
* Voytek Eymont [EMAIL PROTECTED]:
rfci is not safe for smtp rejection. It is not intended for such use.
mouss, thanks
so, should be like this ?
smtpd_sender_restrictions = reject_rhsbl_sender dsn.rfc-ignorant.org
That's STILL smtp rejection - he was thinking of using it
Nicolás Velásquez O. wrote:
Hello,
I've googled around and been playing with relay_recipient_maps. I have
it as follows:
relay_recipient_maps =
hash:/etc/postfix/LDAPaddressbook.txt
ldap:/etc/postfix/ldap-users.cf
Where /etc/postfix/LDAPaddressbook.txt is a local list of the
Wietse Venema:
If you really want no relayhost for a list of senders, this is not
easily done with Postfix. sender_dependent_relayhost_maps was
designed to do the exact opposite: specify a relayhost for a list
of senders.
If the sender list is REALLY small, you could use the pcre built-in
* Joey [EMAIL PROTECTED]:
That's STILL smtp rejection - he was thinking of using it from e.g.
SpamAssassin. But I personally think that dsn.rfc-ignorant.org is safe
for smtp rejection :)
We had a lot of problems when we used rfc-ignorant.org because of Exchange
servers not being
Hi folks,
i have a postfix that generates errors of anvil process.
All seems fine, but in some minuts anvil proces seems unavailable.
I've never seen somethink like that and i don't know how to solve it.
I've searched by google, but i haven't found any solution.
there is no problems with
Hi folks,
i have a postfix that generates errors of anvil process.
All seems fine, but in some minuts anvil proces seems unavailable.
I've never seen somethink like that and i don't know how to solve it.
I've searched by google, but i haven't found any solution.
there is no problems with
--- mouss [EMAIL PROTECTED] wrote:
Stephen Liu wrote:
I arrange the hostname and domain in this way;
e.g.
domU1 (guest1)
domain - domain1.com
hostname - xen1.domain1.com
domU2 (guest2)
domain - domain2.com
hostname - xen2.domain2.com
domU3 (guest3)
domain
Stephen Holmes wrote, at 10/03/2008 11:44 AM:
Hi PostFixers,
I'm now running postfix/dovecot/mysql in SUSE Linux Enterprise 10 SP2
and I wanted to secure the SMTP connections. I've tried to follow one
or more tutorials, but so far to no avail. The server is up and running
and Thunderbird
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Stephen Holmes wrote:
Doh! That makes sense. Looks good. Thanks Jorey. Issued the command
and now see AUTH PLAIN and AUTH=PLAIN. I guess that's okay? Should I
have more authentication types?
There's no real need. Unencrypted auth is no good
On Fri, Oct 03, 2008 at 10:22:59AM -0400, Jorey Bump wrote:
I'm curious about the use of X509v3 Subject Alternative Name in
certificates, and if they pose any problems when used in production.
No, these are preferred to CommonName when used to verify DNS names.
See RFC 5280.
For example, if
Hi friends:
I'm sorry but my english isn't good yet.
I'm running Postfix with some smtpd restrictions like these:
smtpd_delay_reject = no
smtpd_client_restrictions =
permit_mynetworks,
sleep 25,
permit_sasl_authenticated
smtpd_helo_restrictions =
permit_mynetworks,
Oh, something else:
If I disable reject_non_fqdn_hostname then Outlook users aren't affected
by I don't want to disable that restriction since stops so many spammers.
Thanks :)
Jason Voorhees escribió:
Hi friends:
I'm sorry but my english isn't good yet.
I'm running Postfix with some
Victor Duchovni wrote, at 10/03/2008 12:35 PM:
On Fri, Oct 03, 2008 at 10:22:59AM -0400, Jorey Bump wrote:
I'm curious about the use of X509v3 Subject Alternative Name in
certificates, and if they pose any problems when used in production.
No, these are preferred to CommonName when used to
Jason Voorhees wrote:
Hi friends:
I'm sorry but my english isn't good yet.
I'm running Postfix with some smtpd restrictions like these:
smtpd_delay_reject = no
smtpd_client_restrictions =
permit_mynetworks,
sleep 25,
so you're wasting the resources of all other people? This is a bit
Jason Voorhees wrote:
Hi friends:
I'm sorry but my english isn't good yet.
I'm running Postfix with some smtpd restrictions like these:
smtpd_delay_reject = no
smtpd_client_restrictions =
permit_mynetworks,
sleep 25,
permit_sasl_authenticated
This is very unfriendly. You're penalizing
On Fri, Oct 03, 2008 at 01:10:30PM -0400, Jorey Bump wrote:
However, user mail clients will attempt to verify the certificate (for
SMTP and IMAP), as will web browsers (for HTTPS). Since this is becoming
increasingly more difficult to overcome for nontechnical users as these
clients become
Thanks for your replies.
Actually I'm already using greylisting, but I can see how delay greeting
reduces an extra bit the amount of spam received.
I work at a Consulting company with offer support and manteinance
services to other companies so I cannot monitor all day postfix servers
of all my
Jason Voorhees wrote:
I know that all your replies are valid alternatives but I just wanted to
know if this Outlook's behavior against smtpd_delay_reject has a
solution while keeping my settings as they are.
Please don't top post.
Please do pay attention to what I said earlier:
Your error
Jorey/Barney: thanks for you help, you guys rock!
S.
Jorey Bump wrote:
Stephen Holmes wrote, at 10/03/2008 12:01 PM:
Jorey Bump wrote:
You've wisely configured postfix to offer AUTH only via STARTTLS, so it
won't appear until the session is renegotiated and encrypted. telnet is
For the record, in case this patch is missed at the end of a very
long message.
Of course we could introduce a hack where a special lookup result
of NONE (or some other magic string) means don't use a relayhost.
Postfix would then look like this:
/etc/postfix/main.cf:
relayhost =
On Sat, October 4, 2008 1:03 am, Ralf Hildebrandt wrote:
That's STILL smtp rejection - he was thinking of using it from e.g.
SpamAssassin. But I personally think that dsn.rfc-ignorant.org is safe
for smtp rejection :)
thanks, Ralf
(after all, it was your suggestion from
Our CommuniGate server batches mail going out to Yahoo and at times
accumulates enough to exceed the limit of 5 messages per SMTP connection that
Yahoo has and the connection is dropped. I would like to now if relaying
through Postfix can resolve this problem.
Yahoo info Are there any
Hello Viktor,
On Friday 03 October 2008 21:37, Victor Duchovni wrote:
On Fri, Oct 03, 2008 at 09:09:56PM -0700, David Koski wrote:
Our CommuniGate server batches mail going out to Yahoo and at times
accumulates enough to exceed the limit of 5 messages per SMTP connection
that Yahoo has and
36 matches
Mail list logo