Submission port SSL issues

I'm having some trouble configuring my server for SSL on the submission port. I think it's my SSL configuration because using TLS on Thunderbird worked fine, but SSL on Thunderbird (and Mail.app) fails. I suspect it has to do with the error listed below; which I got by trying to send a mail manua

Re: postfix implementation in forum like application - OT

> well since last few days i was working on postfix... so i would like > to know that can we use postfix for this functionality. and if can > use postfix which other tools i will require... I will also go > through the mailman. but just for the correct information. let me > know advantage and disa

Re: Blocking Spam

On Mon, 12 Jan 2009, bijayant kumar wrote: > I want to ask one thing, can it be possible to block only those mails in > which "From and To" address are same with help of regular expression > support? It means that reject mails if From and To address are same > otherwise accept. There may be some

Validating local users through local_recipient_maps

Hello all, Is there any way to validate a local user (e-mail address) on sending mail using the local_recipient_maps, (where potentially all valid e-mail addresses could be defined)? So that all outgoing mails from local users (local, virtual etc) are sent only by valid legitimate e

problem sending massive mailing

Hi all, this is my first message on this list I'm using postix without any problem from 3 year... but now i fount a problem and i home someone can help me to solve :D I have a big mailinglist, something like 23 email, one year ago i made some massive mailing to all through a PHP scr

Re: Validating local users through local_recipient_maps

On Jan 13, 2009, at 8:07 AM, "D. Karapiperis" wrote: Hello all, Is there any way to validate a local user (e-mail address) on sending mail using the local_recipient_maps, (where potentially all valid e-mail addresses could be defined)? So that all outgoing mails from local users (loc

Re: Problem with Zen filtering legit e-mail

Sahil Tandon wrote: > On Jan 12, 2009, at 10:27 AM, Roland Plüss wrote: > >> Since I got Zen and the other spam stuff working things went fine until >> one of our road workers tried to send his email from his laptop which is >> hooked up on a cheap ISP. This ISP happens to be fully in Zen and he

[CLOSED]Validating local users through local_recipient_maps

Thanks Sahil this is what I was looking for. O/H Sahil Tandon έγραψε: On Jan 13, 2009, at 8:07 AM, "D. Karapiperis" wrote: Hello all, Is there any way to validate a local user (e-mail address) on sending mail using the local_recipient_maps, (where potentially all valid e-mail addresses co

Servers High Performance and High Volume

Hi, We will install new servers to improve performance in our structure. Currently many accounts receiving more then 5000 msgs./hour. Two MX Postfix, two IMAP servers and more two servers with Spamassassin, Clamav,... Which is the best option of IMAP server to few users and high volume of

forged address

've a postfix server act as smtp out; i've allowed certain networks in mynetworks; my domain example.com; my problem is from the allowed networks one can send mails (e.g m...@gmail.com to someb...@yahoo.com); it should not have accepted mails other than one of the sender/receiver belong to example.

Parameter %s to %...@%d

Hi, Our mail server encounter below error on the log: Dec 4 04:34:09 localhost postfix/cleanup[26596]: warning: 3E0582648E7: virtual_alias_maps map lookup problem for u...@internaldomain Dec 4 04:36:28 localhost postfix/cleanup[26285]: warning: C28EA2648E3: virtual_alias_maps map lookup problem

Re: Problem with Zen filtering legit e-mail

Roland Plüss wrote: > Sahil Tandon wrote: > >> On Jan 12, 2009, at 10:27 AM, Roland Plüss wrote: >> >> >>> Since I got Zen and the other spam stuff working things went fine until >>> one of our road workers tried to send his email from his laptop which is >>> hooked up on a cheap ISP. This

stopping UCE with postfix

Hello, I'm busy making an overview how one can use postfix to stop UCE. During the past years the available possibilities have grown so it becomes a bit difficult to choose the right tools for the job. Eventually I need to decide what tools to use, so please correct my text below. I hope

Re: Problem with Zen filtering legit e-mail

Brian Evans - Postfix List wrote: > Roland Plüss wrote: > >> Sahil Tandon wrote: >> >> >>> On Jan 12, 2009, at 10:27 AM, Roland Plüss wrote: >>> >>> >>> Since I got Zen and the other spam stuff working things went fine until one of our road workers tried to send

Re: Submission port SSL issues

On Tue, Jan 13, 2009 at 12:36:58AM -0800, Neil wrote: > I'm having some trouble configuring my server for SSL on the > submission port. I think it's my SSL configuration because using TLS > on Thunderbird worked fine, but SSL on Thunderbird (and Mail.app) > fails. When mail clients say "SSL" the

Re: Parameter %s to %...@%d

On Tue, Jan 13, 2009 at 10:10:20PM +0800, MSG Support wrote: > Our mail server encounter below error on the log: > > Dec 4 04:34:09 localhost postfix/cleanup[26596]: warning: > 3E0582648E7: virtual_alias_maps map lookup problem for > u...@internaldomain There is invariably more error detail log

What do these logs mean?

My postfix log is being inundated. What does it mean and how can I block this ip (do I need to)? Jan 13 15:43:28 fred ipop3d[26971]: Logout user=info host= [209.225.189.110] Jan 13 15:43:28 fred ipop3d[26972]: Logout user=barry host= [209.225.189.110] Jan 13 15:43:28 fred ipop3d[26973]: Logo

Re: forged address

bharathan kailath wrote: 've a postfix server act as smtp out; i've allowed certain networks in mynetworks; my domain example.com ; my problem is from the allowed networks one can send mails (e.g m...@gmail.com to someb...@yahoo.com

Re: What do these logs mean?

* Rupert Reid : > My postfix log is being inundated. What does it mean and how can I block > this ip (do I need to)? That is not postfix, but ipop3d People seem to be logging in and out. Seems normal for a mailserver, if you ask me. -- Ralf Hildebrandt (ralf.hildebra...@charite.de) sn

Re: What do these logs mean?

On Jan 13, 2009, at 10:57 AM, Rupert Reid wrote: My postfix log is being inundated. What does it mean and how can I block this ip (do I need to)? Jan 13 15:43:28 fred ipop3d[26971]: Logout user=info host=[209.225.189.110 ] Jan 13 15:43:28 fred ipop3d[26972]: Logout user=barry host=[209.2

Re: stopping UCE with postfix

Rudy Gevaert wrote: Hello, I'm busy making an overview how one can use postfix to stop UCE. During the past years the available possibilities have grown so it becomes a bit difficult to choose the right tools for the job. Eventually I need to decide what tools to use, so please correct my

pre-queue warning message for the first time

I received the following error for the first time yesterday in my logwatch report. It was in the Postfix section. 1 *Warning: Pre-queue content-filter connection overload -- 1 After CONNECT 1 unknown unknown I have read ove

Re: Problem with Zen filtering legit e-mail

On 1/13/2009, Roland Plüss (rol...@rptd.ch) wrote: > Unfortunately nothing except SASL not working ( if telnetting to 25 ). I > tried tons of tutorials but the SASL stays broken. Most probably a > GenToo problem I suspect. Actually, I've been using SASL on gentoo for years, so it is more likely a

Re: pre-queue warning message for the first time

On Tue, 13 Jan 2009, Guy Story KC5GOI wrote: ... reject_rbl_client list.dsbl.org, dsbl.org has been off the air since around mid 2008. You should remove it. ...

Re: pre-queue warning message for the first time

Guy Story KC5GOI wrote: I received the following error for the first time yesterday in my logwatch report. It was in the Postfix section. 1 *Warning: Pre-queue content-filter connection overload -- 1 After CONNECT 1 unknown

Re: pre-queue warning message for the first time

I removed dsbl just now. I have not been able to locate the message in the log that triggered it yet. I will keep looking, got side tracked by a support call. On Tue, Jan 13, 2009 at 10:56 AM, Noel Jones wrote: > Guy Story KC5GOI wrote: > >> I received the following error for the first time ye

Re: pre-queue warning message for the first time

Guy Story KC5GOI wrote: Maybe your postfix-logwatch module needs updating. 7.3.6 is the version I installed via apt two weeks ago. It is the first time I saw this so it has me a bit curious. Cool, considering the current postfix-logwatch version is 1.37.08. http://www.mikecappella.c

Re: Problem with Zen filtering legit e-mail

Roland Pl??ss: > I never received nor got pointed to a DEBUG_README at all. Where's this one? > Below is the mailing list welcome that you ignored. Wieste TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail TO (UN)SUBSCRIBE see http://www.postfix.org/lists.html Thank

Re: Parameter %s to %...@%d

MSG Support: > Hi, > > Our mail server encounter below error on the log: > > Dec 4 04:34:09 localhost postfix/cleanup[26596]: warning: > 3E0582648E7: virtual_alias_maps map lookup problem for > u...@internaldomain Your logfile has much more information on this. See: http://www.postfix

Re: pre-queue warning message for the first time

Noel, just before I saw your post I realized I had confused the two. My mistake or is it I can see into the future? :) I have the current Logwatch, not the postfix-logwatch module.An apt-get -install -s postfix-logwatch on that system can not find the package. I have not found the actual comme

Re: pre-queue warning message for the first time

Mike Cappella made it to easy to refuse to install despite it postfix-logwatch not being in the 7.10 repositories. 1.37.08 is installed and I like the reports even more than I did the others. I think I found out what I needed so consider this closed. Duane and Noel, thanks for the replys. Guy O

backscattering

Hi, I am using a 2.3 postfix with spamassassin under freeBSD. Actually I am trying to stop a massive backscatting attack to my smtp server. I followed the backscatting procedure on postfix website but it doesn't work. Message-ID or EHLO fields for instance are too similar to my 'normal' emails.

xforward and 503 errors

I started a self-education exercise in modifying the Python smtplib and smtpd modules to handle xforward. I'm at the point where the two modules to talk to each other and send xforward information and I can receive xforward data as a prequeueing filter but, I can't forward it on to the next stag

Re: backscattering

Bruno GRANDJEAN wrote: Hi, I am using a 2.3 postfix with spamassassin under freeBSD. Actually I am trying to stop a massive backscatting attack to my smtp server. I followed the backscatting procedure on postfix website but it doesn't work. probably because this isn't backscatter... Mess

Re: xforward and 503 errors

Eric S. Johansson wrote: I started a self-education exercise in modifying the Python smtplib and smtpd modules to handle xforward. I'm at the point where the two modules to talk to each other and send xforward information and I can receive xforward data as a prequeueing filter but, I can't for

Re: xforward and 503 errors

Eric S. Johansson: > I've been over the documentation, mailing list archives, Google a few times > but > I'm not seeing what's wrong. I would appreciate some help. http://www.postfix.org/XFORWARD_README.html After receiving the server's announcement for XFORWARD support, the client may send XFO

Re: xforward and 503 errors

Noel Jones wrote: >> I've been over the documentation, mailing list archives, Google a few >> times but >> I'm not seeing what's wrong. I would appreciate some help. >> >> thanks >> >> ---eric > > You need to send the XFORWARD commands before MAIL FROM. > d'oh I went and looked at the xforwar

Re: backscattering

thks for replying to me so quickly, I will add a: reject_rbl_client zen.spamhaus.org in my /etc/postfix/main.cf I already added : reject_rbl_client ips.backscatterer.org how can I reject mail from outside claiming to be from my domain? with a 'from:' header only in the header_checks internal use

Re: Submission port SSL issues

On Tue, Jan 13, 2009 at 7:28 AM, Victor Duchovni wrote: > On Tue, Jan 13, 2009 at 12:36:58AM -0800, Neil wrote: > >> I'm having some trouble configuring my server for SSL on the >> submission port. I think it's my SSL configuration because using TLS >> on Thunderbird worked fine, but SSL on Thund

Re: backscattering

Bruno GRANDJEAN wrote: thks for replying to me so quickly, I will add a: reject_rbl_client zen.spamhaus.org in my /etc/postfix/main.cf I already added : reject_rbl_client ips.backscatterer.org how can I reject mail from outside claiming to be from my domain? [plain-text only please] [please d

Re: backscattering

Bruno GRANDJEAN: > how can I reject mail from outside claiming to be from my domain? > > with a 'from:' header only in the header_checks internal users > cannot send emails, outgoing traffic was completely blocked. If you reject mail from outside with your address in the From: header, then you wo

Re: Submission port SSL issues

Neil wrote: Okay, how can I get SSL enabled/working then? Uncomment the "smtps" entries in your master.cf It should looks pretty much like this (beware line wrapping in the mail): smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_aut

Re: Question about reject_unauthenticated_sender_login_mismatch

jeff_homeip a écrit : > --- In post...@yahoogroups.com, Victor Duchovni wrote: >[snip] >>> Am I then correct in concluding that with: >>> >>> smtpd_sender_restrictions = >>> permit_sasl_authenticated, >>> reject_authenticated_sender_login_mismatch, >>> reject >> Observe that the order

Re: What do these logs mean?

Ralf Hildebrandt a écrit : > * Rupert Reid : >> My postfix log is being inundated. What does it mean and how can I block >> this ip (do I need to)? > > That is not postfix, but ipop3d > People seem to be logging in and out. Seems normal for a mailserver, > if you ask me. > too many users with

Re: backscattering

Noel Jones a écrit : > Bruno GRANDJEAN wrote: >> >> thks for replying to me so quickly, I will add a: >> reject_rbl_client zen.spamhaus.org >> in my /etc/postfix/main.cf >> I already added : >> reject_rbl_client ips.backscatterer.org >> >> how can I reject mail from outside claiming to be from my d

Re: backscattering

mouss wrote: Noel Jones a écrit : smtpd_data_restrictions = permit_mynetworks check_sender_access hash:/etc/postfix/no_backscatter # no_backscatter <> reject_rbl_client ips.backscatterer.org Which will reject only bounces from them (including legit bounces). as well as SAV probes such

Re: Can't stop UNDELIVERED MAIL RETURNED TO SENDER emails

Victor Duchovni a écrit : > On Mon, Jan 12, 2009 at 06:13:52PM -0500, Wietse Venema wrote: > >> David Cottle: >>> Content-Description: Undelivered Message >>> Content-Type: message/rfc822 >>> Content-Transfer-Encoding: 8bit >>> >>> Received: from server.engineering.idb (unknown [127.0.0.1]) >>>

Re: Can't stop UNDELIVERED MAIL RETURNED TO SENDER emails

David Cottle a écrit : > > I found the issue. It's backscatter mail to real recipient addresses. At > first I was getting non existent as well but stopped those. > Something (a spam filter?) after postfix returns says: "Invalid destination status" You MUST not reject mail after it was accepted

Re: backscattering

Noel Jones a écrit : > mouss wrote: >> Noel Jones a écrit : >>> smtpd_data_restrictions = >>> permit_mynetworks >>> check_sender_access hash:/etc/postfix/no_backscatter >>> >>> # no_backscatter >>> <> reject_rbl_client ips.backscatterer.org >>> >>> Which will reject only bounces from them (inc

Re: backscattering

Relax Dr Wietse I am using another domain to post to your mailing list Shame on me if I give the domain I have trouble with ;-) bruno > Message du 13/01/09 21:34 > De : "Wietse Venema" > A : "Postfix users" > Copie à : > Objet : Re: backscattering > > > Bruno GRANDJEAN: > > how can I rejec

Re: Submission port SSL issues

On Tue, Jan 13, 2009 at 02:37:37PM -0600, Noel Jones wrote: > Neil wrote: > >Okay, how can I get SSL enabled/working then? > > Uncomment the "smtps" entries in your master.cf > > It should looks pretty much like this (beware line wrapping in > the mail): > smtps inet n - n

Re: What do these logs mean?

I saw something similar to this on my mail server about 3 months ago. I ran the ip address via whois and I was under a dictionary attack from a server in China. I put a rule on my firewall to drop the connections from the ip address range that was returned in the whois check and stopped it. Guy

Re: Servers High Performance and High Volume

* Res : >> We will install new servers to improve performance in our structure. >> Currently many accounts receiving more then 5000 msgs./hour. >> >> Two MX Postfix, two IMAP servers and more two servers with >> Spamassassin, Clamav,... >> >> Which is the best option of IMAP server to few users

Backscatter

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Okay I am now down to maybe 5 emails per 24 hours that are backscatter bounces from existing mail names. Can anyone see anything wrong here please? From reading I need to use header and body checks? ( How do I block backscatter mail to real recipien

Re: Backscatter

David Cottle wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Okay I am now down to maybe 5 emails per 24 hours that are backscatter bounces from existing mail names. Can anyone see anything wrong here please? From reading I need to use header and body checks? ( How do I block backscatter

Re: Problem with Zen filtering legit e-mail

Roland Plüss wrote, On 1/13/09 9:47 AM: Brian Evans - Postfix List wrote: [...] Gentoo is not the issue, however the different SASL implementations can be an interesting experiment to get working. Dovecot SASL is easier, IMO, to setup and configure and you can disable the IMAP services from st

Re: backscattering

Bruno GRANDJEAN a écrit : > Relax Dr Wietse I am using another domain to post to your mailing list This doesn't matter. it is a general principle. it was easy to guess that orange.fr isn't your domain. > Shame on me if I give the domain I have trouble with ;-) well, there's nothing bad in showin

Re: backscattering

On Tue, Jan 13, 2009 at 3:32 PM, Noel Jones wrote: > Bruno GRANDJEAN wrote: >> >> thks for replying to me so quickly, I will add a: >> reject_rbl_client zen.spamhaus.org >> in my /etc/postfix/main.cf >> I already added : >> reject_rbl_client ips.backscatterer.org >> >> how can I reject mail from o

How to restrict ACCESS not RELAY to the SMTP daemon?

Hello, i try to figure out how to restrict ACCESS to the SMTP daemon. With that, i mean something like the tcpwrapper for SMTP/SMTPS ... For what? I have several root-Servers, vServer and Xen domains - only one is the mail system and should be available for mail from the internet. The others

Re: How to restrict ACCESS not RELAY to the SMTP daemon?

Thomas: > Hello, > i try to figure out how to restrict ACCESS to the SMTP daemon. > > With that, i mean something like the tcpwrapper for SMTP/SMTPS ... > > For what? > > I have several root-Servers, vServer and Xen domains - only one is the > mail system and should be available for mail from t

Re: Submission port SSL issues

On Tue, Jan 13, 2009 at 1:39 PM, Victor Duchovni wrote: > On Tue, Jan 13, 2009 at 02:37:37PM -0600, Noel Jones wrote: > >> Neil wrote: >> >Okay, how can I get SSL enabled/working then? >> >> Uncomment the "smtps" entries in your master.cf >> >> It should looks pretty much like this (beware line wr

Re: How to restrict ACCESS not RELAY to the SMTP daemon?

Thomas wrote: Hello, i try to figure out how to restrict ACCESS to the SMTP daemon. With that, i mean something like the tcpwrapper for SMTP/SMTPS ... I found that about a similar solution: http://archives.neohapsis.com/archives/postfix/2007-05/0343.html There, the following is written: ###

Re: Submission port SSL issues

On Tue, Jan 13, 2009 at 06:35:24PM -0800, Neil wrote: > I followed Noel's suggestion (top part of master.cf below), but I > still can't get it to work. I read the above, but I still can't see any information there. I think the word's "can't", "it" and "work" need to each be replaced by a few para

Re: How to restrict ACCESS not RELAY to the SMTP daemon?

Wietse Venema wrote: http://www.postfix.org/SMTPD_ACCESS_README.html http://www.postfix.org/access.5.html http://www.postfix.org/cidr_table.5.html /etc/postfix/main.cf smtpd_client_restrictions = check_client_access cidr:/etc/postfix/client_access /etc/postfix/client_access 192.168.0.0/2

Re: How to restrict ACCESS not RELAY to the SMTP daemon?

On Wed, Jan 14, 2009 at 04:58:17AM +0100, Thomas wrote: > cidr:/etc/postfix/client_access" > for i in 127.0.0.0/8 ; do echo $i >> > /etc/postfix/client_access ; done > postfix reload > > Tested: works! That "echo $i" should have been "echo $i OK"... -- Viktor. Disclaimer: off-l

Re: How to restrict ACCESS not RELAY to the SMTP daemon?

On Tue, Jan 13, 2009 at 11:07:14PM -0500, Victor Duchovni wrote: > On Wed, Jan 14, 2009 at 04:58:17AM +0100, Thomas wrote: > > > cidr:/etc/postfix/client_access" > > for i in 127.0.0.0/8 ; do echo $i >> > > /etc/postfix/client_access ; done > > postfix reload > > > > Tested: works! > > T

RE: postfix implementation in forum like application - OT

Hello sir, Actually I know we can use postfix for sending mails. But I don't know can we use postfix to receive mails also. Or do we need to configure some extra tools. Initially I was using postfix with getmail tool. Through postfix I was sending mail using "sendmail -t" command.

Cannot Send Email via POSTFIX to any domain

Hi, I have spent countless hours researching this but I can't still figure out why I can't send email from postfix server to any other domain other than myself. I want my server to actually deliver the email and don't want to use ISP's mail server. The server resides on a business network so

Re: backscattering

> Message du 13/01/09 21:33 > De : "Noel Jones" > A : "Bruno GRANDJEAN" , "postfix users list" > Copie à : > Objet : Re: backscattering > > > Bruno GRANDJEAN wrote: > > > > thks for replying to me so quickly, I will add a: > > reject_rbl_client zen.spamhaus.org > > in my /etc/postfix/ma