Re: whitelist from spamhaus

On Thu, Mar 19, 2009 at 11:58:52PM +0100, mouss wrote: > I would suggest separating relay control from other checks. something like > > smtpd_relay_restrictions = > permit_mynetworks > permit_sasl_authenticated This has been proposed before. http://archives.neohapsis.com/archive

Re: Change failure code for opportunistic TLS

On Thu, Mar 19, 2009 at 01:37:31PM -0400, Cory Coager wrote: > If I'm reading the documentation correctly, when using smtp_tls_policy_maps > for specific domains, if no servers are available That is no servers offer TLS, or do offer TLS, but with unsatisfactory certificates. > the email will be

Re: Performance tuning

On Thu, Mar 19, 2009 at 09:52:42PM -0400, Brandon Hilkert wrote: > I understand what you mean about sending to one server. I'm going to try > and setup a few more receiving servers so that I can more accurately > simulate sending it out to the internet. Did you at least take time to rule out th

Re: Performance tuning

Thanks for the response. Our test system is a pretty standard SATA disk with 2GB memory. If disk is the necessary resource, would we see an immediate benefit by going to a SCSI disk or even a SCSI array, or does that hardware benefit flatten out at some point? As I mentioned, we're using the

Re: how to create a filter in amavisd

deconya a écrit : > Hi > > Im configuring a server with postfix amavisd and spamassassin and > appears a problem with the antispam rules. There are one application > that uses the server to send to different clients mails but the amavisd > detect howo to spam this mails. How I can create an except

Re: Sender vs recipient restrictions.

Paweł Leśniak a écrit : > W dniu 2009-03-18 14:23, Costin Guşă pisze: >> On Wed, Mar 18, 2009 at 3:11 PM, wrote: >> >>> I've been reading today about; >>> >>> reject_unknown_sender_domain >>> >>> and I'm wondering if it is only allowed under 'smtpd_sender_restrictions' >>> whereas I've had it

Re: whitelist from spamhaus

Wietse Venema a écrit : > /dev/rob0: >> On Wed March 18 2009 03:06:40 Pascal Volk wrote: can i whitelist one domain from checking spamhaus ? thanks >>> smtpd_recipient_restrictions = >>> ... >>> reject_unauth_destination >>> ... >>> check_client_access hash:/etc/postfix/whitelist_

Re: modify incoming mail

Cedric Zeline a écrit : > Hi all, > > I need some help. I would like to modify incoming emails. > I need to add a link at top of the incoming mail body, in order to allow > employees that received their email to click on this link and connect > directly to our data base to check the client's data.

Re: Issue with pipe mail to script

Simon a écrit : > On Thu, Mar 19, 2009 at 10:39 AM, mouss wrote: >> Simon a écrit : >>> On Tue, Mar 17, 2009 at 7:57 AM, Simon wrote: On Mon, Mar 16, 2009 at 11:35 PM, Wietse Venema wrote: > You are expanding the virtual aliase BEFORE the Amavis filter, > and another time afte

how to create a filter in amavisd

Hi Im configuring a server with postfix amavisd and spamassassin and appears a problem with the antispam rules. There are one application that uses the server to send to different clients mails but the amavisd detect howo to spam this mails. How I can create an exception? I would like to create a

Re: Performance tuning

Brandon Hilkert: > We send out a pretty volume of emails right now using a combination > of SQL and IIS SMTP. We get rates now of about 5,000/min. We're > looking to not only improve the rates, but incorporate DKIM/Domainkey > signing into the process. The choice has been made to go with > postfix

Re: instance= in check_policy_service

Danilo Paffi Monteiro: > Hello, > > my old postfix version (postfix-2.2.8) send the instance that match > with this regexp [a-f0-9]+\.[a-f0-9]+\.[a-f0-9] > > the version(postfix-2.5.5) that I'm using now > [a-f0-9]+\.[a-f0-9]+\.[a-f0-9]+\.[a-f0-9] > > is it possible to change the instance= forma

instance= in check_policy_service

Hello, my old postfix version (postfix-2.2.8) send the instance that match with this regexp [a-f0-9]+\.[a-f0-9]+\.[a-f0-9] the version(postfix-2.5.5) that I'm using now [a-f0-9]+\.[a-f0-9]+\.[a-f0-9]+\.[a-f0-9] is it possible to change the instance= format? Thanks, Danilo Paffi Monteiro

Performance tuning

We send out a pretty volume of emails right now using a combination of SQL and IIS SMTP. We get rates now of about 5,000/min. We're looking to not only improve the rates, but incorporate DKIM/Domainkey signing into the process. The choice has been made to go with postfix along with a queue direc

Re: Postfix + DovecotSASL

You have to enable "login" auth mechanism. In dovecot.conf: auth default { # Space separated list of wanted authentication mechanisms: # plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi # NOTE: See also disable_plaintext_auth setting. mechanisms = plain login Steve On

Re: Looking for Anti-spam setting: local username/external IP

On Thursday, March 19, 2009 at 20:28 CET, "David A. Gershman" wrote: > I've been getting spam messages passing through my server because they > are "from" a local user account (spoofed). However, the connection > came from an external source. I'm trying to see if there is a setting > in ma

Looking for Anti-spam setting: local username/external IP

Hello All, I've been getting spam messages passing through my server because they are "from" a local user account (spoofed). However, the connection came from an external source. I'm trying to see if there is a setting in master.cf (or other .cf file) which will reject any email from an external

Re: Change failure code for opportunistic TLS

Cory Coager: > If I'm reading the documentation correctly, when using > smtp_tls_policy_maps for specific domains, if no servers are available > the email will be deferred? Is there a way to change this to a > permanent failure? There exists no code to convert a TLS failure into a permanent er

Postfix + DovecotSASL

Hello everybody, I'm running in a very strange problem. I've used postfix with saslauthd for a long time but as my server hosts a local domain and a few virtual domains I could only authenticate local domain with smtp auth plain, cause I'm using virtual domains flat files. So my virtual users ca

Change failure code for opportunistic TLS

If I'm reading the documentation correctly, when using smtp_tls_policy_maps for specific domains, if no servers are available the email will be deferred? Is there a way to change this to a permanent failure? ~Cory Coager -

Re: address rewriting with pcre?

LuKreme: > On 19-Mar-2009, at 04:45, Wietse Venema wrote: > >> $ ls -1 /usr/local/virtual/ | grep "@" | sed 's/^\([...@]*\)@\(.*\)$/ > >> \/ > >> ^\1_\(.*\)@\2$\/ \1+$...@\2/' > >> > >> testu...@example.com => /^testuser_(.*)@example.com$/ > >> testuser+$...@example.com > > > > This is BROKEN. Y

Re: Question about anvil settings

LuKreme wrote: On 19-Mar-2009, at 04:44, Wietse Venema wrote: LuKreme: My server is pretty light weight, and I don't tend to get too many floods of spammers, but are these defaults reasonable to mitigate the damage that a flood might do? Are these defaults anything a normal user is ever going

Re: address rewriting with pcre?

On 19-Mar-2009, at 04:45, Wietse Venema wrote: $ ls -1 /usr/local/virtual/ | grep "@" | sed 's/^\([...@]*\)@\(.*\)$/ \/ ^\1_\(.*\)@\2$\/ \1+$...@\2/' testu...@example.com => /^testuser_(.*)@example.com$/ testuser+$...@example.com This is BROKEN. You are not escaping any of the regexp metacha

Re: Question about anvil settings

On 19-Mar-2009, at 04:44, Wietse Venema wrote: LuKreme: My server is pretty light weight, and I don't tend to get too many floods of spammers, but are these defaults reasonable to mitigate the damage that a flood might do? Are these defaults anything a normal user is ever going to hit? A norm

Re: address rewriting with pcre?

LuKreme: > On 17-Mar-2009, at 08:52, Victor Duchovni wrote: > > On Tue, Mar 17, 2009 at 10:01:53AM -0400, Charles Marcus wrote: > >> On 3/17/2009 9:43 AM, Erwan David wrote: > >>> You may generate the pcre file with a line > >>> /recipient_([...@_]+)@localdomain/recipient+$...@localdomain > >>>

Re: Question about anvil settings

LuKreme: > My server is pretty light weight, and I don't tend to get too many > floods of spammers, but are these defaults reasonable to mitigate the > damage that a flood might do? Are these defaults anything a normal > user is ever going to hit? A normal user is NEVER going to hit these l

Re: address rewriting with pcre?

On 19-Mar-2009, at 04:14, Charles Marcus wrote: On 3/19/2009 5:55 AM, LuKreme wrote: I came up with this one liner: $ ls -1 /usr/local/virtual/ | grep "@" | sed 's/^\([...@]*\)@\(.*\)$/\/^\1_\(.*\)@\2$\/ \1+$...@\2/' testu...@example.com => /^testuser_(.*)@example.com$/ testuser+$...@example.c

Re: address rewriting with pcre?

On 3/19/2009 5:55 AM, LuKreme wrote: You may generate the pcre file with a line /recipient_([...@_]+)@localdomain/recipient+$...@localdomain for each valid recipient. This would preserve the validation of recipient at RCPT TO stage. >>> Interesting... and maybe a good

Re: address rewriting with pcre?

On 17-Mar-2009, at 08:52, Victor Duchovni wrote: On Tue, Mar 17, 2009 at 10:01:53AM -0400, Charles Marcus wrote: On 3/17/2009 9:43 AM, Erwan David wrote: You may generate the pcre file with a line /recipient_([...@_]+)@localdomain/recipient+$...@localdomain for each valid recipient. This w

Re: Question about anvil settings

* LuKreme : > I was looking at the default levels for anvil and unless I am > misunderstanding (likely) they seem really high. > >smtpd_client_connection_count_limit (default: 50) >The maximum number of connections that an SMTP client >may make simultaneously. > > So, a single client