Hi
Earlier today I noticed a spammer using my Postfix server as a relay to
send out spam. This was puzzling because i had all requisite anti relay
host settings applied. Further, it was particularly alarming that
Postfix seemed to be receiving the spam messages from localhost as
indicated:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/26/2013 11:32 AM, Jamie wrote:
Hi
Earlier today I noticed a spammer using my Postfix server as a
relay to send out spam. This was puzzling because i had all
requisite anti relay host settings applied. Further, it was
particularly alarming
On Feb 26, 2013, at 11:32 AM, Jamie wrote:
Hi
Earlier today I noticed a spammer using my Postfix server as a relay to send
out spam. This was puzzling because i had all requisite anti relay host
settings applied. Further, it was particularly alarming that Postfix seemed
to be
Borja
I am pretty sure of it. After I blocked the ip address, the spam stopped
coming. It is no co-incidence that 113.167.239.162 resolves to localhost
(see: http://remote.12dt.com/ for confirmation).
I am fairly certain that our mail server has not been hacked.
Regards
Jamie
On
W dniu 26.02.2013 02:27, Wietse Venema pisze:
Piotr Rotter:
W dniu 26.02.2013 01:56, Wietse Venema pisze:
Piotr Rotter:
Hello,
Can I set postfix to reject empty sender address for authenticated users.
I want to disallow this:
235 2.7.0 Authentication successful
MAIL FROM:
250 2.1.0 Ok
Am 26.02.2013 12:35, schrieb Jamie:
Borja
I am pretty sure of it. After I blocked the ip address, the spam stopped
coming. It is no co-incidence that 113.167.239.162 resolves to localhost
(see: http://remote.12dt.com/ for confirmation).
I am fairly certain that our mail server has not
As requested, here is our configuration. I added the helo restrictions
after seeing the relay problem, but it didn't help.
*** main.cf ***
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the name. The Debian default
# is /etc/mailname.
Am 26.02.2013 12:57, schrieb Jamie:
As requested, here is our configuration. I added the helo restrictions after
seeing the relay problem, but it
didn't help.
*** main.cf ***
# Debian specific: Specifying a file name will cause the first
# line of that file to be used as the
Robert
Thanks for the ideas. I'll try out your recommendations.
Like I said, as soon as I blocked the troublesome IP's the problem went away.
Thus, it cannot be a local script. Furthermore,
we are not even running Apache. We are running Tomcat with custom developed
Java apps.
I also ran
Am 26.02.2013 13:04, schrieb Jamie:
Robert
Thanks for the ideas. I'll try out your recommendations.
Like I said, as soon as I blocked the troublesome IP's the problem went
away. Thus, it cannot be a local script. Furthermore,
we are not even running Apache. We are running Tomcat with
Hi,
there is an error in mail log file when sending mail to some hotmail
accounts
log file error :
relay=none, delay=0.65, delays=0.45/0.14/0/0.06, dsn=4.4.2,
status=deferred (delivery temporarily suspended: lost connection with
mx2.hotmail.com[65.55.37.104] while sending RCPT TO)
I want
Like I said, as soon as I blocked the troublesome IP's the problem went
away. Thus, it cannot be a local script. Furthermore,
we are not even running Apache. We are running Tomcat with custom developed
Java apps.
I also ran tcpdump on localhost to see if there was traffic being received
on
Radwa Hamed:
there is an error in mail log file when sending mail to some hotmail
accounts
log file error :
relay=none, delay=0.65, delays=0.45/0.14/0/0.06, dsn=4.4.2,
status=deferred (delivery temporarily suspended: lost connection with
mx2.hotmail.com[65.55.37.104] while sending RCPT
On 2/26/2013 7:52 AM, Eero Volotinen wrote:
Like I said, as soon as I blocked the troublesome IP's the problem went
away. Thus, it cannot be a local script. Furthermore,
we are not even running Apache. We are running Tomcat with custom developed
Java apps.
I also ran tcpdump on localhost to see
On 2/26/2013 4:32 AM, Jamie wrote:
Hi
Earlier today I noticed a spammer using my Postfix server as a relay
to send out spam. This was puzzling because i had all requisite anti
relay host settings applied. Further, it was particularly alarming
that Postfix seemed to be receiving the spam
Sure... the log entries are not altered in any way.
*** /etc/hostname ***
serve.stimulussoft.com
*** /etc/hosts ***
127.0.0.1localhost.localdomain localhost
71.6.200.51serve.stimulussoft.com serve.mailarchiva.com
*** postfix configuration ***
alias_database = hash:/etc/aliases
On 2/26/2013 8:53 AM, Jamie wrote:
On 2013/02/26 3:32 PM, Deeztek.com Support wrote:
On 2/26/2013 7:52 AM, Eero Volotinen wrote:
Like I said, as soon as I blocked the troublesome IP's the problem
went
away. Thus, it cannot be a local script. Furthermore,
we are not even running Apache. We
Noel Jones:
Earlier today I noticed a spammer using my Postfix server as a relay
to send out spam. This was puzzling because i had all requisite anti
relay host settings applied. Further, it was particularly alarming
that Postfix seemed to be receiving the spam messages from localhost
as
I ran chkrootki with clean results.
For kicks: I sent a test email to myself from a web mail client. It
seems connect from localhost.localdomain[127.0.0.1] is outputted under
normal circumstances. Thus, it must be something to do with the way in
which postfix passed mails along to the
Jamie:
For kicks: I sent a test email to myself from a web mail client. It
seems connect from localhost.localdomain[127.0.0.1] is outputted under
normal circumstances. Thus, it must be something to do with the way in
which postfix passed mails along to the antivirus, antispam scaners. I
I have recently updated my DNS server and am observing the traffic from
my mail server to constantly query for names. Some of these names are
frequent requests, for example: zen.spamhaus.org. So I was thinking
that I could benefit from running a namecaching setup on my mail server
platform.
On 2013/02/26 4:59 PM, Deeztek.com Support wrote:
in your /etc/hosts file if you were to change it to the actual
servername.domain.tld of your server, then the log should report the
actual server name vs. localhost.localdomain. I would unblock the IP
address and see if the same thing happens
Am 26.02.2013 15:58, schrieb Robert Moskowitz:
I have recently updated my DNS server and am observing the traffic from my
mail server to constantly query for
names. Some of these names are frequent requests, for example:
zen.spamhaus.org. So I was thinking that I could
benefit from
On 02/26/2013 10:10 AM, Reindl Harald wrote:
Am 26.02.2013 15:58, schrieb Robert Moskowitz:
I have recently updated my DNS server and am observing the traffic from my mail
server to constantly query for
names. Some of these names are frequent requests, for example:
zen.spamhaus.org. So I
On 2/26/2013 8:45 AM, Jamie wrote:
I ran chkrootki with clean results.
For kicks: I sent a test email to myself from a web mail client. It
seems connect from localhost.localdomain[127.0.0.1] is outputted
under normal circumstances. Thus, it must be something to do with
the way in which
On Tue, Feb 26, 2013 at 01:50:34AM +0100, Piotr Rotter wrote:
Can I set postfix to reject empty sender address for authenticated users.
Null-sender must be accepted. There are several occasions where a MUA
may send them, for example DSN mandates its usage sometimes.
RFC 6409 specifies:
| Note
On Tue, Feb 26, 2013 at 09:58:54AM -0500, Robert Moskowitz wrote:
I have recently updated my DNS server and am observing the traffic
from my mail server to constantly query for names. Some of these
names are frequent requests, for example: zen.spamhaus.org. So I
was thinking that I could
On Tue, Feb 26, 2013 at 05:43:45PM +0100, Bastian Blank wrote:
On Tue, Feb 26, 2013 at 01:50:34AM +0100, Piotr Rotter wrote:
Can I set postfix to reject empty sender address for authenticated users.
Null-sender must be accepted. There are several occasions where a MUA
may send them, for
On Tue, Feb 26, 2013 at 02:08:34PM +0200, Radwa Hamed wrote:
there is an error in mail log file when sending mail to some
hotmail accounts
... relay=none, delay=0.65, delays=0.45/0.14/0/0.06, dsn=4.4.2,
status=deferred (delivery temporarily suspended: lost connection
with
On Feb 26, 2013, at 17:51, Viktor Dukhovni postfix-us...@dukhovni.org wrote:
On Tue, Feb 26, 2013 at 09:58:54AM -0500, Robert Moskowitz wrote:
I have recently updated my DNS server and am observing the traffic
from my mail server to constantly query for names. Some of these
names are
On Tue, 26 Feb 2013 17:16:20 +0200
Jamie articulated:
On 2013/02/26 4:59 PM, Deeztek.com Support wrote:
in your /etc/hosts file if you were to change it to the actual
servername.domain.tld of your server, then the log should report
the actual server name vs. localhost.localdomain. I would
I'm running postfix 2.3.3 on Linux. I'd like to send mail to an external
content filter based on the recipient address, which would be injected
back into postfix on port 10027.
My first attempt was check_recipient_access=regexp:/etc/postfix/esa ...
with esa containing:
# Send non-local mail
Rich Bishop:
I'm running postfix 2.3.3 on Linux. I'd like to send mail to an external
content filter based on the recipient address, which would be injected
back into postfix on port 10027.
My first attempt was check_recipient_access=regexp:/etc/postfix/esa ...
with esa containing:
#
Sending out messages through a Postfix server. Delivery is refused for
whatever reason (e.g. recipient does not exist), and then a bounce is
sent by Postfix to a local inbox on that server, as a failure notification.
I'd like to forward that bounce to whatever address is in the Reply-To
field
On 2/26/2013 2:42 PM, Rich Bishop wrote:
I'm running postfix 2.3.3 on Linux. I'd like to send mail to an
external content filter based on the recipient address, which would
be injected back into postfix on port 10027.
This requires multiple postfix instances because the transport_maps
Am 26.02.2013 22:00, schrieb Florin Andrei:
Sending out messages through a Postfix server. Delivery is refused for
whatever reason (e.g. recipient does not
exist), and then a bounce is sent by Postfix to a local inbox on that server,
as a failure notification.
I'd like to forward that
On 02/26/2013 01:07 PM, Reindl Harald wrote:
NO, NO AND NO
SMTP works with envelopes and not with headers and there
are a million reasons to do this - if i send a message
with a reply-to header i expect that i get answers from
HUMAN persons on this address and not bounces
if whatever server
Am 26.02.2013 22:17, schrieb Florin Andrei:
On 02/26/2013 01:07 PM, Reindl Harald wrote:
NO, NO AND NO
SMTP works with envelopes and not with headers and there
are a million reasons to do this - if i send a message
with a reply-to header i expect that i get answers from
HUMAN persons on
Florin Andrei:
Sending out messages through a Postfix server. Delivery is refused for
whatever reason (e.g. recipient does not exist), and then a bounce is
sent by Postfix to a local inbox on that server, as a failure notification.
No. It is sent to the SMTP envelope sender as required by
On 02/26/2013 01:48 PM, Wietse Venema wrote:
Florin Andrei:
Sending out messages through a Postfix server. Delivery is refused for
whatever reason (e.g. recipient does not exist), and then a bounce is
sent by Postfix to a local inbox on that server, as a failure notification.
No. It is sent
Am 27.02.2013 00:10, schrieb Florin Andrei:
On 02/26/2013 01:48 PM, Wietse Venema wrote:
Florin Andrei:
Sending out messages through a Postfix server. Delivery is refused for
whatever reason (e.g. recipient does not exist), and then a bounce is
sent by Postfix to a local inbox on that
Florin Andrei:
On 02/26/2013 01:48 PM, Wietse Venema wrote:
Florin Andrei:
Sending out messages through a Postfix server. Delivery is refused for
whatever reason (e.g. recipient does not exist), and then a bounce is
sent by Postfix to a local inbox on that server, as a failure
On Feb 26, 2013, at 11.51, Viktor Dukhovni postfix-us...@dukhovni.org wrote:
On Tue, Feb 26, 2013 at 09:58:54AM -0500, Robert Moskowitz wrote:
I have recently updated my DNS server and am observing the traffic
from my mail server to constantly query for names. Some of these
names are
On 02/26/2013 08:57 PM, b...@bitrate.net wrote:
On Feb 26, 2013, at 11.51, Viktor Dukhovni postfix-us...@dukhovni.org wrote:
On Tue, Feb 26, 2013 at 09:58:54AM -0500, Robert Moskowitz wrote:
I have recently updated my DNS server and am observing the traffic
from my mail server to constantly
On Tue, Feb 26, 2013 at 08:57:51PM -0500, b...@bitrate.net wrote:
When Postfix support for DANE (RFC 6698) is introduced, there will
be a requirement to operate a local nameserver that is DNSSEC aware
on any machine that wants to take advantage of peer certificate details
published via
45 matches
Mail list logo
