Re: Blocking zip attachments if filesize smaller than xx kbytes

On 1/31/2014 5:38 PM, Thijssen wrote: > Has someone already done this using header_checks? > If so, please post the example you use. > I'm getting fed up with those sneaky bastards trying to convince my > parents to click on their attachments. But still need to allow > incoming .zip attachments if

Blocking zip attachments if filesize smaller than xx kbytes

Has someone already done this using header_checks? If so, please post the example you use. I'm getting fed up with those sneaky bastards trying to convince my parents to click on their attachments. But still need to allow incoming .zip attachments if they're larger than, say, 80 kbytes. Who in the

Re: Problem with postfix pipe a mail

It is true, sometimes you get so many output that it is too difficult to see the big line. I know enough from linux and server environments, but my expertise is not postfix. Sometimes we need a bit help :) 2014-02-01 Viktor Dukhovni [via Postfix] < ml-node+s1071664n64870...@n5.nabble.com>: >

Re: Problem with postfix pipe a mail

On Fri, Jan 31, 2014 at 03:03:47PM -0800, bensjomic1 wrote: > Hello Viktor, > > It was exactly what it did. I disabled the content filter in main.cf what > redirect the mail to amavis and now it works. > If i am correct, already in the settings it go through the amavis filter in > this setting: >

Re: Problem with postfix pipe a mail

Hello Viktor, It was exactly what it did. I disabled the content filter in main.cf what redirect the mail to amavis and now it works. If i am correct, already in the settings it go through the amavis filter in this setting: XXX.XXX.XXX.180:smtp inet n - - - - smtpd -o smtpd_proxy_filter=1

Re: Problem with postfix pipe a mail

On Fri, Jan 31, 2014 at 09:56:21AM -0800, bensjomic1 wrote: > content_filter = smtp-amavis:[127.0.0.1]:10024 So unless explicitly overriden by master.cf, your mail is always sent to amavis on port 10024. > filter-pipeunix - n n - 10 pipe > flags=FX user=vmai

Re: Changing domain name and certificates

On 1/31/2014 1:46 PM, Israel Brewster wrote: > I’ll have to look into that. While I think I can figure it out easily enough > (looks like I would need to override the inet_interfaces and > smtpd_tls_cert/key file directives), is there an example of this sort of > configuration somewhere? > > --

Re: Changing domain name and certificates

I’ll have to look into that. While I think I can figure it out easily enough (looks like I would need to override the inet_interfaces and smtpd_tls_cert/key file directives), is there an example of this sort of configuration somewhere? --- Israel Brews

Re: Changing domain name and certificates

On 1/31/2014 12:59 PM, Israel Brewster wrote: > We are currently in the process of changing our domain name, and > were wondering if there was any way for postfix (and Dovecot, but > that’s a different mailing list) to present different certificates > depending on what domain name users are connect

Re: Changing domain name and certificates

Am 31.01.2014 19:59, schrieb Israel Brewster: > We are currently in the process of changing our domain name, and were > wondering if there was any way for postfix > (and Dovecot, but that’s a different mailing list) to present different > certificates depending on what domain name > users are co

Changing domain name and certificates

We are currently in the process of changing our domain name, and were wondering if there was any way for postfix (and Dovecot, but that’s a different mailing list) to present different certificates depending on what domain name users are connecting with? That is, for a period of time we want users

Re: Problem with postfix pipe a mail

bensjomic1: > Hallo, > > Dit is mijn main.cnf And a s*load of master.cf entries. Can you identify which path the mail loop is taking? Where does mail enter Postfix the first time, what is the first filter, where does mail from that filter come back into Postfix, and so on. Clearly you have eit

Evangelizing DNSSEC and DANE

On Fri, Jan 31, 2014 at 05:00:44PM +0100, Johannes Bauer wrote: > > Then, start planning to deploy DNSSEC for your domains. With care, > > since one must not neglect to automate periodic re-signing of zone > > files either daily or weekly, but in any case often enough to avoid > > RRSIG expiratio

Re: Problem with postfix pipe a mail

Hallo, Dit is mijn main.cnf # See /usr/share/postfix/main.cf.dist for a commented, more complete version # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. #myorigin = /etc/mailname smtpd_banner =

Re: are these 'good and reliable' adls/dynamic pcre rejects?

On 1/31/2014 7:00 AM, li...@rhsoft.net wrote: > > > Am 31.01.2014 13:41, schrieb Larry Stone: >> On Jan 30, 2014, at 10:21 PM, Noel Jones wrote: >> >>> On 1/30/2014 7:17 PM, li...@sbt.net.au wrote: my pre configured Postfix inluded these helo_access.pcre rejects; today, I noticed

Re: behavior about black list

On 1/31/2014 4:44 AM, Pol Hallen wrote: >> Make sure you avoid anything that's likely to get your IP address(es) >> blacklisted: for instance don't send spam or distribute malware. > > sure! > > Jim surely I do what I can... but if a malware goes inside and takes an > account... this become a pro

Re: Configuring SASL PLAIN auth only after STARTTLS

On 31.01.2014 02:22, Viktor Dukhovni wrote: >> You're a genius! Thank you so much, this is exactly what I wanted. >> >> If we ever meet in person, be sure to claim your well-deserved beer :-) > > Instead of buying me a beer, you can pay me back in kind and take > 5-10 minutes to read Section 1.2

Re: reject_unknown_client_hostname seems broken in postfix-2.11.20130710

IMAP List Administration: > Hello List, > > a week or so ago I upgraded my OpenBSD mail server from OpenBSD 5.3 to 5.4, > and > at the same time went from postfix-2.9.6 to postfix-2.11.20130710. > postfix-2.11.20130710 is the OpenBSD 5.4 default package, in case someone is > wondering "why that?"

reject_unknown_client_hostname seems broken in postfix-2.11.20130710

Hello List, a week or so ago I upgraded my OpenBSD mail server from OpenBSD 5.3 to 5.4, and at the same time went from postfix-2.9.6 to postfix-2.11.20130710. postfix-2.11.20130710 is the OpenBSD 5.4 default package, in case someone is wondering "why that?". I've been using "reject_unknown_client

Re: are these 'good and reliable' adls/dynamic pcre rejects?

On Fri, Jan 31, 2014 at 11:00 AM, li...@rhsoft.net wrote: > > > Am 31.01.2014 13:41, schrieb Larry Stone: > > On Jan 30, 2014, at 10:21 PM, Noel Jones wrote: > > > >> On 1/30/2014 7:17 PM, li...@sbt.net.au wrote: > >>> my pre configured Postfix inluded these helo_access.pcre rejects; > >>> > >>>

Re: one Users restriction not to send to one other users

Am 31.01.2014 13:54, schrieb Vishal Agarwal: > Hi, > > I am looking for some solution; so that one particular user is > restricted not to send email to one particular user. > > like if a...@xyz.com can't send messages to > 1...@xyz.com . No To/CC/BCC. r

Re: are these 'good and reliable' adls/dynamic pcre rejects?

Am 31.01.2014 13:41, schrieb Larry Stone: > On Jan 30, 2014, at 10:21 PM, Noel Jones wrote: > >> On 1/30/2014 7:17 PM, li...@sbt.net.au wrote: >>> my pre configured Postfix inluded these helo_access.pcre rejects; >>> >>> today, I noticed an expected email was bounced by one of the >>> pre-confi

Re: one Users restriction not to send to one other users

Hello! A policy daemon can do this, have a look at postfwd (postfwd.org)! On fre 31 jan 2014 13:54:23, Vishal Agarwal wrote: > Hi, > > I am looking for some solution; so that one particular user is > restricted not to send email to one particular user. > > like if a...@xyz.com

one Users restriction not to send to one other users

Hi, I am looking for some solution; so that one particular user is restricted not to send email to one particular user. like if a...@xyz.com can't send messages to 1...@xyz.com. No To/CC/BCC. rest all email should work as it is. Thanks/Regards, Vishal Agarwal

Re: are these 'good and reliable' adls/dynamic pcre rejects?

On Jan 30, 2014, at 10:21 PM, Noel Jones wrote: > On 1/30/2014 7:17 PM, li...@sbt.net.au wrote: >> my pre configured Postfix inluded these helo_access.pcre rejects; >> >> today, I noticed an expected email was bounced by one of the >> pre-configured rules as so: >> >> Jan 31 10:08:01 emu postf

Re: behavior about black list

>do the best you can, to avoid outbound spam, a minimal ever work >solution maybe use clamav-milter with sanesecurity antispam signatures >of course there are additional never ending other solutions thanks -) >search the list archives and sites around postfix amavis and study best >practises avoi

Re: behavior about black list

Am 31.01.2014 12:00, schrieb Pol Hallen: > Hi Robert and thanks for your reply :-) > > I found rblcheck script (debian package) that check if an IP has inside > blacklist > > I need information to how prevent this situation, because when my IP is > inside black list is too late :-/// with common

Re: behavior about black list

Hi Robert and thanks for your reply :-) I found rblcheck script (debian package) that check if an IP has inside blacklist I need information to how prevent this situation, because when my IP is inside black list is too late :-/// thanks! Pol

Re: behavior about black list

> Make sure you avoid anything that's likely to get your IP address(es) > blacklisted: for instance don't send spam or distribute malware. sure! Jim surely I do what I can... but if a malware goes inside and takes an account... this become a problem :-( that account maybe goes inside to black lis

Re: behavior about black list

On 31 Jan 2014, at 10:19, Pol Hallen wrote: > I've fear if a virtual host could go inside a black list, and the result > should be all virtual host become black listed... > > so, what's the better way to escape this situation? Make sure you avoid anything that's likely to get your IP address(es

Re: behavior about black list

Am 31.01.2014 11:19, schrieb Pol Hallen: > Hi all, I've a server with one static IP and many virtual hosts. > > I've fear if a virtual host could go inside a black list, and the result > should be all virtual host become black listed... > > so, what's the better way to escape this situation? > >

behavior about black list

Hi all, I've a server with one static IP and many virtual hosts. I've fear if a virtual host could go inside a black list, and the result should be all virtual host become black listed... so, what's the better way to escape this situation? buy other IPs? but if I've 100 virtual host with same IP