On Wed, May 28, 2014 at 10:20:56AM +0530, tejas sarade wrote:
> As per the Postfix documentation
> "
> *smtpd_hard_error_limit (default: normal: 20, overload: 1)*
>
> The maximal number of errors a remote SMTP client is allowed to make
> without delivering mail. The Postfix SMTP server disconnect
Hello,
As per the Postfix documentation
"
*smtpd_hard_error_limit (default: normal: 20, overload: 1)*
The maximal number of errors a remote SMTP client is allowed to make
without delivering mail. The Postfix SMTP server disconnects when the limit
is exceeded. Normally the default limit is 20, but
* Wietse Venema [2014-05-27T17:48:03]
> Ricardo Signes:
> > a. one IP, the same username, many different passwords
> > d. one IP, the same username, the same (wrong) password repeatedly
>
> I suppose that one would log a password hhas, just to be sure.
Yes, something like a truncated h
There are RBLs for domains (aka DBL) that block recent domains (<= 5 or 7
days).
Indeed they need some time after "first-seen". Large RBL providers may rely
on their own old/large database. If the domain is not there, it must be new
(1). If they see multiple queries from different places (reliable)
* James B. Byrne :
> Without going into a lot of detail and without naming names I wish to know if,
> at the time of connection to Postfix, there exists any feasible means of
> determining the registrar used by the connecting domain? As well, I would
> like to know is there any practical means of
Ricardo Signes:
> a. one IP, the same username, many different passwords
> d. one IP, the same username, the same (wrong) password repeatedly
I suppose that one would log a password hhas, just to be sure.
> I definitely understand the point about not wanting to deal with the SASL
> inte
Given the situation, perhaps you could set up a resolver that blocks, or
that's behind a packet filter that blocks, the IPs of the name servers
they're using. That would catch it at the NS lookup, and would be no extra
traffic, unlike whois.
* Wietse Venema [2014-05-27T17:04:32]
> li...@rhsoft.net:
> > the problem ist that postfix has no idea of the SASL internals and should
> > not need to - in case of dovecot i asked a few days ago to log the username
> > because in case of using dovecot as SASL provider that's the only instance
> >
On Tue, May 27, 2014 16:26, Marius Gologan wrote:
>
> Whois should definitely not be implemented in automated systems - read ToS
> of RIPE, ARIN, LACNIC etc.
> A special-made milter that will dig for details during the connection time
> is not applicable.
> A secondary benefit of greylist is IP ro
Am 27.05.2014 23:04, schrieb Wietse Venema:
> li...@rhsoft.net:
>> the problem ist that postfix has no idea of the SASL internals and should
>> not need to - in case of dovecot i asked a few days ago to log the username
>> because in case of using dovecot as SASL provider that's the only instance
li...@rhsoft.net:
> the problem ist that postfix has no idea of the SASL internals and should
> not need to - in case of dovecot i asked a few days ago to log the username
> because in case of using dovecot as SASL provider that's the only instance
> which decodes the input and verify it against th
Am 27.05.2014 22:45, schrieb Ricardo Signes:
> I'm looking for a way to detect and distinguish different kinds of auth
> failures. Right now, I'm feeling a bit stuck by my inability to get all the
> data I'd like in one place at the same time.
>
> Right now, we're using SASL authentication with
Alfredo Saldanha:
> Hi there,
>
> Is possible to create a hash map file with IPs to allow relay in my outbound
> server?
Yes this is possible.
http://www.postfix.org/postconf.5.html#mynetworks.
...You can also specify "/file/name" or "type:table" patterns. A
"/file/name" pattern is replaced by
Hello!
I'm looking for a way to detect and distinguish different kinds of auth
failures. Right now, I'm feeling a bit stuck by my inability to get all the
data I'd like in one place at the same time.
Right now, we're using SASL authentication with pwcheck. pwcheck, of course,
only gets two data
On 05/27/2014 11:33 PM, James B. Byrne wrote:
On Tue, May 27, 2014 15:32, Bennett Todd wrote:
>Two thoughts.
>
>I've received legitimate email from a registrar where I was listed as a
>contact for a domain. If no one uses an email address in your domain to
>register, that's not a problem.
Well y
On Tue, May 27, 2014 15:32, Bennett Todd wrote:
> Two thoughts.
>
> I've received legitimate email from a registrar where I was listed as a
> contact for a domain. If no one uses an email address in your domain to
> register, that's not a problem.
I am attempting to be circumspect with respect to
Whois should definitely not be implemented in automated systems - read ToS
of RIPE, ARIN, LACNIC etc.
A special-made milter that will dig for details during the connection time
is not applicable.
A secondary benefit of greylist is IP rotation. That will provide you an
insight about some networks ,
Am 27.05.2014 21:19, schrieb James B. Byrne:
> Without going into a lot of detail and without naming names I wish to know if,
> at the time of connection to Postfix, there exists any feasible means of
> determining the registrar used by the connecting domain? As well, I would
> like to know is the
Hi there,
Is possible to create a hash map file with IPs to allow relay in my outbound
server?
But I can not use the mynetworks entry to this.
I know that in 2.10 exist smtpd_relay_restrictions, but my version is 2.9.6.
Is there another way?
Thanks.
On 27 May 2014, at 13:19 , James B. Byrne wrote:
> Without going into a lot of detail and without naming names I wish to know if,
> at the time of connection to Postfix, there exists any feasible means of
> determining the registrar used by the connecting domain?
Not really.
Even if you wrote
On Tue, May 27, 2014 at 04:38:31PM -0300, M. Rodrigo Monteiro wrote:
> Hi.
> I wanna know why Postfix is reject mail with temp error (4xx) and not 5xx
> for Relay access denied.
What version of Postfix is this?
> Here is the conf:
Generally, you should post the output of "postconf -n" rather th
2014-05-27 16:43 GMT-03:00 Wietse Venema :
>
> Maybe the SMTP server has soft_bounce turned on.
>
>
# postconf soft_bounce
soft_bounce = no
> Maybe the server has logged a DNS temporary lookup error prior to
> this reject.
>
>
No.
> Wietse
>
M. Rodrigo Monteiro:
> Hi.
> I wanna know why Postfix is reject mail with temp error (4xx) and not 5xx
> for Relay access denied.
>
> Here is the log:
>
> May 27 12:11:34 postfix/smtpd[31197]: NOQUEUE: reject: RCPT from
> mx2.mydomain.com.br[XXX.XXX.XXX.37]: 454 4.7.1 <
Maybe the SMTP serve
James B. Byrne:
> Without going into a lot of detail and without naming names I wish to know if,
> at the time of connection to Postfix, there exists any feasible means of
> determining the registrar used by the connecting domain? As well, I would
Beware, some whois servers enforce rate limits, s
Hi.
I wanna know why Postfix is reject mail with temp error (4xx) and not 5xx
for Relay access denied.
Here is the log:
May 27 12:11:34 postfix/smtpd[31197]: NOQUEUE: reject: RCPT from
mx2.mydomain.com.br[XXX.XXX.XXX.37]: 454 4.7.1 <
return-58306-110-...@otherdomain.com.br>: Relay access den
Two thoughts.
I've received legitimate email from a registrar where I was listed as a contact
for a domain. If no one uses an email address in your domain to register,
that's not a problem.
And second, whois is the way I query to find out about a domain, answers to
questions like who registe
Without going into a lot of detail and without naming names I wish to know if,
at the time of connection to Postfix, there exists any feasible means of
determining the registrar used by the connecting domain? As well, I would
like to know is there any practical means of determining at the time of
Joe Shamblin:
> > Please TURN OFF chroot in master.cf.
> >
> > The master.cf entry should look like this:
> >
> > smtp inet n - n - - smtpd
> >
> > Then do "postfix reload".
> >
> > More information: http://www.postfix.org/DEBUG_README.html#no_chroot
>
> Yes
On May 27, 2014, at 2:38 PM, Wietse Venema wrote:
> Joe Shamblin:
>> I am experiencing an issue where hosts that do not have reverse
>> DNS see an extended delay (45-60 seconds for ssl or non-ssl
>> connections) before they get the initial 220 greeting. Hosts that
>> do have properly registered
Joe Shamblin:
> I am experiencing an issue where hosts that do not have reverse
> DNS see an extended delay (45-60 seconds for ssl or non-ssl
> connections) before they get the initial 220 greeting. Hosts that
> do have properly registered entries get in immediately. I have
> downloaded the source,
Hello,
I am experiencing an issue where hosts that do not have reverse DNS see an
extended delay (45-60 seconds for ssl or non-ssl connections) before they get
the initial 220 greeting. Hosts that do have properly registered entries get in
immediately. I have downloaded the source, and the pro
St?phane MERLE:
> in fact, I use PHPMailer because it can handle the connexion directly in
> SMTP and not with the php mail() function.
>
> if I understood you correctly, what i am doing right now (and since
> about 8 years ...) is wrong. I got this kind of headers (sender domain
> <> return pa
Hi Wietse,
Le 27/05/2014 16:12, Wietse Venema a écrit :
St?phane MERLE:
I use postfix for a while as a "direct" mailer, but I have to setup a
postfix box as relay ... and It look like postfix rewrite the
Return-Path header.
The Return-Path header is READ-ONLY.
Setting the Return-Path header H
On 26 May 2014, at 23:59 , Tom Kinghorn wrote:
> Is it possible to limit port 587 access to users who are known to be
> traveling outside your network (foreign countries)?
You setup port 587 with authenticated submission, which allows only your users
to submit email. It would be very difficult
St?phane MERLE:
> I use postfix for a while as a "direct" mailer, but I have to setup a
> postfix box as relay ... and It look like postfix rewrite the
> Return-Path header.
The Return-Path header is READ-ONLY.
Setting the Return-Path header HAS NO EFFECT.
The Return-Path header shows the ENVE
On Tue, May 27, 2014 at 03:23:02PM +0200, mancyb...@gmail.com wrote:
> Hi I've explained my goal here:
> http://marc.info/?l=postfix-users&m=139932881701528&w=2
If you're trying to capture bounced messages for list maintenance,
you can certainly configure the bounce address (envelope sender of
o
Hi all,
I use postfix for a while as a "direct" mailer, but I have to setup a
postfix box as relay ... and It look like postfix rewrite the
Return-Path header. I use PHPMailer to send the mail to postfix (on an
other port than 25) and postfix make the final delivery (it's working
fine except
Noel Jones:
> Perhaps a simple content_filter will fit your needs better than a
> transport. Or maybe not.
> http://www.postfix.org/FILTER_README.html#simple_filter
mancyb...@gmail.com:
> If you configure the script as a FILTER, instead of a transport_map, you'll
> not be able to catch bounced em
On Tue, 27 May 2014 13:02:20 +
Viktor Dukhovni wrote:
> On Tue, May 27, 2014 at 11:36:46AM +0200, mancyb...@gmail.com wrote:
>
> > Hi Noel, thanks for your suggestion but unfortunately I've already been
> > there.
>
> And yet Noel is right. Transport overrides that direct mail to a
> scri
On Tue, May 27, 2014 at 11:36:46AM +0200, mancyb...@gmail.com wrote:
> Hi Noel, thanks for your suggestion but unfortunately I've already been there.
And yet Noel is right. Transport overrides that direct mail to a
script are NOT compatible with re-injection of the message back
into the same Pos
On Tue, 27 May 2014 06:41:22 -0400 (EDT)
wie...@porcupine.org (Wietse Venema) wrote:
> Noel Jones:
> > Perhaps a simple content_filter will fit your needs better than a
> > transport. Or maybe not.
> > http://www.postfix.org/FILTER_README.html#simple_filter
>
> mancyb...@gmail.com:
> > If you co
Noel Jones:
> Perhaps a simple content_filter will fit your needs better than a
> transport. Or maybe not.
> http://www.postfix.org/FILTER_README.html#simple_filter
mancyb...@gmail.com:
> If you configure the script as a FILTER, instead of a transport_map, you'll
> not be able to catch bounced e
On Mon, 26 May 2014 17:33:52 -0500
Noel Jones wrote:
> On 5/26/2014 6:19 AM, mancyb...@gmail.com wrote:
> > Hi I wrote this script: http://pastebin.com/BZGNDcdn
> > which is configured in postfix in transport_maps like this:
> > emailtocatcherr...@example.com myCustomScript:dummy
> > and is suppo
Am 27.05.2014 07:59, schrieb Tom Kinghorn:
> Is it possible to limit port 587 access to users who are known to be
> traveling outside your network (foreign
> countries)?
>
> We have a user who cannot access port 25 and as such I am looking at the
> submission port, however, do not want to
> ope
44 matches
Mail list logo
