pypolicyd-spf installed and working. Studying the postscreen docs now...
--
Phil Stracchino
Babylon Communications
ph...@caerllewys.net
p...@co.ordinate.org
Landline: 603.293.8485
On 07/13/16 11:34, Bill Cole wrote:
> On 13 Jul 2016, at 9:50, Phil Stracchino wrote:
>> One thing I USED to do back when I was running an OpenBSD firewall box
>> was reject incoming connections to port 25 from Windows hosts. Any
>> legitimate mail coming directly from a Windows machine would fall
> > I can make up any variable name I want and assign a value to
> > it main.cf, and then reference its value in main.cf and master.cf?
>
> Yes.
>
> --
> Viktor.
Ah. That is indeed powerful.
And now I understand your suggested solution, Viktor. It even solves a
problem I didn't mentio
On 2016-07-13 19:47, Michael Fox wrote:
Are you saying I can make up any variable name I want and assign a
value to
it main.cf, and then reference its value in main.cf and master.cf?
indeed yes
Hi Robert :-)
> Am 13.07.2016 um 17:51 schrieb Robert Schetterer :
>
> Am 13.07.2016 um 15:45 schrieb Christian Rößner:
>> Hi,
>>
>> I developed a S/MIME signing milter that can be used with Postfix. It
>> features a simple map file, where you can define email addresses and
>> corresponding ce
On Wed, Jul 13, 2016 at 10:47:37AM -0700, Michael Fox wrote:
> I can make up any variable name I want and assign a value to
> it main.cf, and then reference its value in main.cf and master.cf?
Yes.
--
Viktor.
> > But looking at http://www.postfix.org/postconf.5.html, I don't find
> > mua_discard_ehlo_keyword_address_maps or mua_sender_restrictions. Are
> > those
> > literal names? Where can I find documentation?
>
> trick here is that we only ask for postconf -n, this will not display
> postconf -Mf
On 2016-07-13 18:45, Michael Fox wrote:
But looking at http://www.postfix.org/postconf.5.html, I don't find
mua_discard_ehlo_keyword_address_maps or mua_sender_restrictions. Are
those
literal names? Where can I find documentation?
trick here is that we only ask for postconf -n, this will n
> > So, I'm thinking I need three submission ports:
> > * one for AUTH but no TLS
> > * one for AUTH with opportunistic TLS
> > * one for AUTH with enforced TLS
>
> You can combine these into just one service by using:
>
> main.cf:
> mua_discard_ehlo_keyword_address_maps =
> cidr:${conf
Am 13.07.2016 um 15:45 schrieb Christian Rößner:
> Hi,
>
> I developed a S/MIME signing milter that can be used with Postfix. It
> features a simple map file, where you can define email addresses and
> corresponding certs/keys. If a mail arrives, the milter checks the MAIL FROM
> address and lo
On 13 Jul 2016, at 9:50, Phil Stracchino wrote:
On 07/13/16 01:52, Bill Cole wrote:
On 12 Jul 2016, at 15:44, Phil Stracchino wrote:
[...]
One thing I USED to do back when I was running an OpenBSD firewall box
was reject incoming connections to port 25 from Windows hosts. Any
legitimate mail
Hi guys,
I want to rewrite envelope and header address(From and To).
e.g. : abc@sample.local > 123@sample.local
123@sample.local > abc@sample.local
123 is new address for other campany, and abc original address.
I want hide original address.
I used this commands.
sender_canoni
> On Jul 13, 2016, at 10:33 AM, Viktor Dukhovni
> wrote:
>
>tlsclient.cidr:
> 192.0.2.0/24 DUNNO
> 0.0.0.0 reject_plaintext_session
That would be 0.0.0.0/0 of course.
--
Viktor.
> On Jul 13, 2016, at 2:27 AM, Michael Fox wrote:
>
> So, I'm thinking I need three submission ports:
> * one for AUTH but no TLS
> * one for AUTH with opportunistic TLS
> * one for AUTH with enforced TLS
You can combine these into just one service by using:
main.cf:
mua_di
> Am 13.07.2016 um 16:16 schrieb Benny Pedersen :
>
> On 2016-07-13 16:08, Christian Rößner wrote:
>
>>> I tested it on Mac OS X and Gentoo Linux. Readmes and Man-pages are
>>> included. Feel free to give it a try:
>>> https://signing-milter.org (Thanks to Andreas Schulze for the home)
>>> Code
On 2016-07-13 16:08, Christian Rößner wrote:
I tested it on Mac OS X and Gentoo Linux. Readmes and Man-pages are
included. Feel free to give it a try:
https://signing-milter.org (Thanks to Andreas Schulze for the home)
Code: https://github.com/croessner/sigh
I forgot: The name "sigh" is an ide
I think I know where is my problem.
In the /etc/postfix/transport I have this configuration
mydomain.com relay:relay.server.local
* discard
To discard some specified E-mail address I used this settings:
smtpd_recipient_restriction
> I developed a S/MIME signing milter that can be used with Postfix. It
> features a simple map file, where you can define email addresses and
> corresponding certs/keys. If a mail arrives, the milter checks the MAIL FROM
> address and looks up the map file. If it finds a record, it signs the ma
On 13 Jul 2016, at 2:54, li...@lazygranch.com wrote:
Hopefully this won't be interpreted as thread hijacking, but can
you elaborate of this?
---
reject_rbl_client zen.spamhaus.org=127.0.0.2,
reject_rbl_client zen.spamhaus.org=127.0.0.3,
reject_rbl_client zen.spamhaus.org=127.0.0.4,
reject_
On 07/13/16 01:52, Bill Cole wrote:
> On 12 Jul 2016, at 15:44, Phil Stracchino wrote:
>> I'm trying to. :)
>
> Well, the choices for how to do that are many. Probably the simplest way
> to do it is with a "policy daemon" and the pypolicyd-spf implementation
> is the purest up-to-date SPF enfor
Hi,
I developed a S/MIME signing milter that can be used with Postfix. It features
a simple map file, where you can define email addresses and corresponding
certs/keys. If a mail arrives, the milter checks the MAIL FROM address and
looks up the map file. If it finds a record, it signs the mail
Zalezny Niezalezny:
> If I will put this to my transport file:
>
> supp...@mydomain.com discard
> mydomain.com relay:relay.server.local
> * discard
>
> It will not work.
That is insufficient information. Include "postconf -
Hallo Wietse,
in my /etc/postfix/transport I have this
mydomain.com relay:relay.server.local
* discard
This configuration accept all E-mails addressed to @mydomain.com.
If I will put this to my transport file:
supp...@mydomain.com discard
mydomain.com
On 2016-07-13 11:56, L.P.H. van Belle wrote:
here your have an bind log example, WITH lame server logging.
Adjust where needed.
logging {
channel default_log {
file "/var/log/named/named.log" versions 9 size 1M;
print-time yes;
print-seve
Zalezny Niezalezny:
> Dear Colleagues,
>
> in our test app environment we are using real e-mail addresses to test.
> Each test application sending to our test relay server some e-mails. On
> that machine we are filtering all incoming E-mails from our test
> environment.
>
>
> - we are accepting
here your have an bind log example, WITH lame server logging.
Adjust where needed.
Just enable only lameserver logging.
Set all to null and enable lameserver logging.
No performance drop.
logging {
channel bind_log {
file "/var/log/bind/bind.log" versions 3 size 1m;
On 2016-07-13 11:41, L.P.H. van Belle wrote:
recommend using your own DNS servers when doing DNSBL queries to
Spamhaus.
using ::1 here i dont trust others
I no lame servers in my bind logs.
The set below is running over 1 year now, without any problems.
bind9 default dont log lame-servers,
Then stop using google dns or other dns servers
that block dns request to rbl servers.
Source : https://www.spamhaus.org/faq/section/DNSBL%20Usage
Check what DNS resolvers you are using: If you are using a free "open DNS
resolver" service such as the Google Public DNS or large cloud/outsourc
On 2016-07-13 08:54, li...@lazygranch.com wrote:
So I gather some element of "zen" are not to your liking? That is, if
you didn't specify the return codes, zen would do all of the above and
more.
each of them can hit independly, eq some ips is listed multiplaces
so postscreen score would not
On 2016-07-13 08:55, L.P.H. van Belle wrote:
A good combination of rbl lists with postscreen im using.
postscreen_dnsbl_threshold=4
postscreen_dnsbl_sites =
b.barracudacentral.org*4
bad.psky.me*4
zen.spamhaus.org*4
dnsbl.cobion.com*2
bl.spameatingmonkey.ne
Dear Colleagues,
in our test app environment we are using real e-mail addresses to test.
Each test application sending to our test relay server some e-mails. On
that machine we are filtering all incoming E-mails from our test
environment.
- we are accepting E-mails addressed to our internal doma
31 matches
Mail list logo
