Greetings, Thomas Seilund!
> smtp inet n - n - - smtpd -o
> content_filter=spamfilter -o receive_override_options=no_address_mappings
> spamfilter unix - n n - - pipe
> flags=Rq user=vmail argv=/usr/bin/spamfilter.sh -oi -f
On 28 Feb 2019, at 8:43, Emanuel wrote:
Hello,
due to email accounts compromised by viruses, I have created filters
for the subject of these malicious emails
/^Subject: Your Amazon\.co\.uk order \#[0-9]*$/ DISCARD
Side note: REJECT is a better choice than DISCARD, unless you're doing
On 28/02/2019 22.38, Bill Cole wrote:
On 28 Feb 2019, at 0:55, Thomas Seilund wrote:
On 27/02/2019 23.50, John Fawcett wrote:
On 27/02/2019 17:56, Thomas Seilund wrote:
Hi All,
I run a mail server with Postfix (version 2.6.6), Dovecot and
Spamassassin.
The first time I saw an unexpected
On 28 Feb 2019, at 0:55, Thomas Seilund wrote:
On 27/02/2019 23.50, John Fawcett wrote:
On 27/02/2019 17:56, Thomas Seilund wrote:
Hi All,
I run a mail server with Postfix (version 2.6.6), Dovecot and
Spamassassin.
The first time I saw an unexpected directory in virtual_mailbox_base
what
On Thu, Feb 28, 2019 at 11:56:29AM -0800, Alice Wonder wrote:
> I gather from
> http://www.postfix.org/postconf.5.html#smtp_tls_policy_maps that the
> match: directive really only has application to a policy of secure.
>
> If I read right, it applies to the certificate validation.
Yes, but,
Hello list,
I gather from
http://www.postfix.org/postconf.5.html#smtp_tls_policy_maps that the
match: directive really only has application to a policy of secure.
If I read right, it applies to the certificate validation.
I'm wondering if there is something similar but applies to MX hosts.
Eric Langheinrich:
> I've got postfix setup to pass messages through spam assassin and for some
> virtual domains the messages are then passed through a pipe for processing.
>
> The spamassassin definitions are as follows in master.cf:
>
> smtp inet n - - - -
I've got postfix setup to pass messages through spam assassin and for some
virtual domains the messages are then passed through a pipe for processing.
The spamassassin definitions are as follows in master.cf:
smtp inet n - - - - smtpd
-o
Hi Friends!
I've just installed Mailman 2.1.23 on Debian Stretch, Postfix
3.1.8-0+deb9u1 + Dovecot 2.2.27 (c0f36b0) with "virtual_domains"
"virtual_users" "virtual_aliases" on MySQL, and all seems works fine,
but not tested on production environment again.
I write you for clarification
Admin Beckspaced:
> >
> >>> anyway I was thinking that every incoming message postfix receives will
> >>> get send to postfwd for further inspections?
> >> That depends on where in smtpd_mumble_restrictions
> >> the 'check_policy_service' appears.
> > Hint: show "postconf -n" instead of main.cf
Greetings, Emanuel!
> Oh, my God, as I said before, email accounts are compromised by
> viruses, they use them to send SPAM from my server, in this case they
> use PHP Mailer or any other application to make bulk mail.
So block these accounts until they sort their crap out.
--
On Thu, 28 Feb 2019 at 15:04, Varadi Gabor wrote:
>
> 2019. 02. 28. 15:48 keltezéssel, Emanuel írta:
> > Your Amazon.co.uk order #
>
>
> ^Subject: =?UTF-8?B?WW91ciBBbWF6b24uY28udWsgb3JkZXIgIw/ DISCARD
Or use Spamassassin
Emanuel skrev den 2019-02-28 15:49:
Feb 28 11:32:36 smarthost02-ded postfix/smtpd[519]: D6D24802716B:
client=vps-1578111-x.dattaweb.com[66.97.36.75]
this is not a system user spamming
more help post postconf -n
i stop here
2019. 02. 28. 15:48 keltezéssel, Emanuel írta:
Your Amazon.co.uk order #
^Subject: =?UTF-8?B?WW91ciBBbWF6b24uY28udWsgb3JkZXIgIw/ DISCARD
--
[Varadi Gabor]
Feb 28 11:32:36 smarthost02-ded postfix/smtpd[519]: D6D24802716B:
client=vps-1578111-x.dattaweb.com[66.97.36.75]
Feb 28 11:32:36 smarthost02-ded postfix/cleanup[32709]: D6D24802716B:
warning: header From: =?UTF-8?B?QW1hem9uLmNvLnVr?=
from
vps-1578111-x.dattaweb.com[66.97.36.75];
from=
to=
El 28/2/19 a las 11:41, Benny Pedersen escribió:
Emanuel skrev den 2019-02-28 15:33:
/^Subject: Your Amazon\.co\.uk order \#[0-9]*$/ DISCARD
try this in milter-regex
=?UTF-8?B?WW91ciBBbWF6b24uY28udWsgb3JkZXIgIzM2Njg1MDk2Nw==?=
try do this one in postfix regex
The ID within the
Emanuel skrev den 2019-02-28 15:33:
/^Subject: Your Amazon\.co\.uk order \#[0-9]*$/DISCARD
try this in milter-regex
=?UTF-8?B?WW91ciBBbWF6b24uY28udWsgb3JkZXIgIzM2Njg1MDk2Nw==?=
try do this one in postfix regex
if all fails you will need to learn clamav
Emanuel skrev den 2019-02-28 15:16:
Oh, my God, as I said before, email accounts are compromised by
viruses, they use them to send SPAM from my server, in this case they
use PHP Mailer or any other application to make bulk mail.
if you do not plan to help, do not answer
El 28/2/19 a las 11:11,
The computer or mobile device of my clients are affected by viruses and
their data is stolen and then use their email accounts to send phishing.
I have created filters for the subject of these malicious emails
/^Subject: Your Amazon\.co\.uk order \#[0-9]*$/ DISCARD
Now, I see that these
Oh, my God, as I said before, email accounts are compromised by viruses,
they use them to send SPAM from my server, in this case they use PHP
Mailer or any other application to make bulk mail.
if you do not plan to help, do not answer
El 28/2/19 a las 11:11, Bastian Blank escribió:
You have
On Thu, Feb 28, 2019 at 11:08:46AM -0300, Emanuel wrote:
> From: =?UTF-8?B?QW1hem9uLmNvLnVr?=
>
> Subject: =?UTF-8?B?WW91ciBBbWF6b24uY28udWsgb3JkZXIgIzk3NDg1MzgxMg==?=
> Message-ID: <5a18a03d6412f75876d9ab706b99f5f4@localhost.localdomain>
> X-Mailer: PHPMailer 5.3.5
You have an open
example:
From: =?UTF-8?B?QW1hem9uLmNvLnVr?=
Subject: =?UTF-8?B?WW91ciBBbWF6b24uY28udWsgb3JkZXIgIzk3NDg1MzgxMg==?=
Message-ID: <5a18a03d6412f75876d9ab706b99f5f4@localhost.localdomain>
X-Mailer: PHPMailer 5.3.5
El 28/2/19 a las 11:05, Emanuel escribió:
In these emails not use the domain
In these emails not use the domain "amazon.com" so I need to block by
subject but it is encoded in utf8.
Asunto:
Your Amazon.co.uk order #974853812
De:
Amazon.co.uk
Fecha:
28/2/19 10:53
the from field changes all the time because they falsify it
El 28/2/19 a las 10:55, John Peach escribió:
On 2/28/19 8:51 AM, Emanuel wrote:
it's not what I need thanks.
El 28/2/19 a las 10:45, Bastian Blank escribió:
ou block the users sending them.
It probably is - legitimate Amazon email comes from servers in
amazonses.com - block email purporting to be from Amazon if the server
is not in
it's not what I need thanks.
El 28/2/19 a las 10:45, Bastian Blank escribió:
ou block the users sending them.
--
On Thu, Feb 28, 2019 at 10:43:20AM -0300, Emanuel wrote:
> How can I discard these emails if they are encoded? yes or if I need to
> create a regular expression for the ID in to the subject.
You block the users sending them.
Bastian
--
To live is always desirable.
-- Eleen the
Hello,
due to email accounts compromised by viruses, I have created filters for
the subject of these malicious emails
/^Subject: Your Amazon\.co\.uk order \#[0-9]*$/ DISCARD
Now, I see that these malicious emails keep coming out but they are not
discarded because the subject is encoded
anyway I was thinking that every incoming message postfix receives will
get send to postfwd for further inspections?
That depends on where in smtpd_mumble_restrictions
the 'check_policy_service' appears.
Hint: show "postconf -n" instead of main.cf cut and paste.
Wietse
thanks
Hi Wietse,
you made my day!
That was just the perfect answer after two days of total despair (though I
learned a lot about mail mechanisms and the communication involved ;-)
--
Orm
Am Donnerstag, 28. Februar 2019 13:21 CET, Wietse Venema
schrieb:
> Orm Finnendahl:
> > Hi,
> >
> > after
Wietse Venema:
> Admin Beckspaced:
> > anyway I was thinking that every incoming message postfix receives will
> > get send to postfwd for further inspections?
>
> That depends on where in smtpd_mumble_restrictions
> the 'check_policy_service' appears.
Hint: show "postconf -n" instead of
Orm Finnendahl:
> Hi,
>
> after upgrading my system, sending mails with postfix to a relayhost using
> dovecot for STARTTLS fails (it used to be working for years without problems
> before).
>
> The logs of the relayhost show that a TLS connection gets established and the
> (debian postfix)
Admin Beckspaced:
anyway I was thinking that every incoming message postfix receives will
get send to postfwd for further inspections?
That depends on where in smtpd_mumble_restrictions
the 'check_policy_service' appears.
Wietse
it appears here -> smtpd_end_of_data_restrictions
...
Admin Beckspaced:
> anyway I was thinking that every incoming message postfix receives will
> get send to postfwd for further inspections?
That depends on where in smtpd_mumble_restrictions
the 'check_policy_service' appears.
Wietse
Hi,
after upgrading my system, sending mails with postfix to a relayhost using
dovecot for STARTTLS fails (it used to be working for years without problems
before).
The logs of the relayhost show that a TLS connection gets established and the
(debian postfix) relay server then offers
dear postfix users,
i'm running postfix version 3.2.0 with postscreen, amavis-new, spamassassin.
recently I added postfwd 1.39 as a check policy service.
implementation in main.cf see below at the end of the mail
if you need the output of postconf or master.cf then please let me know ...
I
35 matches
Mail list logo
