Looks like security scanner.
do you know the type of encoding?
I would like to decode and see the actual commands.
after CONNECT usually TLS negotiation occurs, that may be it.
I don't know if there's any value in knowing that.
thanks
i was just curious :)
Jan 14 01:57:15 cx20 postfi
somoene is trying to use your postfix as http proxy server.
Looks like security scanner.
do you know the type of encoding?
I would like to decode and see the actual commands.
Jan 14 01:57:15 cx20 postfix/submission/smtpd[25120]: improper
command pipelining after CONNECT from
battery.census
dear postfix users,
since the recent SMTP smuggling issue I applied the short term
workaround by setting smtpd_forbid_unauth_pipelining = yes
I also do a daily scan on journalctl with some keywords, e.g. 'pipelining'
the following showed up this morning.
do i need to be worried?
thanks
& gr
Am 14.12.2023 um 14:20 schrieb Wietse Venema via Postfix-users:
As a few on this list may recall, it is 25 years ago today that the
"IBM secure mailer" had its public beta release. This was accompanied
by a nice article in the New York Times business section.
Happy anniversary and thanks Wietse a
would it be as easy to just add the following to main.cf to use the
reommended setting?
smtpd_tls_chain_files =
/etc/dehydrated/certs/mail-beckspaced-com-rsa/privkey.pem
/etc/dehydrated/certs/mail-beckspaced-com-rsa/fullchain.pem
/etc/dehydrated/certs/mail-beckspaced-com-e
Or switch my cert to RSA for better compatibility?
This is my recommendation.
On Sat, Apr 09, 2022 at 11:15:37AM +0200, Josef Vybíhal wrote:
smtpd_tls_cert_file = /etc/postfix/tls/rsa/_.acme.com.rsa.fullchain.pem
smtpd_tls_eccert_file = /etc/postfix/tls/ecc/_.acme.com.ecc.fullchain.pem
smtp
Am 09.04.2022 um 10:06 schrieb Viktor Dukhovni:
On Sat, Apr 09, 2022 at 08:52:54AM +0200, Admin Beckspaced wrote:
Apr 8 09:53:07 cx20 postfix/smtpd[5402]: warning: TLS library problem:
error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared
cipher:ssl/statem/statem_srvr.c
Dear Postfix users,
a client told me they don't receive emails from a specific client.
A look in the mail server logs reveals the following:
Apr 8 09:53:07 cx20 postfix/smtpd[5402]: connect from
mail.euronet-ag.de[195.14.239.4]
Apr 8 09:53:07 cx20 postfix/smtpd[5402]: SSL_accept error from
I use pslogscan for postscreen
https://archive.mgm51.com/sources/pslogscan.html
and pflogsumm for daily mail stats
https://jimsun.linxnet.com/postfix_contrib.html
Am 11.09.2020 um 21:29 schrieb Tamás Gérczei:
I use pflogsumm.
On 9/11/20 9:08 PM, Michael Orlitzky wrote:
On 2020-09-11 14:24,
/20 1:40 AM, @lbutlr wrote:
On 08 May 2020, at 02:54, Admin Beckspaced wrote:
ups ... I think I can answer my own question?
Why is it that the answer mostly comes once the email has been sent ;)
Because if it came before, you wouldn’t sent the message! (90% of the
email questions I write are never
Hi,
The quota warning email is send via Dovecot LDA (https://wiki.dovecot.org/LDA)
This is the command in the shell script:
/usr/lib/dovecot/dovecot-lda -f nore...@beckspaced.com -d $USER -o
"plugin/quota=dict:User quota::noenforcing:proxy::quota"
as you said the dovecot quota warning calls
Am 08.05.2020 um 10:38 schrieb Admin Beckspaced:
Dear postfix users,
I have setup dovecot with quota warning.
The quota warning email is send via Dovecot LDA
(https://wiki.dovecot.org/LDA)
This is the command in the shell script:
/usr/lib/dovecot/dovecot-lda -f nore...@beckspaced.com -d
Dear postfix users,
I have setup dovecot with quota warning.
The quota warning email is send via Dovecot LDA
(https://wiki.dovecot.org/LDA)
This is the command in the shell script:
/usr/lib/dovecot/dovecot-lda -f nore...@beckspaced.com -d $USER -o
"plugin/quota=dict:User quota::noenforcing:
Hi there,
remember having a similar issue with saslauthd and cut off user names.
Postfix doc has the proper info
http://www.postfix.org/SASL_README.html
%u - The name of the user whose properties are being selected.
%r - The name of the realm to which the user belongs. This could be
t
This is not a Postfix problem until you can demonstrate that Postfix
fails to call postfwd.
smtpd_mumble_restrictions names and policy protocol activity are
logged with verbosity level=1. To turn this on selectively:
main.cf:
debug_peer_list = 10.1.2.0/24 10.3.4.0/24 (or whatever the Facebook ou
Admin Beckspaced:
anyway I was thinking that every incoming message postfix receives will
get send to postfwd for further inspections?
That depends on where in smtpd_mumble_restrictions
the 'check_policy_service' appears.
Hint: show "postconf -n" instead of m
anyway I was thinking that every incoming message postfix receives will
get send to postfwd for further inspections?
That depends on where in smtpd_mumble_restrictions
the 'check_policy_service' appears.
Hint: show "postconf -n" instead of main.cf cut and paste.
Wietse
thanks Wietse
Admin Beckspaced:
anyway I was thinking that every incoming message postfix receives will
get send to postfwd for further inspections?
That depends on where in smtpd_mumble_restrictions
the 'check_policy_service' appears.
Wietse
it appears here -> smtpd_end_of_data
dear postfix users,
i'm running postfix version 3.2.0 with postscreen, amavis-new, spamassassin.
recently I added postfwd 1.39 as a check policy service.
implementation in main.cf see below at the end of the mail
if you need the output of postconf or master.cf then please let me know ...
I adde
Am 20.02.2019 um 03:39 schrieb Bill Cole:
On 19 Feb 2019, at 5:56, Admin Beckspaced wrote:
Dear Postfix Users,
just recently the computer of a client got infected with malware and
the email password was compromised.
The bad guys immediately started sending out spam emails via our mail
Thanks Christos,
so I might want to look into rate limits.
Have not looked into rspamd as I'm running postfix with amavis-new and
spamassassin
Is rspamd compatible with amavis-new?
Thanks & greetings
Becki
Am 19.02.2019 um 12:23 schrieb Christos Chatzaras:
We wrote a shell script that runs h
is a somewhat effective mitigating strategy, and as they
say, perfect is the enemy of serviceable.
I'd love to hear how other site admins manage this problem :)
Kind regards,
Daniel
On 19/02/2019 11:56, Admin Beckspaced wrote:
Dear Postfix Users,
just recently the computer of a client got infec
Dear Postfix Users,
just recently the computer of a client got infected with malware and the
email password was compromised.
The bad guys immediately started sending out spam emails via our mail
servers.
We got notified by our monitoring system a bit later ... and fixed things
But lots and l
Am 01-Jan-19 um 17:35 schrieb Bastian Blank:
On Tue, Jan 01, 2019 at 12:17:15PM +0100, Admin Beckspaced wrote:
If amavis-new detects some spam it will add headers like:
based on those tags I would like to send a BCC to my spam collecting
s...@address.com for further inspection and review.
Ask
Hello there,
first, all the best wishes for 2019!
Let it be a good new year for all of us ;)
I'm running a SuSE Box with postfix version 3.2.0
I also do SPAM checking via amavis-new and spamassassin
after the mail passes postscreen it's directed to amavis-new
amavis-new then re-injects the mail
Am 28-Nov-18 um 10:03 schrieb Matus UHLAR - fantomas:
On 27.11.18 10:52, Asai wrote:
With Mozilla recently dropping support for all Symantec certs, our
security
cert now throws errors on Thunderbird clients. We’d like to install
certbot on Centos 6, but I’m not sure if it’s going to interfer
Hello there ;)
I'm looking for a simple, clean & easy logfile analysis tool for postfix
logs.
I'm runing postfix 3.2 on an opensuse box
I found a listing here: http://www.postfix.org/addon.html#logfile
already had a look at mailgraph as it looked promising with the
graphical charts.
but wh
On 11.09.2017 10:59, Gary wrote:
As you know, letsencrypt certs can be automatically updated. However,
you need to reload/restart Postfix/Dovecot to use the new cert. My
email client insisted I had an expired cert. I couldn't download or
send email. (Fortunately I'm on a test domain, getting r
On 01.09.2017 14:09, Matus UHLAR - fantomas wrote:
On 01.09.17 10:37, Admin Beckspaced wrote:
but let's say I do a fail2ban restart on one of the servers lots of
fail2ban notify emails will get send via the relayhost
resulting in the relayhost throttling down the other server
whi
Dear postfix community,
I got a few servers all running postfix 2.11.x
Then I got my main mail server and all other servers use this as relayhost.
authentication to relayhost is done via sasl auth and all is working
fine and as expected ;)
but let's say I do a fail2ban restart on one of the s
On 20.02.2017 17:54, Viktor Dukhovni wrote:
On Feb 20, 2017, at 4:31 AM, Admin Beckspaced wrote:
I always had the impression that an OK will skip all further tests in any
restrictions lists following.
I now added in smtpd_recipient_restrictions before the RBL checks
check_sender_access
On 20.02.2017 09:35, Dominic Raferd wrote:
On 20 February 2017 at 07:58, Admin Beckspaced <mailto:ad...@beckspaced.com>> wrote:
Dear Postfix users,
First a belated BIG THANK YOU to Wietse and his 20 years of
Postfix. You're awesome!
Second:
I'm runn
Dear Postfix users,
First a belated BIG THANK YOU to Wietse and his 20 years of Postfix.
You're awesome!
Second:
I'm running Postfix version 2.11.6 and have setup an access map of
sender email addresses
someu...@somedomain.com OK
then doing a postmap on the access map and in the main.cf I
postfix does not provide pop3 & imap!
have a look at the Dovecot (your pop3 & imap service) SSL configuration
as pointed in the tutorial:
http://wiki2.dovecot.org/SSL/DovecotConfiguration
greetings
Becki
On 11.02.2017 08:25, dan...@msw.it wrote:
Hi friends,
Following the Workaround tutoria
On 15.01.2017 07:39, Noel Jones wrote:
On 1/14/2017 2:40 AM, Admin Beckspaced wrote:
All other MTA's don't seem to have any problems with TLS / STARTTLS.
What can I do to fix this problem? Let the other MTA know that they
got an issue with their TLS setup?
Thanks & greetings
B
On 14.01.2017 14:03, Christian Kivalo wrote:
You could set smtpd_tls_loglevel = 1 and get some more information on the next
connection attempt.
Without knowing more details i'd say you have no cipher in common, that could
be when you're dealing with an ancient version of exchange or some crap
Dear postfix users,
I'm running Postfix version 2.11.6 on an OpenSUSE 42.1 box and all is
running sweet & fine ;)
Except a customer calls me that he can't receive emails from one of his
partners.
After looking for the partner email I found those log entries:
2017-01-14T00:31:28.312121+01:00 cx2
Am 13.09.2016 um 14:22 schrieb Antoine Nguyen:
On 13/09/2016 12:43, Wietse Venema wrote:
Antoine Nguyen:
On 12/09/2016 17:04, Wietse Venema wrote:
Just for test, what happens when you do:
(this is what Postfix daemons use by default)
LC_ALL=C postmap -q rat?.com mysql:/etc/postfix/sql
Am 25.06.2016 um 21:44 schrieb Christian Schmitz (list):
El Miércoles 22 Junio 2016, Admin Beckspaced escribió:
Am 22.06.2016 um 15:32 schrieb Christian Schmitz (list):
Hi:
I have a postfix running on opensuse LEAP42.1. This distro have journal
as default logging system, i really dislike
Am 22.06.2016 um 15:32 schrieb Christian Schmitz (list):
Hi:
I have a postfix running on opensuse LEAP42.1. This distro have journal as
default logging system, i really dislike this system and i want that postfix
create their own "/var/log/mail-postfix" file.
Is possible?
If yes, How i can do it
Am 01.06.2016 um 13:41 schrieb Wietse Venema:
Admin Beckspaced:
i had a similar issue a while back ago when switching to new servers.
the new servers supported the IPv6 protocol and as far as i remember
IPv6 is always preferred before IPv4.
my problem was a missing IP reverse DNS entry for the
Am 31.05.2016 um 21:03 schrieb A. Schulze:
Am 31.05.2016 um 19:09 schrieb Johannes Bauer:
Hello list,
I know this is a bit off-topic, but I'm not sure if I misconfigured
Postfix to result in this: Just today, an email of mine was rejected due
to SPF reasons:
host mx-ha03.web.de[212.227.15
42 matches
Mail list logo
