Re: sorbs.net blacklist too aggressive?

> On 04/10/16 07:02, Sean Greenslade wrote: >> On Mon, Oct 03, 2016 at 01:47:28PM -0400, Fongaboo wrote: >> I personally don't use RBLs as hard blocks. Instead, I have them set up >> in my spam filter (SpamAssassin) with different weights. That way, if >> one particular RBL is acting up, I can

Re: TLD blocking revisited

Block? No. +Score? Yes. But this is the Postfix list, and ... this really belongs elsewhere. > The last time TLD blocking came up, the consensus of the hive was not > to block based on TLD. (You may recall .xyz being used by > Alphabet.) However lately I'm getting a ridiculous number of

Re: newbie department

> FWIW, I rather have the wrong address email address bounce. That and I > don't want to eyeball the catch-all to see if it caught anything useful. Here's the thing. If you have a catch-all address, and something gets delivered to it ... who looks at it and fishes it out and sends it to the

Re: newbie department

> On Thu, 25 Aug 2016 10:31:47 -0700 > li...@lazygranch.com wrote: >> ‎This seems counter intuitive. So I am better off having a catch-all >> account that random emailers will fill up than not having one? "It Depends." Who cares if it's counter-intuitive. It's Observed Behavior. And in this

Re: newbie department

> On 8/25/2016 9:59 AM, Glenn English wrote: >> Why do I get mail to names like dcpczy3foku+gcyvikdnlcei? >> >> They're not a lot of them, but they show up every few days, and I can't >> think why anybody'd do this. At first I thought somebody was trying to >> access their bot, but Postfix

Re: Is it me, or is there a problem elsewhere?

This isn't an ops list, but ... > For over a week now, I have been seeing DNS look-up failures - always > with mailspike, both whitelist and blacklist. It is affecting about > ten percent of my non-whitelisted connections. > > Jul 21 15:10:28 geronimo postfix/dnsblog[27737]: warning:

Re: (Off-topic: who's on the list) was: Is not honoring bounces-to violation of RFC?

> On 6/29/16 3:13 PM, Michael J Wise wrote: > >>> On 6/29/16 2:30 PM, Michael J Wise wrote: >>> >>>>> I will read up on it. Thank you for the link. >>>>> >>>>> Not everyone, I think, who visits this list is an engineer. &g

Re: (Off-topic: who's on the list) was: Is not honoring bounces-to violation of RFC?

> On 6/29/16 2:30 PM, Michael J Wise wrote: > >>> I will read up on it. Thank you for the link. >>> >>> Not everyone, I think, who visits this list is an engineer. >> In that you are mistaken. >> >> Almost everyone who subscribes to this maili

Re: Is not honoring bounces-to violation of RFC?

> I will read up on it. Thank you for the link. > > Not everyone, I think, who visits this list is an engineer. In that you are mistaken. Almost everyone who subscribes to this mailing-list is an engineer. Please re-read that line. This mailing list is for people who need to configure or make

Re: OT: dnsbl.sorbs.net - help explaining to Mozilla list maintainers why outright blocking is bad

SORBS is very good at detecting stale lists, typo domains, and ... abusers using your service. I'd prefer to not use it as a block, but certainly an advice for filtering. If you're the only one using an IP that got listed in SORBS, you need to seriously rethink how often you are mailing your

Re: simple greylisting by geoip? milter or policy server?

> On 6/14/2016 4:06 PM, list...@tutanota.com wrote: >> >> Is there some way to integrate the GeoIP dbs with postscreen? > > No, at least not easily. I would think it would be a Simple Matter of Programming, given a list of the countries and languages you trusted, to generate a list of all the

Re: Decoding base64 emails for content filtering

> On 2016-04-18 16:45, BP20 wrote: >> Does anyone have an idea for how to decode base64 encoded >> emails (Content-Transfer-Encoding: base64) in order to filter the >> content? >> http://www.postfix.org/FILTER_README.html#simple_filter >>

Re: Can this sort of spam be easily and safely blocked in postfix

> Hi, > In the last few weeks I've seen a increase in the number of e-mails with > nasty .doc or .xls files, generally with some sort of invoice supposedly > in them. Can postfix be reliably configured to block them at source. There are a number of techniques that could be deployed against it.

Re: Can this sort of spam be easily and safely blocked in postfix

this blocks many of > them anyway as they seem to be from dynamic IP  > address blocks. Best way would be to NOT block but to mark as spam. That way, the sender can be poked to clean up their act. "IMHO", "YMMV", "VWPBL"

Re: Ignore envelope header

> On Wed, Sep 30, 2015 at 10:46:37AM +, Ciaran Scolard wrote: > >> Is there a way to tell postfix to ignore an envelope header? >> e.g. the TO: field. > > No, because there's no such thing as an "envelope header". Messages > have envelopes, and they have headers, but these are distinct. The

Re: Ownership/Permissions of /var/spool/postfix

During the most recent upgrade I inadvertently altered owner, group, and/or permissions in /var/spool/postfix. I've looked for information in all the README files that seemed applicable but have not found a list of how /var/spool/postfix subdirectories should be set. Please point me to a

Re: Ownership/Permissions of /var/spool/postfix

On Thu, 6 Aug 2015, Michael J Wise wrote: Needs Group Write. Michael, Ah, I should have seen that. See that little s? That's special. Yep. I learned that maildrop and public need to be set gid. It would still be useful to have a complete list of owners, groups, and perms

Re: Problems with incoming mails from outlook.com

[ Bcc'd to a contact Microsoft, who should be able to help get the issue addressed on that end at some point. The problem is a TLS stack at outlook.com that is poorly suited to opportunistic TLS. However, it is possible to work around this in Postfix, mostly by sticking to default

Re: spamhaus - reasons of ban IP

Hi All, This is *NOT* the list for questions about spamfighting in general, and certainly not about Spamhaus in particular. They have a site: http://www.spamhaus.org/ I would like to ask You what could be a reason of ban in Spamhaus. Today morning we have got message from our client that

Re: if it ain't broken...

On Nov 2, 2014, at 12:32 PM, li...@rhsoft.net wrote: Am 02.11.2014 um 21:19 schrieb Wietse Venema: Wietse: Wondering if the list manager has croaked. Nope, it's a quiet day typical admin reaction: what no mail for 2 hours - look if something is down - sorry for not having any troubles or

Re: whois

Anybody on this list run whois on spams? Yes, all the time, but only to get CIDR ranges, not for Abuse addresses. And this ... is *NOT* the list to talk anti-spam techniques. Would like to report sources and spammed domains, but... SpamCop. Aloha mai Nai`a. -- So this is how Liberty dies

Re: whois

Anybody on this list run whois on spams? Yes, all the time, but only to get CIDR ranges, not for Abuse addresses. And this ... is *NOT* the list to talk anti-spam techniques. Would like to report sources and spammed domains, but... SpamCop. Aloha mai Nai`a. -- So this is how Liberty dies

Re: header checks not working

It would be real kind of you if you could put the following into your subject field: If you are going to refer to the GTUBE, best to just cite it by NAME, or include an URL like: http://spamassassin.apache.org/gtube/ Actually including it in a message is ... unwise. Why is left as an

Re: Message reject based on absense of a header(s)

On Feb 18, 2014, at 2:57 PM, Wietse Venema wrote: Noel Jones: A few years ago I tried rejecting messages with no Message-ID. Much to my surprise, there were far more false-positives than actual spam rejected. I doubt the situation has changed much since then, but YMMV. That was my

Re: SORBS SPAM, do I have to bother?

On Jan 13, 2014, at 5:30 AM, Wietse Venema wrote: Roland Pl?ss: I recently noticed SORBS having my IP listed. All other blacklists I'm tracking with MXToolBox and others are fine. I never heard of SORBS nor did I get every any rejection replies due to them. I read though lots of bad reviews

Re: Send mail to hotmail

On Jan 28, 2013, at 8:16 PM, Bill Cole wrote: On 26 Jan 2013, at 11:45, King™ wrote: Dear ML, I added to DNS record following your guide, but when I send email to Hotmail, it still spam in Hotmail. This is fundamentally a problem unrelated to Postfix. It is a problem with

Re: connect from unknown

On Dec 8, 2012, at 9:33 PM, Cameron Smith wrote: Dec 8 21:16:05 vps postfix/smtpd[3930]: warning: hostname vps.abw.co does not resolve to address 199.101.51.160 WHOIS says the domain doesn't exist. That would certainly explain the unknowns. It resolves, although it took a good long while.

Re: no route to host

On Jul 29, 2012, at 1:32 PM, Engin qwert wrote: But the new installation suffers the same problem, I cannot send mail ( no route to host error). That means … that the server is attempting to get to a host IP address that doesn't exist. Somehow, I suspect this isn't as such a Postfix

Re: no route to host

On Jul 29, 2012, at 3:03 PM, Engin qwert wrote: Hello, sorry for sending too many information which may be irrelevant but I want to post anything I think it causes the problem. 220 xn--hadibakalm-5ub ESMTP Postfix powered by Easy Hosting Control Panel (ehcp) on Ubuntu, www.ehcp.net Well,

Re: no route to host

On Jul 29, 2012, at 2:13 PM, Engin qwert wrote: transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf … any from other logs, yer MySQL is pooched in some way. I think I see the problem. I have no idea how to fix it, sorry. Aloha, Michael. -- Please have your Internet License

Re: howto send mail in mailbox to user

On Jun 26, 2012, at 5:37 PM, JonL wrote: G'day all, I have a user mailbox that is full of important mail and I would like to send it to this user. Is there a command line command to do this? the existing user cannot access the mail and I can see there is mail in this mailbox. 1) so

Re: Retaining BCC in Pipe

On Jun 19, 2012, at 1:02 PM, Chris Nagele wrote: I am using Postfix to pipe messages to an external program. Does anyone know how to pipe a single message that retains all recipients, including the BCC? Methinks you are confusing RFC 821 (yeah, I know) commands with the RFC 822 data. Bcc is

Re: Retaining BCC in Pipe

-recipient-in-email-enveloppe On Tue, Jun 19, 2012 at 5:17 PM, Michael J Wise mjw...@kapu.net wrote: On Jun 19, 2012, at 1:02 PM, Chris Nagele wrote: I am using Postfix to pipe messages to an external program. Does anyone know how to pipe a single message that retains all recipients

Re: discard mime to and cc recipients

On May 3, 2012, at 11:23 PM, Bányász Botond wrote: Thank you Wietse this was what i didnt` knew. A custom Policy Daemon might be able to achieve what you seek by inspecting the message's 822 headers, and then rendering a verdict on it. B?ny?sz Botond: I would like to ask? if it`s possible

A question on Verbosity of logging...

I'd like to have all the RFC-821-ish information (ie a record of all the SMTP commands and responses) saved in the logs. Putting the -v flag after the smtpd in the /etc/postfix/master.cf seems to be going a bit far. Aside from experimenting, is there any way that will save just the protocol

Re: best practices for received from header removal?

So what is the best practice in postfix for removing headers before they relay back out into Internet? Don't. Aloha mai Nai`a. -- So this is how Liberty dies ... To Thunderous Applause.

Re: bcc: header

I wasn't aware that I could use multiple RCPT TO: commands to accomplish Bcc. Hence me adding Bcc after the DATA. It's the other way around, actually. Multiple RCPT TO:'s is how Bcc: is done. One has to have a clear understanding of the difference between RFC 822 (the message), and RFC 821

Re: Root privileges

On Jan 30, 2011, at 6:50 PM, Chris Tandiono wrote: On 30 Jan 2011, at 18:46 , Victor Duchovni wrote: On Mon, Jan 31, 2011 at 08:02:28AM +0530, varad gupta wrote: Thanx for all the replies - I now understand the reason for master daemon to run with superuser privileges. They were really

Re: Please Test ... was: FrontBridge RFC 2920 write-up

On Dec 9, 2010, at 2:12 PM, Wietse Venema wrote: Michael, thanks for helping. Most welcome, glad I could help. Just out of curiosity, and because so many back at the ranch are asking... Does anyone know if this problem just surfaced, or has been a latent issue for a long time? How long has

Please Test ... was: FrontBridge RFC 2920 write-up

On Nov 29, 2010, at 11:43 PM, Michael J Wise wrote: On Nov 28, 2010, at 8:18 PM, Victor Duchovni wrote: My current theory is that the issue is FrontBridge specific, and is the result of some firewall or proxy software in front of Microsoft Exchange. An update; I gather there are eyes

Re: Some question about RFC2920 Frontbridge problem

On Dec 1, 2010, at 1:08 AM, lst_ho...@kwsoft.de wrote: BTW: The problem also apply for mail to microsoft.com, not only for frontbridge customer. Check the IP addresses... :) mail.messaging.microsoft.com == mail.global.frontbridge.com, plus a number of others. Aloha, Michael. -- Please have

Re: FrontBridge RFC 2920 write-up

On Nov 28, 2010, at 8:18 PM, Victor Duchovni wrote: My current theory is that the issue is FrontBridge specific, and is the result of some firewall or proxy software in front of Microsoft Exchange. An update; I gather there are eyes on the problem. Aloha, Michael. -- Please have your

Re: Mail.Global.FrontBridge.com

ofFullDisclosure, I work at what was formerly known as BigFish, then Frontbridge, but is now Forefront Online for Office, in the capacity of Knowledge Engineer (Spam Analysis), and among other things help out with abuse and deliverability issues. And also... this discussion really doesn't

Re: Mail.Global.FrontBridge.com

On Nov 26, 2010, at 10:42 PM, Stephen Thorne wrote: On 2010-11-26, Michael J Wise wrote: snipped incorherant email Michael, Here is a very quick description of the issue. Frontbridge advertises that it supports pipelined requests. But it disconnects after the current request is served

Re: Mail.Global.FrontBridge.com

On Nov 26, 2010, at 10:50 PM, Michael J Wise wrote: On Nov 26, 2010, at 10:42 PM, Stephen Thorne wrote: Our only option at this point is to turn off pipelining when talking to frontbridge, because frontbridge's pipelines are broken. This is a terribly negative thing. It would be much better

Re: Outflow spam filtering (?)

On Nov 6, 2010, at 6:14 AM, Ronald F. Guilmette wrote: Hello again friends. Long time no see. No, we were speaking yesterday, as I recall... I've gotten myself into a somewhat heated discussion... Well, yes. ... which seems to be the only kind I get into these days... on another mailing

Re: Outflow spam filtering (?)

On Nov 6, 2010, at 11:47 AM, Stan Hoeppner wrote: I'm guessing your perspective is going to be different that most users on this list, who are, I'm guessing, not ISPs or service providers per se. Yeah. We have about a thousand servers currently doing mail classification. Thus, I'm guessing

Re: Does postfix smtp always log every receipient?

On Jun 15, 2010, at 1:37 PM, Erik Logtenberg wrote: Postfix smtp logs outgoing emails like this: postfix/smtp[13950]: E6DA025473: to=u...@domain.tld, relay=none, delay=4537, delays=4536/0.06/0.53/0, dsn=4.4.1, status=etc... I noticed that when an email has more than one receipient, smtp

Re: [OT] Detecting telnet?

On Jun 10, 2010, at 9:19 PM, Victor Duchovni wrote: On Thu, Jun 10, 2010 at 11:31:49PM +0200, Ralf Hildebrandt wrote: I heard that there are firewalls/security appliances that supposedly can distinguish somebody using telnet from a machine speaking SMTP. I must admit, it sounds feasible

Re: spams from live.com

On Feb 16, 2009, at 12:49 PM, bharathan kailath wrote: hi is there anyway i can prevent spams from live.com with internal filters of postfix Do you have any examples to share? And yes, SpamAssassin would probably be a good thing to read up on. You might want to also look at milter-spamc