On 25/04/2019 00:21, Wietse Venema wrote:
Mick:
I thought header checks were carried out after all the other smtp
restrictions had passed therefore I didn't see the harm in an 'OK' for a
message header at this stage.
Correct, but the OK action applies only to that header, not the
message
On 24/04/2019 21:51, Bill Cole wrote:
On 24 Apr 2019, at 16:04, Mick wrote:
On 23/04/2019 18:34, Bill Cole wrote:
On 23 Apr 2019, at 11:46, John Peach wrote:
On 4/23/19 11:39 AM, Paul wrote:
Yes I agree with Kevin here, the best solution to this problem is
an spf record set to reject mail
the following main.cf config should not be used ?
header_checks =
pcre:/etc/postfix/header_checks_pass
pcre:/etc/postfix/header_checks_fail
Best wishes,
Mick.
d and then the next input line is
inspected.'
So if the action is executed, goodbye message, but if header checks
continues to check the following lines it will find an OK by List-Id.
I suspect that I will not receive a copy this message, but don't know
for sure. One way to find out {SEND}.
Best wishes,
Mick.
nd grammar seriously
deteriorated.
Best wishes,
Mick.
2)Seccond question :how i can adjust the sender policy to block soft fail SPF?
Thanks you all.
Best Regards.
Christian Schmitz
Info extra 1: LOG: /var/log/mail
connect from mmu.ac.ug[62.75.235.12]
Anonymous TLS connection establ
every time.
Best wishes,
Mick.
and why.
The log entry makes sense now I understand what's going on. Thank you
very much for your explanation and also for pointing me to RCF1870.
Best wishes,
Mick.
On 21/06/2016 03:52, Bill Cole wrote:
On 20 Jun 2016, at 20:54, Mick wrote:
I take it from your response (and noting the
Hi Wietse,
On 21/06/2016 01:21, Wietse Venema wrote:
Mick:
Hi,
While checking the mail log yesterday morning, I noticed that Postfix
didn't log the sender or recipient when it rejected a message due to
exceeding the message_size _limit. I'd be interested to know if this is
the intended
skin P25/smtpd[13887]: disconnect from
mail-it0-x22b.google.com[2607:f8b0:4001:c0b::22b] ehlo=1 mail=0/1
rcpt=0/1 data=0/1 quit=1 commands=2/5
Many thanks,
Mick.
On 26/03/2016 18:54, Scott Kitterman wrote:
On Saturday, March 26, 2016 05:44:45 PM Mick wrote:
Hi Postfix users,
I would like to try and install a later version of Postfix (and
postfix-mysql) than the Debian stable (Jessie) repository currently
offers (2.11.3-1). I've looked at building
route long term. Any suggestions welcomed.
Best wishes,
Mick.
Indeed.
On 27/01/2016 20:45, @lbutlr wrote:
On 27 Jan 2016, at 05:46, Mick <debacle...@rs432.net> wrote:
'nore...@domain.com' needs to exist as a mailbox in order for you to discard
mail to it as far as I can tell.
Obviously not, since Wietse posted:
transport_maps = inl
such an address to an existing mailbox if the
destination accepts mail. I don't reject 'noreply' addresses myself,
but would opt for Wietse's method should I ever feel the need to do
so. Both methods work though.
Mick.
On 27/01/2016 21:03, Wietse Venema wrote:
@lbutlr:
On 27 Jan 2016
hen I try to use it in a To: address field I get the same
response.
'nore...@domain.com' needs to exist as a mailbox in order for you to
discard mail to it as far as I can tell.
Mick
Thanks,
. Thanks Wietse and
Christian for your help.
Best regards,
Mick.
provides plenty.
Best regards,
Mick.
Regards
Christian
Thanks for your advice.
Mick.
Wietse
. Is
there a way to rewrite the message envelope to say HELO using the same
domain used in the from field?
Thanks,
Mick.
On 10/09/2015 21:13, Wietse Venema wrote:
Mick:
Hi,
I'm trialling DMARC to two of my domains. On checking the results when
posting from the secondary domain I receive 'SPF Domain Alignment Result
= FAIL'. I think this is because postfix always says HELO with the
primary domain name, which
? canonical(5)??
I will be pleased to read of any alternatives, if there are any.
Best regards,
Mick.
On 27/08/2015 14:26, Wietse Venema wrote:
Viktor Dukhovni:
On Thu, Aug 27, 2015 at 02:02:36PM +0100, Mick wrote:
Does anyone know if there's a table based way to get
cleanup(8) to rewrite on matching the local alias? canonical(5)??
No. Secure SRS rewriting that does not turn your machine
On 27/08/2015 14:07, Viktor Dukhovni wrote:
On Thu, Aug 27, 2015 at 02:02:36PM +0100, Mick wrote:
At least
one of those schemes re-writes the envelope for every received message which
seems overkill to me.
That's what needs to be done.
Okay. I'm surprised though.
Does anyone know
Thanks for your reply Benny.
On 27/08/2015 20:19, Benny Pedersen wrote:
Mick skrev den 2015-08-27 15:02:
I will be pleased to read of any alternatives, if there are any.
drop sender-id, drop srs
Dropping sender-id? Do you mean leave MAIL FROM: blank or have I got
the wrong end
Does anyone know if there's a way to add a custom perl policy to
Postscreen (tests carried out before the 220 SMTP server greeting)?
It doesn't look as though this is allowed.
Best regards,
Mick.
Wietse Venema wrote:
Mick:
Does anyone know if there's a way to add a custom perl policy to
Postscreen (tests carried out before the 220 SMTP server greeting)?
It doesn't look as though this is allowed.
Indeed. Use postscreen to eliminate *most* spambots as cheaply as possible.
Use
to 'no' meaning a retry for every incoming message that hasn't
passed address verification. It is either that or adding all domain that
use greylisting to the whitelist.
Does anyone know if there's a way to exempt / prevent 471 (or other
temporary reject codes) from being cached?
Thanks,
Mick.
will bear that in mind.
Mick.
Viktor Dukhovni wrote:
On Tue, Mar 17, 2015 at 05:11:33PM +, Mick wrote:
To comply with RFC2142 and always accept mail destined for abuse or
postmaster, the role account exceptions would have to be top of
smtpd_recipient_restrictions, but should I bother to comply with mail
servers
,
reject_non_fqdn_hostname,
reject_invalid_hostname,
#check_helo_access hash:/etc/postfix/helo_checks,
reject_unverified_sender,
check_policy_service unix:private/policy-spf
If anyone has any thoughts on this, they will be gladly received.
Many thanks,
Mick.
Hi Viktor,
Viktor Dukhovni wrote:
On Tue, Mar 10, 2015 at 02:33:08AM +, Mick wrote:
You'd have to look at postfix.org documentation I'm afraid.
One of:
http://www.postfix.org/mysql_table.5.html
That was generally enlightening.
RHS? Royal Horticultural Society
Viktor Dukhovni wrote:
On Mon, Mar 09, 2015 at 04:40:41AM +, Mick wrote:
I would not deploy this policy script. It requires a new Perl
process for each request. That's a rather bad idea. It does not
treat the sender address in a case-insensitive manner.
I hadn't thought
Book. Thanks for
that. A real bonus for sure. While a lot has probably changed or been
added since 2005 I'm sure I will get up a better idea of what is going
on from there.
Thanks Viktor, and good luck P.V.
Mick.
P.V.Anthony wrote:
On 03/08/2015 08:04 PM, Mick wrote:
I'm a noobie to postfix myself but I'll have an educated guess and say
'reject_authenticated_sender_login_mismatch' will REJECT if sender does
not match the sasl_username without any exception. If you want to allow
an sasl_username
P.V.Anthony wrote:
On 03/08/2015 08:04 PM, Mick wrote:
I'm a noobie to postfix myself but I'll have an educated guess and say
'reject_authenticated_sender_login_mismatch' will REJECT if sender does
not match the sasl_username without any exception. If you want to allow
an sasl_username
Darn formatting! I can't read it myself. Gr! Attached as a text
file. Hope attachments are allowed.
Mick.
#!/usr/bin/perl
# sasluser.p
# PERL Script abused by Snakebyte
# version 0.01
$action=action=DUNNO\n\n;
$sender=;
$sasl_username=\n;
#
# SASL users that are allowed to play at God
Viktor Dukhovni wrote:
On Mon, Mar 09, 2015 at 03:36:53AM +, Mick wrote:
Darn formatting! I can't read it myself. Gr! Attached as a text file.
Hope attachments are allowed.
I would not deploy this policy script. It requires a new Perl
process for each request. That's
on the
sasl_username. Do you know how to do this? If you don't, I could post a
simple PERL example tomorrow.
Mick.
otherwise.
Cheers,
Mick.
mail from any of these.
If other accounts are blocked by default, it cuts down the risk of a
compromised pop3 becoming open SMTP. Yeah, I know it won't catch on ;-)
Thanks again,
Mick.
=action=DUNNO\n\n;
if($sasl_username ne \n) {
if ($sasl_username ne $sender) {
$action= action=REJECT Wrong sender\n\n;
}
}
print $action;
...
Thanks for your suggestion,
Mick.
Benning, Markus wrote:
Am 2015-02-27 14:45, schrieb MickTW8:
This issue I have is knowing how to read any
39 matches
Mail list logo
