I've got since a couple of weeks a rather nasty spam increase ( in fact
massive ). Some jerk sends forged emails to some address [EMAIL PROTECTED] on my
server with the same email address as the receiver ( hence [EMAIL PROTECTED]
receives an email from [EMAIL PROTECTED] ). It's clearly not relay
match,
reject_unauthenticated_sender_login_mismatch,
permit
I added the "reject_unknown_recipient_domain" and "reject_rbl_client
zen.spamhaus.org" lines to no avail. Any ideas what else I could try?
Sturgis, Grant wrote:
> On Sun, 2008-12-07 at 09:51 -0700, Roland Plüss wro
t = 0
virtual_mailbox_maps = ldap:ldapvirtual
virtual_minimum_uid = 500
virtual_uid_maps = static:1100
DJ Lucas wrote:
> Roland Plüss wrote:
>> I read now the thread in the archive and tried to apply the proposed
>> solution. I'm still getting the same amount of spam mails whe
fudged mail and the
mail triggers a postmaster-mail ( which is redirected to [EMAIL PROTECTED]
). But why should it do this? It should only trigger one if you send a
mail to somebody else and there an error happens. I know the person
owning this email and she never used paypal at all so she also nev
I only enclosed the HTML tags in the email body with comment marks. The
logs are unaltered except hidding one email address.
What goes for zen.spamhaus.org... I've got this one in my config... but
it seems to not work ( host not found ).
mouss wrote:
> Roland Plüss a écrit :
>
&g
h a no-pie compiler. With SASL compiled in it also crashes left and
right with a no-pie compiler so I'm somehow forced to find another way
around this problem.
DJ Lucas wrote:
> Roland Plüss wrote:
>> `reject_unauthenticated_sender_login_mismatch' ignored: no SASL support
>>
> so what logs are these? I mean, how were these logs generated?
>
vixie-cron
> if you followed the "mentioned threads", then that mail should have been
> blocked. your sender_access should contain
>
> rptd.ch REJECT not authorized blah blah
>
> do not forget to postmap the file.
> so they are not logs. these are reports.
>
> next time, connect to your server and grab lines from /var/log/maillog
> (or whatever file contains postfix logs). not necessary now.
>
I don't have such a file. All logs go into the one I posted managed by
vixie-cron.
> it really depends on your s
> that check only blocks specific spam: spam that uses an address in your
> domain in the envelope sender (MAIL FROM command). this envelope sender
> is what you see in the Return-Path header in the sample you posted.
>
I tried adding the REJECT line to the "check_sender_access
hash:/etc/postfi
The problem is that it doesn't seem to work neither the way mentioned in
the threads nor adding the dns bypass... I've got again 20 of those same
spam shit in my inbox today. It's going on my nerves. Is there no way to
stop this?
Jan P. Kessler wrote:
> Roland Plüss schrieb:
&
> There is no "dns bypass". I did not tell you to edit /etc/hosts. I told
> you to run the following command:
>
> host 2.0.0.127.zen.spamhaus.org
>
> in short, connect to your postfix server and in the terminal, type the
> line above, hit "ENTER" and see what the system tells you. "host" is
> simi
> Is this the _entire_ output of 'postconf -n'? If not, please show it.
>
alias_database = hash:/etc/mail/aliases
alias_maps = hash:/etc/mail/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/lib64/postfix
data_director
> Something is very odd about that. Your config from main.cf does not
> match your postconf -n results at all. Any chance that you
> inadvertently installed multiple copies of postfix?
Nope
> Was it built by you or provided by your vendor?
Me
> Maybe a second copy in /usr/local?
Nope
> Try 'post
> # grep smtpd_recipient_restrictions main.cf
> If you see two occurences or more, you have redefined it. postfix only
> uses the last.
>
Looks like on of the latest etc-update must have smuggled a line in. A
second such line had been squashed between two sasl lines. No idea how
it got there bu
Charles Marcus wrote:
> On 12/15/2008 3:13 PM, Charles Marcus wrote:
>
# grep smtpd_recipient_restrictions main.cf
If you see two occurences or more, you have redefined it. postfix only
uses the last.
>
>
>>> Looks like on of the latest etc-update must have smug
Charles Marcus wrote:
> On 12/15/2008, Roland Plüss (rol...@rptd.ch) wrote:
>
>>> Oh... and this is why I put all of my customizations for postfix at the
>>> very end of the file, in its own block... then, even if something slips
>>> in above, my custom setti
Since I got Zen and the other spam stuff working things went fine until
one of our road workers tried to send his email from his laptop which is
hooked up on a cheap ISP. This ISP happens to be fully in Zen and he can
not send mails using our mail server. He has to log in using IMAP/TLS to
send the
Sahil Tandon wrote:
> On Jan 12, 2009, at 10:27 AM, Roland Plüss wrote:
>
>> Since I got Zen and the other spam stuff working things went fine until
>> one of our road workers tried to send his email from his laptop which is
>> hooked up on a cheap ISP. This ISP happen
Brian Evans - Postfix List wrote:
> Roland Plüss wrote:
>
>> Sahil Tandon wrote:
>>
>>
>>> On Jan 12, 2009, at 10:27 AM, Roland Plüss wrote:
>>>
>>>
>>>
>>>> Since I got Zen and the other spam stuff w
Bill Cole wrote:
> Roland Plüss wrote, On 1/13/09 9:47 AM:
>>
>> Brian Evans - Postfix List wrote:
> [...]
>>> Gentoo is not the issue, however the different SASL implementations can
>>> be an interesting experiment to get working.
>>> Dovecot SASL i
mouss wrote:
> Roland Plüss a écrit :
>
>> I guess in this case I should once upon time pay Dovecot a visit. I need
>> only auth for SMTP/IMAP. LMTP I don't use so it's not a blocker there.
>>
>>
>
> you apparently didn't get it:
>
A couple of days ago my mail server got attacked by a spammer. As it
looks like he managed to compromise the password of one of the users on
the system and SASL authenticated using the account to send spam. I
blocked the attacking IP and changed the password of the affected user.
Still the spammer
On 01/06/2014 04:32 PM, li...@rhsoft.net wrote:
>
> Am 06.01.2014 16:29, schrieb Robert Schetterer:
>> Am 06.01.2014 16:24, schrieb li...@rhsoft.net:
>>> Am 06.01.2014 16:12, schrieb Roland Plüss:
>>>> A couple of days ago my mail server got attacked by a spammer.
On 01/06/2014 04:32 PM, li...@rhsoft.net wrote:
>
> Am 06.01.2014 16:29, schrieb Robert Schetterer:
>> Am 06.01.2014 16:24, schrieb li...@rhsoft.net:
>>> Am 06.01.2014 16:12, schrieb Roland Plüss:
>>>> A couple of days ago my mail server got attacked by a spammer.
I recently noticed SORBS having my IP listed. All other blacklists I'm
tracking with MXToolBox and others are fine. I never heard of SORBS nor
did I get every any rejection replies due to them. I read though lots of
bad reviews about that blacklist on the net while researching. Delisting
is also im
On 01/13/2014 03:25 PM, The Doctor wrote:
> On Mon, Jan 13, 2014 at 02:10:31PM +0100, Roland Plüss wrote:
>> I recently noticed SORBS having my IP listed. All other blacklists I'm
>> tracking with MXToolBox and others are fine. I never heard of SORBS nor
>> did I get e
26 matches
Mail list logo
