From: Robert Fitzpatrick rob...@webtent.org
To: Postfix postfix-users@postfix.org
Sent: Monday, January 16, 2012 1:12 PM
Subject: Spamcop listed gmail?
Perhaps this is not the place for this, I didn't find a mailing list on
the spamcop site and just looking to see if this is experienced by
Have not seen a discussion of this lately, I'd like to hear pros of disallowing
said spoofing. It appears it's allowed in the SMTP standard. So, are there
reasons to not allow it?
I have seen people use this is a number of seemingly reasonable ways. I'd
rather not argue about that part. I'd
From: Wietse Venema wie...@porcupine.org
To: Postfix users postfix-users@postfix.org
Sent: Sunday, December 18, 2011 6:46 PM
Subject: Re: Best Practice for (not)allowing spoofed MAIL FROM addresses
For most users, spoofing is about email with their address in the
From: header, coming from an
From: Wietse Venema wie...@porcupine.org
To: Postfix users postfix-users@postfix.org
Sent: Sunday, December 18, 2011 5:40 PM
Subject: Re: Best Practice for (not)allowing spoofed MAIL FROM addresses
Steve Fatula:
Have not seen a discussion of this lately, I'd like to hear pros
of disallowing
From: Stan Hoeppner s...@hardwarefreak.com
To: postfix-users@postfix.org
Sent: Sunday, December 18, 2011 9:28 PM
Subject: Re: Best Practice for (not)allowing spoofed MAIL FROM addresses
So to make this crystal clear, you are asking if your users should be
allowed to SUBMIT mail for RELAY
From: Steve stev...@gmx.net
To: postfix-users@postfix.org
Sent: Sunday, December 4, 2011 4:59 AM
Subject: Re: OT: Yahoo spam load (was: Dead Destination configuration)
I wish there was a chart for spam sent FROM yahoo. 99% of our spam comes
from yahoo (that gets through postscreen).
From: Lima Union limaun...@gmail.com
To:
Cc: Postfix users postfix-users@postfix.org
Sent: Monday, December 5, 2011 8:02 AM
Subject: Re: OT: Yahoo spam load (was: Dead Destination configuration)
I'm having the same problem here, a lot of spam comming from YAHOO mail system.
I didn't know
From: Wietse Venema wie...@porcupine.org
To: postfix-users@postfix.org
Sent: Friday, December 2, 2011 8:42 AM
Subject: OT: Yahoo spam load (was: Dead Destination configuration)
To get some idea of Yahoo spam load (and keyword trends) see
http://visualize.yahoo.com/ and click the green buttons.
From: Murray S. Kucherawy m...@cloudmark.com
To: Steve Fatula compconsult...@yahoo.com; simon.brere...@buongiorno.com
simon.brere...@buongiorno.com; postfix users postfix-users@postfix.org
Sent: Tuesday, November 15, 2011 3:19 PM
Subject: RE: reject_non_fqdn_helo_hostname usefulness, safety
This check says that the RFC requires a fully qualified hostname for HELO. Most
internet searches show this to be a safe check that shouldn't really kill any
real mail. Lately, noticed no ebay mail was coming through, looked through the
logs and see entires like:
Nov 9 20:30:58 host2
From: Jeroen Geilman jer...@adaptr.nl
To: postfix-users@postfix.org
Sent: Thursday, November 10, 2011 6:13 PM
Subject: Re: reject_non_fqdn_helo_hostname usefulness, safety
I have seen it too, on bulk mailer software (as ebay's probably is), but my
logs from the past 6 weeks do not contain a
From: Simon Brereton simon.brere...@buongiorno.com
To: postfix users postfix-users@postfix.org
Sent: Thursday, November 10, 2011 9:26 PM
Subject: Re: reject_non_fqdn_helo_hostname usefulness, safety
Write them a note with the RFC I say. Standards are no good if you
let yours slip because it's
So my obvious question to the list is - Can I get amavis to explicity add a
header with the SPF validity, and if not, can I do this with policyd? And if
not, and I must install postfix-policyd-spf-python or postfix-policyd-spf-perl
which do you recommend and why?
Can't help you with Amavis,
Marko Weber:
Hello,
is it possible to rate the amount of sent mails per user?
Goal is: each mail user should not be possible to send more then 10.000
mails each day.
And is it possible to set per user (mailaccount) ?
Another good one is mailfromd, it can not only do the rate limiting,
- Original Message -
From: Marek Salwerowicz marek_...@wp.pl
To: postfix-users@postfix.org
Cc:
Sent: Monday, September 19, 2011 12:07 PM
Subject: Blacklists for you MTA
I am wondering what rbl's are you using to prevent your MTAs against spam?
Since one month I have benn
My initial thought was to save my existing config, then use webmin to build a
config and compare the two. if they are miles apart then drop the idea.
Part of my reasoning here is that I am getting old and I need to farm out
some
of my work, most of the people that I have been asked to
- Original Message -
From: /dev/rob0 r...@gmx.co.uk
To: postfix-users@postfix.org
Cc:
Sent: Friday, August 26, 2011 8:24 AM
Subject: Re: postscreen stats
I'm going to disagree, slightly, with Stan and Wietse. The DNSBL
scoring feature was formerly only available via a policy
- Original Message -
From: Patrick Ben Koetter p...@state-of-mind.de
To: postfix-users@postfix.org
Cc:
Sent: Tuesday, August 23, 2011 9:33 AM
Subject: Re: postscreen stats
I disabled greylisting since I started using postscreen and the spam ratio did
not increase, but the
- Original Message -
From: Ray Davis ray-li...@carpe.net
To: Christian Roessner c...@roessner-network-solutions.com
Cc: postfix-users@postfix.org
Sent: Friday, August 19, 2011 8:59 AM
Subject: Re: Intermittent User unknown
This is a Mac OS X Snow Leopard Server with no postfix
Sounded easy (and probably is), but, don't see it. I know I can add
header_checks and have a rule in it to ignore a header, which is what I want to
do. Specifically, the header that is added by reinjection after an after queue
content filter that shows received from localhost.
header_checks is
- Original Message -
From: Steve Fatula compconsult...@yahoo.com
To: Postfix Users postfix-users@postfix.org
Cc:
Sent: Wednesday, August 17, 2011 6:18 PM
Subject: Remove header on reinjection
Sounded easy (and probably is), but, don't see it. I know I can add
header_checks
- Original Message -
From: Wietse Venema wie...@porcupine.org
To: Postfix users postfix-users@postfix.org
Cc:
Sent: Sunday, August 14, 2011 3:32 PM
Subject: Re: Outbound mail rate limits by user
A more serious issue is that _destination_rate_delay is per-destination
not
- Original Message -
From: Wietse Venema wie...@porcupine.org
To: Postfix users postfix-users@postfix.org
Cc:
Sent: Monday, August 15, 2011 9:00 AM
Subject: Re: Outbound mail rate limits by user
In the case of single-recipient email, this can be done with delays
on the Postfix
What is the best way to disable locally submitted email (via sendmail binary,
mail, etc.), BUT, still allow cron and such tools to work and be able to send
local mail?
You can't set authorized_submit_users, as, that means cron jobs run as users
won't send the mail as they don't have
- Original Message -
From: Jeroen Geilman jer...@adaptr.nl
To: postfix-users@postfix.org
Cc:
Sent: Sunday, August 14, 2011 5:14 AM
Subject: Re: Best way to not allow locally submitted email
You're stating contradictory requirements - you cannot AND allow scripts to
use
to one message per second.
Steve Fatula:
Won't this mean I would need a separate class for every sender? And
if I have 1,000 senders (which I do)? No matter what MTA you use, it will
need to know a) how many the
sender has sent and b) what the limit for that sender is.
Therefore, some per
This seems to have been discussed before, but, I have a small twist. On a
system I am working on, there are many users. These users can send mail via
some email client or webmail, and, via command line programs (sendmail) or PHP,
mailing list program, etc. I need to be able to limit outbound
From: Wietse Venema wie...@porcupine.org
To: Postfix users postfix-users@postfix.org
Cc:
Sent: Saturday, August 13, 2011 2:40 PM
Subject: Re: Outbound mail rate limits by user
Steve Fatula:
This seems to have been discussed before, but, I have a small
twist. On a system I am working
Using Postfix 2.8.4, I have the following options to smtpd:
-o content_filter=dspam:unix:/var/dspam/dspam.sock -o
smtpd_milters=unix:/var/run/clamav/clamav-milter.sock,unix:/var/run/opendkim/opendkim.sock,unix:/usr/local/var/milter-greylist/milter-greylist.sock
Reading the postfix doc, it says
From: Wietse Venema wie...@porcupine.org
To: Postfix users postfix-users@postfix.org
Cc:
Sent: Wednesday, August 10, 2011 12:03 PM
Subject: Re: Order of milter execution
In the sendmail implementation, milters operate in order specifically
so that filters later in the chain see the
almost half a year after the above message introducing postscreen
and the idea of using a low-priority MX on the same host to raise
the entry barrier for the postscreen whitelist, I would like to ping
back to the thread with the following question:
Has anyone found out how to make this work in
Yes, I do realize the more added to postscreen, the slower it gets, etc.
However, one function that would seem to fit perfectly if it's not too slow
would be spf and dkim checks. SPF we are doing via a milter, and, seems to be
fast. Yes, it's DNS records, but, postscreen already does much worse
Postfix architecture aside, I think this is bad advice, at least about DKIM.
The premises are false.
Care to elaborate? Clearly, this is not possible to do in postscreen sort of
making this moot, but, SPF spec says to reject messages that have status fail.
DKIM says you MAY, and, several
I see some previous posts regarding this - just my 2 cents worth. There mig=
ht be multiple triggers for the penalty time, but, one I'd like to see woul=
d be just like postscreen_dnsbl_threshold, perhaps postscreen_dnsbl_penalty=
_threshold. In this way, I might want a score of 3 to trigger
Let me try rephrasing this so hopefully someone who understand how the so
called advanced content filter can take a quick gander and let me know. By
advanced content filter, I mean this: http://www.postfix.org/FILTER_README.html
So, here is my current setup from master.cf:
smtp inet n
As specified on the http://www.postfix.org/FILTER_README.html page.
So, here is my current setup from master.cf:
smtpinetn - n - - smtpd -o
content_filter=dspam:unix:/var/dspam/dspam.sock
dspam unix- - n - - lmtp -o
Having read quite a few of the messages in this list about bounces, I really
didn't find any (though they may be there) related to preventing bounces for
resource limits, and other unpredictable and strange occurrences. That is my
question, NOT bad recipient, etc. Yes, I know bounces and
My opinion is if you correctly reject -- not bounce --
spam/virus/bad recipient email, that takes care of 95%+ of the
problem bounces, and is a good practice minimum standard.
Agreed, and I do.
I guess then that I should change the after queue SPAM content filter to use
the
advanced method
Is this a true statement. If a message is sent to postfix via smtp, in the
message headers will ALWAYS be at least one header of the form:
Received: from...
I believe this to be the case, which means the only messages without that are
the locally sent emails. Wouldn't that be true?
Is this a true statement. If a message is sent to postfix via smtp, in the
message headers will ALWAYS be at least one header of the form:
Received: from...
I believe this to be the case, which means the only messages without that
are the locally sent emails. Wouldn't that be true?
Yes,
I use postfix and spamassassin, and I have no problem. I don't rewrite
headers. I don't whitelist senders. ... etc.
It is likely you are not aware of the problem I am speaking of then as
Spamassassin does NOT recognize locally sent mail the way it should, it uses
a test called NO_RELAYS for
If you do not want to process local mail via SpamAssassin then don't
send locally submitted mail to SpamAssassin.
Precisely, and the question was how to recognize locally submitted mail vs
other mail given that we had to process on delivery via procmail, and, each
user can have different
For postfix mail sent from cron, or other sendmail command line mail, sent to a
local user on the same server, I am getting the following received header:
Received: by host112.mydomain.com (Postfix, from userid 0) id 4A8E114B8104;
Tue, 15 Sep 2009 03:53:19 -0500 (CDT)
That is the ONLY received
Why? What problem are you trying to solve.
if you inist, force it to go to smtpd by using a content_filter in the
pickup service in master.cf.
The problem to be solved is that various filters we use, spamassassin, dcc,
etc., use the receive from header in order to use whitelists and such
Your concept is b0rken. Received headers can be forged just as well as
any other header.
Not in my case. That is already accounted for. But irrelevant since that was
not the question.
If you want to whitelist by sending MTA, why don't you just whitelist
those MTAs via a check_sender_access or
45 matches
Mail list logo