Sebastian Wiesinger via Postfix-users wrote
> Thanks Peter but I will never ever, as long as I live, use anything
> connected to UCEProtect.
+1
Regards,
Michael
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email t
* Peter via Postfix-users [2023-05-03 07:45]:
> On 28/04/23 03:59, Sebastian Wiesinger via Postfix-users wrote:
> > Hi everyone,
> >
> > I'm not sure if I'm missing something but I can't find out why my
> > body_checks doesn't catch all the
May 3, 2023 at 4:26 PM, "Matus UHLAR - fantomas via Postfix-users"
wrote:
>
> >
> > >
> > > On 28/04/23 03:59, Sebastian Wiesinger via Postfix-users wrote:
> > > > I'm not sure if I'm missing something but I can't find out w
On 28/04/23 03:59, Sebastian Wiesinger via Postfix-users wrote:
> I'm not sure if I'm missing something but I can't find out why my
> body_checks doesn't catch all the backscatter I'm getting right now.
May 3, 2023 at 1:43 PM, "Peter via Postfix-users&quo
On 3/05/23 17:51, Ken Peng via Postfix-users wrote:
But anybody can use our (even setup correctly) mailserver as backscatter source?
Not if you configure postfix properly.
Peter
___
Postfix-users mailing list -- postfix-users@postfix.org
To
May 3, 2023 at 1:43 PM, "Peter via Postfix-users"
wrote:
>
> On 28/04/23 03:59, Sebastian Wiesinger via Postfix-users wrote:
>
> >
> > Hi everyone,
> > I'm not sure if I'm missing something but I can't find out why my
> > body_chec
On 28/04/23 03:59, Sebastian Wiesinger via Postfix-users wrote:
Hi everyone,
I'm not sure if I'm missing something but I can't find out why my
body_checks doesn't catch all the backscatter I'm getting right now.
Oh yuck.
I've found that the best way to blo
On 27.04.23 17:59, Sebastian Wiesinger via Postfix-users wrote:
I'm not sure if I'm missing something but I can't find out why my
body_checks doesn't catch all the backscatter I'm getting right now.
I've it configured like this:
root@alita:/etc/postfix# postc
* Sebastian Wiesinger [2023-04-27 17:59]:
> root@alita:/etc/postfix# postmap -q - regexp:/etc/postfix/body_checks.pcre
> Message-ID:
> reject SPAM backscatter with forged domain name in Message-ID header
And of course I ran into my own filter when I got the mail back
Hi everyone,
I'm not sure if I'm missing something but I can't find out why my
body_checks doesn't catch all the backscatter I'm getting right now.
I've it configured like this:
root@alita:/etc/postfix# postconf -n body_checks
body_checks = pcre:$config_directory
On Mon, Jun 27, 2022 at 02:15:18PM -0700, Derek B. Noonburg wrote:
> > If you can convince the user to surrender the alias management to you,
> > then you instead configure:
> >
> >
> > owner-user: user
> > user: some.a...@gmail.com
> >
> > And presto magic, email to gmail will be forwa
gt;> has a .forward file that points to a gmail address. Gmail's servers
>>> are rejecting some email for various causes ("low reputation of
>>> sending domain", SPF failures).
>>>
>>> The problem is that postfix then bounces the email back to the
;s servers
> > are rejecting some email for various causes ("low reputation of
> > sending domain", SPF failures).
> >
> > The problem is that postfix then bounces the email back to the
> > (likely forged) sender, which means my server is sending
> > b
On 23.06.22 14:43, Derek B. Noonburg wrote:
I'm running postfix to handle email for several users. One of them
has a .forward file that points to a gmail address. Gmail's servers
are rejecting some email for various causes ("low reputation of
sending domain", SPF failures).
one of tricks is i
On Fri, Jun 24, 2022 at 09:48:20AM -0400, Wietse Venema wrote:
> > If you can convince the user to surrender the alias management to you,
> > then you instead configure:
> >
> > owner-user: user
> > user: some.a...@gmail.com
> >
> > And presto magic, email to gmail will be forwarded with
or various causes ("low reputation of
> > sending domain", SPF failures).
> >
> > The problem is that postfix then bounces the email back to the (likely
> > forged) sender, which means my server is sending backscatter.
> >
> > What I'd like to do
Yes. And that might occur for both validly spam messages as well as
invalidly non-spam messages.
> The problem is that postfix then bounces the email back to the (likely
> forged) sender, which means my server is sending backscatter.
In the case of validly rejected spam.
> What I'
f
> sending domain", SPF failures).
>
> The problem is that postfix then bounces the email back to the (likely
> forged) sender, which means my server is sending backscatter.
>
> What I'd like to do is silently drop any email that's rejected by the
> target of
The problem is that postfix then bounces the email back to the (likely
forged) sender, which means my server is sending backscatter.
Does that then become forwardscatter? :)
--
Phil Stracchino
Babylon Communications
ph...@caerllewys.net
p...@co.ordinate.org
Landline: +1.6
he email back to the (likely
forged) sender, which means my server is sending backscatter.
What I'd like to do is silently drop any email that's rejected by the
target of a .forward file. Is there some way to configure postfix to
do that? Or some better way of handling this problem?
Th
pd_recipient_restrictions (because I didn’t have that set)
>> but because it had to in order to deliver local messages. When I switched
>> to LMTP that was no longer the case. Postfix now thought it was possible
>> to deliver to non-existent users, and that’s what
users, and that’s what resulted in the
backscatter.
it MAY still be possible to set up postfix to read local recipients from
database dovecot uses.
Look at local_recipient_maps directive if it's possible, depends on your
dovecot setup.
reject_unverified_recipient requires verifying each rec
rs, and that’s what resulted in the backscatter.
Now I understand why the conventional wisdom is not to run your own email
server :-)
Thanks to all who responded!
rg
On 11.07.21 23:26, Ron Garret wrote:
This has me wondering: if a message is sent to multiple recipients and some
are valid and others are not, what is the Right Thing to do?
The right thing is to refuse all non-existing recipients, which postfix does
by default if it knows what addresses exist.
Thanks, that was very helpful.
This has me wondering: if a message is sent to multiple recipients and some are
valid and others are not, what is the Right Thing to do?
rg
P.S. Just FYI:
> I'm not sure what the problem is with Postfix and sqlite
See
http://postfix.1071664.n5.nabble.com/What-i
On 7/11/21 3:46 PM, Ron Garret wrote:
Ah. That may be my problem then. I’m using Dovecot via LMTP for local
delivery. I thought that postfix would receive information about non-existent
users via that protocol, but I guess it doesn’t and ends up just accepting
everything.
So… is dovecot ac
On 2021-07-11 at 15:46:45 UTC-0400 (Sun, 11 Jul 2021 12:46:45 -0700)
Ron Garret
is rumored to have said:
On Jul 11, 2021, at 12:22 PM, Matus UHLAR - fantomas
wrote:
The problem is that a rejected recipient produces a mailer-daemon
reply.
only if you accept mail for such recipient.
Ah.
Ron Garret:
[ Charset windows-1252 converted... ]
>
> On Jul 11, 2021, at 12:22 PM, Matus UHLAR - fantomas
> wrote:
>
> >
> >> The problem is that a rejected recipient produces a mailer-daemon reply.
> >
> > only if you accept mail for such recipient.
>
> Ah. That may be my problem then. I
Hi,
I thought that postfix would receive information about non-existent users via
that protocol, but I guess it doesn’t and ends up just accepting everything.
These are two different things:
1. postfix gets the e-mail from the internet via smtp and puts in his
queue. From this point on post
On Jul 11, 2021, at 12:22 PM, Matus UHLAR - fantomas wrote:
>
>> The problem is that a rejected recipient produces a mailer-daemon reply.
>
> only if you accept mail for such recipient.
Ah. That may be my problem then. I’m using Dovecot via LMTP for local
delivery. I thought that postfix
Ron Garret:
I have recently come under a backscatter spam attack from one
specific domain. This domain has blacklisted my server?s IP
address, and so bounce replies sent to this domain are piling up
in my mail queue and I have to go through periodically and manually
delete them. I don?t want
Hi,
The problem is that a rejected recipient produces a mailer-daemon reply.
You need to get rid of them.
My approach is to reject them in smtp dialogue. I generate a list of
valid recipient addresses by script automatically and use this (hashed)
list in smtpd_recipient_restrictions:
See http://www.postfix.org/DEBUG_README.html#mail, which describes how
best to get useful help here.
Actual log excerpts, sample messages related to that logging, and
'postconf -n' output would help a great deal in understanding your
problem.
In general, you only can fully fix b
Yes, I looked at that, but AFAICT that is all about blocking INBOUND
backscatter spam, not stopping outbound messages.
On Jul 11, 2021, at 10:15 AM, Kevin N. wrote:
> This might help: http://www.postfix.org/BACKSCATTER_README.html
>
> Cheers,
>
> K.
>
>
>>
On Jul 11, 2021, at 10:12 AM, Wietse Venema wrote:
> Ron Garret:
> [ Charset windows-1252 converted... ]
>>
>> On Jul 11, 2021, at 9:58 AM, Wietse Venema wrote:
>>
>>> Ron Garret:
>>>> I have recently come under a backscatter spam attack fr
This might help: http://www.postfix.org/BACKSCATTER_README.html
Cheers,
K.
On Jul 11, 2021, at 9:58 AM, Wietse Venema wrote:
Ron Garret:
I have recently come under a backscatter spam attack from one
specific domain. This domain has blacklisted my server?s IP
address, and so bounce
Ron Garret:
[ Charset windows-1252 converted... ]
>
> On Jul 11, 2021, at 9:58 AM, Wietse Venema wrote:
>
> > Ron Garret:
> >> I have recently come under a backscatter spam attack from one
> >> specific domain. This domain has blacklisted my server?s IP
> &g
On Jul 11, 2021, at 9:58 AM, Wietse Venema wrote:
> Ron Garret:
>> I have recently come under a backscatter spam attack from one
>> specific domain. This domain has blacklisted my server?s IP
>> address, and so bounce replies sent to this domain are piling up
>> in
Ron Garret:
> I have recently come under a backscatter spam attack from one
> specific domain. This domain has blacklisted my server?s IP
> address, and so bounce replies sent to this domain are piling up
> in my mail queue and I have to go through periodically and manually
> dele
I have recently come under a backscatter spam attack from one specific domain.
This domain has blacklisted my server’s IP address, and so bounce replies sent
to this domain are piling up in my mail queue and I have to go through
periodically and manually delete them. I don’t want to disable
On 18.04.21 07:55, li...@lazygranch.com wrote:
I need to learn postscreen eventually for other spammers.
mostly bots, but thanks to dnsbl scoring, spammers too.
The thing with fail2ban or the similar sshguard is I have a huge block
list for the webserver. It has been my experience that these
On Sun, 18 Apr 2021 21:29:26 +1200
Nick Tait wrote:
> On 18/04/21 7:32 pm, li...@lazygranch.com wrote:
> > And so it goes. I suppose if this really bugs me I can block the
> > server in firewalld. I've yet to see it actually deliver mail. Or
> > complain to the data center.
> > https://servero
On 18/04/21 7:32 pm, li...@lazygranch.com wrote:
And so it goes. I suppose if this really bugs me I can block the server
in firewalld. I've yet to see it actually deliver mail. Or complain to
the data center.
https://serveroffer.lt
Firewalling is definitely the best solution to the problem you'
On Sat, 17 Apr 2021 18:25:47 -0400 (EDT)
Wietse Venema wrote:
> li...@lazygranch.com:
> > > You should enable SASL auth in master.cf NOT main.cf, and ONLY for
> > > a service that needs SASL auth.
> > >
> > > Otherwise you're turning it on for the server-to-server port (25)
> > > where it is
On 2021-04-18 00:25, Wietse Venema wrote:
Even with SASL turned off you will see that some bots try SASL auth.
But with SASL turned they can't use this to verify passwords.
http://www.postfix.org/SASL_README.html
it could imho be dokumented not to make it global in this howto / manual
google
li...@lazygranch.com:
> > You should enable SASL auth in master.cf NOT main.cf, and ONLY for
> > a service that needs SASL auth.
> >
> > Otherwise you're turning it on for the server-to-server port (25)
> > where it is not doing any good.
> >
> > Wietse
> >
>
> OK now it makes sense to comm
On Sat, 17 Apr 2021 17:03:51 -0400 (EDT)
Wietse Venema wrote:
> li...@lazygranch.com:
> > I do have "smtpd_sasl_auth_enable = yes" and I use port 587. Before
> > I comment out that line, here is the general area of my main.cf
> > dealing with sasl. I cut out my rbls but otherwise this is what
li...@lazygranch.com:
> I do have "smtpd_sasl_auth_enable = yes" and I use port 587. Before I
> comment out that line, here is the general area of my main.cf dealing
> with sasl. I cut out my rbls but otherwise this is what I use. Any other
> problems?
You should enable SASL auth in master.cf NOT
On Sat, 17 Apr 2021 14:35:37 +0200
Benny Pedersen wrote:
> On 2021-04-17 09:58, li...@lazygranch.com wrote:
> > I am getting a lot of these:
> >
> > Apr 17 07:27:10 mydomain postfix/smtpd[21897]: connect from
> > mone183.secundiarourous.com[141.98.10.183]
> > Apr 17 07:27:11 mydomain postfix/
Hello,
On Sat, 17 Apr 2021, Francesc Peñalvez wrote:
Is it possible to identify which password smtp is trying to use? if so I
would like to know how
With dovecot, you can set:
auth_verbose = yes
auth_verbose_passwords = plain
When I'm bored, I run:
#!/bin/sh
grep "given password: " /v
On Sat, Apr 17, 2021, Wietse Venema wrote:
> Francesc Pe?alvez:
> > Is it possible to identify which password smtp is trying to use? if so I
> > would like to know how
This seems to be a common request hence several people submitted
patches for sendmail to identify at least the account:
8.16.1/
li...@lazygranch.com:
> Apr 17 07:27:11 mydomain postfix/smtpd[21897]: disconnect from
> mone183.secundiarourous.com[141.98.10.183] ehlo=1 auth=0/1 quit=1 commands=2/3
Wietse:
> They send quit after sending EHLO and AUTH (which failed). I use
> the regexp "auth=./" to identify password-guessing b
Is it possible to identify which password smtp is trying to use? if so I
would like to know how
El 17/04/2021 a las 14:13, Wietse Venema escribió:
li...@lazygranch.com:
I am getting a lot of these:
Apr 17 07:27:10 mydomain postfix/smtpd[21897]: connect from
mone183.secundiarourous.com[141.98
On 2021-04-17 09:58, li...@lazygranch.com wrote:
I am getting a lot of these:
Apr 17 07:27:10 mydomain postfix/smtpd[21897]: connect from
mone183.secundiarourous.com[141.98.10.183]
Apr 17 07:27:11 mydomain postfix/smtpd[21897]: disconnect from
mone183.secundiarourous.com[141.98.10.183] ehlo=1 au
li...@lazygranch.com:
> I am getting a lot of these:
>
> Apr 17 07:27:10 mydomain postfix/smtpd[21897]: connect from
> mone183.secundiarourous.com[141.98.10.183]
> Apr 17 07:27:11 mydomain postfix/smtpd[21897]: disconnect from
> mone183.secundiarourous.com[141.98.10.183] ehlo=1 auth=0/1 quit=1 c
I am getting a lot of these:
Apr 17 07:27:10 mydomain postfix/smtpd[21897]: connect from
mone183.secundiarourous.com[141.98.10.183]
Apr 17 07:27:11 mydomain postfix/smtpd[21897]: disconnect from
mone183.secundiarourous.com[141.98.10.183] ehlo=1 auth=0/1 quit=1 commands=2/3
Googling mone183.secu
On 20/03/2021 18:52, Rahul Dhesi wrote:
On Sat, 20 Mar 2021, Dominic Raferd wrote:
You may find my script helpful:
https://www.timedicer.co.uk/programs/help/relay-enforcer.sh.php
Looks very interesting, thanks. I ran 'shellcheck' on it and saw many
scary warnings; highly recommended to revis
On Sat, 20 Mar 2021, Dominic Raferd wrote:
You may find my script helpful:
https://www.timedicer.co.uk/programs/help/relay-enforcer.sh.php
Looks very interesting, thanks. I ran 'shellcheck' on it and saw many
scary warnings; highly recommended to revise the code to fix all of them.
Rahul
On 20/03/2021 01:53, Rahul Dhesi wrote:
On Fri, 19 Mar 2021, Wietse Venema wrote:
See examples in:
http://www.postfix.org/postconf.5.html#default_delivery_status_filter
(this was originally designed to turn soft TLS errors into hard ones).
Thanks, that is a vey nice feature I did not know abo
On Fri, 19 Mar 2021, Wietse Venema wrote:
See examples in:
http://www.postfix.org/postconf.5.html#default_delivery_status_filter
(this was originally designed to turn soft TLS errors into hard ones).
Thanks, that is a vey nice feature I did not know about.
I should mention that my strategy of
Rahul Dhesi:
> There is a second problem for which the fix is not so elegant. If Gmail
> detects spam but returns a temporary error, the spam will remain in the
> queue until its lifetime expires. The only way I found of dealing with
> this is to run a cron job that does 'mailq', finds Gmail spa
A fix that I recently applied for a backscatter problem.
Gmail is the example used below, but the problem and solution are not
Gmail-specific.
The problem: Spam arrives for a user, gets past spam filter, is forwarded
by receiving user to their Gmail address, gets a permanent rejection from
Thanks guys in the mean time I found the way to do it by trial and error
and works OK now
On 2/2/21 8:12 PM, Viktor Dukhovni wrote:
On Tue, Feb 02, 2021 at 12:27:40PM +0200, George Papas wrote:
# Do not indent the patterns between "if" and "endif".
if /^[> ]*Received:/
/^[> ]*Received: +from
On Tue, Feb 02, 2021 at 12:27:40PM +0200, George Papas wrote:
> # Do not indent the patterns between "if" and "endif".
> if /^[> ]*Received:/
> /^[> ]*Received: +from +ip53\.ip-139-99-176\.net /
> reject forged sender name in Received: header: $1
> endif
The above syntax is wrong. The "reject ..
t; accounts but
>
> I cant find out how to stop bombing my server with backscatter mails
> from all over .
>
> I tried to implement body_checks using the following :
>
>
> my main.cf :
>
> header_checks = regexp:/etc/postfix/header_checks
> body_checks = pcre:/e
erver with backscatter mails
from all over .
I tried to implement body_checks using the following :
my main.cf :
header_checks = regexp:/etc/postfix/header_checks
body_checks = pcre:/etc/postfix/body_checks
body_checks :
# Do not indent the patterns between "if" and "endif&
nt email, it
> > accepts it anyways because it doesn't have the list of valid email
> > addresses> In other words, I'm generating backscatter and I want to avoid
> > it.
> >
> >One solution could be to never return a mail delivery notification for
>
alid email addresses>
>In other words, I'm generating backscatter and I want to avoid it.
>
>One solution could be to never return a mail delivery notification for
> external email, but I think that's not recommended, isn't it?
Right, that's a terrible idea th
Hello everyone,
I have a postfix server (with amavis and clamav) that receives emails for
other domains. When it gets a mail for a non-existent email, it accepts it
anyways because it doesn't have the list of valid email addresses.
In other words, I'm generating backscatter
Hi,
Am 20.05.2018 um 16:40 schrieb Wietse Venema:
[...]
> Indeed. With Postfix 2.4 and later, both the virtual(5) and
> canonical(5) manpages document that wildcard address mappings will
> break adress validation.
>
Yes i read that but as said was surprised that this included lookups to
the very
equinox:
> Re-reading the documentation over and over again i yesterday realized
> that a simple non-regexp table containing
>
>
> @example.com@example.org
> ...
>
>
> does suffice to do the same thing. However the problem i'm having stays
> the same.
Indeed. With Postfix 2.4 and later, bo
this:
/^(.*)@example\.com$/${1}@example.org
/^foo@example\.org$/ f...@some-other-domain.org
/^bar@example\.org$/ bar@external-domain.something
This worked just fine but, for some reason only now, i realized this
makes @example.com a backscatter spam source.
Re-reading the documentation over and
f. If something goes wrong you will see it, but no
backscatter is going out.
In case of valid bounces (never really happens here) you need to inform
the sender manually.
Note that myuser should not be used otherwise or you will also get any
other bounces, not only the forwards.
Ther
this is exactly what causes backscatter.
Don't accept mail to non-existent recipients. If you really must accept it
(why?), don't forward it, especially not to gmail.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertisi
Hi Noel,
>> On Oct 30, 2017, at 6:42 PM, Noel Jones wrote:
>>
>> On 10/30/2017 5:07 PM, J Doe wrote:
>>
>> How do I stop backscatter generated from my server in response to the
>> bounces from Gmail ?
>
> This is a very difficult problem to solve. Y
On 10/30/2017 5:07 PM, J Doe wrote:
>
> How do I stop backscatter generated from my server in response to the bounces
> from Gmail ?
>
This is a very difficult problem to solve. Your choices are a)
don't accept spam, or b) don't forward to gmail.
There may be inform
; the origin address of the spam. Of course, as some of those addresses are
>> forged, my server is producing backscatter.
>
>
> Your mail server must have a list of valid recipients and reject
> mail to unknown recipients. Where to list the valid recipients
> dep
n addresses sometimes
> comes into my server that is addressed to virtual domain addresses. My
> server rejects some of this spam and then generates a non-delivery e-mail to
> the origin address of the spam. Of course, as some of those addresses are
> forged, my server is producing bac
domain addresses. My server
rejects some of this spam and then generates a non-delivery e-mail to the
origin address of the spam. Of course, as some of those addresses are forged,
my server is producing backscatter.
I read the “Backscatter Howto” [1] on the Postfix website, but from what I read
On 01 Oct 2017, at 09:59, Matus UHLAR - fantomas wrote:
> a little searching says it's correct:
>
> https://www.mail-archive.com/postfix-users@postfix.org/msg25973.html
Excellent! Thanks for researching that.
--
Apple broke AppleScripting signatures in Mail.app, so no random signatures.
On 01 Oct 2017, at 08:50, Matus UHLAR - fantomas wrote:
2. their sender addresses should be validated with smtpd_reject_unlisted_sender
On 01.10.17 09:22, @lbutlr wrote:
Do Address delimiters have an issue with this? I thought they did.
I thought that's exactly what address delimiters are f
On 01 Oct 2017, at 08:50, Matus UHLAR - fantomas wrote:
> 2. their sender addresses should be validated with
> smtpd_reject_unlisted_sender
Do Address delimiters have an issue with this? I thought they did.
That is, u...@example.com sends and email "from" user+delimi...@example.com and
smtpd_r
On 27.09.17 13:49, J Doe wrote:
1. From what I understand, “backscatter” refers to e-mails such as
non-delivery reports being sent back to the originator of a spam message.
As the originator is often a forged address, the non-delivery reports is
essentially junk data. Would this be a correct
postfix client sasl auth to gmail pr user
> >
> > if not want all that problems drop forwards
>
> Hi,
>
> Thanks for your reply Benny. Does anyone else have any advice
> regarding backscatter on a virtual domain Postfix setup ?
Yes. Just do not forward spam.
Wietse
ards
Hi,
Thanks for your reply Benny. Does anyone else have any advice regarding
backscatter on a virtual domain Postfix setup ?
Thanks,
- J
J Doe skrev den 2017-09-27 22:20:
[snip]
Is there a way to achieve this or as you noted, are whitelists to be
avoided ? If whitelists are to be avoided what is the best practice
for handling this scenario ?
why not add example.org on google apps mx ? :=)
if useers not wanting your mailserver
> On Sep 27, 2017, at 2:08 PM, Benny Pedersen wrote:
>
> J Doe skrev den 2017-09-27 19:49:
>
>> I recently configured Postfix 3.1.0 on a low-volume, Internet facing
>> server. Mail operations are normal, but I had two questions regarding
>> backscatter.
J Doe skrev den 2017-09-27 19:49:
I recently configured Postfix 3.1.0 on a low-volume, Internet facing
server. Mail operations are normal, but I had two questions regarding
backscatter.
...
1. From what I understand, “backscatter” refers to e-mails such as
non-delivery reports being sent
Hello,
I recently configured Postfix 3.1.0 on a low-volume, Internet facing server.
Mail operations are normal, but I had two questions regarding backscatter.
1. From what I understand, “backscatter” refers to e-mails such as non-delivery
reports being sent back to the originator of a spam
d you
feed him for a lifetime.
--
View this message in context:
http://postfix.1071664.n5.nabble.com/Prevent-Backscatter-tp88359p88413.html
Sent from the Postfix Users mailing list archive at Nabble.com.
Postfix User:
> Postfix User wrote
> > I am trying to reject instead of sending bounce message back when email
> > arrives to non existing account at domains hosted by my server.
>
> Anyone having similar problem, check_recipient_access map fixed my problem
That is bad advice that covers up a bad
u WHERE u.username='%u' AND u.domain='%d' AND u.active='1';
--
View this message in context:
http://postfix.1071664.n5.nabble.com/Prevent-Backscatter-tp88359p88404.html
Sent from the Postfix Users mailing list archive at Nabble.com.
ias_domains.cf
virtual_alias_domains.cf
query = SELECT u.domain FROM users u WHERE u.username='%u'
AND u.domain='%d' AND u.active='1';
--
View this message in context:
http://postfix.1071664.n5.nabble.com/Prevent-Backscatter-tp88359p88391.html
Sent fr
if authenticated user is not the
same with the from address )
Fromremote address
To local address
Action OK
Not authenticated sender
Fromany
To local address
Action OK
Fromremote address
To remote
Wietse Venema:
> Postfix User:
> > smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated,
> > reject_unauth_destination
>
> This will be an open relay if all your SMTP mail is logged with the
> same client IP address, i.e. your SMTP mail comes from some box
> that is in mynetwork
only trusted people that have direct
access to the server or authenticated webmail users can send from localhost
--
View this message in context:
http://postfix.1071664.n5.nabble.com/Prevent-Backscatter-tp88359p88388.html
Sent from the Postfix Users mailing list archive at Nabble.com.
Postfix User:
> smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated,
> reject_unauth_destination
This will be an open relay if all your SMTP mail is logged with the
same client IP address, i.e. your SMTP mail comes from some box
that is in mynetworks, and Postfix never sees the
ly, and I set
relay_domains to empty.
At the moment all works like expected, except the backscatter problem. This
is latest postconf
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
dovecot_destination_recipient_limit = 1
inet_interface
You are right, there are no recipient restrictions, except
permit_sasl_authenticated restricting remote recipients for authenticated
clients only.
--
View this message in context:
http://postfix.1071664.n5.nabble.com/Prevent-Backscatter-tp88359p88385.html
Sent from the Postfix Users mailing
gt; Therefore, "check_sender_access $virtual_alias_maps" is rather
> wrong.
>
> --
> Viktor.
--
View this message in context:
http://postfix.1071664.n5.nabble.com/Prevent-Backscatter-tp88359p88384.html
Sent from the Postfix Users mailing list archive at Nabble.com.
1 - 100 of 475 matches
Mail list logo
