On 01/05/17 13:17, Simon Wilson wrote:
>
> 3. Any other ways to speed it up, or should I accept the trade-off
> between speed and accuracy of result?
>
If you can create a postscreen white-list of your "regular" remote
hosts, they will be almost instantly passed on to the mail server.
Hope
> On May 1, 2017, at 10:28 AM, Simon Wilson wrote:
>
> Can anyone comment on the value / no value of having zen.spamhaus as an RBL
> in smtpd in addition to it being used by postscreen?
Keep both. If you have SpamAssassin doing RBL lookups, raise the
concurrency limit
Viktor Dukhovni:
> On May 1, 2017, at 8:17 AM, Simon Wilson wrote:
>
> ostscreen is using (threshold 3):
>
>zen.spamhaus.org*3
>bl.mailspike.net*2
>b.barracudacentral.org*2
>bl.spameatingmonkey.net
>bl.spamcop.net
>
Viktor Dukhovni:
>
> > On May 1, 2017, at 8:17 AM, Simon Wilson wrote:
> >
> > ostscreen is using (threshold 3):
> >
> >zen.spamhaus.org*3
> >bl.mailspike.net*2
> >b.barracudacentral.org*2
> >bl.spameatingmonkey.net
> >
> On May 1, 2017, at 8:17 AM, Simon Wilson wrote:
>
> ostscreen is using (threshold 3):
>
>zen.spamhaus.org*3
>bl.mailspike.net*2
>b.barracudacentral.org*2
>bl.spameatingmonkey.net
>bl.spamcop.net
>dnsbl.sorbs.net
>
Simon Wilson:
On my new Postfix 2.10 system incoming mail is slow to process (about
15 seconds end to end), and I think it is mainly because DNS queries
are slowing things down.
The server runs local caching DNS BIND, so it's as quick as I can get
it on the slow Internet connection we are on.
Simon Wilson:
> On my new Postfix 2.10 system incoming mail is slow to process (about
> 15 seconds end to end), and I think it is mainly because DNS queries
> are slowing things down.
>
> The server runs local caching DNS BIND, so it's as quick as I can get
> it on the slow Internet
> -Oorspronkelijk bericht-
> Van: si...@simonandkate.net
> [mailto:owner-postfix-us...@postfix.org] Namens Simon Wilson
> Verzonden: maandag 1 mei 2017 11:20
> Aan: Marco Pizzoli
> CC: Postfix users
> Onderwerp: Re: Optimising new system and postscreen questions
>
&g
- Message from Marco Pizzoli <marco.pizz...@gmail.com> -
Date: Mon, 1 May 2017 11:18:30 +0200
From: Marco Pizzoli <marco.pizz...@gmail.com>
Subject: Re: Optimising new system and postscreen questions
To: si...@simonandkate.net
Cc: Postfix users &l
Hello Simon,
The server runs local caching DNS BIND, so it's as quick as I can get it on
> the slow Internet connection we are on.
>
I don't qualify mysef expert enough to answer the rest of your points, but
for the DNS part I suggest you think about replacing BIND with Unbound, as
the DNS
- Message from Simon Wilson <si...@simonandkate.net> -
Date: Mon, 01 May 2017 18:43:41 +1000
From: Simon Wilson <si...@simonandkate.net>
Reply-To: si...@simonandkate.net
Subject: Optimising new system and postscreen questions
To: Postfix users <postfix-us
On my new Postfix 2.10 system incoming mail is slow to process (about
15 seconds end to end), and I think it is mainly because DNS queries
are slowing things down.
The server runs local caching DNS BIND, so it's as quick as I can get
it on the slow Internet connection we are on.
At the
On 5/23/2013 10:23 AM, Wietse Venema wrote:
Deeztek Support:
On another topic, I had an issue the other day where an outside
sender was trying to send e-mail to an internal recipient and their
e-mail was getting delayed due to a DNS issue on their end. The
exact error was:
(Host or domain
On 23 May 2013, at 10:49, Deeztek Support wrote:
On another topic, I had an issue the other day where an outside sender
was trying to send e-mail to an internal recipient and their e-mail
was getting
delayed due to a DNS issue on their end. The exact error was:
(Host or domain name not
...@postfix.org] on
behalf of Stan Hoeppner [s...@hardwarefreak.com]
Sent: Wednesday, May 22, 2013 4:33 PM
To: postfix-users@postfix.org
Subject: Re: postscreen questions
On 5/22/2013 10:02 AM, Noel Jones wrote:
...
Secondly, remember postscreen is intended as a quick-and-simple
zombie killer, its only
Deeztek Support:
On another topic, I had an issue the other day where an outside
sender was trying to send e-mail to an internal recipient and their
e-mail was getting delayed due to a DNS issue on their end. The
exact error was:
(Host or domain name not found. Name service error for
Manual whitelisting.
/etc/postfix/main.cf:
smtpd_recipient_restrictions =
...
reject_unauth_destination
check_sender_access hash:/etc/postfix/sender_access
reject_unknown_sender_domain
/etc/postfix/sender_access:
rotary.org OK
So check_sender_access
Deeztek Support:
Manual whitelisting.
/etc/postfix/main.cf:
smtpd_recipient_restrictions =
...
reject_unauth_destination
check_sender_access hash:/etc/postfix/sender_access
reject_unknown_sender_domain
/etc/postfix/sender_access:
rotary.org
On 22 May 2013, at 14:33 , Stan Hoeppner s...@hardwarefreak.com wrote:
I'll make an educated guess that many folks here have configured
postscreen simply because it was/is the new thing, without considering
whether they -needed- it or not. Many have run into the same address
based
I'm trying out postscreen and I have a couple of questions. First off, here's
my postscreen setup:
postscreen_access_list = permit_mynetworks
postscreen_blacklist_action = enforce
postscreen_dnsbl_action = enforce
postscreen_greet_action = enforce
postscreen_dnsbl_sites = zen.spamhaus.org*3
On 5/22/2013 8:41 AM, Deeztek Support wrote:
I'm trying out postscreen and I have a couple of questions. First
off, here's my postscreen setup:
postscreen_access_list = permit_mynetworks
postscreen_blacklist_action = enforce
postscreen_dnsbl_action = enforce
postscreen_greet_action =
On 22 May 2013, at 11:02, Noel Jones wrote:
so, the RBLs are getting utilized by postscreen before it even hits
the smtp service. So, am I right to assume that the
reject_rbl_client lines in my smtpd_recipient_restrictions are no
longer needed?
No, not needed. But some folks like to leave
On 5/22/2013 10:02 AM, Noel Jones wrote:
...
Secondly, remember postscreen is intended as a quick-and-simple
zombie killer, its only purpose is to reduce the workload on the
more complex filters further downstream.
This fact is not emphasized often enough.
Many people forget the intended
Hi,
- Is PREGREET always a sign of a zombie connection or misconfigured
client, or is it possible for properly configured clients to also
speak before their turn?
It's safe. The only drawback is the pain of delaying mail.
So you would recommend blacklist, greet, and dnsbl be safely set to
Alex:
Hi,
- Is PREGREET always a sign of a zombie connection or misconfigured
client, or is it possible for properly configured clients to also
speak before their turn?
It's safe. The only drawback is the pain of delaying mail.
So you would recommend blacklist, greet, and dnsbl be
Hi,
I have two postfix-v2.8.5 hosts for one domain and have configured
postscreen on both of them using 'ignore' for all options while I
experiment. I have a few questions that I hoped someone could help me
to answer:
- Do I still need the reject_rbl_client commands in
On Saturday 19 November 2011 23:30:21 Alex wrote:
I have two postfix-v2.8.5 hosts for one domain and have configured
postscreen on both of them using 'ignore' for all options while I
experiment. I have a few questions that I hoped someone could help
me to answer:
- Do I still need the
On Thu, 27 May 2010, Wietse Venema wrote:
Andy Dills:
I've been investigating postscreen, as we've been address probed/bombed
for years, as we have a few domains that are very old (well, early 90s)
that had a lot of users back in the dialup days. Our approach was to just
throw
Zitat von LuKreme krem...@kreme.com:
On 27-May-2010, at 07:34, Andy Dills wrote:
I've been investigating postscreen, as we've been address probed/bombed
for years, as we have a few domains that are very old (well, early 90s)
that had a lot of users back in the dialup days. Our approach was to
Andy Dills wrote:
On Thu, 27 May 2010, Wietse Venema wrote:
Andy Dills:
I've been investigating postscreen, as we've been address probed/bombed
for years, as we have a few domains that are very old (well, early 90s)
that had a lot of users back in the dialup days. Our approach was to just
Roderick A. Anderson:
Also, would postscreen_cache_map work with a mysql backend?
postscreen needs very low latency (I put in explicit tests for
this). Also, postscreen requires read, write, iterate support
which is implemented only for file-based databases.
If table access requires
Am 28.05.2010 14:13, schrieb lst_ho...@kwsoft.de:
Zitat von LuKreme krem...@kreme.com:
On 27-May-2010, at 07:34, Andy Dills wrote:
I've been investigating postscreen, as we've been address probed/bombed
for years, as we have a few domains that are very old (well, early 90s)
that had a lot
Wietse Venema wrote:
Roderick A. Anderson:
Also, would postscreen_cache_map work with a mysql backend?
postscreen needs very low latency (I put in explicit tests for
this). Also, postscreen requires read, write, iterate support
which is implemented only for file-based databases.
If table
Zitat von Robert Schetterer rob...@schetterer.org:
Am 28.05.2010 14:13, schrieb lst_ho...@kwsoft.de:
Zitat von LuKreme krem...@kreme.com:
On 27-May-2010, at 07:34, Andy Dills wrote:
I've been investigating postscreen, as we've been address probed/bombed
for years, as we have a few domains
I've been investigating postscreen, as we've been address probed/bombed
for years, as we have a few domains that are very old (well, early 90s)
that had a lot of users back in the dialup days. Our approach was to just
throw hardware at the problem, and we've had a whole cluster of servers
Am 27.05.2010 15:34, schrieb Andy Dills:
I've been investigating postscreen, as we've been address probed/bombed
for years, as we have a few domains that are very old (well, early 90s)
that had a lot of users back in the dialup days. Our approach was to just
throw hardware at the problem,
Andy Dills:
I've been investigating postscreen, as we've been address probed/bombed
for years, as we have a few domains that are very old (well, early 90s)
that had a lot of users back in the dialup days. Our approach was to just
throw hardware at the problem, and we've had a whole
Andy Dills wrote:
I've been investigating postscreen, as we've been address probed/bombed
for years, as we have a few domains that are very old (well, early 90s)
that had a lot of users back in the dialup days. Our approach was to just
throw hardware at the problem, and we've had a whole
On 27-May-2010, at 07:34, Andy Dills wrote:
I've been investigating postscreen, as we've been address probed/bombed
for years, as we have a few domains that are very old (well, early 90s)
that had a lot of users back in the dialup days. Our approach was to just
throw hardware at the
39 matches
Mail list logo