On Fri, Jun 26, 2009 at 5:17 PM, mouss wrote:
> so you would block mail from me?
Yes, in fact, the local "cache" mail server would refuse mail from
everyone but the servers mentioned in the external service's SPF
record hence creating sort of an unprotected, IP-based "tunnel"
between the external
Ville Walveranta a écrit :
> Here's an idea.. maybe it's useful for someone, so I post it here.
>
> I'm setting up a local mail server to cache remote service's mail for
> faster access on the LAN. The remote server has an up-to-date SPF
> record that is updated whenever the sending IP ranges chan
On 25-Jun-2009, at 14:33, Ville Walveranta wrote:
It works except that the Postfix refresh message
("postfix/postfix-script: refreshing the Postfix mail system") is
displayed despite of the attempt to redirect it to /dev/null? Any
idea how I could hide it?
That refresh message is output on std
Perfect! Thanks all!!
Ville Walveranta wrote:
> Here's the completed script (the IP/CIDR extract worked perfectly --
> thanks Barney!):
>
> ---
> #!/bin/sh
>
> ORIGINAL=/usr/local/etc/postfix/tables/client_access_maps.cidr
> NEW=/tmp/postfix_clients.tmp
>
> dig +short senderdomain.net TXT | grep 'v=spf1' | egrep -o
>
Ville Walveranta wrote:
Here's the completed script (the IP/CIDR extract worked perfectly --
thanks Barney!):
---
#!/bin/sh
ORIGINAL=/usr/local/etc/postfix/tables/client_access_maps.cidr
NEW=/tmp/postfix_clients.tmp
dig +short senderdomain.net TXT | grep 'v=spf1' | egrep -o
'ip4:[0-9./]+' | se
Ville Walveranta wrote:
It works except that the Postfix refresh message
("postfix/postfix-script: refreshing the Postfix mail system") is
displayed despite of the attempt to redirect it to /dev/null? Any
idea how I could hide it?
It's probably writing to stderr,
postfix reload 2>/dev/null
Here's the completed script (the IP/CIDR extract worked perfectly --
thanks Barney!):
---
#!/bin/sh
ORIGINAL=/usr/local/etc/postfix/tables/client_access_maps.cidr
NEW=/tmp/postfix_clients.tmp
dig +short senderdomain.net TXT | grep 'v=spf1' | egrep -o
'ip4:[0-9./]+' | sed 's/^ip4://' | sed 's/$/
Thanks, I'll look into that; it'll simplify it a bit.
Anything that is parsed from text output is obviously not super solid
but for this application it'll suffice. The MX for the business
domains in question is an external service that takes care of spam
filtering, address consolidation, etc. The
> The following is "concept"; I don't have the script yet ready, but
> it'll be easy to write with your favorite scripting language:
>
> ---
> 1. get your remote sender's current SPF record:
>
> dig yourremotesender.com txt > tempfile
>
> 2. parse the result in tempfile with regex:
>
> /.*?ANS
Here's an idea.. maybe it's useful for someone, so I post it here.
I'm setting up a local mail server to cache remote service's mail for
faster access on the LAN. The remote server has an up-to-date SPF
record that is updated whenever the sending IP ranges change. I want
to limit unauthenticated m
11 matches
Mail list logo
