On 2020-06-19 06:47, Fourhundred Thecat wrote:
postfix/smtpd: lost connection after CONNECT from unknown[unknown]
how can postfix not see the IP address?
Why does it say "unknown[unknown]", instead if unknown[1.2.3.4]?
remote uses wget or something
CONNECT is not smtp
postconf
On 2020-06-19 06:47, Fourhundred Thecat wrote:
postfix/smtpd: connect from unknown[unknown]
postfix/smtpd: lost connection after CONNECT from unknown[unknown]
postfix/smtpd: disconnect from unknown[unknown] commands=0/0
how can postfix not see the IP address?
Why does it say "unknown[un
Hello,
I am curious, how can this happen:
postfix/smtpd: connect from unknown[unknown]
postfix/smtpd: lost connection after CONNECT from unknown[unknown]
postfix/smtpd: disconnect from unknown[unknown] commands=0/0
how can postfix not see the IP address?
Why does it say "unknown[un
list...@tutanota.com:
> > smtpd logs "unknown" when the IP address has no name, or when the name does
> > not resolve to the remote SMTP client IP address.
>
> Okay so the log is acting right, and recording the event.
>
> Now I must make and control the decision when it happens for each case.
>
21 13:11:21 tanzer postfix/postscreen2/smtpd[12944]: connect from
unknown[46.17.102.31]
and
Apr 21 13:11:24 tanzer postfix/postscreen2/smtpd[12944]: disconnect from
unknown[46.17.102.31] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Like before some of the emails "from unknown&qu
list...@tutanota.com:
> Hola.
>
> I added the postscreen function to my PostFix server.
>
> I get emails now and lots of spams are blocked by it.
>
> In the log is
>
> Apr 21 12:33:19 tanzer postfix/postscreen[12944]: connect from
> unknown[65.181.123.80]
post
21. Apr 2016 12:56 by j...@rfc1035.com:
> You should really use dig for DNS troubleshooting. Accept no subsitutes.
> Well, apart from delv or drill if you’re troubleshooting Secure DNS errors.
dig I know and can use.
Those other ones are new tools to me. Ill look for them
> SMTP co
> On 21 Apr 2016, at 20:46, wrote:
>
> What is "unknown" in this case?
>
> I think it is the RDNS that is not there?
Yes. There’s no reverse DNS for the connecting IP address.
> host 65.181.123.80
> Host 80.123.181.65.in-addr.arpa. not found: 3(NXDOMAIN)
You should really use di
Hola.
I added the postscreen function to my PostFix server.
I get emails now and lots of spams are blocked by it.
In the log is
Apr 21 12:33:19 tanzer postfix/postscreen[12944]: connect from
unknown[65.181.123.80]
And after the email continues to be delivered okay.
What is "unknow
palived load-balancers.
>
> Every time LB checks backends are available, Postfix logs messages like
> this :
>
> connect from unknown[unknown]
> lost connection after CONNECT from unknown[unknown]
> disconnect from unknown[unknown]
>
> If I check backends every 5 seconds, it
Le 09/12/2012 16:31, /dev/rob0 a écrit :
> snip]
> The client might see something in your EHLO response which makes it
> unable or unwilling to try to send mail.
indeed. if the client is configured to use AUTH and/or STARTTLS and
doesn't see it in the EHLO response, then that might explain the p
started -- version
> 2.9.3, configuration /etc/postfix
> Dec 8 21:16:05 vps postfix/smtpd[3930]: warning: hostname
> vps.abw.co does not resolve to address 199.101.51.160
> Dec 8 21:16:05 vps postfix/smtpd[3930]: connect from
> unknown[199.101.51.160]
> Dec 8 21:16:05 vps postfix/smt
nd should show only 'n'. if you see 'y' or '-', then at least
one smtpd is chrooted.
> Dec 8 21:16:05 vps postfix/smtpd[3930]: connect from unknown[199.101.51.160]
> Dec 8 21:16:05 vps postfix/smtpd[3930]: lost connection after RSET from
> unknown[19
On Dec 8, 2012, at 9:33 PM, Cameron Smith wrote:
> Dec 8 21:16:05 vps postfix/smtpd[3930]: warning: hostname vps.abw.co does
> not resolve to address 199.101.51.160
WHOIS says the domain doesn't exist.
That would certainly explain the "unknown"s.
It resolves, although it took a good long while
]: warning: hostname vps.abw.co does not
resolve to address 199.101.51.160
Dec 8 21:16:05 vps postfix/smtpd[3930]: connect from unknown[199.101.51.160]
Dec 8 21:16:05 vps postfix/smtpd[3930]: lost connection after RSET from
unknown[199.101.51.160]
Dec 8 21:16:05 vps postfix/smtpd[3930]: disconnect
...
Ýou mean *client*.
smtp_client_restrictions = reject_unknown_client_hostname
NOTE that this is a very heavy restriction and will cause many, many
false positives.
I'll use warn-if-reject to see how is going.
Instead, use the milder (but equally effective)
smtp_client_restriction
On 2011-08-02 21:59, Bruno Costacurta wrote:
Hello,
in my logs files there are messages 'connect from unknown[here an IP
address]'.
Can this be considered be as probable spam ?
No.
It merely means that the machine connecting does not have forward
confirmed reverse DNS (FCrDN
On Sat, 05 Feb 2011 01:41:35 +0100
mouss articulated:
> Le 05/02/2011 00:34, Joe a écrit :
> > On 02/04/2011 03:13 PM, mouss wrote:
> >> Le 04/02/2011 20:42, Joe a écrit :
> >>> I always try to work with the package management system to keep
> >>> things sane and manageable if possible. postfix-2
Le 05/02/2011 00:34, Joe a écrit :
> On 02/04/2011 03:13 PM, mouss wrote:
>> Le 04/02/2011 20:42, Joe a écrit :
>>> I always try to work with the package management system to keep things
>>> sane and manageable if possible. postfix-2.7 and 2.8 rpms and srpms are
>>> available for centos from severa
On 02/04/2011 03:13 PM, mouss wrote:
Le 04/02/2011 20:42, Joe a écrit :
I always try to work with the package management system to keep things
sane and manageable if possible. postfix-2.7 and 2.8 rpms and srpms are
available for centos from several sources. It's pretty easy to replace
the ancien
Am 05.02.2011 00:13, schrieb mouss:
> Le 04/02/2011 20:42, Joe a écrit :
>> On 02/04/2011 10:42 AM, Steve Jenkins wrote:
>>>
>>> Still, I am (well, WAS) disappointed that Postfix 2.3.3 is what
>>> installs on CentOS 5.5 by default. But Postfix 2.8 wasn't that hard to
>>> compile. :)
>>>
>>
>> I alw
Le 04/02/2011 20:42, Joe a écrit :
> On 02/04/2011 10:42 AM, Steve Jenkins wrote:
>>
>> Still, I am (well, WAS) disappointed that Postfix 2.3.3 is what
>> installs on CentOS 5.5 by default. But Postfix 2.8 wasn't that hard to
>> compile. :)
>>
>
> I always try to work with the package management s
J4K put forth on 2/4/2011 7:18 AM:
> I think there is a typo in the file:
>
> /^ip[12]?[0-9]{1,2}(-[12]?[0-9]{1,2}){3}\.adsl2?\.static\.versatel\.nl$/
>
> PREPEND X-GenericStaticHELO: (versatel.ml)
> should read /ml/nl/
> /^ip[12]?[0-9]{1,2}(-[12]?[0-9]{1,2}){3}\.adsl2?\.static\.versatel\
[ Reply-To: set to self as this is no longer on topic for the list ]
On Fri, Feb 04, 2011 at 11:20:45AM +0100, J4K wrote:
> On 02/04/2011 05:17 AM, Stan Hoeppner wrote:
> > Steve Jenkins put forth on 2/3/2011 11:18 AM:
> >> On Thu, Feb 3, 2011 at 1:44 AM, J4K wrote:
> >>> Its a good idea, but thi
On 02/04/2011 10:42 AM, Steve Jenkins wrote:
Still, I am (well, WAS) disappointed that Postfix 2.3.3 is what
installs on CentOS 5.5 by default. But Postfix 2.8 wasn't that hard to
compile. :)
I always try to work with the package management system to keep things
sane and manageable if possib
On Fri, Feb 04, 2011 at 01:27:35PM -0600, /dev/rob0 wrote:
> On Fri, Feb 04, 2011 at 11:56:51AM +0100, J4K wrote:
> > > Thank-you for the example. Can the /etc/postfix/whitelist be an
> > > empty file?
> > Answering my own question:-
> >
> > # ls -l /etc/postfix/whitelist
> > -rw-r- 1 root
On Fri, Feb 04, 2011 at 11:56:51AM +0100, J4K wrote:
> > Thank-you for the example. Can the /etc/postfix/whitelist be an
> > empty file?
> Answering my own question:-
>
> # ls -l /etc/postfix/whitelist
> -rw-r- 1 root root 0 Feb 4 11:53 /etc/postfix/whitelist
>
> Feb 4 11:53:17 logout pos
On Thu, Feb 3, 2011 at 7:48 PM, Stan Hoeppner wrote:
>>> CentOS 5.5, their latest, ships with Postfix 2.3.3, which hasn't been
>>> supported by Wietse for quite some time. A new install of CentOS 5.5
>>> gives you an officially unsupported Postfix, thought I'm sure CentOS
>>> will support it.
>>>
On Fri, Feb 4, 2011 at 5:18 AM, J4K wrote:
> I think there is a typo in the file:
>
> /^ip[12]?[0-9]{1,2}(-[12]?[0-9]{1,2}){3}\.adsl2?\.static\.versatel\.nl$/
> PREPEND X-GenericStaticHELO: (versatel.ml)
> should read /ml/nl/
> /^ip[12]?[0-9]{1,2}(-[12]?[0-9]{1,2}){3}\.adsl2?\.static\.versatel\.nl
On Thu, 03 Feb 2011 21:48:08 -0600
Stan Hoeppner articulated:
> Well, I think there's a bit more to it than that. Some distros have
> various policies in place that hinder rapid inclusion. That said, if
> Sahil were associated with the Debian project instead of or in
> addition to FreeBSD, we'd
On 02/04/2011 11:45 AM, Stan Hoeppner wrote:
> J4K put forth on 2/4/2011 4:20 AM:
>
>> Back to the Stan's pcre file:- I've been running through the logs for
>> rejects specifically caused by this file (or prepends). However I did
>> not see any. Is there a string I could search for,
> Try:
> ~$
Zitat von Reindl Harald :
Am 04.02.2011 11:20, schrieb J4K:
I agree. I have plenty of colleagues who run their own mail servers from
residential connections and they know how to set-up their machines.
Maybe, but if they are running a mailserver form dial-up ranges
mail seems not to be impor
Reindl Harald put forth on 2/4/2011 4:35 AM:
>
>
> Am 04.02.2011 11:20, schrieb J4K:
>> I agree. I have plenty of colleagues who run their own mail servers from
>> residential connections and they know how to set-up their machines.
>
> Maybe, but if they are running a mailserver form dial-up
On 02/04/2011 11:53 AM, J4K wrote:
> On 02/04/2011 11:45 AM, Stan Hoeppner wrote:
>> J4K put forth on 2/4/2011 4:20 AM:
>>
>>> Back to the Stan's pcre file:- I've been running through the logs for
>>> rejects specifically caused by this file (or prepends). However I did
>>> not see any. Is there
On 02/04/2011 11:45 AM, Stan Hoeppner wrote:
> J4K put forth on 2/4/2011 4:20 AM:
>
>> Back to the Stan's pcre file:- I've been running through the logs for
>> rejects specifically caused by this file (or prepends). However I did
>> not see any. Is there a string I could search for,
> Try:
> ~$
J4K put forth on 2/4/2011 4:20 AM:
> Back to the Stan's pcre file:- I've been running through the logs for
> rejects specifically caused by this file (or prepends). However I did
> not see any. Is there a string I could search for,
Try:
~$ egrep "Dynamic - Please|Generic - Please|X-GenericSta
Am 04.02.2011 11:20, schrieb J4K:
> I agree. I have plenty of colleagues who run their own mail servers from
> residential connections and they know how to set-up their machines.
Maybe, but if they are running a mailserver form dial-up ranges
mail seems not to be important for them because si
On 02/04/2011 05:17 AM, Stan Hoeppner wrote:
> Steve Jenkins put forth on 2/3/2011 11:18 AM:
>> On Thu, Feb 3, 2011 at 1:44 AM, J4K wrote:
>>> Its a good idea, but this would limit a user from using a server on his
>>> residential ADSL from being an Email server, and force them to use their
>>> IS
Steve Jenkins put forth on 2/3/2011 11:18 AM:
> On Thu, Feb 3, 2011 at 1:44 AM, J4K wrote:
>> Its a good idea, but this would limit a user from using a server on his
>> residential ADSL from being an Email server, and force them to use their
>> ISPs relay. Else they might have to upgrade to a bus
Jerry put forth on 2/3/2011 5:19 AM:
> FreeBSD had the 2.8 release in its ports system a few days after it was
> officially released. The 2.9(beta) release will be released into the
> ports system shortly. The original 2.8(beta) was available almost
> from its inception. The speed with which a pac
J4K put forth on 2/3/2011 4:09 AM:
> True. Some of the matches don't reject, but prepend this header:
> X-GenericStaticHELO
> What is this header used for?
This exists due to the grey area between "residential" and "business"
classification. Some providers offer static IP service to small busi
J4K put forth on 2/3/2011 3:44 AM:
> Its a good idea, but this would limit a user from using a server on his
> residential ADSL from being an Email server,
As the directions in the file itself state, fix situations like this with a
simple whitelist. Given the number of hobbyist servers your MX w
On 2/3/11 1:44 AM, Stan Hoeppner wrote:
Jeroen Geilman put forth on 2/2/2011 2:56 PM:
Debian won't have 2.8 in stable until at least 2013, although you may be able to
get it as a backport later this year:
http://packages.debian.org/search?keywords=postfix
They lag behind something awful.
You
On Thu, Feb 3, 2011 at 1:44 AM, J4K wrote:
> Its a good idea, but this would limit a user from using a server on his
> residential ADSL from being an Email server, and force them to use their
> ISPs relay. Else they might have to upgrade to a business package or spend
> more money for a static IP
On Thu, 03 Feb 2011 10:44:13 +0100
J4K wrote:
> On 02/02/2011 11:54 PM, Steve Jenkins wrote:
> > On Wed, Feb 2, 2011 at 2:33 PM, Stan Hoeppner
> > wrote:
> >> In the mean time, maybe give this a go. 1600+ expressions matching rDNS
> >> patterns of many millions of broadband IPs worldwide that
On Wed, 02 Feb 2011 18:44:46 -0600
Stan Hoeppner articulated:
> Jeroen Geilman put forth on 2/2/2011 2:56 PM:
>
> > Debian won't have 2.8 in stable until at least 2013, although you
> > may be able to get it as a backport later this year:
> >
> > http://packages.debian.org/search?keywords=postf
On 02/03/2011 10:56 AM, Daniel Bromberg wrote:
> On 2/3/2011 4:44 AM, J4K wrote:
>> [snip]
>>> I can attest to the awesomeness of Stan's pcre file. I run it on all 5
>>> of our Postfix servers, and it catches a LOT of stuff. From my logs,
>>> what it seems to do best is block zombie mailers on dyna
On 2/3/2011 4:44 AM, J4K wrote:
[snip]
I can attest to the awesomeness of Stan's pcre file. I run it on all 5
of our Postfix servers, and it catches a LOT of stuff. From my logs,
what it seems to do best is block zombie mailers on dynamic IPs.
And I updated to your latest version today, Stan. T
On 02/02/2011 11:54 PM, Steve Jenkins wrote:
> On Wed, Feb 2, 2011 at 2:33 PM, Stan Hoeppner wrote:
>> In the mean time, maybe give this a go. 1600+ expressions matching rDNS
>> patterns of many millions of broadband IPs worldwide that shouldn't be
>> sending
>> direct SMTP. Catches quite a bit
Jeroen Geilman put forth on 2/2/2011 2:56 PM:
> Debian won't have 2.8 in stable until at least 2013, although you may be able
> to
> get it as a backport later this year:
>
> http://packages.debian.org/search?keywords=postfix
>
> They lag behind something awful.
You're smoke'n crack. ;) 2.7.1
On Wed, Feb 2, 2011 at 2:33 PM, Stan Hoeppner wrote:
> In the mean time, maybe give this a go. 1600+ expressions matching rDNS
> patterns of many millions of broadband IPs worldwide that shouldn't be sending
> direct SMTP. Catches quite a bit that PBL/CBL/SORBS-DYNA/etc don't and with
> less del
JKL put forth on 2/2/2011 12:23 PM:
>
> On 02/02/2011 06:17 PM, Victor Duchovni wrote:
>> On Wed, Feb 02, 2011 at 05:30:52PM +0100, J4K wrote:
>>
>>> The smtpd has a 'sleep 3' at the start of it. Might this have been the
>>> cause? If so, then it served the purpose.
>>>
>>> smtpd_recipient_rest
On 2/2/11 7:23 PM, JKL wrote:
On 02/02/2011 06:17 PM, Victor Duchovni wrote:
On Wed, Feb 02, 2011 at 05:30:52PM +0100, J4K wrote:
The smtpd has a 'sleep 3' at the start of it. Might this have been the
cause? If so, then it served the purpose.
smtpd_recipient_restrictions = sleep 3,
permit_
On 02/02/2011 06:17 PM, Victor Duchovni wrote:
> On Wed, Feb 02, 2011 at 05:30:52PM +0100, J4K wrote:
>
>> The smtpd has a 'sleep 3' at the start of it. Might this have been the
>> cause? If so, then it served the purpose.
>>
>> smtpd_recipient_restrictions = sleep 3,
>> permit_mynetworks,permi
On Wed, Feb 02, 2011 at 05:30:52PM +0100, J4K wrote:
> The smtpd has a 'sleep 3' at the start of it. Might this have been the
> cause? If so, then it served the purpose.
>
> smtpd_recipient_restrictions = sleep 3,
> permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,
> rejec
On 02/02/2011 05:23 PM, Wietse Venema wrote:
> J4K:
>> Feb 2 17:09:28 logout postfix/smtpd[1599]: connect from unknown[unknown]
>> Feb 2 17:09:28 logout postfix/smtpd[1599]: lost connection after
>> CONNECT from unknown[unknown]
> The client disconnected before Postfix
J4K:
> Feb 2 17:09:28 logout postfix/smtpd[1599]: connect from unknown[unknown]
> Feb 2 17:09:28 logout postfix/smtpd[1599]: lost connection after
> CONNECT from unknown[unknown]
The client disconnected before Postfix could ask the KERNEL for
the client IP address. Either your serv
as no load. Its idle. After the
connect from unknown [unknown], mail reception continued as usual.
One change was made to-day, and was the activation of dkim-filter for
before and after queue processing, although the dkim-filter has been
running fine for the past 5 hours.
I would like to know wh
58 matches
Mail list logo
