il executable.
Maybe smrsh?
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebra...@charite.de | http://www.charite.de
ssage, I'll answer the first question:
>
> smtpd_restriction_classes = class_barracuda
>
> class_barracuda = reject_rbl_client b.barracudacentral.org
>
> smtpd_recipient_restrictions = <..>
> class_barracuda,
Why this extra complexity?
smtpd_recipient_restrictions = &l
See RFC2821 4.1.1.1) (in reply to MAIL FROM command)".
That's something different.
postconf smtp_helo_name
postconf myhostname
returns what?
> My smtpd_banner is set to "$mylocalhost ESMTP". The localhost is the
mylocalhost???
--
Ralf Hildebrandt
Geschäftsbereich IT | A
ll me.
It would help not to munge the data, since that's what the other
server doesn't like
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 5
;$/ REPLACE From:
=?iso-8859-1?Q?=22$1=22?= <$2>
#becaus:
#wrong =?iso-8859-1?Q?Kr=FCger=2C_Stephanie?=
#correct =?iso-8859-1?Q?=22Dr._med._Stefan_R=F6pke=22?=
Yes, this fails if the encoding is NOT iso-8859-1
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité -
tlook/Exchange...
See?
So far, it seems to work (tm), YMMV
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebra...@cha
* Victor Duchovni :
> On Mon, Feb 22, 2010 at 02:57:54PM +0100, Ralf Hildebrandt wrote:
>
> > Can anybody comment on this ugly "fix" for Umlauts in realnames?
> >
> > # Already with Quotes ("=22") thus do nothing
> > /^From: =\?iso-8859-1\?Q\?=22
characters in realname)
return add_quotes(encode(realname))
else
return realname
fi
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebra...@charite.de | http://www.charite.de
wering
Same here. That's why I added the ugly hack
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hil
with Thunderbird.
>
> So it seems that Thunderbird is choking on the wrong To-Header from
> Outlook when doing a reply...
>
> Regards
>
> Andreas
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus
t; header on a postfix server ?
*smile*
/^From: (.*) <(.*)>$/ REPLACE From: blah <$2>
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 |
* Ralf Hildebrandt :
> * Sylvain Ferrand :
> > Hello,
> >
> > I would like to overwrite the "display-name" (i.e. the sender
> > description string in the the From: field. - cf. RFC 5322 sec 3.4)
> > set by the MUA. Is it possible to rewrite the "
* Stan Hoeppner :
> If you sub the list, ask Rich K about ipdeny. I learned about it from him.
> He's been a spam fighter since 1994 (maybe earlier). He's old school.
Yay, I'm old school :)
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Unive
delivered.
>
> What does "250 Backend Replied" mean? Should I be worried about this?
250: all is well
Backend Replied: The backend replied. Whatever that means. Ask the
admins @mxlogicmx.net
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedi
ail message body contents for URIs can use the DBL to
identify, classify or reject spam containing DBL-listed domains."
Note the key words "email message body contents"
Postfix cannot do that on it's own. You need something to examine the
body of the mail (content_filter, m
* Stan Hoeppner :
> Ralf Hildebrandt put forth on 3/4/2010 1:55 AM:
>
> > "The Spamhaus DBL is a realtime database of domains (typically web site
> > domains) found in spam messages. Mail server software capable of
> > scanning email message body contents for URIs ca
it. No problems so far.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebra...@charite.de | http://www.charite.de
gt; fatal: open database /etc/aliases.db: No such file or directory
postalias /etc/aliases
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49
* Wilberth Pérez :
> when i ejecuted the command "postalias /etc/aliases", only generates
> the files:
>
> aliases.dir and aliases.pag
postalias hash:/etc/aliases
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Ca
has no from,and some mailServer reject these
> email.
Some people are idiots. What's new?
> How can I to set a sender address to bounce mail?
What happens if the bounce bounces?
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
ain, permit_mynetworks,
That makes no sense.
reject_unauth_destination rejects any relaying attempts,
permit_mynetworks after that cannot permit anything...
provmail as content_filter? Interesting :)
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizi
trusted issuer
> /CN=AAA-SBS-PYRAMID-CA
You don'T trust the CA, thus the cert is untrusted.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | F
y trusting the CA. Meaning: Installing the root-CA certificate. But
why would you? Just ignore the warning.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 57
Mar 17 00:27:28
There is at most 1 simultaneous connection during a 60s period.
Your server is not very busy
> Also anvil doesn't log these statistics for every connection made, just
> every so many minutes. Is there something special about the specific IP
> address that it logs?
It&
llation with Stefan's help.
Attached is the backtrace
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebra...@
|= smtp_addr_pref;
> SMTP_RCPT_INIT(state);
>
> /*
>
Confirmed. No more signal 6.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebra...@charite.de | http://www.charite.de
ject_rbl_client dnsbl.njabl.org,
check_client_access hash:/etc/postfix/whitelist
> reject rbl_client
> dnsbl-1.uceprotect.net
> permit
with:
IP OK
Or rather remove dnsbl-1.uceprotect.net, since they reall
arschkrebs.de/postfix/postfix_incoming.shtml
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebra...@charite.de | http://www.charite.de
* Tom Hendrikx :
> So actually you are trying to solve the other mail servers trouble. Did
> you contact (some of) them to get you whitelisted?
One could also run multiple instances and cascade them as a
fallback_relay chain (uaaah!)
--
Ralf Hildebrandt
Geschäftsbereich IT | Abt
* Marcio Vogel Merlone dos Santos :
> On 25-03-2010 05:41, Ralf Hildebrandt wrote:
> >* Frank Bonnet:
> >>I have one domain, say domain.com and I want to reject emails
> >>that pretend to be sent from domain.com
> >>but are NOT into our IP range say 123.12
nterlegen muß.
> Muß ich dafür eine eigene Datei anlegen und darauf verweisen?
Yes, like I wrote in my answer:
--->check_client_access hash:/etc/postfix/whitelist
echo "IP OK" > /etc/postfix/whitelist
postmap /etc/postfix/whitelist
--
Ralf Hildebrandt
Geschäf
d
can be reduced dramatically by using append/truncate instead of
create/rename/delete."
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 3
> Wietse
> What should I set the result value to?
> I got this example from the mailinglist so I didn't make it up my self.
Leave it out then :)
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hin
l be possible auto-blacklist this email
> for one week, for example?
You could use fail2ban for that
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fa
* Josep M. :
> Hello Ralph.
>
> Fail2ban can blacklist email addresses too? I want reject email
> addresses, not block IPs.
All you have to do is call a script instead of iptables.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Ber
alid sending server
> for that domain.
> Is there any solution?
Yes, SRS
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
* Ralf Hildebrandt :
> Yes, SRS
http://en.wikipedia.org/wiki/Sender_Rewriting_Scheme
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30
at before. What does it mean and
> should I be worried about it?
If you have a pix, you should worry :)
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155
.
Escape character is '^]'.
220 *
Yep, imh.rsys4.net is protected by a PIX.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570
f the
scheme Spamhaus uses is commonplace.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebra...@charite.de |
* Ralf Hildebrandt :
> default_rbl_reply = $rbl_code Service unavailable; $rbl_class [$rbl_what]
> blocked using dbl.spamhaus.org${rbl_reason?; $rbl_reason}
This assumes it's the only RBL being queried. Otherwise one would use
rbl_reply_maps
--
Ralf Hildebrandt
Geschäft
nfo] 4DC4E82: warning: header Subject: =?utf-8?B?UX. (UTF-8
> stuff in here)
>
> How can I make it so that Subject: =?utf-8?B?UX. is displayed correctly
> in it's native language? (in this case it's Chinese but it could be another
> language)
You'd need t
>
> Any hint or help is appreciated.
>
> Dirk
>
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebra...@charite.de | http://www.charite.de
k_recipient_access pcre:/etc/postfix/recipient_access
check_recipient_access hash:/etc/postfix/recipient_access
user.s...@example.com REJECT
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm
t the
> implications would be for the postfix server.
I'm using zen.spamhaus.org in postscreen and,
reject_rbl_client bl.spamcop.net
reject_rbl_client bogons.cymru.com
reject_rhsbl_sender dbl.spamhaus.org
reject_rhsbl_reverse_client db
ock internal clients that should not connect to
my mailserver but use another server.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebra...@charite.de | http://www.charite.de
* Michael Orlitzky :
> How much use do you get out of bogons.cymru.com at the SMTP stage? I was
> considering it once, and talked myself out of it with flowcharts or
> something.
Almost none. I use it for internal clients.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung
logfile.
>
> I'm looking for things like amount of messages sent/received daily
> weekly monthly etc ...
mailgraph.schweikert.ch/
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 |
/month/year, they want to see how many messages
> where sent/received on January 1th, or June 16th... etc etc
Use pflogsumm for that
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berl
* donovan jeffrey j :
> Greetings
>
> i have been seeing tons of errors coming from spamhaus, it seems it's not
> resolving. at least for me. is anyone else having any problems ?
You might have been blocked because you exceeded the limits for free
usage.
--
Ralf Hildebrandt
* donovan jeffrey j :
> I certainly do not want to exceed any limits, how do i avoid that ?
Well, how big is your server?
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
* donovan jeffrey j :
> this system in question picks up mail ( primary MX ) for about 2000 users.
This should well be within the limits. We're execeeding the limit at
about 30k users. Maybe you're using your ISPs DNS forwarder?
--
Ralf Hildebrandt
Geschäftsbereich IT | Abtei
* donovan jeffrey j :
>
> On Apr 19, 2010, at 9:03 AM, Ralf Hildebrandt wrote:
>
> > * donovan jeffrey j :
> >
> >> this system in question picks up mail ( primary MX ) for about 2000 users.
> >
> > This should well be within the limits. We're exe
.
apt-get install pdns-recursor
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebra...@charite.de | http://www.charite.de
3
>
> ** server can't find zen.spamhaus.org: REFUSED
>
>
> okay,.. Ill have to check this. to make sure my queries to zen are directly
> from my mail system does that sound right ?
Yes. Install a local caching DNS which directly queries the internet ...
--
Ralf Hildebrandt
8.69.110.81REJECT
You can also use that form, because the rejection is caused by an IP
anyway - so all you need is grep for the IP in your
/etc/postfix/client_access file
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Ben
: if the recipient mailbox is localy
> existing on it then deliver localy (maildir format) and if the mailbox is not
> yet exising (user not migret) it would then transferred the mail to the old
> server.
luser_relay
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
I'm trying to get in contact with the mstone author/maintainer.
Both dac at x.cx and dchristian at google.com are non-operational :(
Who knows his current address?
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Fra
/usr/sbin/sendmail or postfix uses
> /var/qmail/bin/sendmail ?
? Nothing, you disabled qmail I hope.
> Whenever, postfix starts, all instances, and I can process messages.
> Is this a correct production environnement?
I wouldn't think so. Why is qmail still there when you already moved
to
c/postfix/virtual which was hitherto handling
> forwarding?
Hard to tell, without logs or postconf -n output.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 5
* osuser g :
> Does any one know how has access the content on Postfix.org ?
> Whom should one contact for updates/improvements to content?
Wietse comes to mind.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Fr
ed some help creating a
> header_check (and/or body check) to catch this.
>
> I tried this, but it didnt work:
>
> /^From:.ret@/REJECT unsolicited email
/^From:.*ret@/REJECT unsolicited email
or
/^From: ret@/REJECT unsolicited email
or
/^From:\b*ret@/REJECT unsolici
ch I all killed, after that it would work again.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebra...@charite.d
; the front server.
>
> It still lookup for MX for domains exampleN.com and delivers through
> an outside address.
How do you know that?
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hinde
* Patrick Chemla :
> Le 23/05/2010 19:16, Ralf Hildebrandt a écrit :
> >>I made some simple tests puting mails through a telnet to port 25 of
> >>> the front server.
> >>> > It still lookup for MX for domains exampleN.com and
> >>delivers throu
E.g.:
smtpd_recipient_restrictions =
permit_mynetworks,
reject_unauth_destination
reject_rbl_client zen.spamhaus.org
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49
ver in order
> to catch web traffic and redirect it.
So set a fake MX record pointing to localhost
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax
ut it
> if it was named prescreen ;-)
It's postfix, not prefix.
But then -- postscreen is using an RBL...
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 45
7;t see a big problem there, even thousands of
> 554s normally don't stress Postfix too much.
* One could also turn off postfix.
* Or disable smtpd
* Or (if there's a spare IP) point the mx to the spare IP and run
smtp-sink there!
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung
s reducing system load.
That's how I'm using it here. It's amazing :)
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
* LuKreme :
> It's in 2.7 only, yes? I'm still running 2.6.
It's in the snapshots
> Just add:
>
> postscreen_dnsbl_sites zen.spamhous.org
>
> To a 2.7 config?
No, you really have to read the README, since there are changes to
master.cf as well!
--
Ralf
* Nataraj :
> How does rate limiting work in conjunction with postscreen?
Just like without postscreen
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570
email
> address with a + in it, which postfix doesn't seem to like.
Yes.
> This may be the case, and may be ok, however my concern is that why
> aren't I seeing any emails being sent to the other 4998 valid
> addresses? Is there anything I can do to force postfix use
gs...
smtpd_hard_error_limit = 1000
smtpd_soft_error_limit = 1000
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebra...@charite.de | http://www.charite.de
ut now (BTW, that's why one uses mailing
list manager like mailman!)?
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ere a scenario where this would
> not be the case ?
No. But you can still have OTHER RBLs in *_restrictions
> Does postscreen also log any DNSBL hits ?
Yes
> I can't seem to find any so far.
May 30 23:33:15 mail-ausfall postfix/dnsblog[31351]: addr 222.168.14.205
blocked by d
x onlinealert.bankofamerica.com
Host onlinealert.bankofamerica.com not found: 3(NXDOMAIN)
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 5
* Matt Hayes :
> It appears that mail.cypresspartners.com is a postfix server which
> appears, to me at least, to be sending out spam.
http://www.robtex.com/ip/72.242.211.227.html#blacklists
They should stick to trees, no servers.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Ne
nerating
this message".
If you don't see that sender on your postfix gateway, then I guess
it's your internal exchange server.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D
Today I found this double-bounce:
- Forwarded message from Mail Delivery System
-
: host
customer110.goolara.net[209.209.90.110] said: 552 Invalid size declaration.
(in reply to MAIL FROM command)
Reporting-MTA: dns; mail-ausfall.charite.de
X-Postfix-Queue-ID: 568AE3DC96
X-Post
* Ralf Hildebrandt :
> Jun 10 13:00:04 mail-ausfall postfix/smtp[7597]: >
> customer110.goolara.net[209.209.90.110]:25: MAIL FROM:
> SIZE=19091 BODY=8BITMIME
> Jun 10 13:00:04 mail-ausfall postfix/smtp[7597]: <
> customer110.goolara.net[209.209.90.110]:25: 552 Invalid s
gt;
> Making it time-dependent address_verify_sender may somewhat compound
> issues with grey-listing at the origin domain. It is useful to have a
> value that is stable enough to not repeatedly be subjected to greylisting.
Maybe if it changes once a week (configurable), but the idea
ody use such a thing?
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebra...@charite.de | http://www.charite.de
nectivity issues
> with your server will use "telnet 25" from time to time. There is no
> need to block this, it is by far the least likely source of any
> significant spam volume...
Indeed. There are faster methods.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Ne
tly my point.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebra...@charite.de | http://www.charite.de
* Stefano Villa :
> I've the task to implement a disclaimer for all mail.
> What product can I use?
Altermime
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel.
2.0/24, 193.175.74.0/24
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebra...@charite.de | http://www.charite.de
* Ralf Hildebrandt :
> Jun 15 18:30:20 mail postfix/dnsblog[15154]: addr 79.15.172.144 blocked by
> domain mykey.zen.dq.spamhaus.net as 127.0.0.4
> Jun 15 18:30:24 mail postfix/postscreen[14995]: DNSBL rank 1 for 79.15.172.144
>
> again, blacklisted, 15 minutes later.
>
>
t; postscreen_pre_queue_limit = 100
# postconf -n | grep postscreen
postscreen_blacklist_action = drop <- ? blacklist ?
postscreen_dnsbl_sites = mykey.zen.dq.spamhaus.net
postscreen_greet_action = drop
postscreen_whitelist_networks = 141.42.193.0/24, 141.42.202.0/24,
141.42.203.0/24, 141.42.204.0/24, 141.4
* Ralf Hildebrandt :
I think it was due to me using:
postscreen_blacklist_action = drop
and no postscreen_dnsbl_action at all.
Once I set
postscreen_dnsbl_action = drop
it seems to work as intended.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité
contained hostnames which would not resolve :(
May I recommend that Postfix at least emits the IP in it's rejection message,
e.g. like:
521 5.7.1 123.123.123.123 Blocked by DNSBL
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Ben
* Wietse Venema :
> Ralf Hildebrandt:
> > Today I got this bounce from somebody whose mail had been rejected:
> >
> > : Protocol error: host
> > mail.python.org[82.94.164.166] refused to talk to me:
> > 220-mail.python.org ESMTP Postfix 521 5.7.1 Blocked by
ctly the form I'd like to see. It doesn't even have to
mention the DNSBL used. Just the IP!
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebra...@charite.de | http://www.charite.de
nto SQLite
* verify that "it (still) works"
* then convert into "real" Database
It would actually help the user to use the path that has been
recommended by Victor et.al.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campu
is
> online?
That's the default :)
> I have enclosed my main.cf, master.cf, and transport configs (at least the
> non-default ones).
postconf -n is very much preferred.
The config looks OK so far
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité -
* Phil Howard :
> Been trying to figure that out. I'm wanting to use CDB. But it
> wasn'tfile.out taking it. I guess what I need to do is give each domain a
> dummy value.
awk '{printf("%s OK\n",$1)}' file > file.out
postmap file.out
--
Ralf Hil
' (but I have this problem with much mail
> domains) isn't in blacklist and this domain is certainly 'clean'.
> My doubt is for what reason these mail are blocked ?
> On my mail server I have SA-3.2.5 with postfix/amavisd-new/clamav.
Check the logs amavis is generating
Gre
* sasashop :
> "Ralf Hildebrandt" wroted:
> >
> >Check the logs amavis is generating
> >Grep for 23600-10
>
> I have only log file '/var/log/mailllog' and in this log file I have,
> about "23600-10" only this:
>
> [r...@mail ~]#
* David Hill :
> soft_bounce = yes
turn it off
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebra...@charite
ail.2co.com[64.128.185.221]:25
> Jun 23 22:12:18 relay0 postfix/smtp[6277]: 5ED4F114BBC:
> to=mailto:sa...@2co.com>>,
> relay=mail.2co.com[64.128.185.221]:25, delay=19449,
> delays=19438/0.09/0.22/10, dsn=4.4.2, status=deferred (lost connection with
> mail.2co.
301 - 400 of 1381 matches
Mail list logo
