Greylisting & SMTP auth
in [Postfix]
|
Prev: Confgure Postfix to allow relay for a specific IP
Next: email account bombarded with SPAM error bounces - what to do?
From: Hendrik Pahl on 9 Jul 2010 04:57 Hi folks, we're having some trouble with greylisting (postgrey) and smtp auth. smtp_recipient_restrictions looks like: permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, warn_if_reject, reject_unknown_sender_domain, warn_if_reject, reject_invalid_hostname, warn_if_reject, reject_non_fqdn_sender, warn_if_reject, reject_non_fqdn_recipient, warn_if_reject, reject_rbl_client ix.dnsbl.manitu.net, check_policy_service inet:127.0.0.1:10030 Now, when a client authenticates the mail is greylisted - since there are some users directly relaying on this server, this is pretty uncool. is there any chance to avoid mails being greylisted when the connection is correctly authenticated? thanks in advance, i.A. Hendrik Pahl System Engineering team! datentechnik GmbH & Co.KG Werner von Siemens StraÃe 12a 49124 Georgsmarienhuette Tel.: +49 (0)5401-8226-50 Fax : +49 (0)5401-8226-55 E-Mail: pahl(a)team-datentechnik.de Internet: www.team-datentechnik.de HRA 110397, Amtsgericht Osnabrück Geschäftsführung: Reemt Lükenga Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese E-Mail. Vielen Dank. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail ist nicht gestattet. This e-mail contains confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender and delete this message. Thank you. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden.
From: Ralf Hildebrandt on 9 Jul 2010 05:03 * Hendrik Pahl <pahl(a)team-datentechnik.de>: > Hi folks, > > we're having some trouble with greylisting (postgrey) and smtp auth. > > smtp_recipient_restrictions looks like: It's smtpd_recipient_restrictions > permit_sasl_authenticated, permit_mynetworks, > reject_unauth_destination, warn_if_reject, > reject_unknown_sender_domain, warn_if_reject, > reject_invalid_hostname, > warn_if_reject, reject_non_fqdn_sender, > warn_if_reject, reject_non_fqdn_recipient, > warn_if_reject, reject_rbl_client ix.dnsbl.manitu.net, > check_policy_service inet:127.0.0.1:10030 > > Now, when a client authenticates the mail is greylisted No, it's not. permit_sasl_authenticated returns OK in that case, and no other restriction fires. Maybe you have more restrictions? -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebrandt(a)charite.de | http://www.charite.de
From: Christopher Sean Hilton on 9 Jul 2010 13:52
On Jul 9, 2010, at 4:57 AM, Hendrik Pahl wrote: > Hi folks, > > we're having some trouble with greylisting (postgrey) and smtp auth. > > smtp_recipient_restrictions looks like: > I'm not sure what the rest of your network looks like but I greylist through openbsd's spamd and to sasl authenticated SMTP submission on tcp/465 and tcp/587. The details are as follows: tcp/25 -- greylisted tcp/465, tcp/587 -- not greylisted, TLS required, SMTP Auth required. Obviously this works for me because I can tell my clients that they should submit mail at tcp/587 rather than port 25. (I also submission on tcp/465 because some older Outlook clients default there.) I had guessed that this was the pretty standard these days. -- Chris Chris Hilton tildeChris -- http://myblog.vindaloo.com email -- chris/at/vindaloo/dot/com ..~~.--.~~.--.~~.--.~~.--.~~.--.~~.--.~~.--.~~.--.~~.--.~~.--.~~.--.~~.--.~~. "I'm on the outside looking inside, What do I see? Much confusion, disillution, all around me." -- Ian McDonald / Peter Sinfield |