Unknown senders and spam
in [Postfix]
|
Prev: Question about bounce related spam
Next: Wanting incoming and outgoing e-mail montiroed for spam andvirii
From: Stan Hoeppner on 19 Apr 2010 03:09 Alex put forth on 4/19/2010 12:11 AM: > It looks like I have a big project ahead of me to upgrade. What kind > of process is involved with going from such an old version to the > current, independent of all the other software? Not much. Just create/modify the new main.cf and any other config files you need, possibly using data from the old files but with current parameter syntax. As always, and as stated in the list welcome message, pasting "postconf -n" output for us to look at would be very helpful to both the list, and thus, more importantly, to you. I'm assuming Postfix 1.x has postconf. I didn't use it back then. I was still in diapers. ;) -- Stan
From: Noel Jones on 19 Apr 2010 08:26 On 4/19/2010 12:11 AM, Alex wrote: > >> The "warn_if_reject" feature predates "reject_unauth_pipelining", which you >> seem to be using successfully. I strongly suspect there was some other >> error -- probably a simple typo in your config -- that kept warn_if_reject >> from working for you. > > I'm trying to do: > > warn_if_reject = reject_rbl_client backscatter.spameatingmonkey.net > > But it appears that's only available in later versions, so I've tried > this, and it also doesn't work: > > warn_if_reject = reject_maps_rbl backscatter.spameatingmonkey.net > warn_if_reject should proceed a restriction in your smtpd_recipient_restrictions. smtpd_recipient_restrictions = permit_mynetworks ... warn_if_reject reject_msps_rbl I misquoted HISTORY about when reject_unauth_pipelining was introduced, actually should have been: 19990905 .... Feature: reject_unauth_pipelining SMTP restriction that rejects mail from clients that improperly use SMTP command pipelining. The part I quoted was about adding the "smtpd_data_restrictions" feature. So it's possible that your postfix doesn't support warn_if_reject, which was added in Nov 2001. You can check your postfix version and release date with postconf mail_version mail_release_date > Will reject_rhsbl_sender and reject_rhsbl_client work in old versions? Don't know... HISTORY says those features were added in Sept 2002. Check your mail_release_date and mail_version, and if they look promising, give it a try. The reason you don't get flamed for running ancient postfix is that even ancient postfix is fairly secure. You're just missing new features and bug fixes. But I would worry about the OS and the other software that may be running on a box with such an old postfix. -- Noel Jones
From: /dev/rob0 on 19 Apr 2010 10:41 On Sun, Apr 18, 2010 at 10:38:46PM -0500, Noel Jones wrote: > On 4/18/2010 9:56 PM, /dev/rob0 wrote: >> >>> reject_unauth_pipelining, >> >> Might catch some zombies. > > Note that with older postfix (postfix < 2.6 IIRC) > reject_unauth_pipelining must be used in smtpd_data_restrictions > to be effective. It won't break anything in > smtpd_recipient_restrictions, but it won't block anything either. Oops. You caught me on that once before, telling someone it would *not* work in smtpd_recipient_restrictions, and now here, forgetting to mention that in this case, it won't. :) >>> reject_maps_rbl, >> >> Old syntax, could be good or could be disastrous. Switch to the >> "new" syntax (new since Postfix 2.0 IIRC) of "reject_rbl_client >> zone.name". > > Using the old syntax is harmless[1] and still works; the new syntax > was introduced for more flexibility. > > [1] harmless until some undefined point in the future when it's > removed and no longer recognized. The possible disaster to which I was referring was the case in which one of the listed DNSBL operators decides to list the whole Internet, some time after having retired the DNSBL. The point being, we don't have any way to know from reading his post. -- Offlist mail to this address is discarded unless "/dev/rob0" or "not-spam" is in Subject: header
From: mouss on 19 Apr 2010 16:58 Alex a �crit : > Hi, > >>> I'm trying to do: >>> >>> warn_if_reject = reject_rbl_client backscatter.spameatingmonkey.net >>> >> wrong syntax. it's >> warn_if_reject reject_rbl_client $yourlist >> There's no 'equal' sign. > > $ postfix check > postfix: fatal: /etc/postfix/main.cf, line 700: missing '=' after > attribute name: "warn_if_reject reject_maps_rbl > backscatter.spameatingmonkey.net" > Apr 19 02:35:33 smtp01 postfix[13351]: fatal: /etc/postfix/main.cf, > line 700: missing '=' after attribute name: "warn_if_reject > reject_maps_rbl backscatter.spameatingmonkey.net" > Duh. read the error message again and tell me what it has to do with reject_rbl_client.
From: Alex on 20 Apr 2010 23:47
Hi, >> $ postfix check >> postfix: fatal: /etc/postfix/main.cf, line 700: missing '=' after >> attribute name: "warn_if_reject reject_maps_rbl >> backscatter.spameatingmonkey.net" >> Apr 19 02:35:33 smtp01 postfix[13351]: fatal: /etc/postfix/main.cf, >> line 700: missing '=' after attribute name: "warn_if_reject >> reject_maps_rbl backscatter.spameatingmonkey.net" >> > > Duh. read the error message again and tell me what it has to do with > reject_rbl_client. Yes, sorry, I meant to use reject_rbl_client, but it doesn't work there either: Apr 20 23:43:02 smtp01 postfix[30380]: fatal: /etc/postfix/main.cf, line 609: missing '=' after attribute name: "warn_if_reject reject_rbl_client backscatter.spameatingmonkey.net" It appears that it's not supported in my version (postfix-20020613). As an interim solution, do you think I could get a later postfix working, say, postfix-1.1.13 without much difficulty, and benefit from some of these features to ease testing and migration to postfix-2.7 later? Thanks, Alex |