DevHeads.net

Postings by =?UTF-8?Q?Francesc_Pe=c3=b1alvez?=

problems follow with certain rules

following the instructions given to me place the access in front of the
rule that is not supported ips unresolved, and as I still have the same
problems I added a debug to that ip that interests me and among other
things in this debug I find this:
16:43:05 ns postfix / smtpd [28258]: generic_checks: name =
check_client_access
Apr 2 16:43:05 ns postfix / smtpd [28258]: check_namadr_access: name
unknown addr 213.4.61.170
Apr 2 16:43:05 ns postfix / smtpd [28258]: check_domain_access: unknown
Apr 2 16:43:05 ns postfix / smtpd [28258]: maps_find: hash: / etc /
postfix / access: unknown: not

smtpd_recipient_restrictions reject_unknown_client_hostname

I have this directive active reject_unknown_client_hostname and in some
ips when it does not solve at the moment of doing the RCPT it does not
solve correctly, as it is logical send code 450 blocking the mail. Well
my question is how could I put some ips in particular that I know are
reliable for that the reject_unknown_client_hostname be skipped. I have
added these ips with the OK directive in the access file but it does not
work as I would like it to do

I need help compiling postfix with tls an sasl

is this  correct

make makefiles CCARGS="-DUSE_SASL_AUTH -DUSE_CYRUS_SASL \
    -I/usr/include/sasl" AUXLIBS="-L/usr/lib -lsasl2 -lssl -lcrypto"

i compile with this options but when mail arriving i get this in log

warning: TLS has been selected, but TLS support is not compiled in

Is there any way to add whitelist to ranges or ips domains so that dnsbl are skipped?

Gmail has its ips stuck in almost all dnsbl spam and for that reason I
do not receive any mail from gmail, I see the rebounds that postfix
sends to the administration mail according to the failures of those ips,
but no mail arrives from that domain

Problems with scam where from and for is internal addresses of my domain

Add smtpd_sender_restrictions =
         permit_mynetworks
         check_client_access cidr: /etc/postfix/trusted_ips.cidr
         permit_sasl_authenticated
         check_sender_access inline: {
             {almogavers.net = Local REJECT sender from unauthorized
client}
         }
This seemed to work, but since yesterday they have sent again the mails
where the from and the for is the local mail itself, without the
change-path is totally different.

exception to the rule reject_unknown_client_hostname

exception to the rule reject_unknown_client_hostname since having it
active there are some ips that if they have inverse blocks me emails,
could you put some type of exception to certain ips that I really know
so that I do not block their mails?

possibly stupid question

it may be a silly question but.Which option is appropriate to reject
emails from ip without ip resolved

avoid external emails that the from=< and the to=< are the same user

Lately we are receiving spam mails that apparently the mail from the and
the to is the same. How is it possible to avoid this?. I have configured
postfix to avoid the relay of emails and to be able to send mail through
my postfix is necessary the auth , these emails are sent externally from
several ips and seeing the logs of those emails are not authenticated

*************************************************************************************************
Este mensaje y todos los archivos adjuntos son confidenciales y de uso exclusivo por parte
de su/sus destinatario/s.

Problem connecting any ips to mi postfix server

There are some ips that when wanting to connect with my postfix it is
impossible to do so when connecting in the same second they disconnect
without sending any data
for example:

Sep 26 21:20:47 ns postfix / smtpd [4679]: connect from
mail2.segurcaixaadeslas.es [195.77.158.25]
Sep 26 21:20:47 ns postfix / smtpd [4679]: disconnect from
mail2.segurcaixaadeslas.es [195.77.158.25]

This is my postconf -n configuration

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
allow_percent_hack = no
allow_untrusted_routing = yes
append_dot_mydomain = no
biff = no
broken_sasl_auth_cli