Loading ...
Sorry, an error occurred while loading the content.
 

Re: Postfix 2.3 release candidate

Expand Messages
  • Wietse Venema
    After using XCLIENT you MUST now send EHLO Wietse
    Message 1 of 11 , Jul 1 4:46 AM
      After using XCLIENT you MUST now send EHLO

      Wietse
    • Greg Hackney
      Would anyone happen to have a modified /etc/log.d/scripts/services/postfix script that will match or ignore these types of otherwise Unmatched Entries
      Message 2 of 11 , Jul 1 9:33 AM
        Would anyone happen to have a modified
        "/etc/log.d/scripts/services/postfix" script
        that will match or ignore these types of otherwise "Unmatched Entries"
        entries
        on my FC3 box:

        NOQUEUE: reject: RCPT from unknown[220.90.18.237]: 554 Service unavailable; Client host [220.90.18.237] blocked using sbl-xbl.spamhaus.org; http://www.spamhaus.org/query/bl?ip=220.90.18.237; from=<ieyaeuyiaaaeyou@...> to=<radio@...> proto=SMTP helo=<7B434978>

        163062A44B4: reject: body <DIV><FONT face=3DArial size=3D2><A href=3D"http://www.envirowarqez.com"><IMG = from unknown[61.47.167.53]; from=<xywe@...> to=<radio@...> proto=SMTP helo=<netzero.com>: Message content rejected

        F36572A4677: reject: header From: Joe <blows@...> from camomile.cloud9.net[168.100.1.3]; from=<owner-postfix-users@...> to=<radio@...> proto=SMTP helo=<camomile.cloud9.net>: Message content rejected

        Jun 25 08:23:00 relay postfix/smtp[9405]: certificate verification failed for mx.flexmail.ifxnetworks.com: num=18:self signed certificate

        Jun 25 08:23:00 relay postfix/smtp[9405]: certificate peer name verification failed for mx.flexmail.ifxnetworks.com: CommonName mis-match: IFX Postmaster

        Jun 30 07:59:02 relay postfix/smtp[2482]: Server certificate could not be verified

        Jun 29 13:32:35 relay postfix/smtp[27342]: Unverified: subject_CN=mail125.messagelabs.com, issuer=MessageLabs

        Jun 29 15:23:48 relay postfix/scache[28130]: statistics: **ALL, a bunch of them**

        --
        Greg
      • Brad Schuetz
        ... Perfect, I ll point the author of the content filter to this thread. ... Thanks! -- Brad Schuetz
        Message 3 of 11 , Jul 1 11:15 AM
          Victor Duchovni wrote:
          > On Fri, Jun 30, 2006 at 08:53:05PM -0700, Brad Schuetz wrote:
          >
          >
          >> XCLIENT ADDR=127.0.0.1
          >> 220 mail.cimmeria.com ESMTP Postfix
          >> XFORWARD NAME=omnis-mail.omnis.com ADDR=216.239.128.28 HELO=omnis-mail.omnis.com PROTO=ESMTP SOURCE=REMOTE
          >> 250 2.0.0 Ok
          >> MAIL FROM:<brad@...> SIZE=539
          >> 403 4.5.1 Error: send HELO/EHLO first
          >>
          >
          > That's right, you need to send EHLO again after XCLIENT. XCLIENT
          > is a full reset back to the 220 banner.
          >
          Perfect, I'll point the author of the content filter to this thread.

          >
          >> now with postfix 2.3 snapshot 20060604
          >>
          >> XCLIENT ADDR=127.0.0.1
          >> 250 2.0.0 Ok
          >> XFORWARD NAME=omnis-mail.omnis.com ADDR=216.239.128.28
          >> HELO=omnis-mail.omnis.com
          >> 250 2.0.0 Ok
          >> MAIL FROM:<brad@...> SIZE=539
          >> 250 2.1.0 Ok
          >>
          >
          > Previous releases got this wrong, but it did not matter, before milter.
          >
          >
          Thanks!

          --
          Brad Schuetz
        • Wietse Venema
          Brad Schuetz: [ Charset ISO-8859-1 unsupported, converting... ] ... Second, ask them why they use xclient in the first place. xclient is for rule testing; it
          Message 4 of 11 , Jul 1 2:56 PM
            Brad Schuetz:
            [ Charset ISO-8859-1 unsupported, converting... ]
            > Victor Duchovni wrote:
            > > On Fri, Jun 30, 2006 at 08:53:05PM -0700, Brad Schuetz wrote:
            > >
            > >
            > >> XCLIENT ADDR=127.0.0.1
            > >> 220 mail.cimmeria.com ESMTP Postfix
            > >> XFORWARD NAME=omnis-mail.omnis.com ADDR=216.239.128.28 HELO=omnis-mail.omnis.com PROTO=ESMTP SOURCE=REMOTE
            > >> 250 2.0.0 Ok
            > >> MAIL FROM:<brad@...> SIZE=539
            > >> 403 4.5.1 Error: send HELO/EHLO first
            > >>
            > >
            > > That's right, you need to send EHLO again after XCLIENT. XCLIENT
            > > is a full reset back to the 220 banner.
            > >
            > Perfect, I'll point the author of the content filter to this thread.

            Second, ask them why they use xclient in the first place.

            xclient is for rule testing; it impersonates a client. There
            is no need for that with a content filter.

            Wietse
          Your message has been successfully submitted and would be delivered to recipients shortly.