On 25.08.14, 10:06, Craig R. Skinner wrote:
> DSBL is GONE and highly unlikely to return. Please remove it from your
> mail server configuration. ( 03/09/2009 http://dsbl.org/)
>
> > reject_rbl_client sbl.spamhaus.org,
> > reject_rbl_client sbl-xbl.spamhaus.org,
> > reject_rbl_client blackholes.easynet.nl,
>
> The blacklists on the easynet.nl domain discontinued on 1/12/2003
> (http://vamsoft.com/company/news/easynet-nl-blacklists-discontinued)
>
> > reject_rbl_client combined.njabl.org,
>
> njabl.org OFFLINE since 1/3/2013 (http://www.dnsbl.info/dnsbl-njabl-org.php)
>
> > reject_rbl_client dul.dnsbl.sorbs.net,
> > permit
>
> Join the Postfix users mailing list (http://www.postfix.org/lists.html)
OK! I'm sorry but I found this option on an old configuration. I delete them.
>
> Send them a problem description & the output of both:
> $ postconf -nf
alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/local/sbin
config_directory = /etc/postfix
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd
$daemon_directory/$process_name $process_id & sleep 5
header_checks = pcre:/etc/postfix/header_checks
html_directory = /usr/local/share/doc/postfix/html
inet_interfaces = all
inet_protocols = all
mail_owner = _postfix
mailq_path = /usr/local/sbin/mailq
manpage_directory = /usr/local/man
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = domain.com
myhostname = mail2.domain.com
mynetworks = 127.0.0.0/8, 192.168.1.0/24, 192.168.3.0/24
myorigin = $myhostname
newaliases_path = /usr/local/sbin/newaliases
qdeliver_destination_concurrency_limit = 1
qdeliver_destination_recipient_limit = 1
queue_directory = /var/spool/postfix
readme_directory = /usr/local/share/doc/postfix/readme
relay_domains = $mydestination
sample_directory = /etc/postfix
sendmail_path = /usr/local/sbin/sendmail
setgid_group = _postdrop
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_milters = unix:/var/spool/postfix/var/run/milter-spamd/spamd.sock
unix:/var/spool/postfix/var/run/milter-clamav/clamav.sock
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated,
reject_unauth_destination, reject_unauth_pipelining,
reject_non_fqdn_recipient, reject_unknown_recipient_domain,
reject_invalid_hostname, reject_non_fqdn_sender,
reject_unknown_sender_domain, reject_unauth_destination, reject_rbl_client
bl.spamcop.net, reject_rbl_client zombie.dnsbl.sorbs.net, reject_rbl_client
list.dsbl.org, reject_rbl_client sbl.spamhaus.org, reject_rbl_client
sbl-xbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl,
reject_rbl_client combined.njabl.org, reject_rbl_client dul.dnsbl.sorbs.net,
permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_security_options =
smtpd_tls_CAfile = /etc/ssl/ca.crt
smtpd_tls_cert_file = /etc/postfix/ssl/server.crt
smtpd_tls_key_file = /etc/postfix/ssl/private/server.key
smtpd_tls_loglevel = 1
smtpd_tls_security_level = may
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:2000
virtual_mailbox_base = /var/mail/vhosts
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailboxes.cf
virtual_minimum_uid = 2000
virtual_transport = qdeliver
virtual_uid_maps = static:2000
> $ postconf -Mf
smtp inet n - n - - smtpd
smtps inet n - - - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
pickup unix n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr unix n - - 300 1 qmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
qdeliver unix - n n - - pipe flags=uh
user=vmail argv=/usr/local/bin/deliverquota -c -w 90
/var/mail/vhosts/${domain}/${user}
>
> Sorry I can help further as I don't use SSL with SMTP as it can't be
> enforced throughout a message's life - therefore I consider it a false
> sense of security.
Which is a solution, for you, to increase the security for connections from the
outside
, for example with a portable device (laptop,smartphone, etc) using a OpenBSD
system?
Thank you very much.
--
Luciano
----------------------------------------------
Le informazioni contenute nella presente e-mail e nei documenti/files
eventualmente allegati sono confidenziali. Essi sono riservati
esclusivamente al destinatario della stessa. La loro eventuale
comunicazione, diffusione o, comunque, rivelazione a terzi, nonche' la
copiatura e/o conservazione e' vietata. Se avete ricevuto questa e-mail per
errore, Vi preghiamo cortesemente di informare immediatamente il mittente
della stessa e di distruggerla o, comunque, cancellarla dal Vostro sistema.
This e-mail contains confidential and/or privileged information. If you are
not the intended recipient (or have received this e-mail in error), please
notify the sender immediately and destroy this e-mail. Any unauthorised
communication, diffusion, disclosure and copy of the material in this
e-mail is strictly forbidden.
----------------------------------------------
