• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Postfix - antispam and relay package

pfSense Packages
136
855
1.0m
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M
    marcelloc
    last edited by May 23, 2012, 2:53 AM

    RobinGill,

    all working now? I was trying to reproduce your no valid recipients check you've posted today.
    The reinstall did the trick?

    att,
    Marcello Coutinho

    Treinamentos de Elite: http://sys-squad.com

    Help a community developer! ;D

    1 Reply Last reply Reply Quote 0
    • F
      fogelholk
      last edited by May 25, 2012, 1:35 PM May 25, 2012, 8:57 AM

      Hi marcelloc,

      I'm sorry if this really doesn't concern you, but I would love if you could either point me in some direction or something about this matter;
      I'm using your postfix forwarder just for relaying messages because my net is blocked, works wonderfully, but…
      I realized today that messages over just a couple of megabytes is a no-go sending through the forwarder, I upped the limit to ~100mb (102400000 bytes).
      I just tried sending a message that is just over 10 megabytes in size and I get this message:

      May 25 10:55:22 princesscelestia postfix/smtpd[3713]: NOQUEUE: reject: MAIL from twilightsparkle.fogelholk.se[192.168.11.11]: 452 4.3.1 Insufficient system storage; proto=SMTP helo= <derpy.fogelholk.se>May 25 10:55:22 princesscelestia postfix/smtpd[3713]: warning: not enough free space in mail queue: 47714304 bytes < 1.5*message size limit</derpy.fogelholk.se>

      I use the 4gb nanoBSD-image build on a usb-stick, and on the dashboard it says I have only used 17% of the total disk space, is it possible to, I don't know, use another folder or something with more space for Postfix Forwarder?
      I must admit I'm not very good with BSD-commands, but I get around somewhat and you should be able to get quite techy in your description if you decide to help me :)

      Thanks for a great addon otherwise, has worked great so far!

      Edit: Did some more testing and the error above apperently means that postfix can't allocate the 102400000 bytes that I set, if I for example decrease it to 20480000 bytes (~20mb) I can send messages larger than 10 megabytes.
      Though I would like to increase the limit to about 100 megabytes or around there, is this possible with either moving the postfix folder or where it allocates the space in some way or another?

      1 Reply Last reply Reply Quote 0
      • M
        marcelloc
        last edited by May 25, 2012, 3:17 PM

        The problem is that /var is ram drive and /usr is read only on nanobsd.

        you can symlink postfix folder to /usr but you will need to leave /usr writable all the time.

        Treinamentos de Elite: http://sys-squad.com

        Help a community developer! ;D

        1 Reply Last reply Reply Quote 0
        • F
          fogelholk
          last edited by May 25, 2012, 3:40 PM

          @marcelloc:

          The problem is that /var is ram drive and /usr is read only on nanobsd.

          you can symlink postfix folder to /usr but you will need to leave /usr writable all the time.

          Alright, thanks for your answer.

          Would it be possible to give it more ram or increase the size of /var or something? The tiny beast has 2GB of total ram, and currently about 11% in use.

          1 Reply Last reply Reply Quote 0
          • N
            nahid
            last edited by May 26, 2012, 12:08 AM

            Marcello,

            My SMTP Test report as follows:
            EHLO please-read-policy.mxtoolbox.com
            250-firewall.sesric.org
            250-PIPELINING
            250-SIZE 10240000
            250-ETRN
            250-ENHANCEDSTATUSCODES
            250-8BITMIME
            250 DSN [187 ms]
            MAIL FROM: supertool@mxtoolbox.com250 2.1.0 Ok [203 ms]
            RCPT TO: test@example.com554 5.7.1 test@example.com: Relay access denied [187 ms]
            QUIT
            221 2.0.0 Bye [203 ms]

            I want to convert the local address (red marked) to mail2.sesric.org.
            Is there any way to solve this.

            Best regards,
            Nahid/test@example.com/test@example.com/supertool@mxtoolbox.com

            1 Reply Last reply Reply Quote 0
            • M
              marcelloc
              last edited by May 26, 2012, 2:19 AM

              Nahid,

              I think you just need to add

              myhostname=mail2.sesric.org
              smtp_helo_name=mail2.sesric.org

              to genereal -> custom main.cf options

              att,
              Marcello Coutinho

              Treinamentos de Elite: http://sys-squad.com

              Help a community developer! ;D

              1 Reply Last reply Reply Quote 0
              • N
                nahid
                last edited by May 26, 2012, 9:09 AM

                Mercello,

                In that case I got the following log that shows the messages were bounced and it doesn't deliver.

                May 26 12:10:19 nahid05@gmail.com anhuda@sesric.org 0.63 bounced (mail for [10.10.1.5] loops back to myself)
                May 26 12:09:23 nashanahid@yahoo.com anhuda@sesric.org 0.69 bounced (mail for [10.10.1.5] loops back to myself)

                Best regards,
                Nahid

                1 Reply Last reply Reply Quote 0
                • R
                  RobinGill
                  last edited by May 27, 2012, 8:14 PM

                  @marcelloc:

                  RobinGill,

                  all working now? I was trying to reproduce your no valid recipients check you've posted today.
                  The reinstall did the trick?

                  att,
                  Marcello Coutinho

                  Hi Marcello,

                  Yes it's all working now that I've reinstalled. Strange thing is I tried a few times until I got it working. If I can figure out how to reproduce the problem I had I will let you know.

                  Also it's no major deal, but I'm wondering if on the next update it may be worth modifying the package to add quote marks to allow ldap authentication with a username with a space in it. I tried adding the quote marks in the gui but they are automatically removed.

                  1 Reply Last reply Reply Quote 0
                  • M
                    marcelloc
                    last edited by May 27, 2012, 11:01 PM

                    @RobinGill:

                    but I'm wondering if on the next update it may be worth modifying the package to add quote marks to allow ldap authentication with a username with a space in it. I tried adding the quote marks in the gui but they are automatically removed.

                    I leave only letters and number to avoid code on the field.

                    Treinamentos de Elite: http://sys-squad.com

                    Help a community developer! ;D

                    1 Reply Last reply Reply Quote 0
                    • N
                      nahid
                      last edited by May 28, 2012, 6:37 AM

                      "Mercello,

                      In that case I got the following log that shows the messages were bounced and it doesn't deliver.

                      May 26 12:10:19  nahid05@gmail.com  anhuda@sesric.org  0.63  bounced  (mail for [10.10.1.5] loops back to myself)
                      May 26 12:09:23  nashanahid@yahoo.com  anhuda@sesric.org  0.69  bounced  (mail for [10.10.1.5] loops back to myself)

                      Best regards,
                      Nahid"

                      Marcello,

                      Is there any way to solve this?

                      Nahid

                      1 Reply Last reply Reply Quote 0
                      • Z
                        zlyzwy
                        last edited by May 28, 2012, 7:48 AM

                        Hi Marcelloc,

                        I have one question, some mail server is continuing sending spam email to my server.
                        It brings me a lot of useless log in Search Mail(NOQUEUE).

                        May 28 15:41:58	xxx@xxx.com	aaa@aaa.cn	reject
                        May 28 15:42:58	xxx@xxx.com	aaa@aaa.cn	reject
                        May 28 15:43:58	xxx@xxx.com	aaa@aaa.cn	reject
                        May 28 15:44:58	xxx@xxx.com	aaa@aaa.cn	reject
                        May 28 15:45:58	xxx@xxx.com	aaa@aaa.cn	reject
                        May 28 15:46:58	xxx@xxx.com	aaa@aaa.cn	reject
                        May 28 15:47:58	xxx@xxx.com	aaa@aaa.cn	reject
                        

                        I add the rule in Access List –> Sender

                        xxx@xxx.com RJECT
                        bbb.com REJECT
                        

                        But I found I still can see these log in Search Mail.

                        Can I just block these mail address somewhere? Or maybe there will have a filter for log?

                        Thanks for your great work!
                        Zlyzwy

                        1 Reply Last reply Reply Quote 0
                        • M
                          marcelloc
                          last edited by May 28, 2012, 3:16 PM

                          The noqueue log means that the message was rejected before mail data.

                          To do not receive this error, you will need to configure a firewall rule for these ips.

                          att,
                          Marcello Coutinho

                          Treinamentos de Elite: http://sys-squad.com

                          Help a community developer! ;D

                          1 Reply Last reply Reply Quote 0
                          • Z
                            zlyzwy
                            last edited by May 29, 2012, 12:32 AM

                            @marcelloc:

                            The noqueue log means that the message was rejected before mail data.

                            To do not receive this error, you will need to configure a firewall rule for these ips.

                            att,
                            Marcello Coutinho

                            In fact, I has tried this method already, however it seems it doesn't work.
                            I have pfBlocker installed, I put the spam ip into the Custom list, eg:

                            111.222.333.444/32  #xxx@xxx.com
                            

                            Then I still see the NOQUEUE log…

                            1 Reply Last reply Reply Quote 0
                            • M
                              marcelloc
                              last edited by May 29, 2012, 3:54 AM

                              @zlyzwy:

                              In fact, I has tried this method already, however it seems it doesn't work.
                              I have pfBlocker installed, I put the spam ip into the Custom list, eg:
                              111.222.333.444/32  #xxx@xxx.com

                              can you check on diagnostics table if this ip is listed on pfblocker alias?
                              what action did you selected on pfblocker?

                              pfBlocker is a nice package  ;), but for this rule, you need just an alias and a rule on wan.

                              att,
                              Marcello Coutinho

                              Treinamentos de Elite: http://sys-squad.com

                              Help a community developer! ;D

                              1 Reply Last reply Reply Quote 0
                              • Z
                                zlyzwy
                                last edited by May 29, 2012, 5:17 AM

                                can you check on diagnostics table if this ip is listed on pfblocker alias?

                                Yes, it's.

                                what action did you selected on pfblocker?

                                Deny Inbound

                                I can see the packets which has been blocked by PFblocker from Dashboard..

                                1 Reply Last reply Reply Quote 0
                                • M
                                  marcelloc
                                  last edited by May 30, 2012, 2:11 AM May 29, 2012, 11:33 AM

                                  Check the log, it may be coming from more than one ip.

                                  Treinamentos de Elite: http://sys-squad.com

                                  Help a community developer! ;D

                                  1 Reply Last reply Reply Quote 0
                                  • Z
                                    zlyzwy
                                    last edited by May 30, 2012, 12:36 AM

                                    @marcelloc:

                                    Check the log, it maybe comming from more then one ip.

                                    You are right… there are three ips from one address.

                                    I blocked them all and it's now OK~

                                    Thanks for your help~

                                    1 Reply Last reply Reply Quote 0
                                    • I
                                      ics
                                      last edited by May 31, 2012, 2:26 PM

                                      Hi,

                                      In Postfix, is it possible to forward emails to specific servers depending on the recipient email address (not only on the domain) ?

                                      Thank you

                                      1 Reply Last reply Reply Quote 0
                                      • M
                                        marcelloc
                                        last edited by May 31, 2012, 4:00 PM

                                        not yet.  :(

                                        Treinamentos de Elite: http://sys-squad.com

                                        Help a community developer! ;D

                                        1 Reply Last reply Reply Quote 0
                                        • Z
                                          zlyzwy
                                          last edited by Jun 19, 2012, 11:26 AM

                                          Hi Marcelloc,

                                          Can I add the NOQUEUE email address to Whitelist?
                                          Some of mail server can't pass 'Helo Hostname' check….

                                          As my understanding, the "access lists" will only work with QUEUE email address.

                                          Thanks in advance~

                                          Zlyzwy

                                          1 Reply Last reply Reply Quote 0
                                          • First post
                                            Last post
                                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.