From: Rocco Scappatura (Rocco.Scappaturasttspa.it)
Date: Tue Dec 04 2007 - 01:06:33 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>
>
>> -----Original Message-----
>> From: owner-postfix-userspostfix.org
>> [mailto:owner-postfix-userspostfix.org] On Behalf Of Rocco Scappatura
>> Sent: Tuesday, 4 December 2007 10:42 AM
>> To: mouss
>> Cc: postfix-userspostfix.org
>> Subject: Re: Recipient validation
>>
>> > if you see no other logs, then the problem is with the filter. if
>> > there is a way to make more talkative, try that. try
>> connecting to the
>> > filter with telnet (from localhost, not from your PC) and
>> see what it does.

I'm not yet trying this.. But I would I try it to find where was the mistake.

> Regarding the RBL, I've been contemplating using Spamhaus Zen myself,
> but making the change could be "political". I have found that the
> sensitivity of the RBL can be modified by logging onto the Email
> Reputation Service (ERS/NRS, depending on what they're calling it this
> week) console at https://nrs.nssg.trendmicro.com/index.php. By going to
> Policy -> Reputation Settings, you can adjust the QIL level to 2 or 3,
> "less aggressive", from its default of 4 ("most aggressive"). At least
> we're randomly not blocking Optus.net here in Australia any more (only
> the 2nd largest ISP). If you don't have a logon to the ERS console, all
> you need to provide is your registration number to get one.

Infact I already changed the 'aggressivity' to satisfy my needs. Thanks.

> Anyways, here's part of our Postfix configuration for IMSS - it works
> perfectly. This is Postfix 2.2. I think that amavisd-new's
> postfix.readme and discussions here were a great help for understanding
> how it all fits together. I've only slightly tweaked the concurrency
> limits in master.cf - the Trend Micro defaults are:

I would to take a depth look and match the two configuration (surely my
'default' configuration is a little bit different from yours). I let you
know. Thanks.

> imss unix - - n - - smtp
> localhost:10026 inet n - n - 20 smtpd
>
> main.cf
> ======
>
> smtpd_helo_required = yes
> smtpd_recipient_restrictions =
> reject_non_fqdn_recipient,
> permit_mynetworks,
> reject_non_fqdn_sender,
> reject_unauth_destination,
> check_recipient_access pcre:/etc/postfix/recipient_access,
> reject_invalid_hostname,
> reject_non_fqdn_hostname,
> check_sender_access hash:/etc/postfix/sender_access,
> check_client_access hash:/etc/postfix/client_access,
> reject_unknown_sender_domain,
> reject_rbl_client <ID>.r.mail-abuse.com,
> reject_rbl_client <ID>.q.mail-abuse.com
>
> message_size_limit = 13107200
> strict_rfc821_envelopes = yes
> smtpd_timeout = 60
>
> # following required due to IMSS marking messages with
> # >500 recipients as "malformed", and not notifying recipients
> smtpd_recipient_limit = 500
>
> content_filter = imss:[127.0.0.1]:10025
>
> # Configuration for Trend IMSS scanning
>
> default_process_limit = 200
> imss_timeout = 10m
> imss_connect_timeout = 1s
>
> # IMSS: content filter interface via transport "imss"
> # Using Trend Micro defaults
> imss_destination_recipient_limit = 200
> imss_destination_concurrency_limit = 20
>
> master.cf
> ========
> ### IMSS configuration
> #InterScan MSS: content filter smtp transport imss for InterScan MSS
> imss unix - - n - 20 smtp
> -o disable_dns_lookups=yes
> -o smtp_connect_timeout=$imss_connect_timeout
> -o smtp_data_done_timeout=$imss_timeout
>
> #InterScan MSS: content filter loop back smtpd
> 127.0.0.1:10026 inet n - n - 50 smtpd
> -o smtpd_use_tls=no
> -o content_filter=
> -o smtpd_timeout=$imss_timeout
> -o myhostname=imss70.smtp3
> -o mynetworks=127.0.0.1
> -o smtpd_delay_reject=no
> -o smtpd_client_restrictions=permit_mynetworks,reject
> -o smtpd_sender_restrictions=
> -o smtpd_recipient_restrictions=permit_mynetworks,reject
> -o receive_override_options=no_unknown_recipient_checks

rocsca

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]