I've used greylisting on my servers for many years, but I don't know how effective it is nowadays.
Is it still good for fighting spam in 2012?
Or is the typical spammer MTA capable of resending greylisted emails now?
I have a quick question regarding SPF records: Do they need to be present for all subdomains?
Lets say that I have a TXT record with SPF info for domain.com
Let's also say that I have a seperate email domain for subdomain.domain.com
Will the SPF policy/info for domain.com also apply to the subdomain? Or do I need to add a separate TXT record for that too?
I'm looking for an smtp service that essentially obeys the RFC, except rather than sending mail it simply logs to a file
[date] sent mail to <address>
Or whatever. I can bash this together with the bare minimum of functionality I need in python in about half an hour I reckon but if there's an existing project that works better I'd rather use that.
The reason for needing it is debugging an app that keeps sending 7* the amount of mail it's supposed to.
EDIT: And already asked: https://stackoverflow.com/questions/1006650/dummy-smtp-server-for-testing-apps-that-send-email
I have just finished setting up a Postfix mail server on a linux (ubuntu) platform. I have it sending and receiving email and it is not an open relay. It also supports secure smtp and imap.
Now this is a pretty beginner question but should I be leaving port 25 open? (since secure smtp is preferred). if so then why?
Also what about port 587?
Also should I require any authentication on either of these ports?
Please excuse my ignorance in this area :P
This morning, in order to correct a problem with a name mismatch in the security certificate, I followed the recommended steps from How to fix mail server SSL?, but now, when attempting to send an email from a client (in this case the client is Windows Mail), I receive the following error.
The rejected e-mail address was '[email protected]'. Subject 'This is a test. ', Account: 'mail.domain.com', Server: 'mail.domain.com', Protocol: SMTP, Server Response: '554 5.7.1 : Relay access denied', Port: 25, Secure(SSL): No, Server Error: 554, Error Number: 0x800CCC79
Edit: I can still retrieve emails from this account, and I send emails to other accounts at the same domain. I just can't send emails to recipients outside of our domain.
I tried disabling TLS altogether but no dice, I still get the same error.
When I check file mail.log, I see the following.
Jul 18 08:24:41 company imapd: LOGIN, [email protected], ip=[::ffff:111.111.11.11], protocol=IMAP
Jul 18 08:24:42 company imapd: DISCONNECTED, [email protected], ip=[::ffff:111.111.11.11], headers=0, body=0, rcvd=83, sent=409, time=1
Jul 18 08:25:19 company postfix/smtpd[29282]: connect from company.university.edu[111.111.11.11]
Jul 18 08:25:19 company postfix/smtpd[29282]: NOQUEUE: reject: RCPT from company.university.edu[111.111.11.11]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<UserPC>
Jul 18 08:25:19 company postfix/smtpd[29282]: disconnect from company.university.edu[111.111.11.11]
Jul 18 08:25:22 company imapd: DISCONNECTED, [email protected], ip=[::ffff:111.111.11.11], headers=13, body=142579, rcvd=3289, sent=215892, time=79
File main.cf looks like this:
#
# Postfix MTA Manager Main Configuration File;
#
# Please do NOT edit this file manually;
#
#
# Postfix directory settings; These are critical for normal Postfix MTA functionallity;
#
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
program_directory = /usr/lib/postfix
#
# Some common configuration parameters;
#
inet_interfaces = all
mynetworks = 127.0.0.0/8
mynetworks_style = host
myhostname = mail.domain.com
mydomain = domain.com
myorigin = $mydomain
smtpd_banner = $myhostname ESMTP 2.4.7.1 (Debian/GNU)
setgid_group = postdrop
#
# Receiving messages parameters;
#
mydestination = localhost, company
append_dot_mydomain = no
append_at_myorigin = yes
transport_maps = mysql:/etc/postfix/transport.cf
#
# Delivering local messages parameters;
#
mail_spool_directory = /var/spool/mail
mailbox_size_limit = 0
mailbox_command = procmail -a "$EXTENSION"
biff = no
alias_database = hash:/etc/aliases
local_recipient_maps =
#
# Delivering virtual messages parameters;
#
virtual_mailbox_maps=mysql:/etc/postfix/mysql_virt.cf
virtual_uid_maps=mysql:/etc/postfix/uids.cf
virtual_gid_maps=mysql:/etc/postfix/gids.cf
virtual_mailbox_base=/usr/local/virtual
virtual_maps=mysql:/etc/postfix/virtual.cf
virtual_mailbox_domains=mysql:/etc/postfix/virtual_domains.cf
#
# SASL paramters;
#
smtp_use_tls = yes
smtpd_use_tls = yes
smtpd_tls_auth_only = yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtp_tls_CAfile = /etc/postfix/ssl/smptd.pem
smtp_tls_cert_file = /etc/postfix/ssl/smptd.crt
smtp_tls_key_file = /etc/postfix/ssl/smptd.key
smtpd_tls_CAfile = /etc/postfix/ssl/smptd.pem
smtpd_tls_cert_file = /etc/postfix/ssl/smptd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smptd.key
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =
broken_sasl_auth_clients = yes
smtpd_sender_restrictions =
permit_sasl_authenticated
permit_mynetworks
smtpd_recipient_restrictions =
permit_sasl_authenticated
check_recipient_access hash:/etc/postfix/filtered_domains
permit_mynetworks
reject_unauth_destination
As a side note, my employer wants to be able to send emails from clients (Thunderbird and Outlook) both from within our local network and outside it.