Configuration problems

classic Classic list List threaded Threaded
24 messages Options
12
Reply | Threaded
Open this post in threaded view
|

Re: Configuration problems

Bill Cole-3
At 9:27 AM +0200 6/24/08, mouss wrote:

>Jan Meyland Andersen wrote:
>>>Likewise, it's more secure to disconnect from the network. If you lack
>>>the experience and know-how to maintain the chroot, it's not helping.
>>>
>>
>>I can see that many advise me to disabling this. I just thougt that there
>>were a reason why it is enabled by default.
>
>It is not enabled in the "original" postfix. it is enabled by your
>package maintainer.

Which is an argument against relying on the wisdom of that package maintainer.


>>But I do not have the experience or the time to make this work, so I will
>>most likely follow the advise.
>>
>>
>>>11.30.23.217.zen.spamhaus.org. 1800 IN  TXT  
>>>"http://www.spamhaus.org/query/bl?ip=217.23.30.11"
>>>11.30.23.217.zen.spamhaus.org. 1800 IN  A       127.0.0.4
>>>
>>>This, like most spam, came from a known spam source.
>>>
>>>BTW the log lines in your original post were chopped off. I think we
>>>are still lacking a complete problem description here.
>>>
>>
>>I think you solved the problem with spamhaus. Thanks.
>>
>
>unfortunately not.  it was listed after you received it (2008-06-24
>06:00 GMT). see
>    http://cbl.abuseat.org/lookup.cgi?ip=217.23.30.11


That address has been spewing bot-spam for weeks. The CBL operates on
an automated add/expire model, and it will often only show the latest
addition.

The SpamCop BL listing history for that address says that in the past
42.0 days, it has been listed 8 times for a total of 30.5 days. The
SORBS web check shows evidence from June 3.


--
Bill Cole                                  
[hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Configuration problems

mouss-2
In reply to this post by Michael Monnerie-4
Michael Monnerie wrote:

> On Dienstag, 24. Juni 2008 mouss wrote:
>  
>> - here, JM_SOUGHT_* rules give 8.0 points. I don't know if this would
>> have worked at reception time, but I recommend that you include
>> Justin Mason Sought rules in your sa-update.
>>    
>
> Do you have the config line at hand how to get his sought rules?
>
> mfg zmi
>  


# first time only
curl -o ${KEY_DIR}/jmsought.key http://yerp.org/rules/GPG.KEY
sa-update --import ${KEY_DIR}/jmsought.key
echo "sought.rules.yerp.org" >> /path/to/channels.list

# cron:
sa-update --channelfile /path/to/channels.txt --gpgkey 6C6191E3      


This info is from:
    http://daryl.dostech.ca/sa-update/sare/sare-sa-update-howto.txt


Reply | Threaded
Open this post in threaded view
|

Re: Configuration problems

Michael Monnerie-4
On Dienstag, 24. Juni 2008 mouss wrote:

> # first time only
> curl -o ${KEY_DIR}/jmsought.key http://yerp.org/rules/GPG.KEY
> sa-update --import ${KEY_DIR}/jmsought.key
> echo "sought.rules.yerp.org" >> /path/to/channels.list
>
> # cron:
> sa-update --channelfile /path/to/channels.txt --gpgkey 6C6191E3      
>
>
> This info is from:
>     http://daryl.dostech.ca/sa-update/sare/sare-sa-update-howto.txt
Thanks, works perfect. I've had already JM's update channel, so have to
use the "--gpgkey" option twice to use both keys.
Shouldn't you "sa-compile" after "sa-update" also?

mfg zmi
--
// Michael Monnerie, Ing.BSc    -----      http://it-management.at
// Tel: 0660 / 415 65 31                      .network.your.ideas.
// PGP Key:         "curl -s http://zmi.at/zmi.asc | gpg --import"
// Fingerprint: AC19 F9D5 36ED CD8A EF38  500E CE14 91F7 1C12 09B4
// Keyserver: www.keyserver.net                   Key-ID: 1C1209B4

signature.asc (201 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Configuration problems

mouss-2
Michael Monnerie wrote:

> On Dienstag, 24. Juni 2008 mouss wrote:
>  
>> # first time only
>> curl -o ${KEY_DIR}/jmsought.key http://yerp.org/rules/GPG.KEY
>> sa-update --import ${KEY_DIR}/jmsought.key
>> echo "sought.rules.yerp.org" >> /path/to/channels.list
>>
>> # cron:
>> sa-update --channelfile /path/to/channels.txt --gpgkey 6C6191E3      
>>
>>
>> This info is from:
>>     http://daryl.dostech.ca/sa-update/sare/sare-sa-update-howto.txt
>>    
>
> Thanks, works perfect. I've had already JM's update channel, so have to
> use the "--gpgkey" option twice to use both keys.
>  

I use a script which updates channels one by one, so only one key is
passed.

> Shouldn't you "sa-compile" after "sa-update" also?
>  

yes, but that's optional.
12