For 3 days now, I’ve been seeing these messages. If you search online, it’s usually the result of port scanning. Aug 7 14:05:15 zuul kernel: Limiting closed port RST response from 212 to 195 packets/sec Aug 7 14:05:16 zuul kernel: Limiting closed port RST response from 219 to 215 packets/sec Aug 7 14:05:17 zuul kernel: […]
kernel: Limiting closed port RST response from x to y packets/sec Read More »
It’s a muggy Friday morning, sitting outside the cafe – it’s tolerable in the shade with a slight breeze and cold iced-latte in a glass. Dogs walking past, lots of pats. It’s time to change most of my hosts from Postfix (my favorite MTA) to dma (in FreeBSD, no install required). I have previously moved
Replacing postfix with dma + auth Read More »
It’s another Saturday morning outside the coffee shop. My abundance of free time, without conferences to run, has resulted in mind shattering pondering. Case in point: In this post: FreeBSD 14.1-RELEASE Let’s use these two hosts: r730-01 – email is from root nagios03 – email is from Charlie Root What are the differences? First idea
Why are some emails from Charlie Root and others are from root? Read More »
I like Postfix. I’ve been a fan of it for over 20 years. I deployed it on every host for outgoing email. Lately, I’ve taken to using dma (DragonFly Mail Agent) as my preferred mail handler on jails and hosts which don’t need to deal with incoming mail, only outgoing mail. After first getting serious
Replacing postfix with dma Read More »
I have used Dovecot as my IMAP server since 2007. It has always been reliable and useful. Recently, I wanted to move my IMAP server to one host to another. I am the only user on this IMAP server. Wait, not I’m not, there are some test accounts on here, mostly used to verify that
Setting up a new Dovecot server on FreeBSD with an OSX mail.app client Read More »
Back in late November (now 56 days ago), I started getting huge levels of very directed spam. When I tweeted about it, I was getting perhaps 100-250 a day. I thought it would soon stop and they would target someone else. They would get into my spam folder yes, but it still takes time to
Using Postfix to block mail based on From/sender and To/recipient Read More »
Today I gave up on my attempt to allow relay via SSL certificate fingerprints. Instead, I will use sasl auth. Yesterday I wrote about my SMTP deliver test which broke when an SSL certificate was updated. Later that day, I finished writing scripts which delivered that fingerprint file to all hosts which needed it. Today,
No more certificate fingerprints – only sasl auth instead Read More »
Let’s Encrypt is an easy way to get free SSL certificates in an automated manner. You may never have to manually do another cert renewal again. Last night, I received this email: From: Cron Daemon To: dan@langille.org Subject: Cron /usr/local/bin/cert-puller Date: Fri, 23 Feb 2018 23:57:00 +0000 (UTC) /etc/rc.conf: 3: not found /etc/rc.conf: yr: not
Postfix suddenly starts rejecting email it had been accepting Read More »
Yesterday, I upgraded a DigitalOcean droplet from FreeBSD 10.3 to FreeBSD 11.1 just before I headed to work. I’ve done such upgrades several times before. They all went well. This one did not. Several issues cascaded to prevent me from completely this task in a timely manner. Let me describe the events as they unfolded.
/etc/rc.subr: 1391: Syntax error: “fi”: unexpected Read More »
If you’re using Postfix for submission and attempts to submit give this messages on the Postix server: Recipient address rejected: Domain not found you’re probably chroot’d. That is, your submssion entry in master.cf looks like this: submission inet n – – – – smtpd When it should look like this: submission inet n – n
reject_unknown_recipient_domain gives Recipient address rejected: Domain not found Read More »