Discussion:
testing - is anybody there?
smplx
2021-06-06 22:53:31 UTC
Permalink
Hi All,

I'm afraid I've been off the air for a few weeks while trying to sort out
my email. It might seem strange to many that it would take anyone this
long but I wanted to put the mail server inside its own VM behind a
firewall. It turns out that doing this is a problem if you want the mail
server to be able to reject spoofed email at the "connect" stage (before
it gets queued). Once an email is accepted and placed in a queue, protocol
dictates that a subsequent rejection involves sending a message back to
the sender. If the sender's address was spoofed then YOU end up generating
"backscatter" spam.

Regards
Sergio Masci
--
http://www.piclist.com/techref/piclist PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist
Alan Pearce
2021-06-06 22:22:46 UTC
Permalink
No, I'm not here, I've gone to bed ...
Its late in the UK now ... :))


On Sun, 6 Jun 2021 23:53:31 +0100 (BST)
Post by smplx
Hi All,
I'm afraid I've been off the air for a few weeks while trying to sort
out my email. It might seem strange to many that it would take anyone
this long but I wanted to put the mail server inside its own VM
behind a firewall. It turns out that doing this is a problem if you
want the mail server to be able to reject spoofed email at the
"connect" stage (before it gets queued). Once an email is accepted
and placed in a queue, protocol dictates that a subsequent rejection
involves sending a message back to the sender. If the sender's
address was spoofed then YOU end up generating "backscatter" spam.
Regards
Sergio Masci
--
http://www.piclist.com/techref/piclist PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist
Allen Mulvey
2021-06-07 12:06:12 UTC
Permalink
What mail server are you using? My mail server, MailEnable, lets me
decide if a reply is sent and to whom. In the case of a virus having
been found I send the response to myself.

Allen Mulvey
Post by Alan Pearce
No, I'm not here, I've gone to bed ...
Its late in the UK now ... :))
On Sun, 6 Jun 2021 23:53:31 +0100 (BST)
Post by smplx
Hi All,
I'm afraid I've been off the air for a few weeks while trying to sort
out my email. It might seem strange to many that it would take anyone
this long but I wanted to put the mail server inside its own VM
behind a firewall. It turns out that doing this is a problem if you
want the mail server to be able to reject spoofed email at the
"connect" stage (before it gets queued). Once an email is accepted
and placed in a queue, protocol dictates that a subsequent rejection
involves sending a message back to the sender. If the sender's
address was spoofed then YOU end up generating "backscatter" spam.
Regards
Sergio Masci
--
http://www.piclist.com/techref/piclist PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist
smplx
2021-06-07 14:13:38 UTC
Permalink
Post by Allen Mulvey
What mail server are you using? My mail server, MailEnable, lets me
decide if a reply is sent and to whom. In the case of a virus having
been found I send the response to myself.
Allen Mulvey
Hi Allen,

I'm using Postfix on a FreeBSD VM on a FreeBSD host. The system was
receiving 20,000+ emails a day. It would not have been possible to process
them manually even if I had wanted to.

I use Alpine as the mail reader. This is not very convenient for viewing
attached images but it does cut down enormously on virus infection and
propergation :-)

Regards
Sergio Masci
--
http://www.piclist.com/techref/piclist PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist
Allen Mulvey
2021-06-07 13:27:50 UTC
Permalink
I don't have anywhere near that much traffic but neither do I process
anything manually. For each filter I specify if a response should be
made and to whom.

My server is a VM hosted on a Hyper-V server.

Allen
Post by smplx
Post by Allen Mulvey
What mail server are you using? My mail server, MailEnable, lets me
decide if a reply is sent and to whom. In the case of a virus having
been found I send the response to myself.
Allen Mulvey
Hi Allen,
I'm using Postfix on a FreeBSD VM on a FreeBSD host. The system was
receiving 20,000+ emails a day. It would not have been possible to process
them manually even if I had wanted to.
I use Alpine as the mail reader. This is not very convenient for viewing
attached images but it does cut down enormously on virus infection and
propergation :-)
Regards
Sergio Masci
--
http://www.piclist.com/techref/piclist PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist
smplx
2021-06-07 15:08:31 UTC
Permalink
Post by Allen Mulvey
I don't have anywhere near that much traffic but neither do I process
anything manually. For each filter I specify if a response should be
made and to whom.
My server is a VM hosted on a Hyper-V server.
Allen
Hi Allen,

I didn't meen to imply that 20,000+ emails a day were legitimate emails.
99.5% are spam - so something had to be done!!!

Postfix is very flexible, has an internal configuarable filter mechanism
and also allows you to add your own external filters. Its biggest downfall
(IMHO) is that there are over 900 configuration options (not to mention
the great many combinations of settings of these options) which makes it
very difficult to configure if you are not using it as a "simple" mail
server with a common (out of the box) canned template.

The biggest problem I had with running the server on a machine other than
the gateway (in this case a virtual machine) was that the NAT interfered
with the senders address and so made it impossible to reject the emails
BEFORE they got queued. The standard way of getting around this was to put
an SMTP proxy (actually another instance of Postfix) on the gateway and
forward the mail to the server. But this still left the proxy exposed and
the gateway vulnerable.

Does your VM act as a server to other machines or do you log onto it and
handle all your mail directly on that? Do you use a proxy outside the VM
to forward the mail ***INTO*** the VM?

Regards
Sergio
--
http://www.piclist.com/techref/piclist PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist
Allen Mulvey
2021-06-07 21:27:42 UTC
Permalink
Sergio,

My VM hosts my mail server and my web server. My gateway router uses
port forwarding on the necessary well-known ports. There is no proxy.
For mail administration, as a system administrator, I can log into the
VM and access everything in one place. This is necessary for most global
settings. However routine administration is done by a designated
administrator for each post office. He then uses a web app to access
only his own post office. A post office may have more than one domain
although most have only one. Clients may use webmail or any standard POP
or IMAP client app. I'm not sure if I answered your question.

Allen
Post by smplx
Post by Allen Mulvey
I don't have anywhere near that much traffic but neither do I process
anything manually. For each filter I specify if a response should be
made and to whom.
My server is a VM hosted on a Hyper-V server.
Allen
Hi Allen,
I didn't meen to imply that 20,000+ emails a day were legitimate emails.
99.5% are spam - so something had to be done!!!
Postfix is very flexible, has an internal configuarable filter mechanism
and also allows you to add your own external filters. Its biggest downfall
(IMHO) is that there are over 900 configuration options (not to mention
the great many combinations of settings of these options) which makes it
very difficult to configure if you are not using it as a "simple" mail
server with a common (out of the box) canned template.
The biggest problem I had with running the server on a machine other than
the gateway (in this case a virtual machine) was that the NAT interfered
with the senders address and so made it impossible to reject the emails
BEFORE they got queued. The standard way of getting around this was to put
an SMTP proxy (actually another instance of Postfix) on the gateway and
forward the mail to the server. But this still left the proxy exposed and
the gateway vulnerable.
Does your VM act as a server to other machines or do you log onto it and
handle all your mail directly on that? Do you use a proxy outside the VM
to forward the mail ***INTO*** the VM?
Regards
Sergio
--
http://www.piclist.com/techref/piclist PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist
Alexandre Guimaraes
2021-06-06 22:43:47 UTC
Permalink
ACK.
Post by smplx
Hi All,
I'm afraid I've been off the air for a few weeks while trying to sort out
my email. It might seem strange to many that it would take anyone this
long but I wanted to put the mail server inside its own VM behind a
firewall. It turns out that doing this is a problem if you want the mail
server to be able to reject spoofed email at the "connect" stage (before
it gets queued). Once an email is accepted and placed in a queue, protocol
dictates that a subsequent rejection involves sending a message back to
the sender. If the sender's address was spoofed then YOU end up generating
"backscatter" spam.
Regards
Sergio Masci
--
http://www.piclist.com/techref/piclist PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist
--
http://www.piclist.com/techref/piclist PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist
Zona
2021-06-07 07:35:22 UTC
Permalink
Greetings.
These are all program output texts.
Thanks for your mail.

On Sun, 6 Jun 2021 23:53:31 +0100 (BST)
Post by smplx
Hi All,
I'm afraid I've been off the air for a few weeks while trying to sort
out my email. It might seem strange to many that it would take anyone
this long but I wanted to put the mail server inside its own VM
behind a firewall. It turns out that doing this is a problem if you
want the mail server to be able to reject spoofed email at the
"connect" stage (before it gets queued). Once an email is accepted
and placed in a queue, protocol dictates that a subsequent rejection
involves sending a message back to the sender. If the sender's
address was spoofed then YOU end up generating "backscatter" spam.
Regards
Sergio Masci
--
http://www.piclist.com/techref/piclist PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist
--
BR.
----
Zona <***@tom.com>
--
http://www.piclist.com/techref/piclist PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist
David C Brown
2021-06-07 12:33:45 UTC
Permalink
Just us chickens
__________________________________________
David C Brown
43 Bings Road
Whaley Bridge
High Peak Phone: 01663 733236
Derbyshire eMail: ***@gmail.com
SK23 7ND web: www.bings-knowle.co.uk/dcb
<http://www.jb.man.ac.uk/~dcb>



*Sent from my etch-a-sketch*
Post by smplx
Hi All,
I'm afraid I've been off the air for a few weeks while trying to sort out
my email. It might seem strange to many that it would take anyone this
long but I wanted to put the mail server inside its own VM behind a
firewall. It turns out that doing this is a problem if you want the mail
server to be able to reject spoofed email at the "connect" stage (before
it gets queued). Once an email is accepted and placed in a queue, protocol
dictates that a subsequent rejection involves sending a message back to
the sender. If the sender's address was spoofed then YOU end up generating
"backscatter" spam.
Regards
Sergio Masci
--
http://www.piclist.com/techref/piclist PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist
--
http://www.piclist.com/techref/piclist PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist
Loading...