Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
I'm having trouble configuring Postfix to deliver e-mail via relay to Sendgrid.
I get the following error: "Unauthenticated senders not allowed"
Looks like it was the SASL config within Postfix authenticating to Sendgrid. We were able to use the following:
smtpd_sasl_local_domain = $myhostname
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination
mailbox_size_limit = 256000000
# Sendgrid Settings
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = static:SENDGRID_ACCOUNT_EMAIL_HERE:PASSWORD_HERE
smtp_sasl_security_options = noanonymous
smtp_tls_security_level = may
header_size_limit = 4096000
relayhost = [smtp.sendgrid.net]:587
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 1 year ago.
Improve this question
I am applying etag for all the responses but want to know whether to apply etag for the responses with status 4xx or 5xx
The specification describes When to Use Entity-Tags and Last-Modified Dates:
In 200 (OK) responses to GET or HEAD, an origin server SHOULD send an entity-tag validator...
So, no, there is no reason to send ETags for 4xx or 5xx responses. Those codes indicate that a valid response could not be generated; therefore, there is no representation that the ETag could meaningfully apply to.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 5 years ago.
Improve this question
TCP can detect whether a packet was sent successfully anyways so instead of waiting for the pong, why not just check if there's an error when the ping is sent? I just don't find the need for pong.
Having ping and pong creates an end-to-end test for both connectivity and a functional endpoint at the other end.
Using just TCP, only confirms that the TCP stack says the packet was delivered to the next stop in a potential connectivity chain and does not confirm that the other endpoint is actually functioning (only that the packet was delivered to the TCP stack).
This is particularly important when there are proxies or other intermediaries in the networking chain between endpoints which is very often the case in professionally hosted environments. Only a ping and pong confirms that the entire end-to-end chain, including both client and server are fully functioning.
Here's a related answer: WebSockets ping/pong, why not TCP keepalive?
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
Currently I am accessing the Internet in a public library. Before using this access, one must accept the terms of use. After accepting these terms, my browser accesses any URL, e.g. cnn.com
In Unix, I enter the command ping URL, e.g. ping cnn.com, this command fails.
$ ping cnn.com
PING cnn.com (157.166.226.26): 56 data bytes
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
Request timeout for icmp_seq 2
Request timeout for icmp_seq 3
Request timeout for icmp_seq 4
Request timeout for icmp_seq 5
Request timeout for icmp_seq 6
Request timeout for icmp_seq 7
After ending this with Control + C, the output is
7 packets transmitted, 0 packets received, 100.0% packet loss
Why exactly is ping not working in this case? How can I use this command successfully?
It's a matter of network protocol. Ping uses ICMP and your browser HTTP to talk on the netork. It is highly like the network environment of your library filters network connexions by protocols for security reasons.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 8 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
I am looking for an answer from somebody who has experience with ironport. When an email is rejected by ironport (due to low reputation or whatever) does it write it someplace in a log? If so where.
I am on the sender's side. Unfortunately I don't have access to the smtp logs of my server to see what errors ironport throws back. Is there a way to capture those in some other way?
Is there a way to whitelist a sender domain in ironport? If so how (link to a documentation would be enough).
Thank you!
IronPort utilizes 4 Host Access groups which decide what policy will be applied to a sender based on their reputation on SBRS.
WHITELIST:
$TRUSTED (My trusted senders have no anti-spam scanning or rate limiting)
BLACKLIST:
sbrs[-10.0:-3.0]
$BLOCKED (Spammers are rejected)
SUSPECTLIST:
sbrs[-3.0:-1.0]
$THROTTLED (Suspicious senders are throttled)
UNKNOWNLIST:
sbrs[-1.0:10.0]
sbrs[none]
$ACCEPTED (Reviewed but undecided, continue normal acceptance)
ALL
$ACCEPTED (Everyone else)
When the initial SMTP connection is established there will be a new log event written depending on the HAT match
ICID 936657752 ACCEPT SG UNKNOWNLIST match sbrs[-1.0:10.0] SBRS 4.8
ICID 936594871 ACCEPT SG SUSPECTLIST match sbrs[-3.0:-1.0] SBRS -1.4
ICID 936620321 REJECT SG BLACKLIST match sbrs[-10.0:-3.0] SBRS -10.0
Looking at the log verbosely
Thu Nov 27 11:32:36 2014 Info: New SMTP ICID 936620321 interface address x.x.x.x reverse dns host unknown verified no
Thu Nov 27 11:32:36 2014 Info: ICID 936620321 REJECT SG BLACKLIST match sbrs[-10.0:-3.0] SBRS -10.0
Thu Nov 27 11:32:36 2014 Info: ICID 936620321 close
ICID: Incoming Connection ID
MID: Message ID
DCID: Delivery ID
On a rejection only an ICID will be created as the message will never enter the queue due to the SBRS rejection
To view these logs you can either SSH or telnet into your appliance and tail/grep the mail log based on the log name - to verify your log name you can view this under 'logconfig' The log labelled IronPort Text Mail Logs will be what you are looking for. You can also alternatively forward this to a syslog host - option is available under logconfig
Whitelisting can be completed 3 ways
Whitelisting the IP in the HAT table as per above
Whitelisting via a content filter and applying this to your relevant policy
Creating a policy with a content filter set to skip processing and just deliver - domains you would like to include in this policy can just be added as either a sender or recipient
Documentation for Cisco IronPort is available at http://www.cisco.com/c/dam/en/us/td/docs/security/esa/esa7-6/ESA_7-6_Configuration_Guide.pdf - version dependent
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
Following setup: Two servers, one with the (rails) web application and the other which actually sends the emails to the internet through postfix. Which means that any emails created by the web application get sent to the email server who processes them again.
Now, this means that emails got sent out with an email adress like "user#webserver.localdomain", which promptly led to the rejection of the emails by the target mail servers, due to the obviously missing mx record.
That one I fixed, though, with smtp_generic_maps, rewriting the sender adress to a valid one.
However, the sender name displayed in the email consists of two parts - and the first part seems to be automatically set by postfix by the username of the webserver creating the email. In this case "nginx".
So, how do I rewrite the displayed user name in addition to the email adress? Can anyone point me in the right direction, please?
To my defense: I did not setup this system myself, so I'm a bit of a beginner at all things sendmail.
Easy, connect via TCP/IP to 127.0.0.1 port 25, and submit the mail using SMTP. that way you can set the from address to whatever you want. Currently you are submitting mail via the sendmail command, which is picking up the from address from user.
ps. sendmail != postfix