Such an annoying noise

Sep 24 11:55:57 mail postfix/smtps/smtpd[22346]: Anonymous TLS connection established from unknown[178.162.195.12]: TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)
Sep 24 11:56:02 mail postfix/smtps/smtpd[22346]: NOQUEUE: filter: RCPT from unknown[178.162.195.12]: <test@mail.lucafrancesca.me>: Sender address triggers FILTER smtp-amavis:[::1]:10026; from=<test@mail.lucafrancesca.me> to=<test@gmail.com> proto=SMTP helo=<win-f09mvh2gdn6.domain>
Sep 24 11:56:02 mail postfix/smtps/smtpd[22346]: NOQUEUE: filter: RCPT from unknown[178.162.195.12]: <test@mail.lucafrancesca.me>: Sender address triggers FILTER smtp-amavis:[::1]:10024; from=<test@mail.lucafrancesca.me> to=<test@gmail.com> proto=SMTP helo=<win-f09mvh2gdn6.domain>
Sep 24 11:56:02 mail postfix/smtps/smtpd[22346]: NOQUEUE: reject: RCPT from unknown[178.162.195.12]: 554 5.7.1 <test@gmail.com>: Recipient address rejected: Access denied; from=<test@mail.lucafrancesca.me> to=<test@gmail.com> proto=SMTP helo=<win-f09mvh2gdn6.domain>
Sep 24 11:56:04 mail postfix/smtps/smtpd[22346]: lost connection after RCPT from unknown[178.162.195.12]

And a huge amount of

Sep 24 14:17:41 mail postfix/smtps/smtpd[30237]: warning: unknown[178.162.195.12]: SASL LOGIN authentication failed: authentication failure x
Sep 24 14:17:41 mail postfix/smtps/smtpd[30237]: lost connection after AUTH from unknown[178.162.195.12] x
Sep 24 14:17:41 mail postfix/smtps/smtpd[30237]: disconnect from unknown[178.162.195.12] x
Sep 24 14:17:41 mail postfix/smtps/smtpd[30237]: connect from unknown[178.162.195.12] x
Sep 24 14:17:42 mail postfix/smtps/smtpd[30237]: Anonymous TLS connection established from unknown[178.162.195.12]: TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits) x
Sep 24 14:22:43 mail postfix/smtps/smtpd[30237]: timeout after EHLO from unknown[178.162.195.12]

But with the beauty which is iptables

iptables -A INPUT -s 178.162.195.12 -j DROP

A little better on the mail server and the peace is reached.

#LinkedIn #IPv6 and #rDNS for email

It seems that LinkedIn is refusing email from servers that don’t have a rDNS

This is the mail system at host mail.lucafrancesca.me.

I’m sorry to have to inform you that your message could not
be delivered to one or more recipients. It’s attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

The mail system

<xxxx@reply.linkedin.com>: host
mail-c.linkedin.com[2620:109:c006:104::215] said: 554 5.7.1 The sending
mail server at 2a01:4f8:100:242f::2 does not have a reverse
(address-to-name) DNS entry cf
http://en.wikipedia.org/wiki/Reverse_DNS_lookup (in reply to RCPT TO
command)

Nice to see email being taken seriously.

#SPF and #GMail

Received-SPF: fail (google.com: domain of luca@lucafrancesca.me does not designate 23.249.225.236 as permitted sender) client-ip=23.249.225.236;
Authentication-Results: mx.google.com;
       spf=fail (google.com: domain of luca@lucafrancesca.me does not designate 23.249.225.236 as permitted sender) smtp.mail=luca@lucafrancesca.me;
       dmarc=fail (p=NONE dis=NONE) header.from=lucafrancesca.me

Based on this, Gmail let the (obviously fake) mail pass, Yahoo put it into Spam, Libero (Italian Provider) didn’t even receive it.

LITTLE UPDATE

Even after deleting the user from Contacts, it still won’t go to Spam folder

fail

So I ask myself…. Why the f**k use DKIM/SPF/DMARC if Gmail ignores them!

Think people, think…

LAST UPDATE

Or maybe I should do the thinking!
Setting the policy to reject now is working fine!

Too many connections, I will not talk

From my mail server (taken from Splunk)

Feb 7 20:04:25 XXXXXX Feb 7 20:04:25 prdweb2 postfix/smtp[7325]: CB90D115F4F8: host smtp1.linuxfoundation.org[140.211.169.13] refused to talk to me: 421 4.7.0 smtp1.linuxfoundation.org Error: too many connections from xx.xx.xx.xx

It’s cool…. to see a server refusing to talk 😀