On 7/25/2016 12:04, Ronald Klop wrote: > On Mon, 25 Jul 2016 18:48:25 +0200, Karl Denninger > <k...@denninger.net> wrote: > >> This may not belong in "stable", but since Postfix is one of the >> high-performance alternatives to sendmail.... >> >> Question is this -- I have sshguard protecting connections inbound, but >> Postfix appears to be ignoring it, which implies that it is not paying >> attention to the hosts.allow file (and the wrapper that enables it.) >> >> Recently a large body of clowncars have been targeting my sasl-enabled >> https gateway (which I use for client machines and thus do in fact need) >> and while sshguard picks up the attacks and tries to ban them, postfix >> is ignoring the entries it makes which implies it is not linked with the >> tcp wrappers. >> >> A quick look at the config for postfix doesn't disclose an obvious >> configuration solution....did I miss it? >> > > Don't know if postfix can handle tcp wrappers, but I use bruteblock > [1] for protecting connections via the ipfw firewall. I use this for > ssh and postfix. > I recompiled sshguard to use ipfw and stuck the table lookup in my firewall config..... works, and is software-agnostic (thus doesn't care if something was linked against tcpwrappers or not.)
-- Karl Denninger k...@denninger.net <mailto:k...@denninger.net> /The Market Ticker/ /[S/MIME encrypted email preferred]/
smime.p7s
Description: S/MIME Cryptographic Signature
