> On 4/28/20 11:57 AM, Mike Hammett wrote: > > I noticed over the weekend that a Fail2Ban instance's complain function > > wasn't working. I fixed it.
On the one hand, if you have programmed your computer to originate email to lots of people without any review to consider the email's accuracy or whether the recipients would welcome it... then you are being inconsiderate and likely spamming. You should stop doing that. You're just contributing to the noise. On Tue, Apr 28, 2020 at 9:40 AM Matt Corallo via NANOG <nanog@nanog.org> wrote: > Please don't use this kind of crap to send automated "we received 3 login > attempts on our SSH box..waaaaaaaaa" emails. > This is why folks don't have abuse contacts that are responsive to real > issues anymore. On the other hand, if your network is the source of bad behavior that such automated messages complain of, you should be far more concerned with the criminal in your midst than any rudeness on the part of whoever made the report. Consider carefully why you didn't already know that one of your users' computers was scanning ssh ports and hadn't already mitigated it. Are you being proactive or just responding to complaints? I last worked for an ISP in 2004 and even then it was a cinch to map a default route to a capture device and see who was spraying unrouted space with connection attempts. If you want to wait until someone complains, do you have the right to be annoyed by the form that complaint take? Regards, Bill Herrin -- William Herrin b...@herrin.us https://bill.herrin.us/
