Server migration, password scheme/hashing, argon2i, argon2d, argon2id, sha512, sha512-crypt, tiger2, salt?

2023-06-22 Thread David Mehler
Hello, I'm migrating to a new server. It's running Debian 11 currently though that's going 12 this weekend. Currently it uses Openssl v3.0.9, and dovecot 2.3.13 and MySQL (in this case Mariadb) for storing user account information v10.6.14. My question is in regards password storage and scheme/enc

Re: Postfix: running a script on authentication failure

2023-06-22 Thread Michael Peddemors
Their is more and more reasons to use 3rd party network reputation at the authentication level. While our platforms have pretty sophisticated combination, that includes of course transparent 2FA, but a very granular set of rules for stopping BEC (Business Email Compromise), and dropping obviou

Re: [Fail2ban-users] Postfix: running a script on authentication failure

2023-06-22 Thread Nick Howitt via dovecot
On 2023-06-22 12:58, André Rodier via Fail2ban-users wrote: Hello, all. I just set-up a new server, running postfix, with submission(s) activated on standard ports (587, 465) Shortly after it has been setup, I see brute force attacks (not surprising) from a whole /24 network (more surprising)

Re: [pfx] Postfix: running a script on authentication failure

2023-06-22 Thread dovecot--- via dovecot
Is there any way, with postfix, to run a script on authentication failure, with information like the IP address and the username passed, for instance. I wrote my own script for omprog which is part of rsyslog to read dovecot auth fails. Because postfix authenticates with dovecot and dovecot w

Re: [Fail2ban-users] Postfix: running a script on authentication failure

2023-06-22 Thread André Rodier via dovecot
On Thu, 2023-06-22 at 16:27 +0100, Nick Howitt via Fail2ban-users wrote: > > > On 2023-06-22 12:58, André Rodier via Fail2ban-users wrote: > > Hello, all. > > > > I just set-up a new server, running postfix, with submission(s) > > activated on standard ports (587, 465) > > > > Shortly after it

Postfix: running a script on authentication failure

2023-06-22 Thread André Rodier via dovecot
Hello, all. I just set-up a new server, running postfix, with submission(s) activated on standard ports (587, 465) Shortly after it has been setup, I see brute force attacks (not surprising) from a whole /24 network (more surprising). I carefully checked the logs, and see the modus operandi, w

Postfix: running a script on authentication failure

2023-06-22 Thread André Rodier via dovecot
Hello, all. I just set-up a new server, running postfix, with submission(s) activated on standard ports (587, 465) Shortly after it has been setup, I see brute force attacks (not surprising) from a whole /24 network (more surprising). I carefully checked the logs, and see the modus operandi, w