.-, 0__0
/ ( oo'---,
/oo\
,\ |
| \,=__/
\ /
/ /--| /|
|__|-'|__|'
On Tue, Aug 1, 2023 at 12:44 PM Hippo Man wrote:
> Oh, OK. I'll investigate and test it.
> Tha
oo\
,\ |
| \,=__/
\ /
/ /--| /|
|__|-'|__|'
On Tue, Aug 1, 2023 at 12:24 PM aki.tuomi via dovecot
wrote:
> 1.2.3.4: nopassword
>
> I think. Didn't have a chance to test it.
>
> Aki
>
>
> ---- Original message
> From: Hippo Man
> Date: 8/1/23 19:03 (GMT+02:00)
passwd-file
> deny = yes
> args = username_formar=%{rip} /etc/dovecot/deny.ip
> }
>
> or you can use
> https://doc.dovecot.org/configuration_manual/authentication/lua_based_authentication/
>
> and write this in Lua.
>
> Aki
>
>
> Original message
I'm running dovecot 2.3.18 under Debian 11.
I want to do something that's a bit unusual: when IMAP connections are
attempted
from a few specific IP addresses, I want to force an IMAP authentication
failure
from those connections, no matter what user ID and password are specified.
I know that I ca
responses on the list? =)
>
> Aki
>
> > On 14/06/2022 03:57 Hippo Man wrote:
> >
> >
> > Thank you very much for explaining what "tarpit" means.
> >
> > So, if I return a huge numeric status value from the "before" check,
> could I
I'm trying to understand what is meant by "tarpit" in the ffollowing quote
of the Dovecot auth policy docs for the "before" check ...
First query is done *before* password and user databases are consulted.
This means that any userdb/passdb attributes are left empty.
The command used here is ‘allo
Well, I got impatient and decided to try this approach.
And it works!
--
hippo...@gmail.com
Take a hippopotamus to lunch today.
On Mon, Jun 6, 2022 at 2:43 PM Hippo Man wrote:
> I'm using dovecot 2.3.18 with a fairly recent version of postfix
> on my Debian-11 box.
>
>
I'm using dovecot 2.3.18 with a fairly recent version of postfix
on my Debian-11 box.
I have a question, and I'm not sure whether it pertains to
dovecot, postfix, or both. I'm asking first here, but I'm glad
to go to a postfix forum if it turns out that my question
doesn't pertain to dovecot.
On
> There's a facility to add arbitrary code to the imap login process,
> e.g., in "10-master.conf":
>
> service imap-postlogin {
> executable = script-login /local/bin/imap-wrapper
> user = $default_internal_user
> unix_listener imap-postlogin {
> }
> }
>
Just wondering: is ther
Problem solved!
I installed 2.3.18 (9dd8408c18), and now everything is working.
I guess that there must be things in 2.2.36-4 which don't work properly
under Debian-11.
Excelsior!
--
hippo...@gmail.com
Take a hippopotamus to lunch today.
On Mon, May 30, 2022 at 3:18 PM Hippo Man
I've been running dovecot 2.2.36.4 (baf9232c1) on my Debian-8 host for a
long time with no problems.
I am trying to move my email server to a Debian-11 host, and I have Dovecot
configured exactly the same way that I have it configured under Debian-8.
However, when I try to connect to that server vi
ich I am running.
In any case, I often see activity on existing connections that continues
after
this ipset command is invoked for those connections' IP addresses.
--
hippo...@gmail.com
Take a hippopotamus to lunch today.
On Thu, May 26, 2022 at 3:34 PM Bernardo Reino wrote:
> On
log messages, and I will now switch
some (all?) of my dovecot-based log-monitoring activites to auth-policy.
Thank you again for *all* your suggestions and help!
--
hippo...@gmail.com
Take a hippopotamus to lunch today.
On Wed, May 25, 2022 at 9:00 PM Hippo Man wrote:
> Thank you very
.
On Wed, May 25, 2022 at 6:03 PM Joseph Tam wrote:
> On Tue, 24 May 2022, Hippo Man wrote:
>
> Late to this party.
>
> > * Hacker makes numerous login attempts one after the other with various
> > passwords, and without disconnecting in between attempts. I've s
onality with fail2ban.
>
>
>
>
>
> Happy Wednesday !!!
> Thanks - paul
>
> Paul Kudla
>
>
> Scom.ca Internet Services <http://www.scom.ca>
> 004-1009 Byron Street South
&g
uestion.
> >
> > found a stackoverflow question which, answered, says that using gdb one
> > can close the fd, after using lsof to find it out.
> >
> > oh, and your iptables command... you have the address aaa. etc with a
> > -d, i think you mean the source ip ad
that IP address, but as I mentioned, it doesn't kill the currently
open connection.
--
hippo...@gmail.com
Take a hippopotamus to lunch today.
On Mon, May 23, 2022 at 4:54 PM Hippo Man wrote:
> Thank you, but fail2ban doesn't do what I need. Here is why ...
>
> I have used f
Thank you, but fail2ban doesn't do what I need. Here is why ...
I have used fail2ban and also my own homegrown log monitor program for this
purpose. In both cases, I can detect the failed imap logins and then cause
the following command to be run ...
iptables -I INPUT -p tcp --destination-port aa
18 matches
Mail list logo
