Don't use email addresses as login ;)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -.
F1 Outsourcing Development Sp. z o.o.
Poland
t: +48 (0)12 4207 835
e: m...@f1-outsourcing.eu
On 2021-11-14 09:39, Marc wrote:
Don't use email addresses as login ;)
why is this funny ?
He suggested we use should alias as public email? but most providers don't
have aliases such as gmail.
On Sun, Nov 14, 2021 at 4:48 PM Benny Pedersen wrote:
> On 2021-11-14 09:39, Marc wrote:
> > Don't use email addresses as login ;)
>
> why is this funny ?
>
> Op 13 nov. 2021 om 22:17 heeft Tyler Montney het
> volgende geschreven:
>
>
> With the world of ransomware as it is today (aka attacks seem more vicious
> and commonplace), anything I expose to WAN must have additional protection.
> I've seen a few posts to this list on it. The only thin
On 13/11/2021 23:34, lists wrote:
The thing I don't like is most 2FA token generators. Ultimately you need
to transfer the polynomial that generates the code. Most do that with a
QR image. Well so much for security! Others have a one time emergency
code. Of course we are talking evil maid attac
On 2021-11-13 22:16, Tyler Montney wrote:
Since this is getting increasingly complicated, I wanted to ask before
going further. What do you all do? Any recommendations?
in the end we all know how to play ludo
passwords is hard to guess if its odd number of chars, and random
selected chars fi
>30(?) years ago the majority of systems were using a user name to access mail.
>Then the 'I want to track everyone companies' made logging in with email the
>standard that everyone blindly followed. Now decades later the brute forcing
>of known passwords etc is a problem, mostly because the log
I will throw in a few interesting projects which have kept my small
servers safe:
*) firehol.org
*) crowdsec.net
*) www.fail2ban.org
Have a look at those interesting projects!
On 13.11.21 22:16, Tyler Montney wrote:
With the world of ransomware as it is today (aka attacks seem more
vicious
Apart from a really nice firewall firehol also supplies a good set of
ip-blacklists.
For public exposure of email ports, I am using the combination of
firehol-firewall, firehol-blacklist, fail2ban and a whitelist based on
geo-ip. The mail-client ports exposed are 993 and 465, because startt
> Full access from any IP (except firehol-blacklist and fail2ban) is
> possible over VPN (openvpn) with MFA (privacyidea).
> Privacyidea also supplies a mobile-app compatible with a.o. TOTP and
> HOTP but it provides a more secure way of enrollment (2-step).
How are you managing dns/clients etc so
* Tyler Montney:
> I'm getting the feeling that people don't have an MFA implementation.
Probably because it can be complex to set up and maintain, and more
would be gained by educating users and in particular by users actually
giving a damn about password-discipline and -quality.
On a tangent:
On 14-11-2021 13:56, Marc wrote:
Full access from any IP (except firehol-blacklist and fail2ban) is
possible over VPN (openvpn) with MFA (privacyidea).
Privacyidea also supplies a mobile-app compatible with a.o. TOTP and
HOTP but it provides a more secure way of enrollment (2-step).
How are you
On Sat, Nov 13, 2021 at 03:34:12PM -0800, lists wrote:
> [..] Now Yubikey at least has my attention. But people often leave the
> key plugged into their notebook. Very true with the Google equivalent
> which I have heard from Google employees. The keys themselves aren't
> exactly transferable, but
Hi listmembers,
I am about to migrate our mailservices to FreeBSD + ZFS. Thus, before
entering the sheer endless stage of performance testing, I thought I
would ask here kindly for all kinds of information.
My setups are nothing special with few users, however, I would like to
have a nice setup
On Sun, Nov 14, 2021 at 03:14:44PM +0100, infoomatic wrote:
> I am about to migrate our mailservices to FreeBSD + ZFS. Thus, before
> entering the sheer endless stage of performance testing, I thought I
> would ask here kindly for all kinds of information.
>
> [..]
>
> *) storages: any infos on
> Op 14 nov. 2021 om 15:15 heeft infoomatic het volgende
> geschreven:
>
> Hi listmembers,
>
> I am about to migrate our mailservices to FreeBSD + ZFS. Thus, before
> entering the sheer endless stage of performance testing, I thought I
> would ask here kindly for all kinds of information.
>
On 13/11/2021 23:16, Tyler Montney wrote:
With the world of ransomware as it is today (aka attacks seem more
vicious and commonplace), anything I expose to WAN must have additional
protection. I've seen a few posts to this list on it. The only thing
that helped was that Dovecot supports OAuth.
On 2021-11-14 7:55 a.m., Lefteris Tsintjelis wrote:
On 13/11/2021 23:16, Tyler Montney wrote:
With the world of ransomware as it is today (aka attacks seem more
vicious and commonplace), anything I expose to WAN must have
additional protection. I've seen a few posts to this list on it. The
onl
On 14/11/2021 14:50, Kees van Vloten wrote:
Apart from a really nice firewall firehol also supplies a good set of
ip-blacklists.
For public exposure of email ports, I am using the combination of
firehol-firewall, firehol-blacklist, fail2ban and a whitelist based on
geo-ip. The mail-client p
On 14/11/2021 18:03, Lefteris Tsintjelis wrote:
On 14/11/2021 14:50, Kees van Vloten wrote:
Apart from a really nice firewall firehol also supplies a good set of
ip-blacklists.
For public exposure of email ports, I am using the combination of
firehol-firewall, firehol-blacklist, fail2ban an
On Sun, 14 Nov 2021 08:12:53 -0800, Michael Peddemors wrote:-
>And there are RBL's now for know IP(s) used by IMAP hackers, including
>SpamRats RATS-AUTH that can assist in reducing those attacks.
Looking at https://www.spamrats.com/rats-auth.php the "Example Usage in
Dovecot" says "PLEASE UPDAT
On 2021-11-14 16:55, Lefteris Tsintjelis wrote:
And if you need sporadically to use it outside your white listing, VPN
works great.
with own CA yes
if not to being fooled by others
On 2021-11-14 20:26, Matthew Richardson wrote:
On Sun, 14 Nov 2021 08:12:53 -0800, Michael Peddemors wrote:-
And there are RBL's now for know IP(s) used by IMAP hackers, including
SpamRats RATS-AUTH that can assist in reducing those attacks.
Looking at https://www.spamrats.com/rats-auth.php t
23 matches
Mail list logo
