Am 09.06.2014 03:45, schrieb Peter:
> On 06/08/2014 03:53 AM, li...@rhsoft.net wrote:
>> well, one could say: block them from submission port and don't allow
>> SASL on 25, but that works only if you are a startup beginning from
>> scratch, i condsidered that but it would take weeks and months to
On 06/08/2014 08:53 AM, LuKreme wrote:
>
>> the stupidity is trying 25 first
>
> That is still what most servers support or even require.
I think the vast number of ESPs will accept submission on port 587.
Only supporting port 25 for submission nowadays is a disaster
considering the number of IS
On 06/08/2014 03:53 AM, li...@rhsoft.net wrote:
> well, one could say: block them from submission port and don't allow
> SASL on 25, but that works only if you are a startup beginning from
> scratch, i condsidered that but it would take weeks and months to
> explain all customers that they have to
On Sun, 8 Jun 2014, li...@rhsoft.net wrote:
but why setup fail2ban at all if you have no sshd on standard ports
and already a hyperfast "rbldnsd" running which scales over more than
one server without touch any configuration
frankly you can even use your RBL with web application firewalls
http:
Am 08.06.2014 18:27, schrieb Joe Laffey:
> On Sun, 8 Jun 2014, li...@rhsoft.net wrote:
>> Am 08.06.2014 17:18, schrieb Joe Laffey:
>>> On Sun, 8 Jun 2014, Kai Krakow wrote:
>>>
Noel Jones schrieb:
But I want to (automatically) block the suspicious networks and not first
block
On Sun, 8 Jun 2014, li...@rhsoft.net wrote:
Am 08.06.2014 17:18, schrieb Joe Laffey:
On Sun, 8 Jun 2014, Kai Krakow wrote:
Noel Jones schrieb:
But I want to (automatically) block the suspicious networks and not first
block all then whitelist the known-good.
Not sure I completely underst
Am 08.06.2014 17:18, schrieb Joe Laffey:
> On Sun, 8 Jun 2014, Kai Krakow wrote:
>
>> Noel Jones schrieb:
>>
>> But I want to (automatically) block the suspicious networks and not first
>> block all then whitelist the known-good.
>
> Not sure I completely understand the issue, but is this some
On Sun, 8 Jun 2014, Kai Krakow wrote:
Noel Jones schrieb:
But I want to (automatically) block the suspicious networks and not first
block all then whitelist the known-good.
Not sure I completely understand the issue, but is this something where
you could use fail2ban to monitor your logs
Noel Jones schrieb:
> On 6/7/2014 8:33 AM, Kai Krakow wrote:
>> Wietse Venema schrieb:
>>
>>> Kai Krakow:
Hello list!
Is there a way to prevent postfix from offering SASL auth (and
that includes denying open relaying) to clients based on DNS RBL
lookups? I've discovered
Wietse Venema schrieb:
> Kai Krakow:
>> How is one supposed to automatically block such hijacked accounts within
>> postfix? A simple heuristic could be detecting unusual high mail volume
>> for that account, probably by detecting the always repeating or similar
>> subjects.
>
> Typically, this
Noel Jones schrieb:
> On 6/7/2014 10:53 AM, li...@rhsoft.net wrote:
>>
>>
>> Am 07.06.2014 17:25, schrieb Noel Jones:
>>> I wonder why you're just trying to stop SASL from those client...
>>> Why not just use reject_rbl_client (and maybe other restrictions)
>>> before permit_sasl_authenticated
11 matches
Mail list logo
