Dear folks,
My logs are full of lines like this:
Feb 21 04:12:05 MYOLDMTA postfix/smtpd[12967]: warning:
unknown[195.22.126.159]: SASL LOGIN authentication failed: authentication
failure
This is a brute force attack in order to get a valid username/password pair.
The cracker usually does 20 at
I want to use my local host as a mail server for outgoing mail only. For
example, send mail to my gmail address with no intervening smtp server
except that on my local host.
How can that be done?
Thanks.
Best regards,
-Tom
On 2/20/2016 1:46 PM, Viktor Dukhovni wrote:
On Sat, Feb 20, 2016 at 01:37:39PM -0500, Curtis Maurand wrote:
Nothing is chrooted. resolv.conf is world readable. Wietse's program
returns a valid address. It might not match the reverse, but it did return
an address.
# ./getaddr delivery.mail
Hello all.
In some countries e-mails are subject to the same rules as physical
mail, and the destruction or non-delivery is a criminal offence. Just to
mention there are i.e. countries in which you need the authorization of
a judge to access the mailbox of an user, or you are not authorized to
tra
On Sat, Feb 20, 2016 at 01:37:39PM -0500, Curtis Maurand wrote:
> Nothing is chrooted. resolv.conf is world readable. Wietse's program
> returns a valid address. It might not match the reverse, but it did return
> an address.
> # ./getaddr delivery.mailspamprotection.com
> Hostname: deliv
On 2/20/2016 12:17 PM, Viktor Dukhovni wrote:
On Sat, Feb 20, 2016 at 11:40:09AM -0500, Curtis Maurand wrote:
i just sent myself a test message from the client's system. Here is what I
got. I immediately ran the lookups using dig. postfix can't seem to
resolve things properly. Running Ubu
On Sat, Feb 20, 2016 at 11:40:09AM -0500, Curtis Maurand wrote:
> i just sent myself a test message from the client's system. Here is what I
> got. I immediately ran the lookups using dig. postfix can't seem to
> resolve things properly. Running Ubuntu Server 14.04 LTS with ispconfig
> install
Curtis Maurand:
> Feb 19 16:30:29 ispconfig postfix/smtpd[18437]: warning: hostname
> delivery.mailspamprotection.com does not resolve to address
> 108.163.243.188
The problem of testing with nslookup, dig, etc., is that they don't
use the getaddrinfo() system library function that Postfix uses to
On 2/20/2016 11:26 AM, Curtis Maurand wrote:
On 2/20/2016 11:12 AM, Christian Kivalo wrote:
On 2016-02-20 16:45, Curtis Maurand wrote:
Not sure if I found something or not. A client tried to send email
to one of my other addresses. The requisite portion of the main.cf
follows at the end o
Viktor Dukhovni:
> On Sat, Feb 20, 2016 at 08:32:31AM -0500, Wietse Venema wrote:
>
> > > Creating a separate hash file with following content like below solved my
> > > issue but doing the same for all domain will not be acceptable solution
> > > ...
> >
> > If you want to encrypt mail to all d
On 2/20/2016 11:12 AM, Christian Kivalo wrote:
On 2016-02-20 16:45, Curtis Maurand wrote:
Not sure if I found something or not. A client tried to send email
to one of my other addresses. The requisite portion of the main.cf
follows at the end of the message. The logs are telling me:
Feb 19
On 2016-02-20 16:45, Curtis Maurand wrote:
Not sure if I found something or not. A client tried to send email
to one of my other addresses. The requisite portion of the main.cf
follows at the end of the message. The logs are telling me:
Feb 19 16:30:29 ispconfig postfix/smtpd[18437]: warning:
On Sat, Feb 20, 2016 at 10:45:42AM -0500, Curtis Maurand wrote:
> Feb 19 16:30:29 ispconfig postfix/smtpd[18437]:
> warning: hostname delivery.mailspamprotection.com
> does not resolve to address 108.163.243.188
> Feb 19 16:30:29 ispconfig postfix/smtpd[18437]:
> connect from unknown[1
Not sure if I found something or not. A client tried to send email to
one of my other addresses. The requisite portion of the main.cf follows
at the end of the message. The logs are telling me:
Feb 19 16:30:29 ispconfig postfix/smtpd[18437]: warning: hostname
delivery.mailspamprotection.com
On Sat, Feb 20, 2016 at 08:32:31AM -0500, Wietse Venema wrote:
> > Creating a separate hash file with following content like below solved my
> > issue but doing the same for all domain will not be acceptable solution ...
>
> If you want to encrypt mail to all domains:
>
> /etc/postfix/main.cf
>
I readed that on wikipedia, and readed the sources, and one thing I can say,
is that the source is heavily misinterpreted. They refer to physical mail,
and telecommunication, where a set of rules apply to physical mail, and some
other set apply to telecommunication.
Of course, you are not allowed t
Joy:
> Creating a separate hash file with following content like below solved my
> issue but doing the same for all domain will not be acceptable solution ...
If you want to encrypt mail to all domains:
/etc/postfix/main.cf
smtp_tls_security_level = encrypt
But I would not recommend this.
Am 20.02.2016 um 12:01 schrieb Sebastian Nielsen:
> Why are you people so negative against DISCARD, and wants to use REJECT
Silent discard mail is not allowed in many EU countries, youre the
postman you dont have to deliver bombs ( virus ), you may react on
marketing letters (spam ) by sort them o
Creating a separate hash file with following content like below solved my
issue but doing the same for all domain will not be acceptable solution ...
In case any other solution exist which i may be missing just let me know.
smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
gmail.com encrypt
.
What I meant with REJECT vs DISCARD, is that with REJECT, the spammers just
switch to a new domain. And new domain, and new domain.
Like they have some script or API that instantly purchases a new domain once
their current domain gets banned in spam filters. (And yes, they do really
have valid addr
On 20/02/16 11:02, Sebastian Nielsen wrote:
> Think like a apartment. Your outer door is of course closed and locked, but
> your inner doors are always open.
We leave it at "agree to disagree".
To me your comparison tells me what the problem is. It also doesn't take
the inhabitants into account.
I understand fully what the reasoning is here, where you want average security
from the ground up into the core of the server.
When I set up servers or systems, I rather prefer a really tough and hard shell
around the network/system in question, and pretty sloppy security inside.
Like a nut. Ver
On 2016-02-20 00:52, Sebastian Nielsen wrote:
1: REJECT tells the spammer "Hey, your spam got stuck in the spam
filter. Wanna try again?".
if thay do, so what ?, its not possible for spammers to make remote
administoring on postfix this would be in vain anyway, and the point on
discard is acc
On 20/02/16 02:05, Sebastian Nielsen wrote:
> Everytime I need multiple processes to access the very same file and those
> processes has interlocks that prevent them from running as the same user or
> same group, I just "fix" the problem with 666.
>
> That is a thing I ONLY do if I get a permissi
24 matches
Mail list logo
