On 6/5/2019 16:30, Wietse Venema wrote:
Lefteris Tsintjelis:
On 6/5/2019 12:03, lists wrote:
SSHGuard now works for more than ssh. It has hooks for postfix and other
services.
That is great then! More and much better choices other than log parsers.
Fyi, SSHGuard is a logfile parser accordi
On 6/5/2019 20:07, @lbutlr wrote:
On 6 May 2019, at 06:33, Lefteris Tsintjelis wrote:
On 6/5/2019 15:14, @lbutlr wrote:
On 6 May 2019, at 02:10, Lefteris Tsintjelis wrote:
Fail2ban and equivalent log parsers are just too resource hungry,
No they aren't.
Yes they are.
Not on my super pow
On 2019-05-06 10:26:17 (-0700), @lbutlr wrote:
On 6 May 2019, at 11:22, lists wrote:
It had been my experience that the firewall uses more resources that
SSHGuard. Certainly it uses more memory.
But you do not have to use a firewall if that's an issue.
/etc/hosts.allow is always an option, a
It had been my experience that the firewall uses more resources that SSHGuard.
Certainly it uses more memory.
The thing to bear in mind is what resources will be used if the offending IP
address is not blocked. Some of these bots that attack web servers will fire
off a hundred useless hacks.
On 6 May 2019, at 11:22, lists wrote:
> It had been my experience that the firewall uses more resources that
> SSHGuard. Certainly it uses more memory.
But you do not have to use a firewall if that's an issue. /etc/hosts.allow is
always an option, and that block is practically free.
--
I ne
On 6 May 2019, at 06:33, Lefteris Tsintjelis wrote:
> On 6/5/2019 15:14, @lbutlr wrote:
>> On 6 May 2019, at 02:10, Lefteris Tsintjelis wrote:
>>> Fail2ban and equivalent log parsers are just too resource hungry,
>> No they aren't.
>
> Yes they are.
Not on my super powerful 7 year old i5 mail s
Lefteris Tsintjelis:
> On 6/5/2019 12:03, lists wrote:
> > SSHGuard now works for more than ssh. It has hooks for postfix and other
> > services.
>
> That is great then! More and much better choices other than log parsers.
Fyi, SSHGuard is a logfile parser according to https://www.sshguard.net/
On 6/5/2019 15:14, @lbutlr wrote:
On 6 May 2019, at 02:10, Lefteris Tsintjelis wrote:
Fail2ban and equivalent log parsers are just too resource hungry,
No they aren't.
Yes they are.
messy and more time consuming to maintain
Sounds like you are parting some false information others fed y
On 6 May 2019, at 02:10, Lefteris Tsintjelis wrote:
> On 6/5/2019 9:42, @lbutlr wrote:
>> On 4 May 2019, at 15:52, Lefteris Tsintjelis wrote:
>>> Would be great to consider its future adoption and if possible to take it
>>> even further to interact with postscreen.
>> Why would this be a good th
Hi Viktor,
On Mon, 6 May 2019, Viktor Dukhovni wrote:
In most cases virtual(5) is superior to aliases(5), but you still
need it for mailman and pipes, so you'd rewrite those to localhost
(or some suitable domain listed in mydestination).
Right. Good point. Something to keep in mind.
To para
On 6/5/2019 12:03, lists wrote:
SSHGuard now works for more than ssh. It has hooks for postfix and other
services.
That is great then! More and much better choices other than log parsers.
SSHGuard now works for more than ssh. It has hooks for postfix and other
services.
Original Message
From: le...@spes.gr
Sent: May 6, 2019 1:11 AM
To: postfix-users@postfix.org
Subject: Re: Blacklistd interaction
On 6/5/2019 9:42, @lbutlr wrote:
> On 4 May 2019, at 15:52, Lef
On 6/5/2019 9:42, @lbutlr wrote:
On 4 May 2019, at 15:52, Lefteris Tsintjelis wrote:
Would be great to consider its future adoption and if possible to take it even
further to interact with postscreen.
Why would this be a good thing for postfix to do?
There are already plenty of tools that g
On Mon, May 06, 2019 at 03:47:58AM +0200, Andreas Thienemann wrote:
> > If you're not using /etc/aliases or .forward files in any substantive
> > way, you could switch to a virtual mailbox domain.
>
> No .forward files at all. Users do not have local accounts on the machine
> anymore, except uuc
I like SSHGuard a lot, though I don't let it mess with my email. It is great
for keeping the riff raff off of port 22 with very little effort to set up.
But now that you mention it, I think SSHGuard would be totally safe to block IP
addresses that attempt to use the mail server as a relay.
15 matches
Mail list logo
