Hello ^^)
I wanted to know if some of you are using PostfixAdmin and if there was
any problems for installing/configuring/integrate it with your setup ?
As I'm considering it for my servers I ask for advice ^^)
you can answer to me directly if you want as this is not strictly
Postfix centr
- Message from Wietse Venema -
Date: Thu, 9 Sep 2021 18:58:21 -0400 (EDT)
From: Wietse Venema
Subject: Re: STARTTLS abuse
To: Jaroslaw Rafa
Cc: postfix-users@postfix.org
Jaroslaw Rafa:
I also don't have the summary part "ehlo=xxx starttls=xxx ..." etc. in my
disc
Jaroslaw Rafa:
> I also don't have the summary part "ehlo=xxx starttls=xxx ..." etc. in my
> disconnect message, the log line is just "disconnect from
> static.148.188.201.195.clients.your-server.de[195.201.188.148]".
The commands=x/y counts were added in Postfix 3.0, released in 2015.
They may n
Dnia 9.09.2021 o godz. 16:10:31 Bill Cole pisze:
>
> Note this log line from the original message:
>
> >>>Sep 6 09:17:42 localhost postfix/smtpd[14622]: disconnect
> >>>from unknown[77.247.110.240] ehlo=2 starttls=1 auth=0/1
> >>>commands=3/4
>
> That's an indicator of a failed "AUTH" command.
On 2021-09-09 at 15:21:02 UTC-0400 (Thu, 9 Sep 2021 15:21:02 -0400)
J Doe
is rumored to have said:
[...]
Hi,
In this case, is the botnet actually trying credentials ? It looks to
me that it is establishing a TLS connection and then dropping it (or
am I mistaken ?).
Note this log line from
On Thu, Sep 09, 2021 at 03:21:02PM -0400, J Doe wrote:
> >> Sep 6 09:17:42 localhost postfix/smtpd[14622]: disconnect from
> >> unknown[77.247.110.240] ehlo=2 starttls=1 auth=0/1 commands=3/4
> >
> > That's AUTH probing. A bot on 77.247.110.240 has a big list of usernames
> > and password and i
On 9/9/2021 2:21 PM, J Doe wrote:
Sep 6 09:17:42 localhost postfix/smtpd[14622]: disconnect from
unknown[77.247.110.240] ehlo=2 starttls=1 auth=0/1 commands=3/4
In this case, is the botnet actually trying credentials ? It looks
to me that it is establishing a TLS connection and then dropp
On 2021-09-07 7:11 p.m., Bill Cole wrote:
On 2021-09-07 at 14:42:33 UTC-0400 (Tue, 7 Sep 2021 19:42:33 +0100)
Adam Weremczuk
is rumored to have said:
Hi all,
It's postfix 3.1.6-0+deb9u1 on Debian 9.
Since enabling STARTTLS on port 25 I'm getting lots of traffic looking
like this (relay atte
On Thu, Sep 09, 2021 at 09:44:35AM +0200, TTM wrote:
> raf wrote:
> >> main.cf
> >> -
> >> [...]
> >> receive_override_options = no_address_mappings
> >
> >I could be wrong, but I don't think you want the above setting.
> >Yo
raf wrote:
>> main.cf
>> -
>> [...]
>> receive_override_options = no_address_mappings
>
>I could be wrong, but I don't think you want the above setting.
>You have canonical address maps and virtual alias maps, and
>this setting
10 matches
Mail list logo
