Re: Limit the damage of a hacked sender acount

2017-06-26 Thread Noel Jones
On 6/26/2017 1:39 PM, Daniel Miller wrote: > > On 2017-06-23 17:11, wie...@porcupine.org wrote: >> Daniel Miller: >>> I had a couple of accounts with too simple passwords hacked. And >>> obviously >>> my mail server is entirely too efficient - I think about 50k >>> spams got >>> blasted out before

Re: Limit the damage of a hacked sender acount

2017-06-26 Thread Wietse Venema
Wietse: > Search for "postfix policy rate limit" Daniel Miller: > The bulk of the results I receive from that refer to external policy > daemons. Yes, that was the idea. > smtpd_client_connection_count_limit > smtpd_client_connection_rate_limit Two problems: - You might want to look into sm

Re: Limit the damage of a hacked sender acount

2017-06-26 Thread Daniel Miller
On 2017-06-23 17:11, wie...@porcupine.org wrote: Daniel Miller: I had a couple of accounts with too simple passwords hacked. And obviously my mail server is entirely too efficient - I think about 50k spams got blasted out before I caught it (because we got in the DNSBL's). Separate from impro

Re: Limit the damage of a hacked sender acount

2017-06-24 Thread Allen Coates
On 24/06/17 00:37, Daniel Miller wrote: > I had a couple of accounts with too simple passwords hacked. And > obviously my mail server is entirely too efficient - I think about 50k > spams got blasted out before I caught it (because we got in the DNSBL's). > > Separate from improving the password

Re: Limit the damage of a hacked sender acount

2017-06-23 Thread CSS
> On Jun 23, 2017, at 8:11 PM, Wietse Venema wrote: > > Daniel Miller: >> I had a couple of accounts with too simple passwords hacked. And obviously >> my mail server is entirely too efficient - I think about 50k spams got >> blasted out before I caught it (because we got in the DNSBL's). >>

Re: Limit the damage of a hacked sender acount

2017-06-23 Thread lists
Don't offer any unencrypted email accounts. That won't insure good passwords,   but at least it will stop leaks over public wifi. I had to dig back a bit ‎in my cranium for "driftnet". Never ran it myself, but supposedly it steals all sorts of unencrypted goodies.   Original Message   From: Dani

Re: Limit the damage of a hacked sender acount

2017-06-23 Thread Wietse Venema
Daniel Miller: > I had a couple of accounts with too simple passwords hacked. And obviously > my mail server is entirely too efficient - I think about 50k spams got > blasted out before I caught it (because we got in the DNSBL's). > > Separate from improving the password security - what can I do