Jaroslaw Rafa:
[IMAP before SMTP]
> That's the usual way mail clients work: they first open an IMAP
> connection and keep it open all the time, and only when you want
> to send mail, they connect to a submission service.
>
> Only I don't know, is there an easy way to get from Dovecot a list
> of IP
Dnia 14.08.2022 o godz. 18:40:11 tog...@dinamizm.com pisze:
> for submission I have this in the smtpd_client_restrictions settings of
> master.cf
>
> reject_rbl_client auth.spamrats.com=127.0.0.39
I have put this into my Postfix config a few hours after you did send your
mail. Until now, I found
On 14/08/2022 19:51, Matus UHLAR - fantomas wrote:
but which lists? using spamhaus PBL is not viable because it lists
dynamic IP address which can be commonly used by clients.
On 14.08.22 21:30, Allen Coates wrote:
Could you try "permit_dnswl_client dnswl_domain=d.d.d.d", with the
Spamhaus
On 14/08/2022 19:51, Matus UHLAR - fantomas wrote:
but which lists? using spamhaus PBL is not viable because it lists dynamic IP
address which can be commonly used by clients.
Could you try "permit_dnswl_client dnswl_domain=d.d.d.d", with the Spamhaus
PBL and a selective return code?
> "Matus" == Matus UHLAR <- fantomas > writes:
Matus> On 14.08.22 18:40, tog...@dinamizm.com wrote:
>>
>> I am using both spamhaus and abusix and must say I am quite happy with the
>> results I am getting. Yet every user is different so YMMV.
>>
>> spamhaus and abusix require registration and
On 14.08.22 18:40, tog...@dinamizm.com wrote:
"Matus" == Matus UHLAR <- fantomas > writes:
"JR" == Jaroslaw Rafa writes:
JR> Dnia 13.08.2022 o godz. 11:22:30 Durga Prasad Malyala pisze:
Did you try fail2ban. It is very good.
JR> I already use fail2ban, but I could not use it in this ca
> "Matus" == Matus UHLAR <- fantomas > writes:
>>> "JR" == Jaroslaw Rafa writes:
>>
JR> Dnia 13.08.2022 o godz. 11:22:30 Durga Prasad Malyala pisze:
Did you try fail2ban. It is very good.
>>
JR> I already use fail2ban, but I could not use it in this case, as the AUTH
JR> attempts wer
"JR" == Jaroslaw Rafa writes:
JR> Dnia 13.08.2022 o godz. 11:22:30 Durga Prasad Malyala pisze:
Did you try fail2ban. It is very good.
JR> I already use fail2ban, but I could not use it in this case, as the AUTH
JR> attempts were from different IP addresses and almost no address did
JR> repea
Dnia 13.08.2022 o godz. 16:23:10 tog...@dinamizm.com pisze:
>
> Have you looked spamhaus or abusix for auth blacklists. They both do a decent
> job
> in blocking auth attempts from nasty IP addresses in my case.
I will look at them. Thank you!
--
Regards,
Jaroslaw Rafa
r...@rafa.eu.org
--
> "JR" == Jaroslaw Rafa writes:
JR> Dnia 13.08.2022 o godz. 11:22:30 Durga Prasad Malyala pisze:
>> Did you try fail2ban. It is very good.
JR> I already use fail2ban, but I could not use it in this case, as the AUTH
JR> attempts were from different IP addresses and almost no address did
JR>
Dnia 13.08.2022 o godz. 11:22:30 Durga Prasad Malyala pisze:
> Did you try fail2ban. It is very good.
I already use fail2ban, but I could not use it in this case, as the AUTH
attempts were from different IP addresses and almost no address did repeat.
So fail2ban would not do anything.
--
Regards,
On Fri, 12 Aug 2022 at 19:00, Jaroslaw Rafa wrote:
>
> Hello,
> as my submission services experience a lot of AUTH attacks recently, I want
> to temporarily block access to them from IP addresses other than those from
> where users are expected to send mail.
>
> 1) I created a file specifying allo
Dnia 12.08.2022 o godz. 11:08:14 Viktor Dukhovni pisze:
> > But now it rejects everything... even connections from hosts that are in my
> > "allowed" list... I have to investigate this again... :(
>
> Well, the client couldn't possibly be authenticated at connect time,
> you need:
>
> -o smtp
On Fri, Aug 12, 2022 at 04:53:45PM +0200, Jaroslaw Rafa wrote:
> Dnia 12.08.2022 o godz. 16:31:04 Jaroslaw Rafa pisze:
> > Dnia 12.08.2022 o godz. 10:27:47 Viktor Dukhovni pisze:
> > > You neglected to add:
> > >
> > > -o smtpd_delay_reject=no
> >
> > Thank you for your answer. Just a few min
Dnia 12.08.2022 o godz. 16:31:04 Jaroslaw Rafa pisze:
> Dnia 12.08.2022 o godz. 10:27:47 Viktor Dukhovni pisze:
> > You neglected to add:
> >
> > -o smtpd_delay_reject=no
>
> Thank you for your answer. Just a few minutes ago found that out myself and
> added this parameter to master.cf! :)
B
Dnia 12.08.2022 o godz. 10:27:47 Viktor Dukhovni pisze:
> You neglected to add:
>
> -o smtpd_delay_reject=no
Thank you for your answer. Just a few minutes ago found that out myself and
added this parameter to master.cf! :)
--
Regards,
Jaroslaw Rafa
r...@rafa.eu.org
--
"In a million yea
On Fri, Aug 12, 2022 at 03:29:09PM +0200, Jaroslaw Rafa wrote:
> 3) In my master.cf, I changed in both "submission" and "smtps" entries the
> line
>
> -o smtpd_client_restrictions=permit_sasl_authenticated,reject
>
> to
>
> -o
> smtpd_client_restrictions=$temp_client_block,permit_sasl_authenti
17 matches
Mail list logo
