On Fri, 30 Sep 2016 17:08:05 -0700, li...@lazygranch.com stated:
>This will pull these hackers off your maillog.
>bzgrep -e auth=0/1 maillog* | sed 's/.*\[\([^]]*\)\].*/\1/g' >iplist
>sort iplist | uniq
Great idea. I modified it slightly since the "sort" was not working
correctly here. I make a b
On 01/10/16 10:37, Postfix User wrote:
> On Fri, 30 Sep 2016 17:08:05 -0700, li...@lazygranch.com stated:
>
>> This will pull these hackers off your maillog.
>> bzgrep -e auth=0/1 maillog* | sed 's/.*\[\([^]]*\)\].*/\1/g' >iplist
>> sort iplist | uniq
> Great idea. I modified it slightly since th
On 09/30/2016 06:52 AM, John @ KLaM wrote:
Yes, I understand DANE can be used for MTAs. My musing is could it
completely replace the existing CA mess, and I suppose the follow up is
how?
I do not see it as a replacement for the CA mess but rather as a form of
2-factor authentication.
There
I am having trouble figuring out how to do do this. Hopefully someone
here can help me figure it out. The problem is email coming from my
web server. I use "permit_mynetworks" in all of the restrictions
entries but that's a bit too liberal.
In particular I have a web server where many clients a
On 10/01/2016 12:47 PM, D'Arcy J.M. Cain wrote:
> I am having trouble figuring out how to do do this. Hopefully someone
> here can help me figure it out. The problem is email coming from my
> web server. I use "permit_mynetworks" in all of the restrictions
> entries but that's a bit too liberal.
On the latest "Security Now" podcast, Steve Gibson's makes noises about
DNSSEC/DANE replacing certs, but not in detail. You can search for DANE in the
transcript. I don't recall if he ever explained this in detail, and if he did,
I probably wouldn't understand.
https://www.grc.com/sn/sn-579.htm
> On Oct 1, 2016, at 11:01 AM, li...@lazygranch.com wrote:
>
> On the latest "Security Now" podcast, Steve Gibson's makes noises about
> DNSSEC/DANE replacing certs, but not in detail.
I think that this thread, which was only tenuously connected to
Postfix in the first place, is no longer opera
On Sat, 1 Oct 2016 10:59:02 +0100
Allen Coates wrote:
>
>
> On 01/10/16 10:37, Postfix User wrote:
> > On Fri, 30 Sep 2016 17:08:05 -0700, li...@lazygranch.com stated:
> >
> >> This will pull these hackers off your maillog.
> >> bzgrep -e auth=0/1 maillog* | sed 's/.*\[\([^]]*\)\].*/\1/g'
> >>
Hi,
On Fri, Sep 30, 2016 at 8:08 PM, li...@lazygranch.com
wrote:
> On Fri, 30 Sep 2016 06:26:35 -0400
> Postfix User wrote:
>
>> Postfix-3.2-20160917 with FreeBSD-11.0 /64 bit
>>
>> Lately, I have been finding the following entries in the maillog:
>>
>> 13643:Sep 30 02:00:40 scorpio postfix/smtp
I'm going to leave this to the gurus. But here is what I know:
I didn't check the port when I did the grep. I just searched for the 0/1
pattern. That said, I used my ipfw table to block port 25, and
/var/log/security is getting hits on that rule.
The "normal" mail is going through, so I did no
10 matches
Mail list logo
