Am 02.01.2017 um 16:41 schrieb A. Schulze:
> One may publish records like "v=spf1 a -all" for a host mail.example.org
>
> mail.example.org. A 192.0.2.25
> mail.example.org. 2001:db8::6:25
> mail.example.org. TXT "v=spf1 a -all"
>
> This require two or three dns lookups
My postfix MTA has been under a lot of DOS-like attention. Such as a botnet
sending many EHLO-requests, then password attempts:
First a lot of:
2017-01-03 10:09:54.964765+0100 0x6254a9 Info0x0
12992 smtpd: connect from unknown[95.183.220.2]
2017-01-03 10:09:55.044713+
Matthias Fechner:
Am 02.01.2017 um 16:41 schrieb A. Schulze:
One may publish records like "v=spf1 a -all" for a host mail.example.org
mail.example.org. A 192.0.2.25
mail.example.org. 2001:db8::6:25
mail.example.org. TXT "v=spf1 a -all"
This require two or
On 3 January 2017 at 12:37, Gerben Wierda wrote:
> My postfix MTA has been under a lot of DOS-like attention. Such as a botnet
> sending many EHLO-requests, then password attempts:
>
> First a lot of:
> 2017-01-03 10:09:54.964765+0100 0x6254a9 Info0x0
> 12992 smtpd: c
Hi, are you already leveraging Anvil ? Or at least checked if it can help the
situation ?
http://www.postfix.org/TUNING_README.html
http://www.postfix.org/anvil.8.html
-Angelo Fazzina
Operating Systems Programmer / Analyst
University of Connecticut, UITS, SSG, Server Systems
860-486-9075
--
Just to contribute back a little, in case it helps someone else, I have Postfix
3.1.4 installed and running on OSX Sierra 10.12.2 and actually running outside
of the native Apple installation.
If you leave it in the default Apple directories, it gets overwritten by OS
upgrades. A very bad thing
On 01/03/2017 01:37 PM, Gerben Wierda wrote:
> My postfix MTA has been under a lot of DOS-like attention. Such as a botnet
> sending many EHLO-requests, then password attempts:
> ...
> It does the first part from a multitude of machines.
>
> I want to stop this by setting a rate limiting rule in m
Do you mean like this … where ‘postfix’ shows up.?
Jan 3 09:58:20 zeus postfix/smtpd[31070]: connect from unknown[115.71.5.5]
Jan 3 09:58:27 zeus postfix/smtpd[31070]: warning: unknown[115.71.5.5]: SASL
PLAIN authentication failed:
Jan 3 09:58:29 zeus postfix/smtpd[31070]: disconnect from unk
> On Jan 3, 2017, at 10:33 AM, Robert Chalmers wrote:
>
> Do you mean like this … where ‘postfix’ shows up.?
>
> Jan 3 09:58:20 zeus postfix/smtpd[31070]: connect from unknown[115.71.5.5]
Yes. What did you do to get real syslog messages with MacOS/X Sierra?
>> I get output similar to:
>>
>
> On 3 Jan 2017, at 14:37, Robert Chalmers wrote:
>
> To start Postscript I use the following plist file. Based in
> /Library/LaunchDaemons
>
> org.postfix.master.plist
Don’t do that. Pick names for your own plist files that don’t clash with the
ones Apple use. There will be confusion if yo
@Viktor
Sorry - I have no idea now how I did that. Something I’ve done over the years
has turned it on, and so it’s stayed on?
/etc/syslog.conf is now configured here
zeus:postfix robert$ cat /etc/syslog.conf
# Note that flat file logs are now configured in /etc/asl.conf
Beware of that file. It
Thanks
Yes, I’m aware of that problem. Got caught the same way. However … after an
update, I just check that the plist file hasn’t been modified, and so far so
good. I don’t know why it isn’t, but maybe someone at Apple has decided that
they can leave some things alone.
Initially it was a probl
I seem to be missing a couple of messages in this thread but I upgraded my
laptop (I use it as a test system as well) to Sierra over the weekend and
am getting normal logging without doing anything special. My Postfix is in
/usr/local (I moved completely away from the Apple directories for the
Aways take advice from me with great caution since I'm new at this, but I use
587 as well and then firewall filter the hell out of 587 and all the email
ports other than 25. In the case of this attack, the offender is a "commercial"
server based on ip2location.com, so I would block their entire
If I am open on 25 and 587, how can I see in the log on which port a connection
has been established?
G
On Jan 3, 2017, at 4:01 PM, Gerben Wierda wrote:
>
> If I am open on 25 and 587, how can I see in the log on which port a
> connection has been established?
>
> G
Add syslog_name to the appropriate service in master.cf.
-o syslog_name=postfix-25
-o syslog_name=postfix-587
—
Brad
> On Jan 3, 2017, at 7:36 PM, Bradley Giesbrecht
> wrote:
>
> Add syslog_name to the appropriate service in master.cf.
>
> -o syslog_name=postfix-25
> -o syslog_name=postfix-587
The recommended name format is postfix/detail not postfix-detail.
See the stock master.cf in Postfix 3.2:
https
On 4 January 2017 at 02:16, <
li...@lazygranch.com> wrote:
>
> http://bgp.he.net/AS16276#_prefixes
> I'd switch to 587 and block everything OVH. Actually I do just that since OVH
> is on my Web Access blocking list, which I also use to block all mail ports
> other than 25.
>
> OVH VPS are often
Hi all,
I have a multi-instance setup.
By doing "ps -ef", as expected, I see a lot of "master" processes.
Is there a way to see which master is related to which instance at a glance?
So that I can rapidly say this pid is for instance 1, and so on...
What I am looking at is, ideally, a way to see t
> I have a multi-instance setup.
> By doing "ps -ef", as expected, I see a lot of "master" processes.
> Is there a way to see which master is related to which instance at a glance?
Fuser or lsof says which process listens on a specific port.
Pstree or ps shows the parent of it.
(At least on Linux.
20 matches
Mail list logo
