What is the best way to protect against dictionary attacks in Postfix?
Exim has a rcpt_fail_count variable I use to drop connections with the
attacker:
drop condition = ${if > {${eval:$rcpt_fail_count}}{3}{yes}{no}}
log_message = Dictionary Attack Rejected (Began blocking after
$rcpt
On 10/24/2019 4:46 AM, Jaroslaw Rafa wrote:
Dnia 23.10.2019 o godz. 23:32:44 @lbutlr pisze:
/etc/postfix/helo_checks.pcre:
/.*\.(com|net|org|edu|gov|ca|mx|de|dk|fi|fr|uk|us|tv|info|biz|eu|es|il|it|nl|name|jp|host|au|nz|ch|tv)$/
DUNNO
/.*\.*$/ 550 Mail to or from this TLD is not allowed
And thu
On 10/24/2019 12:32 AM, @lbutlr wrote:
On 23 Oct 2019, at 15:20, lists wrote:
/\.asia$/ 510 Denied: Unacceptable TLD .asia
[Long list… removed]
smtpd_helo_restrictions = reject_invalid_helo_hostname
check_helo_access pcre:/etc/postfix/helo_checks.pcre permit
/etc/postfix/helo_checks.pcr
I have a few email addresses that were valid 15 years ago, but they have
been invalid for 5+ years, we are rejecting them with a 450 message, my
thought is "Let's tie up this spammer's computer just a little bit"
Good idea? Bad idea? Effective? Ineffective?
--
John Schmerold
Katy Computer Syst
Hi
> On 02 nov. 2019, at 19:44, John Schmerold wrote:
>
> I have a few email addresses that were valid 15 years ago, but they have been
> invalid for 5+ years, we are rejecting them with a 450 message, my thought is
> "Let's tie up this spammer's computer just a little bit"
>
> Good idea? Bad
On 11/2/2019 2:38 PM, John Schmerold wrote:
> On 10/24/2019 12:32 AM, @lbutlr wrote:
>> On 23 Oct 2019, at 15:20, lists wrote:
>>> /\.asia$/ 510 Denied: Unacceptable TLD .asia
>> [Long list… removed]
>>
>> smtpd_helo_restrictions = reject_invalid_helo_hostname
>> check_helo_access pcre:/etc/
https://mxtoolbox.com/diagnostic.aspx reported a six second connection
time, with total transaction time of nearly 9 seconds, so I dug into the
issue. I suspect I have rbl issues (perhaps too many):
postscreen_dnsbl_sites =
cbl.abuseat.org*2,dnsbl-1.uceprotect.net,zen.spamhaus.org*2,bl.spamcop
On 02.11.19 15:20, John Schmerold wrote:
https://mxtoolbox.com/diagnostic.aspx reported a six second connection
time, with total transaction time of nearly 9 seconds, so I dug into
the issue. I suspect I have rbl issues (perhaps too many):
postscreen_dnsbl_sites =
cbl.abuseat.org*2,dnsbl-1.uc
On 2 Nov 2019, at 16:20, John Schmerold wrote:
https://mxtoolbox.com/diagnostic.aspx reported a six second connection
time,
Feature, not bug. Postscreen's greeting pause puts 6 seconds between the
lines of the initial greeting for clients that are not cached. e.g.:
Logs say:
Nov 2 15:07:5
On 11/2/2019 3:20 PM, John Schmerold wrote:
https://mxtoolbox.com/diagnostic.aspx reported a six second connection
time, with total transaction time of nearly 9 seconds, so I dug into
the issue. I suspect I have rbl issues (perhaps too many):
postscreen_dnsbl_sites =
cbl.abuseat.org*2,dnsbl
John Schmerold:
> What is the best way to protect against dictionary attacks in Postfix?
Reportedly, fail2ban (no first-hand experience, because I have no
SASL clients).
Wietse
John Schmerold:
> I have a few email addresses that were valid 15 years ago, but they have
> been invalid for 5+ years, we are rejecting them with a 450 message, my
> thought is "Let's tie up this spammer's computer just a little bit"
>
> Good idea? Bad idea? Effective? Ineffective?
I think it
12 matches
Mail list logo
