On 03/11/2019 02:42, Wietse Venema wrote:
> John Schmerold:
>> What is the best way to protect against dictionary attacks in Postfix?
>
> Reportedly, fail2ban (no first-hand experience, because I have no
> SASL clients).
>
> Wietse
>
I run a home-brewed fail2ban look-alike; I find it
Wietse Venema:
> John Schmerold:
> > What is the best way to protect against dictionary attacks in Postfix?
>
> Reportedly, fail2ban (no first-hand experience, because I have no
> SASL clients).
Also, Postfix can rate-limit auth commands, on the assumption that
good users don't make lots of repe
On 03 Nov 2019, at 06:06, Wietse Venema wrote:
> Wietse Venema:
>> John Schmerold:
>>> What is the best way to protect against dictionary attacks in Postfix?
>>
>> Reportedly, fail2ban (no first-hand experience, because I have no
>> SASL clients).
>
> Also, Postfix can rate-limit auth commands,
On 11/2/2019 9:42 PM, Wietse Venema wrote:
John Schmerold:
What is the best way to protect against dictionary attacks in Postfix?
Reportedly, fail2ban (no first-hand experience, because I have no
SASL clients).
Wietse
I am using Postfix as a filter in front of O365/cpanel/Google a
Hello,
I had no time to solve definitely the problem.
Now the result is not error 46 but
Nov 3 17:23:51 jolly postfix/smtpd[5113]: connect from unknown[192.168.5.1]
Nov 3 17:23:51 jolly postfix/smtpd[5113]: Anonymous TLS connection
established from unknown[192.168.5.1]: TLSv1.2 with cipher
> On Nov 3, 2019, at 10:42 AM, benoit wrote:
>
> Nov 3 17:23:51 jolly postfix/smtpd[5113]: connect from unknown[192.168.5.1]
> Nov 3 17:23:51 jolly postfix/smtpd[5113]: Anonymous TLS connection
> established from unknown[192.168.5.1]: TLSv1.2 with cipher
> ECDHE-RSA-CHACHA20-POLY1305 (256/
On 2019-11-03 05:24, Allen Coates wrote:
>
>
> On 03/11/2019 02:42, Wietse Venema wrote:
>> John Schmerold:
>>> What is the best way to protect against dictionary attacks in Postfix?
>>
>> Reportedly, fail2ban (no first-hand experience, because I have no
>> SASL clients).
>>
>> Wietse
>>
>
https://www.sshguard.net/
This is a simpler alternative to fail2ban. It has hooks for postfix and
dovecot. The only disadvantage is SSHGuard isn't in my repo. You have to build
it.
That said, I just use it for ssh. I use Anvil settings in postfix to slow down
the occasional skid. Less is more.
> On Nov 3, 2019, at 12:04 PM, Phil Stracchino wrote:
>
> On 2019-11-03 05:24, Allen Coates wrote:
>>
>>
>> On 03/11/2019 02:42, Wietse Venema wrote:
>>> John Schmerold:
What is the best way to protect against dictionary attacks in Postfix?
>>>
>>> Reportedly, fail2ban (no first-hand ex
On Sun, 3 Nov 2019, Phil Stracchino wrote:
On 2019-11-03 05:24, Allen Coates wrote:
On 03/11/2019 02:42, Wietse Venema wrote:
John Schmerold:
What is the best way to protect against dictionary attacks in Postfix?
Reportedly, fail2ban (no first-hand experience, because I have no
SASL clien
On Sun, 3 Nov 2019, John Schmerold wrote:
On 11/2/2019 9:42 PM, Wietse Venema wrote:
John Schmerold:
What is the best way to protect against dictionary attacks in Postfix?
Reportedly, fail2ban (no first-hand experience, because I have no
SASL clients).
Wietse
I am using Postfix a
On 2019-11-03 14:21, Bernardo Reino wrote:
> On Sun, 3 Nov 2019, Phil Stracchino wrote:
>> I've been thinking about setting up exactly such a thing myself. Trying
>> to figure out how to make fail2ban talk to a Shorewall firewall on a
>> different box is just too much of a pain for such a fundamen
On 03 Nov 2019, at 11:03, lists wrote:
> https://www.sshguard.net/
> This is a simpler alternative to fail2ban. It has hooks for postfix and
> dovecot.
Yep, that’s what I use. It doesn’t have all the options of Fail2Ban, but that’s
fine, it does what I need most.
(I have used fail2ban also)
>
13 matches
Mail list logo
