I am getting a lot of these:
Apr 17 07:27:10 mydomain postfix/smtpd[21897]: connect from
mone183.secundiarourous.com[141.98.10.183]
Apr 17 07:27:11 mydomain postfix/smtpd[21897]: disconnect from
mone183.secundiarourous.com[141.98.10.183] ehlo=1 auth=0/1 quit=1 commands=2/3
Googling mone183.secu
Dnia 16.04.2021 o godz. 17:30:43 Bill Cole pisze:
> two current OS/distro 'families' of the 6 that I've checked have the
> same 465/tcp entry, and only Debian has 'submissions' as the primary
> name. None include it as an alias. All except MacOS have smtps as
> either the primary name or an alias.
li...@lazygranch.com:
> I am getting a lot of these:
>
> Apr 17 07:27:10 mydomain postfix/smtpd[21897]: connect from
> mone183.secundiarourous.com[141.98.10.183]
> Apr 17 07:27:11 mydomain postfix/smtpd[21897]: disconnect from
> mone183.secundiarourous.com[141.98.10.183] ehlo=1 auth=0/1 quit=1 c
On 2021-04-17 09:58, li...@lazygranch.com wrote:
I am getting a lot of these:
Apr 17 07:27:10 mydomain postfix/smtpd[21897]: connect from
mone183.secundiarourous.com[141.98.10.183]
Apr 17 07:27:11 mydomain postfix/smtpd[21897]: disconnect from
mone183.secundiarourous.com[141.98.10.183] ehlo=1 au
Is it possible to identify which password smtp is trying to use? if so I
would like to know how
El 17/04/2021 a las 14:13, Wietse Venema escribió:
li...@lazygranch.com:
I am getting a lot of these:
Apr 17 07:27:10 mydomain postfix/smtpd[21897]: connect from
mone183.secundiarourous.com[141.98
li...@lazygranch.com:
> Apr 17 07:27:11 mydomain postfix/smtpd[21897]: disconnect from
> mone183.secundiarourous.com[141.98.10.183] ehlo=1 auth=0/1 quit=1 commands=2/3
Wietse:
> They send quit after sending EHLO and AUTH (which failed). I use
> the regexp "auth=./" to identify password-guessing b
On 4/15/21 11:00 AM, Wietse Venema wrote:
> Demi Marie Obenour:
>> Would the following be a good idea?
> [a bunch of port-dependent behavior]
>
> That is all good and well, but this needs to be made configurable.
>
> I boldly assume this will use the xxx_tls_wrapper_mode parameters,
> instead of
Jaroslaw Rafa:
> Dnia 16.04.2021 o godz. 17:30:43 Bill Cole pisze:
> > two current OS/distro 'families' of the 6 that I've checked have the
> > same 465/tcp entry, and only Debian has 'submissions' as the primary
> > name. None include it as an alias. All except MacOS have smtps as
> > either the p
Demi Marie Obenour:
> On 4/15/21 11:00 AM, Wietse Venema wrote:
> > Demi Marie Obenour:
> >> Would the following be a good idea?
> > [a bunch of port-dependent behavior]
> >
> > That is all good and well, but this needs to be made configurable.
> >
> > I boldly assume this will use the xxx_tls_wr
On Sat, Apr 17, 2021, Wietse Venema wrote:
> Francesc Pe?alvez:
> > Is it possible to identify which password smtp is trying to use? if so I
> > would like to know how
This seems to be a common request hence several people submitted
patches for sendmail to identify at least the account:
8.16.1/
On Fri, 16 Apr 2021, post...@ptld.com wrote:
On 04-16-2021 1:04 pm, Wietse Venema wrote:
As Viktor noted, each smtpd(8) process makes its own connection to
a policy service. Then, an smtpd(8) process will reuse its own
policy service connection, not a connection that belongs to a
different
Hello,
On Sat, 17 Apr 2021, Francesc Peñalvez wrote:
Is it possible to identify which password smtp is trying to use? if so I
would like to know how
With dovecot, you can set:
auth_verbose = yes
auth_verbose_passwords = plain
When I'm bored, I run:
#!/bin/sh
grep "given password: " /v
All,
The dayjob has a number of machines out in the wild that need to be able
to send mail (mostly from cron jobs) home to the mothership. Not all have
controllable reverse DNS. It's an issue with donated colo and transit.
Doing a bunch of tunnels would work but it's a really stupid answer.
Dnia 17.04.2021 o godz. 11:56:54 Dan Mahoney (Gushi) pisze:
>
> The dayjob has a number of machines out in the wild that need to be
> able to send mail (mostly from cron jobs) home to the mothership.
> Not all have controllable reverse DNS. It's an issue with donated
> colo and transit. Doing a b
On Sat, 17 Apr 2021 14:35:37 +0200
Benny Pedersen wrote:
> On 2021-04-17 09:58, li...@lazygranch.com wrote:
> > I am getting a lot of these:
> >
> > Apr 17 07:27:10 mydomain postfix/smtpd[21897]: connect from
> > mone183.secundiarourous.com[141.98.10.183]
> > Apr 17 07:27:11 mydomain postfix/
li...@lazygranch.com:
> I do have "smtpd_sasl_auth_enable = yes" and I use port 587. Before I
> comment out that line, here is the general area of my main.cf dealing
> with sasl. I cut out my rbls but otherwise this is what I use. Any other
> problems?
You should enable SASL auth in master.cf NOT
Dan Mahoney (Gushi):
> All,
>
> The dayjob has a number of machines out in the wild that need to be able
> to send mail (mostly from cron jobs) home to the mothership. Not all have
> controllable reverse DNS. It's an issue with donated colo and transit.
> Doing a bunch of tunnels would work b
On Sat, 17 Apr 2021 17:03:51 -0400 (EDT)
Wietse Venema wrote:
> li...@lazygranch.com:
> > I do have "smtpd_sasl_auth_enable = yes" and I use port 587. Before
> > I comment out that line, here is the general area of my main.cf
> > dealing with sasl. I cut out my rbls but otherwise this is what
li...@lazygranch.com:
> > You should enable SASL auth in master.cf NOT main.cf, and ONLY for
> > a service that needs SASL auth.
> >
> > Otherwise you're turning it on for the server-to-server port (25)
> > where it is not doing any good.
> >
> > Wietse
> >
>
> OK now it makes sense to comm
On 2021-04-18 00:25, Wietse Venema wrote:
Even with SASL turned off you will see that some bots try SASL auth.
But with SASL turned they can't use this to verify passwords.
http://www.postfix.org/SASL_README.html
it could imho be dokumented not to make it global in this howto / manual
google
20 matches
Mail list logo
