Hello,
sorry for the noise, I didn't remember this thread.
Thank you for the link,
Ismaël Tanguy
Le 22/04/2022 à 17:28, Wietse Venema a écrit :
ismael.tan...@univ-brest.fr:
Hello,
using two postfix instances, the first (call it inbound.test) receiving
inbound mail for postcreen jobs and rela
--- Original Message ---
On Monday, April 25th, 2022 at 05:26, ミユナ wrote:
> do you know how to stop passwords from being brute-forced for a
> mailserver? do you have any practical guide?
>
Simple. You've got two options:
a) Use strong passwords (and if you run an automated password ch
Check out fail2ban
Greets,
Ludi
-Ursprüngliche Nachricht-
Von: owner-postfix-us...@postfix.org Im
Auftrag von ??? (alice)
Gesendet: Montag, 25. April 2022 06:27
An: Postfix users
Betreff: password security
do you know how to stop passwords from being brute-forced for a mailserver? do
Hi
Probably fail2ban resolve your problem about brute-force auth
W dniu 25.04.2022 o 09:07, Laura Smith pisze:
--- Original Message ---
On Monday, April 25th, 2022 at 05:26, ミユナ wrote:
do you know how to stop passwords from being brute-forced for a
mailserver? do you have any practica
> On Apr 25, 2022, at 12:07 AM, Laura Smith
> wrote:
>
>
> --- Original Message ---
> On Monday, April 25th, 2022 at 05:26, ミユナ wrote:
>
>> do you know how to stop passwords from being brute-forced for a
>> mailserver? do you have any practical guide?
>>
>
> Simple. You've got tw
Sent with ProtonMail secure email.
--- Original Message ---
On Monday, April 25th, 2022 at 08:50, Dan Mahoney wrote:
> Even if fail2ban is “whack a mole”, you could also feed the data on auth
> spammers to an abuse-compaint script, and do your part to make the internet a
> little
On 24.04.22 14:35, Wietse Venema wrote:
Looks good, I see nothing concerning here or in the FreeBSD patches
for the postfix ports.
while talking about FreeBSD, I'd consider recompiling required software
you never know when binary compatibility it broken by random library
upgrade, which can cau
On Monday, April 25th, 2022 at 08:50, Dan Mahoney wrote:
Even if fail2ban is “whack a mole”, you could also feed the data on auth
spammers to an abuse-compaint script, and do your part to make the
internet a little cleaner.
On 25.04.22 08:00, Laura Smith wrote:
And we all know how fabulously
Matus UHLAR - fantomas wrote:
>
> On 24.04.22 14:35, Wietse Venema wrote:
>> Looks good, I see nothing concerning here or in the FreeBSD patches
>> for the postfix ports.
>
> while talking about FreeBSD, I'd consider recompiling required software
> you never know when binary compatibility it br
On 25/04/2022 05:26, ミユナ (alice) wrote:
do you know how to stop passwords from being brute-forced for a mailserver? do
you have any practical guide?
thank you.
You could use an Access Control List to include all your "customers", and
banning everybody else.
In my case, any submission or
may people are used to use a VPN today. so blocking based on IP is not
acceptable.
Allen Coates wrote:
You could use an Access Control List to include all your "customers",
and banning everybody else.
Hi,
>> Even if fail2ban is “whack a mole”, you could also feed the data on auth
>> spammers to an abuse-compaint script, and do your part to make the internet
>> a little cleaner.
>And we all know how fabulously well abuse reports have worked with preventing
>spam, don't we !!
>As I said. Fai
Michael Grimm:
> Matus UHLAR - fantomas wrote:
> >
> > On 24.04.22 14:35, Wietse Venema wrote:
>
> >> Looks good, I see nothing concerning here or in the FreeBSD patches
> >> for the postfix ports.
> >
> > while talking about FreeBSD, I'd consider recompiling required software
> > you never kno
Hi
Or use allow_nets (geoip) for dovecot-auth (in mysql) and fail2ban
or
ipset + hashlimit + geoip
or 2fa - It's a bit of fun in configurations
W dniu 25.04.2022 o 12:44, Ludi Cree pisze:
Hi,
Even if fail2ban is “whack a mole”, you could also feed the data on auth
spammers to an abuse-compa
On Mon, Apr 25, 2022 at 12:28 AM ミユナ (alice) wrote:
>
> do you know how to stop passwords from being brute-forced for a
> mailserver? do you have any practical guide?
>
What about multifactor authentication?
> thank you.
If you google "fail2ban postfix", you will get a large number of links
to ideas about using fail2ban to prevent this.
On 2022-04-25 11:29, Mauricio Tavares wrote:
On Mon, Apr 25, 2022 at 12:28 AM ミユナ (alice) wrote:
do you know how to stop passwords from being brute-forced for a
mailserver? do
Wietse Venema wrote:
> Michael Grimm:
>> FTR: I am using poudriere for the compilation of every FreeBSD
>> port, and I do upgrade 13.1-STABLE on a (bi)weekly basis. So, all
>> postfix binaries considered in this thread have been recompiled
>> numerous times
>
> Well that may (part of) the pro
Michael Grimm:
> Wietse Venema wrote:
> > Michael Grimm:
>
>
> >> FTR: I am using poudriere for the compilation of every FreeBSD
> >> port, and I do upgrade 13.1-STABLE on a (bi)weekly basis. So, all
> >> postfix binaries considered in this thread have been recompiled
> >> numerous times
> >
I'm having problems blocking a persistent spammer in Brazil from sending
me mail.
All of the sending hostnames are of the form
www-data@vNNN-NNN-NNN-NNN.*.static.cnode.io
For example, here are some examples of the sending IPs from the last few
months:
v163-44-192-240.a001.g.han1.static.cnod
Greg Earle:
> [root@isolar postfix]# grep smtpd_helo_ master.cf
What is the output from:
postconf -Px |grep check_helo_access
I suspect that you made a mistake, such as configuring
the wrong SMTP service.
Wietse
Hello,
Right now we use reject_sender_login_mismatch to reject external mail
claiming to be from an address we host, which has worked pretty well,
but it does catch some externally forwarded email which I would like to
improve. So the scenario is a user on our system u...@us.tld sends to
an ext
Hello
given the case my primary MX is in USA. if I deploy a secondary MX in
the EU, how can I setup EU MX to forward messages to the US one?
using a internal MX record for destination? for instance,
internal.domain.com points to my primary MX server, and use this MX for
routing by secondary
that needs a secondary development? due to my limited knowledge I don't
know there is the opensource implementation.
thank you
Mauricio Tavares wrote:
What about multifactor authentication?
On Tue, Apr 26, 2022 at 08:47:22AM +0800, ミユナ (alice) wrote:
> given the case my primary MX is in USA. if I deploy a secondary MX in
> the EU, how can I setup EU MX to forward messages to the US one?
>
> using a internal MX record for destination? for instance,
> internal.domain.com points to m
On 25 Apr 2022, at 16:35, Wietse Venema wrote:
Greg Earle:
[root@isolar postfix]# grep smtpd_helo_ master.cf
What is the output from:
postconf -Px |grep check_helo_access
I suspect that you made a mistake, such as configuring
the wrong SMTP service.
Hi Wietse,
It's (output split for
On Mon, Apr 25, 2022 at 03:26:52PM -0700, Greg Earle wrote:
> All of the sending hostnames are of the form
>
> www-data@vNNN-NNN-NNN-NNN.*.static.cnode.io
That's not a hostname, it is an email address, and not clear whether the
envelope sender or the "From:" message header.
> For example, here
On Mon, Apr 25, 2022 at 08:57:01PM -0700, Greg Earle wrote:
> [root@isolar tmp]# postconf -Px |grep check_helo_access
> submission/inet/mua_helo_restrictions = permit_mynetworks,
> reject_non_fqdn_hostname, reject_non_fqdn_sender,
> reject_non_fqdn_recipient, reject_invalid_hostname, check_helo_
On 25 Apr 2022, at 21:03, Viktor Dukhovni wrote:
On Mon, Apr 25, 2022 at 03:26:52PM -0700, Greg Earle wrote:
All of the sending hostnames are of the form
www-data@vNNN-NNN-NNN-NNN.*.static.cnode.io
That's not a hostname, it is an email address, and not clear whether
the
envelope sender or
Hello,
I find it quite fascinating that so many people will push solutions without
context.
Can you tell us how many users / user accounts are you trying to protect?
Are those work accounts? Family & friends?
What do you really want to achieve:
- no brute-force attempts?
- no brute-force succe
I’ve been using F2B for over 4-5 years and it’s fantastic. F2B is
just one of many very useful tools in the belt of any knowledgable
infosec practitioner. To consider F2B as “only for the lazy” speaks
more to a lack of truly understanding infosec than it does of the tool
itself…
- - -
On
Anyone who thinks that F2B merely “quiets logs” unfortunately has no
idea what F2B actually does…
- - -
On 25 Apr 2022, at 1:00, Laura Smith wrote:
Sent with ProtonMail secure email.
--- Original Message ---
On Monday, April 25th, 2022 at 08:50, Dan Mahoney
wrote:
Even if fail2ban
Hello,
This is off topic anyway but I think you're right. Fail2ban is not for the
lazy, it's for people who have a lot of time to lose in an inefficient
solution. Before cloud era F2B was a really great solution, but as it's been
pointed out, current attackers can leverage 100s ou 1000s of IP a
32 matches
Mail list logo
