On 3/3/2020 5:53 AM, Riccardo Alfieri wrote:
On 03/03/20 08:54, Benny Pedersen wrote:
Ted Mittelstaedt skrev den 2020-03-03 08:26:
What do other people do for this problem?
Hi Ted,
What I can suggest you is to look at our DQS product
(https://www.spamhaustech.com/dqs/), that even in it
Well for example of the trouble RBLS cause see this one for your own number:
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no
trust
[212.26.193.44 listed in list.dnswl.org]
>and then immediately forget it, wh
On 3/3/20 3:40 AM, Marc Roos wrote:
No problem I would say, it is good exchange thoughts and idea's
Agreed.
Strange your webmail should be on https then it is difficult to catch
passwords. I do not have this at al, that peoples passwords get stolen.
Hardly ever. So maybe somewhere something
On 3 Mar 2020, at 2:26, Ted Mittelstaedt wrote:
I know this is probably off topic but I'm getting desperate enough to
ask.
I run a commercial mailserver that regularly seems to have spammers
relay mail through it that have obtained stolen credentials for a
user. Many years ago I stopped all
Marc Roos skrev den 2020-03-03 16:15:
Use ipset, hardly causing any latency using 50k entries.
i dont need to block 50k entries, but only whitelist few accepted client
ips, where i resolve asn and open this specifik asn to have access, if
there is abuse it will be removed so its again is bloc
Use ipset, hardly causing any latency using 50k entries.
-Original Message-
From: Benny Pedersen [mailto:m...@junc.eu]
Sent: 03 March 2020 15:39
To: users@spamassassin.apache.org
Subject: Re: Question on early detection for relay spam
Riccardo Alfieri skrev den 2020-03-03 14:53:
# a
Riccardo Alfieri skrev den 2020-03-03 14:53:
# abuse port 21 begin
51.178.0.0/16 as16276 #OVH, FR
80.82.77.0/24 as202425 #INT-NETWORK, SC
104.206.128.0/22 as62904 #EONIX-COMMUNICATIONS-ASBLOCK-62904, US
# abuse port 21 end
# all ips begin
51.178.78.154
80.82.77.240
104.206.128.54
# all ips end
#
Riccardo Alfieri skrev den 2020-03-03 14:53:
sasl_username - number of different ips observed in the latest 24h.
i have limited so that i only allow sasl auth from trusted custommers
ips, all else is firewalled witd default policy of drop, and clients ips
is so just still logged if ports is
On 03/03/20 08:54, Benny Pedersen wrote:
Ted Mittelstaedt skrev den 2020-03-03 08:26:
What do other people do for this problem?
Hi Ted,
What I can suggest you is to look at our DQS product
(https://www.spamhaustech.com/dqs/), that even in it's free subscription
model includes AuthBL, a l
>I know this is probably off topic but I'm getting desperate enough to
ask.
No problem I would say, it is good exchange thoughts and idea's
>I run a commercial mailserver that regularly seems to have spammers
>relay mail through it that have obtained stolen credentials for a
user.
> Many
10 matches
Mail list logo
