On 2/14/24 8:07 AM, Nikolai Lusan via Postfix-users wrote:
On Wed, 2024-02-14 at 11:34 +0100, Matus UHLAR - fantomas via Postfix-
users wrote:
>> On Wed, 2024-02-07 at 12:15 -0500, Viktor Dukhovni via Postfix-users
>> wrote:
>>> I prefer to have logs that record what I'm blocking. With
>>>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Wed, 2024-02-14 at 07:52 -0500, John Hill via Postfix-users wrote:
> I used an access list to redirect all email from them to a spam
> folder.
Elegant solution, of this I approve.
> Turns out I was asked to block the emails users had
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Wed, 2024-02-14 at 11:34 +0100, Matus UHLAR - fantomas via Postfix-
users wrote:
> > On Wed, 2024-02-07 at 12:15 -0500, Viktor Dukhovni via Postfix-users
> > wrote:
> > > I prefer to have logs that record what I'm blocking. With
> > > firewall
On 2/14/24 4:18 AM, Nikolai Lusan via Postfix-users wrote:
On Wed, 2024-02-07 at 10:51 -0500, Phil Stracchino via Postfix-users
wrote:
> On 2/7/24 10:41, John Hill via Postfix-users wrote:
>> Good info.
>>
>> This site sends nothing but junk. IN fact the domain is known for
>> it.
>> I tried
On Wed, 2024-02-07 at 12:15 -0500, Viktor Dukhovni via Postfix-users
wrote:
I prefer to have logs that record what I'm blocking. With firewall
rules there's not sufficient forensic evidence left behind.
On 14.02.24 19:11, Nikolai Lusan via Postfix-users wrote:
Here's a tip - try the 'LOG'
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Wed, 2024-02-07 at 10:51 -0500, Phil Stracchino via Postfix-users
wrote:
> On 2/7/24 10:41, John Hill via Postfix-users wrote:
> > Good info.
> >
> > This site sends nothing but junk. IN fact the domain is known for
> > it.
> > I tried just
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Wed, 2024-02-07 at 12:15 -0500, Viktor Dukhovni via Postfix-users
wrote:
> On Wed, Feb 07, 2024 at 11:21:10AM -0500, John Hill via Postfix-users
> wrote:
>
> > I use fail2ban as well. I'm just going to see if the sender sever
> > will give
> >
On 2/7/24 12:53 PM, John Hill via Postfix-users wrote:
On 2/7/24 12:15 PM, Viktor Dukhovni via Postfix-users wrote:
On Wed, Feb 07, 2024 at 11:21:10AM -0500, John Hill via Postfix-users
wrote:
I use fail2ban as well. I'm just going to see if the sender sever
will give
up!
I prefer to
Here are a couple more jails + filters. Be aware that email can wrap
things. The first failregex is three lines, the second one is one line
(the lines end in "\b")
--
Fred Morris, internet plumber
--
::
jail.d/pf-connect.local
::
[pf-connect]
enabled = true
findtime
On 2/7/24 12:56 PM, Matus UHLAR - fantomas via Postfix-users wrote:
On 2/7/24 10:48, Matus UHLAR - fantomas via Postfix-users wrote:
postscreen is great against bots, but fail2ban with firwall are
still better
against abusers.
On 07.02.24 10:52, Phil Stracchino via Postfix-users wrote:
And
On 2/7/24 10:48, Matus UHLAR - fantomas via Postfix-users wrote:
postscreen is great against bots, but fail2ban with firwall are still better
against abusers.
On 07.02.24 10:52, Phil Stracchino via Postfix-users wrote:
And once you get the "Aha!" insight into how its configuration works,
it's
On 2/7/24 12:15 PM, Viktor Dukhovni via Postfix-users wrote:
On Wed, Feb 07, 2024 at 11:21:10AM -0500, John Hill via Postfix-users wrote:
I use fail2ban as well. I'm just going to see if the sender sever will give
up!
I prefer to have logs that record what I'm blocking. With firewall
rules
On Wed, Feb 07, 2024 at 11:21:10AM -0500, John Hill via Postfix-users wrote:
> I use fail2ban as well. I'm just going to see if the sender sever will give
> up!
I prefer to have logs that record what I'm blocking. With firewall
rules there's not sufficient forensic evidence left behind.
--
On 2/7/24 10:51 AM, Phil Stracchino via Postfix-users wrote:
On 2/7/24 10:41, John Hill via Postfix-users wrote:
Good info.
This site sends nothing but junk. IN fact the domain is known for it.
I tried just rejecting the email address. But they just change it.
So I blocked the IP, they have
On 2/7/24 10:48 AM, Matus UHLAR - fantomas via Postfix-users wrote:
On 07.02.24 10:41, John Hill via Postfix-users wrote:
This site sends nothing but junk. IN fact the domain is known for it.
I tried just rejecting the email address. But they just change it.
So I blocked the IP, they have
On 2/7/24 10:48, Matus UHLAR - fantomas via Postfix-users wrote:
postscreen is great against bots, but fail2ban with firwall are still better
against abusers.
And once you get the "Aha!" insight into how its configuration works,
it's actually not difficult to set up.
--
Phil Stracchino
On 2/7/24 10:41, John Hill via Postfix-users wrote:
Good info.
This site sends nothing but junk. IN fact the domain is known for it.
I tried just rejecting the email address. But they just change it.
So I blocked the IP, they have several.
Have you considered blocking the *domain* with a 50x
On 07.02.24 10:41, John Hill via Postfix-users wrote:
This site sends nothing but junk. IN fact the domain is known for it.
I tried just rejecting the email address. But they just change it.
So I blocked the IP, they have several.
I have watched them do constant connections over and over. 20
Good info.
This site sends nothing but junk. IN fact the domain is known for it.
I tried just rejecting the email address. But they just change it.
So I blocked the IP, they have several.
I have watched them do constant connections over and over. 20 then pause
the 20 again and again.
I think
On Wed, Feb 07, 2024 at 07:59:44AM -0500, John Hill via Postfix-users wrote:
> Do mail servers as a whole stop sending an email after a few errors?
For a single message, surer
On soft errors (4XX), most retry, typically stopping after a maximal
delay. The retry strategy varies, but
I figured. I block on the ingress so it is minimal network but maximum
pain in the A$$.
Thanks.
On 2/7/24 8:06 AM, Matus UHLAR - fantomas via Postfix-users wrote:
On 07.02.24 07:59, John Hill via Postfix-users wrote:
Do mail servers as a whole stop sending an email after a few errors?
On 07.02.24 07:59, John Hill via Postfix-users wrote:
Do mail servers as a whole stop sending an email after a few errors?
abusers never stop, others possibly.
I have a server I have blocked in my firewall. It continues to try and
is blocked as many as 4000+ times a day.
If postscreen was
22 matches
Mail list logo
