Re: Postfix: running a script on authentication failure

Tue, 27 Jun 2023 07:06:33 -0700 

On 2023-06-26 17:17, Joseph Tam wrote:

On Thu, 22 Jun 2023, Michael Peddemors wrote:


* Use services like RATS-AUTH to block IPs that can safely be blocked as known 
hackers..


Cool.  Are there other DNSRBLs (apart from bl.blocklist.de) that list
BFD attack IPs?


* Use services like RATS-NULL (or SpamHaus DROP lists) right in the firewall 
level.  There are SOME networks
that should simply be 'unplugged'


Can't find it in https://spamrats.com/.  Is it an DNSRBL or downloadable file?
Assuming you mean RATS-NULL, it's available as both a restricted DNSRBL and in BMS format under subscription. There is interest in having it as an API as well, but that will be next quarter. 




* Turn off port 110 (well, all plain text authentication) 90% less email 
compromise reports when you do..


That will disable STARTTLS though.  Even though it's not plaintext,
maybe that is
a good thing as it avoids MITM banner stripping attacks.
Use ports 993/995 for email, instead of ports 110/143, but if you HAVE to leave them open, ensure that you force TLS. But the more standard way is to just use SSL on 993/995. 



Joseph Tam <jtam.h...@gmail.com>
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org



--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada

This email and any electronic data contained are confidential and intended
solely for the use of the individual or entity to which they are addressed.
Please note that any views or opinions presented in this email are solely
those of the author and are not intended to represent those of the company.

_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org

Reply via email to