Quoting Rich Kulawiec ([email protected]): > On Mon, Apr 16, 2018 at 09:08:43AM +0200, mailman-admin wrote: > > Brute Force attempts can only be mitigated by e.g. fail2ban. > > Nope. There are other ways. > > Brute force attacks can be pre-emptively blocked by nearly everyone > operating a Mailman instance. (I say "nearly" for specific reasons > that will become clear below.)
Great writeup. This is exactly how I've had my firewall configured for some time, with the drop/edrop and country block lists. I monitor for breakin attempts and add country blocks as needed... it's interesting that this seems to be somewhat cyclical in my experience, in that one month 80% of my brute force attacks are from Turkey, then the next month it shifts to Brazil (as examples, but I have both of these countries blocked now). ------------------------------------------------------ Mailman-Users mailing list [email protected] https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
