On 2015-03-02 2:02 AM, Jochen Bern wrote:
On 03/01/2015 08:53 AM, Jim Pazarena wrote:
I wonder if there is an easy way to provide dovecot a flat text file of
ipv4 #'s which should be ignored or dropped?
I have accumulated 45,000+ IPs which routinely try dictionary and
12345678 password attempt
Nick Edwards writes:
I thought Timo once said dovecot had tarpitting, its useless if it is
there, and if it is, it needs user configurable timings, or maybe its
one of those things thats been in the gunna happen list
for a long time, like other stuff
If I remember correctly, I think this was
On 03/04/2015 06:12 PM, Jochen Bern wrote:
> On 03/04/2015 09:45 PM, Dave McGuire wrote:
>> On 03/04/2015 03:37 PM, Oliver Welter wrote:
>>> Am 04.03.2015 um 21:03 schrieb Dave McGuire:
Am 04.03.2015 um 20:12 schrieb Michael Orlitzky:
> Please add [DNSBL] support to iptables instead of D
Am 04.03.2015 um 23:00 schrieb Felix Zandanel:
I am not against block lists. I just say their use should be justified as they may
decrease overall service quality as well. There is another solution for auth based
services: As soon as you detect a possible attack (# auth reqs > x etc.), keep
t
On 03/04/2015 09:45 PM, Dave McGuire wrote:
> On 03/04/2015 03:37 PM, Oliver Welter wrote:
>> Am 04.03.2015 um 21:03 schrieb Dave McGuire:
>>> Am 04.03.2015 um 20:12 schrieb Michael Orlitzky:
Please add [DNSBL] support to iptables instead of Dovecot. It's a waste of
effort to code it in
On 03/04/2015 04:33 PM, Professa Dementia wrote:
> On 3/4/2015 12:45 PM, Dave McGuire wrote:
>>There is. But I already have a firewall, running on bulletproof
>> hardware that doesn't depend on spinning disks. I don't want to add
>> ANOTHER firewall when I already have a perfectly good one.
> Am 04.03.2015 um 20:31 schrieb Reindl Harald :
>
> > In the case of HTTP, IMAP, etc. things are not so easy.
> > Just think about NAT and CGN
>
> that don't matter
>
> if i blacklist a client because he starts a dictionary attack in SMTP i want
> it also bock on IMAP without use a dozen of d
On 3/4/2015 12:45 PM, Dave McGuire wrote:
There is. But I already have a firewall, running on bulletproof
hardware that doesn't depend on spinning disks. I don't want to add
ANOTHER firewall when I already have a perfectly good one. Besides, my
mail server is built for...serving mail. Not
Am 04.03.2015 um 21:51 schrieb Oliver Welter:
Please add this support to iptables instead of Dovecot. It's a
waste of
effort to code it into every application that listens on the network.
Would you care to integrate it into IOS on my Cisco as well?
There are things connected to
On 03/04/2015 03:51 PM, Oliver Welter wrote:
>> I would like to reiterate Reindl Harald's point above, since
>> subsequent
>> discussion has gotten away from it. If Dovecot had DNS RBL support
>> similar to Postfix, I think quite a few people would use it, and
>> thereby
>>
Am 04.03.2015 um 21:45 schrieb Dave McGuire:
On 03/04/2015 03:37 PM, Oliver Welter wrote:
I would like to reiterate Reindl Harald's point above, since subsequent
discussion has gotten away from it. If Dovecot had DNS RBL support
similar to Postfix, I think quite a few people would use it, and
th
On 03/04/2015 03:37 PM, Oliver Welter wrote:
I would like to reiterate Reindl Harald's point above, since subsequent
discussion has gotten away from it. If Dovecot had DNS RBL support
similar to Postfix, I think quite a few people would use it, and
thereby
defeat the scanne
Am 04.03.2015 um 21:03 schrieb Dave McGuire:
On 03/04/2015 02:12 PM, Michael Orlitzky wrote:
I would like to reiterate Reindl Harald's point above, since subsequent
discussion has gotten away from it. If Dovecot had DNS RBL support
similar to Postfix, I think quite a few people would use it, and
On 03/04/2015 02:12 PM, Michael Orlitzky wrote:
>> I would like to reiterate Reindl Harald's point above, since subsequent
>> discussion has gotten away from it. If Dovecot had DNS RBL support
>> similar to Postfix, I think quite a few people would use it, and thereby
>> defeat the scanners far mor
Am 04.03.2015 um 20:12 schrieb Michael Orlitzky:
On 03/03/2015 11:03 PM, Earl Killian wrote:
On 2015/3/2 10:03, Reindl Harald wrote:
that is all nice
but the main benefit of RBL's is always ignored:
* centralized
* no log parsing at all
* honeypot data are "delivered" to any host
* it's che
That works brilliantly! I revised my script now to take advantage of
yours -
#!/bin/bash
# These variables need to be customized for your particular installation
LISTFILE='/var/mail/files.fail'
ATTACHMENT_STORAGE_BASE='/var/files/attachments'
# These variables are based on current Dovecot beh
> Am 01.03.2015 um 10:25 schrieb Reindl Harald :
> Am 01.03.2015 um 08:53 schrieb Jim Pazarena:
>> I wonder if there is an easy way to provide dovecot a flat text file of
>> ipv4 #'s which should be ignored or dropped?
>>
>> I have accumulated 45,000+ IPs which routinely try dictionary and
>> 123
On 03/03/2015 11:03 PM, Earl Killian wrote:
> On 2015/3/2 10:03, Reindl Harald wrote:
>>
>> that is all nice
>>
>> but the main benefit of RBL's is always ignored:
>>
>> * centralized
>> * no log parsing at all
>> * honeypot data are "delivered" to any host
>> * it's cheap
>> * it's easy to maintai
Hello,
I want to install Dovecot Pigeonhole and use the Extdata and Extprograms
plugins on CentOS 7. I prefer to install software via yum, and a reasonably
new version of Dovecot is available in the CentOS repo. But according to the
dovecot documentation, these plugins need to be compiled, so
I use this script for review. For a correct result Dovecot should not run.
#!/bin/bash
attdir="/var/files/attachments"
maildir="/var/mail"
cd "$attdir" || exit 1
find -type f -printf "%P\n" | grep -v "hashes" | sort -u
>"$maildir/attachments.s"
cd "$maildir" || exit 2
rm "$maildir/files.ok" "
On 04.03.2015 18:53, Emmanuel Dreyfus wrote:
On Wed, Mar 04, 2015 at 06:36:07PM +0200, Adrian Minta wrote:
Thank you for the answer.
The "!EXPORT" part is included in "ECDH@STRENGTH:DH@STRENGTH:HIGH", or it
must be added as well ?
This is not the cipher list I sent. It was:
ECDH@STRENGTH:DH@STR
On Wed, Mar 04, 2015 at 06:36:07PM +0200, Adrian Minta wrote:
> Thank you for the answer.
> The "!EXPORT" part is included in "ECDH@STRENGTH:DH@STRENGTH:HIGH", or it
> must be added as well ?
This is not the cipher list I sent. It was:
ECDH@STRENGTH:DH@STRENGTH:HIGH:!RC4:!MD5:!DES:!aNULL:!eNUL
Mi
On 04.03.2015 18:19, Emmanuel Dreyfus wrote:
On Wed, Mar 04, 2015 at 06:13:31PM +0200, Adrian Minta wrote:
Hello,
about the CVE-2015-0204, in apache the following config seems to disable
this vulnerability:
SSLProtocol All -SSLv2 -SSLv3
SSLCipherSuite
HIGH:MEDIUM:!aNULL:!eNULL:!EXPORT:!CAMEL
Am 04.03.2015 um 17:06 schrieb Jochen Bern:
On 03/04/2015 05:03 AM, Earl Killian wrote:
I would like to reiterate Reindl Harald's point above, since subsequent
discussion has gotten away from it. If Dovecot had DNS RBL support
similar to Postfix, I think quite a few people would use it, and the
Hello,
about the CVE-2015-0204, in apache the following config seems to disable
this vulnerability:
SSLProtocol All -SSLv2 -SSLv3
SSLCipherSuite
HIGH:MEDIUM:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4
Is something similar possible with dovecot ?
If yes, what are the implications wit
On Wed, Mar 04, 2015 at 06:13:31PM +0200, Adrian Minta wrote:
> Hello,
> about the CVE-2015-0204, in apache the following config seems to disable
> this vulnerability:
> SSLProtocol All -SSLv2 -SSLv3
> SSLCipherSuite
> HIGH:MEDIUM:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4
>
> Is someth
On 03/04/2015 05:03 AM, Earl Killian wrote:
> I would like to reiterate Reindl Harald's point above, since subsequent
> discussion has gotten away from it. If Dovecot had DNS RBL support
> similar to Postfix, I think quite a few people would use it, and thereby
> defeat the scanners far more effect
On 3/4/15, Earl Killian wrote:
> On 2015/3/2 10:03, Reindl Harald wrote:
>>
>> that is all nice
>>
>> but the main benefit of RBL's is always ignored:
>>
>> * centralized
>> * no log parsing at all
>> * honeypot data are "delivered" to any host
>> * it's cheap
>> * it's easy to maintain
>> * it do
You can script fail2ban to send the entries to a rbldnsd file on a
remote server, I know someone who does it based on apache, since it
uses fail2ban, i shouldnt matter if its apache, or dovecot.
I thought Timo once said dovecot had tarpitting, its useless if it is
there, and if it is, it needs us
hi all
I've been reading this thread with interest. As a rather novice programmer.
I'm not being humble here, I really am not very good, I can do stuff, but
it takes a LONG time. My spaghetti code even has meatballs in it !
Not being a great programmer I'm not really able to code something up, bu
Daniel,
please help me understand, since I met your same problem on 2015-02-26 as
you did.
> 2. For each "failed:
> read(/var/mail/attachments/aa/bb/attachmentHash-userHash" line,
> a. Confirm /var/mail/attachments/aa/bb/hashes/attachmentHash exists
> i. If attachmentHash is missi
31 matches
Mail list logo