Re: [exim] Spam though my server

2019-02-19 Thread Sebastian Nielsen via Exim-users
make them generally happier because deliverability will increase when your server isn't on blacklists. -Ursprungligt meddelande- Från: Exim-users För Mark Elkins via Exim-users Skickat: den 20 februari 2019 07:15 Till: exim-users@exim.org Ämne: Re: [exim] Spam though my server Those cus

Re: [exim] Spam though my server

2019-02-19 Thread Mark Elkins via Exim-users
enbach via Exim-users Skickat: den 19 februari 2019 20:00 Till: exim-users@exim.org; Sebastian Nielsen Kopia: 'Odhiambo Washington' Ämne: Re: [exim] Spam though my server Am Dienstag, 19. Februar 2019, 15:57:07 CET schrieb Sebastian Nielsen via Exim-users: Most better firewalls do have an built-

Re: [exim] Spam though my server

2019-02-19 Thread Ian Zimmerman via Exim-users
As an alternative to geolocation of IP addresses, consider asn.routeviews.org. -- Please don't Cc: me privately on mailing lists and Usenet, if you also post the followup to the list or newsgroup. To reply privately _only_ on Usenet and on broken lists which rewrite From, fetch the TXT record

Re: [exim] Spam though my server

2019-02-19 Thread Sebastian Nielsen via Exim-users
exim] Spam though my server Am Dienstag, 19. Februar 2019, 15:57:07 CET schrieb Sebastian Nielsen via Exim-users: > Most better firewalls do have an built-in country/GeoIP database, if not, > you can easily add one. GeoIP is far from "reliable" for any SMTP/MTA, as there is no ge

Re: [exim] Spam though my server

2019-02-19 Thread Niels Dettenbach via Exim-users
Am Dienstag, 19. Februar 2019, 15:57:07 CET schrieb Sebastian Nielsen via Exim-users: > Most better firewalls do have an built-in country/GeoIP database, if not, > you can easily add one. GeoIP is far from "reliable" for any SMTP/MTA, as there is no geolocation of a IP address. It offers only a

Re: [exim] Spam though my server

2019-02-19 Thread Andrew C Aitchison via Exim-users
On Tue, 19 Feb 2019, Mark Elkins via Exim-users wrote: I run a "relay" server for my e-mail clients - so they can send out e-mail from any network they are connected to (so useful for travelling laptops). This machine runs only on port 587, uses authentication (same password as for their

Re: [exim] Spam though my server

2019-02-19 Thread Sebastian Nielsen via Exim-users
Best way here would be to set up some sort of IP limitation to limit the attack Surface. If all of your users belong to the same country, I would suggest firewalling or restricting the 587 server via GeoIP so it can only be accessed from that particular country. Most better firewalls do have an

Re: [exim] Spam though my server

2019-02-19 Thread Lena--- via Exim-users
> From: Mark Elkins > I should probably have some EXIM scripts that count repetitive failures, > both at login authentication and delivery (failure) by a user, and use > that to do automatic blocking and reporting. Lena probably has a > solution for that.

Re: [exim] Spam though my server

2019-02-19 Thread Richard Jones via Exim-users
On Feb 19, Mark Elkins via Exim-users wrote > What can you do? Not everyone uses my relay - so I have a flag that needs to > be first switched on for the relay authentication to work. I also insist > that passwords are reasonably long and not based on the username. I build a > list every few

Re: [exim] Spam though my server

2019-02-19 Thread Jethro R Binks via Exim-users
On Tue, 19 Feb 2019, Mark Elkins via Exim-users wrote: > I run a "relay" server for my e-mail clients - so they can send out > e-mail from any network they are connected to (so useful for travelling > laptops). This machine runs only on port 587, uses authentication (same > password as for

Re: [exim] Spam though my server

2019-02-19 Thread Niels Dettenbach via Exim-users
Am Dienstag, 19. Februar 2019, 11:38:22 CET schrieb Odhiambo Washington via Exim-users: > How they end up hacking this account is something of a mystery now. This is > the second time in as many months. ..."usually" they got user login credentials in any way. from my experience, most typical

Re: [exim] Spam though my server

2019-02-19 Thread Mark Elkins via Exim-users
I run a "relay" server for my e-mail clients - so they can send out e-mail from any network they are connected to (so useful for travelling laptops). This machine runs only on port 587, uses authentication (same password as for their POP3/IMAP account) - etc etc. Some nefarious people are

Re: [exim] Spam though my server

2019-02-19 Thread Odhiambo Washington via Exim-users
On Tue, 19 Feb 2019 at 13:33, Heiko Schlittermann via Exim-users < exim-users@exim.org> wrote: > Odhiambo Washington via Exim-users (Di 19 Feb 2019 > 11:20:07 CET): > > I am seeing some spam going through my server, but I am not sure what > > method is being used by the spammer: > > > > exim

Re: [exim] Spam though my server

2019-02-19 Thread Heiko Schlittermann via Exim-users
Odhiambo Washington via Exim-users (Di 19 Feb 2019 11:20:07 CET): > I am seeing some spam going through my server, but I am not sure what > method is being used by the spammer: > > exim -Mvh 1gw0Ng-0002NF-1H > 1gw0Ng-0002NF-1H-H > mailnull 26 26 > > 1550563436 0 > -received_time_usec .039642 >

[exim] Spam though my server

2019-02-19 Thread Odhiambo Washington via Exim-users
I am seeing some spam going through my server, but I am not sure what method is being used by the spammer: exim -Mvh 1gw0Ng-0002NF-1H 1gw0Ng-0002NF-1H-H mailnull 26 26 1550563436 0 -received_time_usec .039642 -helo_name [192.6.3.50] -host_address 74.142.119.226.1591 -host_name