Hello.
I remember when we used to complain about people having HTML e-mail
signatures and email was done using UUCP. You can use ip route as fast
effective way of permitting access.
IE:
ip route add blackhole 1.2.3.0/24
This would block all accesses to the local server. Otherwise, you
mats skrev den 2022-12-27 01:15:
Oki. I need the insane solutions then
Using DNS is not a way forward for us.
Maintaining cidr lists a number of times a minute with 10:s of
thousands of ip's instead of a simple query for the ip I'm interested
in, well not interested in that either
postgresql
Thanks.
If I read the docs right I should be able to use check_policy_service under
smtpd_client_restrictions.
I don't know if such a policy server launched frommain.cf would be able to do
what I need but if I would use an Inet type Socket I should be able to do what
I want with that code
Oki. I need the insane solutions then
Using DNS is not a way forward for us.
Maintaining cidr lists a number of times a minute with 10:s of thousands of
ip's instead of a simple query for the ip I'm interested in, well not
interested in that either
Sent with Proton Mail secure email.
On 12/26/2022 4:18 PM, mats wrote:
First statement: I'm new to Postfix
Second statement: I'm old enough that a 30mb harddrive was big then I started
working with computers ..
The Challenge
I want to be able to run my own "idp" type script when someone tries to connect
to my mailserver.
The first one is to avoid having a scheduled task running at least every minute to keep the list updated.
How were you planning to get the lists into postfix, and keep them updated?
The second one is that I only want to add the relevant firewall rules to the
mailserver. I don't know how many
mats:
> First statement: I'm new to Postfix
> Second statement: I'm old enough that a 30mb harddrive was big
> then I started working with computers ..
512kB (floppy disk).
> The Challenge I want to be able to run my own "idp" type script
> when someone tries to connect to my mailserver.
You could create an "ipset" [1] based on your blacklist. Then you'd use a
single "iptables" [2] rule to block all traffic from ipset "MyBlacklist" to
port 25 (or multiple ports or any port).
This way attacker traffic can't reach the port of Postfix, even without
annoying Postfix with them at
I want to be able to run my own "idp" type script when someone tries to connect
to my mailserver. Basically I want to refuse them even a tcp connection to smtpd if the
connecting ip is in our internal blacklist.
is there a reason you want to involve postfix at all?
fail2ban scans logs, and
First statement: I'm new to Postfix
Second statement: I'm old enough that a 30mb harddrive was big then I started
working with computers ..
The Challenge
I want to be able to run my own "idp" type script when someone tries to connect
to my mailserver. Basically I want to refuse them even a
isn't opendkim a dead project? I think their last commit was two years ago...
last time I checked, the EPEL package maintainer had to apply patches manually
because the opendkim owners had stopped working on their project.
On Mon, 26 Dec 2022 20:22:19 +1100 raf wrote:
> That issue hasn't
On Sat, Dec 24, 2022 at 08:05:12AM +0400, Samer Afach
wrote:
> Dear Raf:
>
> Thank you for the hint about UNIX sockets. I'll keep them. My only fear
> is/was that they're inappropriate to use across containers and something
> will break in the future. I guess I'll have to wait and see.
12 matches
Mail list logo