Re: Block forged addresses

Thank you Benny for the suggestion. Do you have any working example? Will this be a file with regex? Thanx, Abi On Fri, Jul 14, 2017 at 12:50 PM, Benny Pedersen wrote: > Abi Askushi skrev den 2017-07-14 11:28: > > Do you have any other suggestion? >> > > i do it with

Re: Forward to gmail and DMARC

Am 16.07.2017 um 02:55 schrieb Peter: On 14/07/17 08:06, @lbutlr wrote: I forward mail to a gmail user, but there are a lot of bounces from gmail. I don't honestly care about the ones that google says are spam, You should. When Google sees SPAM coming form your server it will affect your

Re: Forward to gmail and DMARC

Am 17.07.2017 um 09:48 schrieb Alex JOST: > AFAIK Authenticated Received Chain (ARC) was designed for exactly this use > case. Wondering if anyone has some experience with it or knows if Gmail is > already honouring ARC-headers. yes, there are multiple ARC implementations between alpha and

postscreen fail2ban filter

As I watch the bots and spammers hammer my server with connection attempts, I figured I might as well stop them even closer to the front door when they try repeatedly. I have fail2ban running already and once I enabled postscreen it didn't seem to have much to do anymore. My primary question is:

Re: postscreen fail2ban filter

Scott Techlist: > As I watch the bots and spammers hammer my server with connection attempts, > I figured I might as well stop them even closer to the front door when they > try repeatedly. > > I have fail2ban running already and once I enabled postscreen it didn't seem > to have much to do

Re: postscreen fail2ban filter

On Mon, Jul 17, 2017 at 01:33:24PM -0400, Wietse Venema wrote: > I don't think there is much to gain from parsing postscreen logging > to produce fail2ban rules. postscreen is designed to handle a lot > of abuse with near-zero resources. Granted, not much benefit within Postfix. But consider:

Re: postscreen fail2ban filter

Am 17.07.2017 um 20:06 schrieb /dev/rob0: > On Mon, Jul 17, 2017 at 01:33:24PM -0400, Wietse Venema wrote: >> I don't think there is much to gain from parsing postscreen logging >> to produce fail2ban rules. postscreen is designed to handle a lot >> of abuse with near-zero resources. > > Granted,

Re: Block forged addresses

Abi Askushi skrev den 2017-07-17 14:40: Thank you Benny for the suggestion. Do you have any working example? Will this be a file with regex? private replyed

Re: postscreen fail2ban filter

On 17/07/17 16:43, Scott Techlist wrote: > As I watch the bots and spammers hammer my server with connection attempts, > I figured I might as well stop them even closer to the front door when they > try repeatedly. > > I have fail2ban running already and once I enabled postscreen it didn't seem

RE: postscreen fail2ban filter

>Postcreen logs DISCONNECT for clients that PASS the "after 220 greeting" >tests (bare newline, non-SMTP command, pipelining). Exactly what I was afraid of, thanks for the confirmation. >I don't think there is much to gain from parsing postscreen logging to produce >fail2ban rules. postscreen is

Re: postscreen fail2ban filter

* Wietse Venema : > Scott Techlist: > > As I watch the bots and spammers hammer my server with connection attempts, > > I figured I might as well stop them even closer to the front door when they > > try repeatedly. > > > > I have fail2ban running already and once I

Re: postscreen fail2ban filter

On 17/07/17 21:04, Scott Techlist wrote: >> Postcreen logs DISCONNECT for clients that PASS the "after 220 greeting" >> tests (bare newline, non-SMTP command, pipelining). > Exactly what I was afraid of, thanks for the confirmation. > >> I don't think there is much to gain from parsing

RE: postscreen fail2ban filter

>There is no need to duplicate the threshold check. I'm not duplicating the check. I was just considering using the logged, recorded checks (of a minimum value) and making use of those. They could trigger a ban of the IP via fail2ban's respective jail's frequency settings, based on those log