Also remember that SSLv3 refers to two different things:
1. The SSLv3 protocol
2. The SSLv3 ciphers (known as the ciphersuite).
In the s_client output below, it uses the SSLv3 protocol to negotiate NO
cipher (i.e. the "Cipher is (NONE)" part). It establishes a plaintext
session using the
If the problem is arising during the TLS negotiation, then there will
never be an SMTP session started and therefore there will never be an
attempt to even submit a password.
I do not think that a TLS negotiation problem will show up in any
mail-related log file. I've yet to find it in any
#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
SMTPD="/var/qmail/bin/qmail-smtpd"
TCP_CDB="/etc/tcprules.d/tcp.smtp.cdb"
HOSTNAME=`hostname`
VCHKPW="/home/vpopmail/bin/vchkpw"
RECORDIO=""
RECORDIO="/usr/bin/recordio"
export
Simscan as well and whatever it calls...clamd, spamd, ...
Get BlueMail for Android
On Apr 22, 2020, 7:18 PM, at 7:18 PM, David Bray wrote:
>no - but vchkpw, also spamdyke does
>
>so this is blocking people that are providing bad passwords etc ...
>but agree, still trying to work out who is
no - but vchkpw, also spamdyke does
so this is blocking people that are providing bad passwords etc ...
but agree, still trying to work out who is doing something other than this
David Bray
0418 745334
2 ∞ & <
On Thu, 23 Apr 2020 at 11:15, Remo Mattei wrote:
> qmail does not log to maillog.
qmail does not log to maillog.
Remo
Inviato da iPad
> Il giorno 22 apr 2020, alle ore 5:36 PM, David Bray
> ha scritto:
>
>
> I agree, have them in place already, they are winners
> I actually disagree slightly, if I'm not mistaken - it would be better to
> have those two entries
Could I ask you command line for recordio
Thanks in advance
David Bray
0418 745334
2 ∞ & <
On Wed, 22 Apr 2020 at 23:40, Eric Broch wrote:
> Hi David,
>
> I think you're on to something with fail2ban (keying off maillog). I was
> monitoring my smtps port (watching the certificate and
I agree, have them in place already, they are winners
- I actually disagree slightly, if I'm not mistaken - it would be better
to have those two entries combined, wouldn't fail2ban parse the maillog
twice in his example ?
I use:
failregex = vchkpw-smtps?: vpopmail user not found .*:
Doesn't '!SSLv3' in your ciphers mean NO SSLv3 is accepted? So, your
command should be
openssl s_client -connect mx.domain.ltd:25 -starttls smtp -no_ssl3
not the following command which forces ssl3...
openssl s_client -connect mx.domain.ltd:25 -starttls smtp -ssl3
Correct?
On 4/22/2020 9:57
Hi
I have a debian8 and qmail with tcpserver
I have big problem with disable sslv3 - or I dont understand
i crate /var/qmail/control/tlsserverciphers
and put:
ALL:!ADH:!LOW:!SSLv2:!SSLv3:!EXP:+HIGH:+MEDIUM
naw I restart qmail via svc:
svc -d /service/qmail-smtpd
svc -u /service/qmail-smtpd
Hi Eric / David.
My vpopmail.conf from fail2ban :
failregex = vchkpw-smtp: vpopmail user not found .*:$
vchkpw-smtps: vpopmail user not found .*:$
vchkpw-smtp: null password given .*:$
vchkpw-smtps: null password given .*:$
vchkpw-submission: null
Thanks, Jaime!
Perfect.
On 4/22/2020 8:06 AM, Jaime Lerner wrote:
David,
You might try the suggestions here:
https://www.taverner-rich.com/mitigating-brute-force-attacks/
I put them in place on my server and it definitely helped.
Jaime
*From: *Eric Broch
*Reply-To: *
*Date:
David,
You might try the suggestions here:
https://www.taverner-rich.com/mitigating-brute-force-attacks/
I put them in place on my server and it definitely helped.
Jaime
From: Eric Broch
Reply-To:
Date: Wednesday, April 22, 2020 at 9:40 AM
To:
Subject: Re: [qmailtoaster] SMTPS
Hi David,
I think you're on to something with fail2ban (keying off maillog). I was
monitoring my smtps port (watching the certificate and encryption scroll
by) using /usr/bin/recordio and /var/log/maillog and found that the bad
guys are trying to login. Here are some failures from maillog:
14 matches
Mail list logo