To save you some searching. Here's a page with a lot of good
info. It's about how to do all this on postfix, so it's not a
cookie cutter for doing it on our toaster, but good info
nonetheless. He also uses "opendmarc" to process DMARC things, but
Further to this subject. I am learning that there are more pieces
that can help us out. Spamassassin gives us a way to assign a spam
score to messages with various DKIM results. But it doesn't know
what the original sender wanted us to do with messages that
Thanks, Gary.
I'll have a look
On 6/3/2020 8:52 AM, Gary Bowling wrote:
Further to this subject. I am learning that there are more pieces that
can help us out. Spamassassin gives us a way to assign a spam score to
messages with various DKIM results. But it doesn't know what the
original
Hi
What about below?
[Definition]
# Option: failregex
# Notes.: regex to match the password failures messages in the logfile.
# Values: TEXT
#
failregex = vchkpw-pop3: vpopmail user not found .*@.*:$
vchkpw-pop3: vpopmail user not found .*@:$
vchkpw-pop3: vpopmail user
If you are using chkuser the user not found should never get pass the initial
smtp.
Remo
> On Jun 3, 2020, at 22:34, Noriyuki Hayashi wrote:
>
> Hi
>
> What about below?
>
> [Definition]
>
> # Option: failregex
> # Notes.: regex to match the password failures messages in the logfile.
> #
FYI in case someone else can use this info.
In my recent review of my server and trying to tighten up
security. I noticed that there were a number of IPs that showed up
regularly in my fail2ban firewall rules. I have a fail2ban jail
for vpopmail
Nice work. I will take a look and try it out.
> Il giorno 3 giu 2020, alle ore 17:52, Gary Bowling ha scritto:
>
>
>
>
> It seems to work. I'm also using the /etc/fail2ban/filter.d/dovecot.conf that
> is included with fail2ban. That should catch attempts on imap and pop3, but
> I've
Sure, here's my /etc/fail2ban/filter.d/vpopmail.conf
[INCLUDES]
before = common.conf
# vi /etc/fail2ban/filter.d/vpopmail.conf:
[Definition]
failregex = vchkpw-smtp: vpopmail user not found .*:$
vchkpw-submission:
It seems to work. I'm also using the
/etc/fail2ban/filter.d/dovecot.conf that is included with
fail2ban. That should catch attempts on imap and pop3, but I've
never had it actually trap anything. So I'm guessing there is
something not quite right about
can you share your vpopmail rules for fail2ban, config and regex?
On 6/3/2020 5:48 PM, Gary Bowling wrote:
FYI in case someone else can use this info.
In my recent review of my server and trying to tighten up security. I
noticed that there were a number of IPs that showed up regularly in my
Nice, easier than mine.
On 6/3/2020 6:27 PM, Gary Bowling wrote:
Sure, here's my /etc/fail2ban/filter.d/vpopmail.conf
[INCLUDES]
before = common.conf
# vi /etc/fail2ban/filter.d/vpopmail.conf:
[Definition]
failregex = vchkpw-smtp: vpopmail user not found .*:$
vchkpw-submission:
11 matches
Mail list logo
