Re: [mailop] SMTP AUTH harassment

[Alessandro Vesely via mailop]

On Tue 20/Jul/2021 04:17:31 +0200 Ángel via mailop wrote:

On 2021-07-19 at 23:27 +0200, Slavko wrote:

Dňa Sun, 18 Jul 2021 13:56:18 -0400 Bill Cole:

The only usable way seems to be GoiIP blocking countries, but i

afraid that it is wrong way.

Why?

Hard to describe it in English for me, but i will try.

I consider blocking access by country as discriminating all honest
people in particular country. (...)

You opened the thread describing it as a "personal mail server". I
interpret that as being a mta serving just you, or a few select family
members/friends.
As such you can (should?) be highly selective. If you only use ISP A,
why should you allow from any other source? It's not as if you won't
notice when you change providers. If John uses only provider B, why
would you let a login from ISP C?

I run a personal mail server too.  I agree with safety arguments and all what 
Bill said.  However, any family member/ friend of mine, or even myself, could 
travel abroad for a week and forget to punch that hole in the firewall.  In 
addition, some use foreign services that login on their behalf (gmail is one).

By now, all my users learned that the paradoxicality of "password" doesn't make 
it so unusual that no cracker would even try it.  So the added risk of accepting attempts 
from abroad doesn't seem to worsen the overall state of affairs.

However, I discriminate by country when I report such abuses.  I only send 
reports to countries where I expect providers act under democratic laws.  I 
don't want to wreak more havoc than it deserves, nor to deal with 
incomprehensible problems.  This discrimination also helps reducing the overall 
number of reports being sent.

Does that make any sense?

I paste the relevant snippet from my script below.  Am I missing some?

Best
Ale
--

case "$country" in
        "AU"|"HK"|"ID"|"IN"|"JP"|"KR"|"NC"|"NP"|"NZ"|"SG"|"TH"|"TW")
                rdap_url="https://rdap.apnic.net/ip/$key";;;
        "US"|"CA"|"BB")
                rdap_url="http://rdap.arin.net/registry/ip/$key";;;
        
"AL"|"AT"|"BE"|"BG"|"CH"|"DE"|"DK"|"ES"|"FI"|"FR"|"GB"|"GR"|"IE"|"IL"|"IS"|"NL"|"NO"|"PL"|"RO"|"SE"|"SI"|"SK"|"TR")
                rdap_url="https://rdap.db.ripe.net/ip/$key";;;
        "BW"|"CV"|"MU"|"ZA")
                rdap_url="https://rdap.afrinic.net/rdap/ip/$key";;;
        "AR"|"BR"|"CO"|"CR"|"MX"|"PY"|"UY")
                rdap_url="https://rdap.lacnic.net/rdap/ip/$key";;;
        *)
                let non_reported_bp++
                rdap_url=""
                ;;
esac




_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop