date:20220124

[BlueOnyx:25315] sending mail to gmail.com and spf

2022-01-24 Thread Ernie

I noticed something strange over the past week, emails to gmail.com from BX
user has started bouncing with Service Unavailable errors.

I went to Google's toolbox page for testing domains and noticed an error.
https://toolbox.googleapps.com/apps/checkmx/

"SPF must allow Google servers to send mail on behalf of your domain."

That's right, they want you to add google as a valix MX in your spf records

Any idea what this is all about?


- Ernie.
___
Blueonyx mailing list
Blueonyx@mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx

[BlueOnyx:25314] Re: 5210r and iptables -> not working?

2022-01-24 Thread Michael Stauber


Hi Janwillem,

Just saw in the shop that APF doesn’t use the GeoIP modulenon 5210, are 
there alternatives?


On EL8 we sadly no longer have /etc/hosts.allow and /etc/hosts.deny, 
which was needed for the GeoIP-feature. That's why the APF on 5210R 
comes without it.



If not I’ll setup a PfSense instance for that purpose.


Yeah, that might certainly be best if you can. You might still want 
Fail2ban and Firewalld on the 5210R itself, though. To block brute force 
login attempts.


--
With best regards

Michael Stauber
___
Blueonyx mailing list
Blueonyx@mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx

[BlueOnyx:25313] Re: 5210r and iptables -> not working?

2022-01-24 Thread JW Ronken

Hi Michael
That explain why my IPtables rules had no effect (feeling stupid :)

Just saw in the shop that APF doesn’t use the GeoIP modulenon 5210, are
there alternatives?
If not I’ll setup a PfSense instance for that purpose.

Thanks again for the clarification!
Janwillem

On Mon, 24 Jan 2022 at 17:00, Michael Stauber  wrote:

> Hi Janwillem,
>
> > I've setup a 5210 a few days ago, in the past (since 5206/5208/5209) I
> > could add an iptables rule like:
> >
> > iptables -I INPUT 1 -s 5.34.205.0/24  -j DROP
> >
> > and save it and it would block all traffic from that IP.
> >
> >
> > On 5210 it seems to do nothing, maillog still shows:
> >
> > Jan 24 15:11:01 ds01 postfix/submission/smtpd[2286356]: warning:
> > unknown[5.34.207.58]: SASL LOGIN authentication failed: authentication
> > failure
> >
> >
> > Any idea why it doesn't block the IP? I will get the APF package and
> > fail2ban but need also a working iptables if possible.
>
> BlueOnyx 5210R comes with Firewalld enabled by default. You can either
> use Firewalld *or* IPtables. But not both at the same time.
>
> In the Shop we have the old APF for 5210R, but when you buy that and
> link it to a 5210R, it will offer you two PKGs instead of one:
>
> - APF
> - Firewalld
>
> The Firewalld package for 5210R provides a GUI to manage the firewalld
> rules on 5210R. If you also install Fail2ban for 5210R, it will detect
> if you have APF or Firewalld enabled and will use whatever is enabled to
> block offending IPs. You should not enable both APF and Firewalld, as
> they get in each others ways.
>
> If you want to manually block an IP via Firewalld, then you can do so
> with the "firewall-cmd" command. Here is a good set of instructions on
> how to use it:
>
> https://kb.vander.host/security/how-to-block-an-ip-address-using-firewalld/
>
> --
> With best regards
>
> Michael Stauber
> ___
> Blueonyx mailing list
> Blueonyx@mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx
>
___
Blueonyx mailing list
Blueonyx@mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx

[BlueOnyx:25312] Re: 5210r and iptables -> not working?

2022-01-24 Thread Michael Stauber


Hi Janwillem,

I've setup a 5210 a few days ago, in the past (since 5206/5208/5209) I 
could add an iptables rule like:


iptables -I INPUT 1 -s 5.34.205.0/24  -j DROP

and save it and it would block all traffic from that IP.


On 5210 it seems to do nothing, maillog still shows:

Jan 24 15:11:01 ds01 postfix/submission/smtpd[2286356]: warning: 
unknown[5.34.207.58]: SASL LOGIN authentication failed: authentication 
failure



Any idea why it doesn't block the IP? I will get the APF package and 
fail2ban but need also a working iptables if possible.


BlueOnyx 5210R comes with Firewalld enabled by default. You can either 
use Firewalld *or* IPtables. But not both at the same time.


In the Shop we have the old APF for 5210R, but when you buy that and 
link it to a 5210R, it will offer you two PKGs instead of one:


- APF
- Firewalld

The Firewalld package for 5210R provides a GUI to manage the firewalld 
rules on 5210R. If you also install Fail2ban for 5210R, it will detect 
if you have APF or Firewalld enabled and will use whatever is enabled to 
block offending IPs. You should not enable both APF and Firewalld, as 
they get in each others ways.


If you want to manually block an IP via Firewalld, then you can do so 
with the "firewall-cmd" command. Here is a good set of instructions on 
how to use it:


https://kb.vander.host/security/how-to-block-an-ip-address-using-firewalld/

--
With best regards

Michael Stauber
___
Blueonyx mailing list
Blueonyx@mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx

[BlueOnyx:25315] sending mail to gmail.com and spf

[BlueOnyx:25314] Re: 5210r and iptables -> not working?

[BlueOnyx:25313] Re: 5210r and iptables -> not working?

[BlueOnyx:25312] Re: 5210r and iptables -> not working?

4 matches

Site Navigation

Mail list logo

Footer information