On Wed, 15 Nov 2023, 23:25 Michael Peddemors, wrote:
> Not sure yet if it is Dovecot, or the SSL libraries they are
> attempting
> to break, but using a variety of SSL/TLS methods and connections...
>
> They are not interested in dovecot per se. They scan for TLS vulnerabilities,
On Wed, 15 Nov 2023, 23:25 Michael Peddemors, wrote:
There is a network claiming to be a security company, however the
activity appears to be a little more malicious, and appears to be
attempting buffer overflows against POP-SSL services.. (and other
attacks).
There is a network claiming to be a security company, however the
activity appears to be a little more malicious, and appears to be
attempting buffer overflows against POP-SSL services.. (and other attacks).
https://www.abuseipdb.com/check/104.156.155.21
Just thought it would be worth
ibra skrev den 2023-11-15 11:00:
Is something else I'm missing?
rfc 1700
rfc 1918
tls on loopback is imho overkill, if just was an example ok :=)
use mta if more lmtp connections is in need, eq dont open port 24 poblic
on dovecot
___
dovecot
Hi,
I'm trying running tls connections for both auth and lmtp services. For lmtp it
is ok, for auth service I couldnt make it. I configure dovecot with the next
configuration in file "conf.d/10-myconfig.conf":
service auth {
inet_listener {
name = dovecot_auth
address = 127.0.0.1