>There is no need to duplicate the threshold check.
I'm not duplicating the check. I was just considering using the logged,
recorded checks (of a minimum value) and making use of those. They could
trigger a ban of the IP via fail2ban's respective jail's frequency
settings, based on those log e
Scott Techlist:
> Re this log line:
> >Jul 17 14:23:36 tn3 postfix/postscreen[21915]: DNSBL rank 3 for
> [46.102.230.94]:63564
>
> Maybe it would be safe to filter on this line where the "DNSBL rank [n]" was
> >= my threshold:
As documented:
When the postscreen_greet_wait time has elapsed, A
On 17/07/17 21:04, Scott Techlist wrote:
>> Postcreen logs DISCONNECT for clients that PASS the "after 220 greeting"
>> tests (bare newline, non-SMTP command, pipelining).
> Exactly what I was afraid of, thanks for the confirmation.
>
>> I don't think there is much to gain from parsing postscreen
* Wietse Venema :
> Scott Techlist:
> > As I watch the bots and spammers hammer my server with connection attempts,
> > I figured I might as well stop them even closer to the front door when they
> > try repeatedly.
> >
> > I have fail2ban running already and once I enabled postscreen it didn't se
>Postcreen logs DISCONNECT for clients that PASS the "after 220 greeting"
>tests (bare newline, non-SMTP command, pipelining).
Exactly what I was afraid of, thanks for the confirmation.
>I don't think there is much to gain from parsing postscreen logging to
produce
>fail2ban rules. postscreen is
On 17/07/17 16:43, Scott Techlist wrote:
> As I watch the bots and spammers hammer my server with connection attempts,
> I figured I might as well stop them even closer to the front door when they
> try repeatedly.
>
> I have fail2ban running already and once I enabled postscreen it didn't seem
>
Abi Askushi skrev den 2017-07-17 14:40:
Thank you Benny for the suggestion.
Do you have any working example? Will this be a file with regex?
private replyed
Am 17.07.2017 um 20:06 schrieb /dev/rob0:
> On Mon, Jul 17, 2017 at 01:33:24PM -0400, Wietse Venema wrote:
>> I don't think there is much to gain from parsing postscreen logging
>> to produce fail2ban rules. postscreen is designed to handle a lot
>> of abuse with near-zero resources.
>
> Granted,
On Mon, Jul 17, 2017 at 01:33:24PM -0400, Wietse Venema wrote:
> I don't think there is much to gain from parsing postscreen logging
> to produce fail2ban rules. postscreen is designed to handle a lot
> of abuse with near-zero resources.
Granted, not much benefit within Postfix. But consider: the
Scott Techlist:
> As I watch the bots and spammers hammer my server with connection attempts,
> I figured I might as well stop them even closer to the front door when they
> try repeatedly.
>
> I have fail2ban running already and once I enabled postscreen it didn't seem
> to have much to do anymor
As I watch the bots and spammers hammer my server with connection attempts,
I figured I might as well stop them even closer to the front door when they
try repeatedly.
I have fail2ban running already and once I enabled postscreen it didn't seem
to have much to do anymore.
My primary question is:
Thank you Benny for the suggestion.
Do you have any working example? Will this be a file with regex?
Thanx,
Abi
On Fri, Jul 14, 2017 at 12:50 PM, Benny Pedersen wrote:
> Abi Askushi skrev den 2017-07-14 11:28:
>
> Do you have any other suggestion?
>>
>
> i do it with reject_sender_access from v
Am 17.07.2017 um 09:48 schrieb Alex JOST:
> AFAIK Authenticated Received Chain (ARC) was designed for exactly this use
> case. Wondering if anyone has some experience with it or knows if Gmail is
> already honouring ARC-headers.
yes, there are multiple ARC implementations between alpha and pr
Am 16.07.2017 um 02:55 schrieb Peter:
On 14/07/17 08:06, @lbutlr wrote:
I forward mail to a gmail user, but there are a lot of bounces from
gmail. I don't honestly care about the ones that google says are
spam,
You should. When Google sees SPAM coming form your server it will
affect your ser
14 matches
Mail list logo