Hello Everyone:
I am using OpenDKIM/OpenDMARC as some sort of anti spam. The
OpenDMARC could handle DMARC p=none or p=reject without any problem. But
if p=quarantine,OpenDMARC just let the incoming mail goes to Postfix
HOLD queue. Is it possible to let Postfix redirect incoming mail
Matus UHLAR - fantomas writes:
> I'm afraid it won't even help much - seems that dictionary attacks work much
> slower.
Not all of them are slow:
Nov 5 06:19:35 mail postfix/smtpd[28906]: warning: AUTH command rate limit
exceeded: 4 from unknown[106.58.210.27] for service smtp
Nov 5
Jaroslaw Rafa wrote
> Dnia 4.11.2019 o godz. 04:31:51 linkcheck pisze:
> I don't know as I don't use DMARC. I only DKIM sign outgoing mail, I don't
> verify DKIM nor DMARC on incoming mail. Just try what order works best.
Ok. Thanks for all the help. :)
--
Sent from:
On 2019-11-04 03:32, Bernardo Reino wrote:
> You can create a custom action like:
> $ cat /etc/fail2ban/action.d/local_action.conf
> [Definition]
> actionban = /usr/local/sbin/fail2ban_action.sh add
> actionunban = /usr/local/sbin/fail2ban_action.sh delete
> actioncheck =
> actionstart =
>
John Schmerold:
What is the best way to protect against dictionary attacks in Postfix?
Wietse Venema:
Reportedly, fail2ban (no first-hand experience, because I have no
SASL clients).
On 03 Nov 2019, at 06:06, Wietse Venema wrote:
Also, Postfix can rate-limit auth commands, on the
Dnia 4.11.2019 o godz. 04:31:51 linkcheck pisze:
>
> Pickup only gets run from sendmail which is called by content_filter OR by
> apache. So that now makes sense. Taken me hours to see that. :(
>
> So what I need is, as you said, to remove content_filter in master.cf and in
> main.cf to put in
@lbutlr wrote
> On 01 Nov 2019, at 10:03, linkcheck
> postfix@.co
> wrote:
>> Jaroslaw Rafa wrote
> Apache should not be posting mail via pickup. Use an SMTP plugin that
> authenticates just like anyone else.
If the mail and web servers were separate I would agree but there is a lot
of
Sorry for the delay in replying. I've been looking at this and trying to make
it work in my head, but keep coming up with DKIM running twice. Please bear
with me. Your setup of...
smtpd_milters = inet:localhost:10025, unix:spamass/spamass.sock
non_smtpd_milters = inet:localhost:10025
...suggests
On Sun, 3 Nov 2019, Phil Stracchino wrote:
On 2019-11-03 14:21, Bernardo Reino wrote:
On Sun, 3 Nov 2019, Phil Stracchino wrote:
I've been thinking about setting up exactly such a thing myself. Trying
to figure out how to make fail2ban talk to a Shorewall firewall on a
different box is just
