A friend and I experienced this in October last year.
I believe these SYNs have forged source addresses. The objectives being one or
more of:
- a DOS attack on the legit owner of the IP,
- create a state table size issue for you,
- to have you block legitimate sources.
The last of these
Wietse Venema:
> Daniel Ry?link:
> > Hello
> >
> > What are the valid values for this configuration option?
> >
> > I tried to set it as "PERMIT", and the server failed to stard saying
> > it's "Bad configuration".
>
> RTFM?
>
On 2/26/20 9:12 AM, Wietse Venema wrote:
micah anderson:
Matus UHLAR - fantomas writes:
welcome to the internet. Can be misconfigured client, spamware somewhere,
scan, whatever. Firewalling those automatically is the only way to limit
those messages.
I'm curious what kind of firewalling
Daniel Ry?link:
> Hello
>
> What are the valid values for this configuration option?
>
> I tried to set it as "PERMIT", and the server failed to stard saying
> it's "Bad configuration".
RTFM?
http://www.postfix.org/postconf.5.html#unverified_recipient_reject_code
micah anderson:
> Matus UHLAR - fantomas writes:
>
> > welcome to the internet. Can be misconfigured client, spamware somewhere,
> > scan, whatever. Firewalling those automatically is the only way to limit
> > those messages.
>
> I'm curious what kind of firewalling rules that people have come
Hello
What are the valid values for this configuration option?
I tried to set it as "PERMIT", and the server failed to stard saying
it's "Bad configuration". My aim is to set the server so that it defers
mail for recipients that fail permanently during the recipient address
verification (for
Dnia 26.02.2020 o godz. 07:59:04 micah anderson pisze:
> I'm curious what kind of firewalling rules that people have come up with
> to limit these. Are you just doing a fail2ban type reaction, or have
> some particular state you are denying? I'd be happy to see some iptables
> or even pf examples.
Matus UHLAR - fantomas writes:
> welcome to the internet. Can be misconfigured client, spamware somewhere,
> scan, whatever. Firewalling those automatically is the only way to limit
> those messages.
I'm curious what kind of firewalling rules that people have come up with
to limit these. Are
On 26/02/2020 11:05, Viktor Dukhovni wrote:
>
> This appears to be a network registered in Britain with a yandex.ru
> abuse contact: and a netblock whose
> GeoIP appears to be in Romania:
>
> 92.118.38.42: RO, Romania
>
> If anyone is going to give an answer, the yandex abuse contact be the
>
On 26 February 2020, at 02:54, Jaroslaw Rafa wrote:
My Postfix log is full of repeated connections and disconnections from the
same machine:
Feb 26 11:43:41 rafa postfix/submission/smtpd[13829]: connect from
unknown[92.118.38.42]
Feb 26 11:43:52 rafa postfix/submission/smtpd[13829]:
On Wed, Feb 26, 2020 at 11:54:31AM +0100, Jaroslaw Rafa wrote:
> Feb 26 11:43:41 rafa postfix/submission/smtpd[13829]: connect from
> unknown[92.118.38.42]
> Feb 26 11:43:52 rafa postfix/submission/smtpd[13829]: disconnect from
> unknown[92.118.38.42]
> Feb 26 11:44:04 rafa
> On 26 February 2020, at 02:54, Jaroslaw Rafa wrote:
>
> My Postfix log is full of repeated connections and disconnections from the
> same machine:
>
> Feb 26 11:43:41 rafa postfix/submission/smtpd[13829]: connect from
> unknown[92.118.38.42]
> Feb 26 11:43:52 rafa
My Postfix log is full of repeated connections and disconnections from the
same machine:
Feb 26 11:43:41 rafa postfix/submission/smtpd[13829]: connect from
unknown[92.118.38.42]
Feb 26 11:43:52 rafa postfix/submission/smtpd[13829]: disconnect from
unknown[92.118.38.42]
Feb 26 11:44:04 rafa
13 matches
Mail list logo
