RE: rbl for smtp auth hosts

2023-09-16 Thread Marc
> >> >>Anyone have any experience with a dns blacklist specific to known smtp > >> >>auth abuse? > > >> On 15.09.23 17:51, Benny Pedersen wrote: > >> >spamrats ? > >> > > >> >https://www.spamrats.com/ > > >> I have bad experiente with spam rats and thus wouldn't recommend using > >> them. > >> YM

Re: rbl for smtp auth hosts

2023-09-16 Thread Matus UHLAR - fantomas
>Marc skrev den 2023-09-15 17:01: >>Anyone have any experience with a dns blacklist specific to known smtp >>auth abuse? On 15.09.23 17:51, Benny Pedersen wrote: >spamrats ? > >https://www.spamrats.com/ I have bad experiente with spam rats and thus wouldn't recommend using them. YMMV of cour

Re: rbl for smtp auth hosts

2023-09-16 Thread Benny Pedersen
Marc skrev den 2023-09-15 23:57: >Marc skrev den 2023-09-15 17:01: >>Anyone have any experience with a dns blacklist specific to known smtp >>auth abuse? On 15.09.23 17:51, Benny Pedersen wrote: >spamrats ? > >https://www.spamrats.com/ I have bad experiente with spam rats and thus wouldn't reco

RE: rbl for smtp auth hosts

2023-09-15 Thread Marc
> >Marc skrev den 2023-09-15 17:01: > >>Anyone have any experience with a dns blacklist specific to known smtp > >>auth abuse? > > On 15.09.23 17:51, Benny Pedersen wrote: > >spamrats ? > > > >https://www.spamrats.com/ > > I have bad experiente with spam rats and thus wouldn't recommend using > t

Re: rbl for smtp auth hosts

2023-09-15 Thread Matus UHLAR - fantomas
Marc skrev den 2023-09-15 17:01: Anyone have any experience with a dns blacklist specific to known smtp auth abuse? On 15.09.23 17:51, Benny Pedersen wrote: spamrats ? https://www.spamrats.com/ I have bad experiente with spam rats and thus wouldn't recommend using them. YMMV of course. --

RE: rbl for smtp auth hosts

2023-09-15 Thread Marc
> > Anyone have any experience with a dns blacklist specific to known smtp > > auth abuse? > > spamrats ? > > https://www.spamrats.com/ yes thanks! this RATS-Auth maybe

Re: rbl for smtp auth hosts

2023-09-15 Thread Benny Pedersen
Riccardo Alfieri skrev den 2023-09-15 18:23: On 15/09/23 17:51, Reindl Harald (privat) wrote: limit the connections per hour on smtp-ports with iptables xt_recent and configure postfix properly anvil_rate_time_unit   = 1800s smtpd_client_connection_rate_limit = 100 smtpd_client_re

Re: rbl for smtp auth hosts

2023-09-15 Thread Riccardo Alfieri
On 15/09/23 17:51, Reindl Harald (privat) wrote: limit the connections per hour on smtp-ports with iptables xt_recent and configure postfix properly anvil_rate_time_unit   = 1800s smtpd_client_connection_rate_limit = 100 smtpd_client_recipient_rate_limit  = 400 smtpd_client_message

Re: rbl for smtp auth hosts

2023-09-15 Thread Riccardo Alfieri
On 15/09/23 17:49, Marc wrote: Is this a freely available list? It's included in all DQS accounts, free ones too -- Best regards, Riccardo Alfieri Spamhaus Technology https://www.spamhaus.com/

Re: rbl for smtp auth hosts

2023-09-15 Thread Benny Pedersen
Marc skrev den 2023-09-15 17:01: Anyone have any experience with a dns blacklist specific to known smtp auth abuse? spamrats ? https://www.spamrats.com/

RE: rbl for smtp auth hosts

2023-09-15 Thread Marc
> > > > > On 15.09.23 15:31, Riccardo Alfieri wrote: > >> Yes, at previous $dayjob. Applied on the submission MSA, it proved to > >> be useful in mitigating the fallout when users got their credentials > >> compromised. > > > > can you describe it more? > > > Well, I checked the connecting IP of

Re: rbl for smtp auth hosts

2023-09-15 Thread Riccardo Alfieri
On 15/09/23 17:35, Matus UHLAR - fantomas wrote: On 15.09.23 15:31, Riccardo Alfieri wrote: Yes, at previous $dayjob. Applied on the submission MSA, it proved to be useful in mitigating the fallout when users got their credentials compromised. can you describe it more? Well, I checked the

Re: rbl for smtp auth hosts

2023-09-15 Thread Matus UHLAR - fantomas
On 15/09/23 17:01, Marc wrote: Anyone have any experience with a dns blacklist specific to known smtp auth abuse? On 15.09.23 15:31, Riccardo Alfieri wrote: Yes, at previous $dayjob. Applied on the submission MSA, it proved to be useful in mitigating the fallout when users got their credentia

Re: rbl for smtp auth hosts

2023-09-15 Thread Riccardo Alfieri
On 15/09/23 17:01, Marc wrote: Anyone have any experience with a dns blacklist specific to known smtp auth abuse? Yes, at previous $dayjob. Applied on the submission MSA, it proved to be useful in mitigating the fallout when users got their credentials compromised. -- Best regards, Riccardo