similar to: OT: fail2ban, spam and mail servers

To celebrate three years of the VoIP Users Conference, we're doing a 24-hour VoIP conference call today. Details are at http://voipathon.org IRC: #vuc on Freenode.net SIP: voipathon at vuc.onsip.com - Enter 22622# and your PIN# if you have no PIN you can listen using 1# iNum - +883 51007 039 9924 PSTN: +1 724 444 7444 again, 22622#1# or PIN# if you have one. Those of you in the

Been working on my anti-spam centos mailserver for a while now and thought I would share fail2ban's help. I installed fail2ban a few weeks back. It was tough to get it working properly but pretty much working now. Although it works fine for brute force, I thought I would run it pretty tough against spammers. I started with a regular mail server, my old one, that is horrendously pounded

I have been using centos 6 in a virtualized system for a few months now. Took a while to batten down the hatches with postfix, rbls, and to use fail2ban correctly. The mailserver for my website(s) are located on the http server as well..an 'all in one' server. DNS servers are separated. My two sites, and their emails addresses (1 for each) have been around for 10 and 15 years

OK, Thanks. I have a couple of questions -- the line numbers do not match exactly, so can you tell me a couple of lines before and after the line in question? Also, when will this be logged, if its only during sip debug, I need to change it to log when I can see it more readily. Thanks. On Wed, 29 Aug 2018 20:31:15 -0400, sean darcy wrote: > > On 08/29/2018 08:07 PM, John Covici wrote:

Hi list, I'm using Asterisk2Billing (v2.0.16) and it appears to have an annoying bug. When there are rates for e.g. 44 (UK landline) and 44870 (UK premium) and a fraudster manages to somehow dial 44-870 instead of 44870 the rate for 44 will match, not the one for 44870. So, I would like to block all calls on a dialplan level that contain a dash. -44, 4-4, 44-, 44---, -, ---, just

This is a high traffic list as it is and it is really annoying to see that SPAM is on the rise here. I wonder how they can spam the list since each user has to be authenticated. Do spammers go through the trouble of subscribing to the list? In any case, this msg is to the list admin...could you please do whatever it takes to filter this stuff out? Thank you very much. -bakki

I wonder if I could have that patch, maybe I could add it to my fail2ban regexp and if you have the correct regexp, I would apperciate that as well. Thanks. On Wed, 29 Aug 2018 19:18:29 -0400, Telium Support Group wrote: > > Depending on log trolling (Asterisk security log) misses a lot, and also depends on the SIP/PJSIP folks to not change message structure (which has already happened

I am working to a CentOS 6 server with nonstandard iptables system without rule for ACCEPT ESTABLISHED connections. All tables and chains empty (flush by legacy custom script) so only filter/INPUT chain has rules (also fail2ban chain): Chain INPUT (policy ACCEPT) target prot opt source destination f2b-postfix tcp -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all --

Hi, Some people have suggested maintaining black lists and white lists to avoid spammers and allow legitimate callers into the network. However, the problem with this method is that the spammer's IP address might change due to DHCP. Today a spammer might get aaa.bbb.ccc.ddd and lets say that I put this address in my blacklist. To my annoyance, tomorrow a legitimate caller might get

this has serious ramifications for the "nt domains for unix" project. luke. ---------- Forwarded message ---------- Date: Tue, 23 Jun 1998 13:25:57 -0500 From: Simple Nomad <thegnome@NMRC.ORG> To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM Subject: SPAM: Important Legislative Alert June 23rd, 1998 - The World Intellectual Property Organization treaty has already passed the US Senate and is

The problem is not specific to this list. Any kind of public list may mean that other subscribers (or even the whole world) can see your email address. So whenever you mail to a (public) list there is a good chance that afterwards, you will get more spam. Not really much can be done about it, at least not on the side of the list, since any of the subscribers may be a spammer, who can know... All

On Wed, Aug 29, 2018 at 6:20 PM Telium Support Group <support at telium.ca> wrote: > Depending on log trolling (Asterisk security log) misses a lot, and also > depends on the SIP/PJSIP folks to not change message structure (which has > already happened numerous time). If you are comfortable hacking > chan_sip.c you may prefer to get the same messages from the AMI. It still

I have two DELL servers with two Ethernet ports in it. Bith servers have CENTOS 4.5 installed. First Ethernet port connect to public Ethernet line and work correctly. Second Ethernet port I connect point-to-point as private Ethernet (cable direct connect without router or switch). Private Ethernet use IP asddress 1.1.1.1 and 1.1.1.2. I check "ifconfig -a" and both eth0 and eth1 are

Hi! There were several new spam entries in Bugizlla, created from previously created accounts. I think will be good idea to delete them as well as block spammers accounts : Report IDs: 30192, 30191, 30187, 30186, 30185, 30182, 28766, 28717, 28715, 28714. Eugene.

I use SSHGuard on well ssh (doh!), but supposedly you can use it for postfix and dovecot also. I can tell you it is well supported. I am on Centos 7 using firewalld. ? Original Message ? From: adi at ddns.com.au Sent: May 21, 2020 11:01 PM To: voytek at sbt.net.au Cc: dovecot at dovecot.org Subject: Re: fail2ban setup centos 7 not picking auth fail? On 22-05-2020 15:45, Voytek Eymont

I know it is not dovecot who should fix this. But anyone using dovecot is using an MTA, and receiving spam ;) I know how to look at email headers. Spf and dkim is not solving anything here. -----Original Message----- From: Sebastian Nielsen [mailto:sebastian at sebbe.eu] Sent: donderdag 11 juni 2020 10:23 To: Marc Roos; 'dovecot'; 'users' Subject: SV: handling spam from

OT Mailing List Spam This might be slightly off-topic but as the source of spam is probably a spammer getting emails from this list, I reported him and his service provider should cut off his/her ugly head. I got an email of the classic 419 scam from a "El Amir Assadallah" <rdjir001 at eircom.net>. This has just come if from the abuse department :- Dear Vandaman, Thank you for

I agree that no action should be taken. It's somewhat mystifying that the robot known as "Amy Kristen" responds so quickly after my post, and with such regularity (so far twice per hour), using perhaps several email addresses - and using the correct "Reply-To" headers. But more mystifying is that she keeps the same name the whole time. And lucky, I guess, because otherwise

I have been getting spam through the samba list. Is anyone able to post to the list without subscribing? -- Jerry Sloan <jerry@fptech.net> fP Technologies, Inc

Hey Fabian, Here's the headers for one of the spam responses I got from the list: from:Tracy <tracy12614 at safeloves.com>reply-to:tracy12614 at safeloves.com to:Tim Dunphy <bluethundr at gmail.com> date:Fri, Aug 28, 2015 at 2:19 PMsubject:Re: [CentOS] apache mysterious 404 errormailed-by:safeloves.comsigned-by:safeloves.com:Important mainly because it was sent directly to you.