Using doveadm penalty I just noticed a penalty for 0.0.0.0. Is this Postfix querying the auth-socket for his SASL-requests? I tried adding 0.0.0.0 to login_trusted_networks, but that doesn't help. Peer -- Heinlein Support GmbH Schwedter Str. 8/9b, 10119 Berlin http://www.heinlein-support.de Tel: 030 / 405051-42 Fax: 030 / 405051-19 Zwangsangaben lt. ?35a GmbHG: HRB 93818 B / Amtsgericht Berlin-Charlottenburg, Gesch?ftsf?hrer: Peer Heinlein -- Sitz: Berlin -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 490 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20140923/e74f4563/attachment.sig>
* Peer Heinlein <p.heinlein at heinlein-support.de>:> > Using doveadm penalty I just noticed a penalty for 0.0.0.0. > > Is this Postfix querying the auth-socket for his SASL-requests?Maybe a portscan? Sometimes they turn up as 0.0.0.0 -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstra?e 15, 81669 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
On 23 Sep 2014, at 15:31, Peer Heinlein <p.heinlein at heinlein-support.de> wrote:> > Using doveadm penalty I just noticed a penalty for 0.0.0.0. > > Is this Postfix querying the auth-socket for his SASL-requests?Most likely. 0.0.0.0 would in any case mean "unknown". It shouldn't show up in penalty though..