search for: irams1

...;MJ": I have dovecot shielded by fail2ban which works fine. But since a few days I see many many IPs per day knocking on my doors with wron password and/or users. But the rate at which they are knocking is very very low. So fail2ban will never catch them. For example one IP: Jul 25 14:03:17 irams1 dovecot: auth-worker(2212): pam(eurodisc,101.231.247.210,<gAulHSNVsNZl5/fS>): unknown user Jul 25 15:16:36 irams1 dovecot: auth-worker(11047): pam(gergei,101.231.247.210,<dPzYIyRVtOpl5/fS>): pam_authenticate() failed: Authentication failure (password mismatch?) Jul 25 16:08:51 irams1 do...

...by fail2ban which works fine. > But since a few days I see many many IPs per day knocking on > my doors with wron password and/or users. But the rate at which they are knocking > is very very low. So fail2ban will never catch them. > > For example one IP: > > Jul 25 14:03:17 irams1 dovecot: auth-worker(2212): pam(eurodisc,101.231.247.210,<gAulHSNVsNZl5/fS>): unknown user > Jul 25 15:16:36 irams1 dovecot: auth-worker(11047): pam(gergei,101.231.247.210,<dPzYIyRVtOpl5/fS>): pam_authenticate() failed: Authentication failure (password mismatch?) > Jul 25 16:08:51...

...il2ban which works fine. > But since a few days I see many many IPs per day knocking on > my doors with wron password and/or users. But the rate at which they are > knocking > is very very low. So fail2ban will never catch them. > > For example one IP: > > Jul 25 14:03:17 irams1 dovecot: auth-worker(2212): > pam(eurodisc,101.231.247.210,<gAulHSNVsNZl5/fS>): unknown user > Jul 25 15:16:36 irams1 dovecot: auth-worker(11047): > pam(gergei,101.231.247.210,<dPzYIyRVtOpl5/fS>): pam_authenticate() > failed: Authentication failure (password mismatch?) &g...

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> Can you provide doveconf -n and try turning on mail_debug=yes on both ends and try doveadm -Dv expunge .... </div> <div> <br> </div> <div> Aki </div> <blockquote type="cite"> <div>

...ing doveadm(test4)<19830><>: Debug: auth-master: conn unix:/var/run/dovecot/auth-userdb (pid=15116,uid=0): Client connected (fd=10) doveadm(test4)<19830><>: Debug: auth-master: userdb lookup(test4): auth USER input: test4 system_groups_user=test4 uid=1805 gid=2300 home=/home/irams1-test/test4 doveadm(test4)<19830><>: Debug: auth-master: userdb lookup(test4): Finished userdb lookup (username=test4 system_groups_user=test4 uid=1805 gid=2300 home=/home/irams1-test/test4) doveadm(test4): Debug: Effective uid=1805, gid=2300, home=/home/irams1-test/test4 doveadm(test4):...

> On 26 Jul 2017, at 7:57 pm, Olaf Hopp <Olaf.Hopp at kit.edu> wrote: > > Dear collegues, > > many thanks for your valuable input. > > Since we are an university GEO-IP blocking is not an option for us. > Somestimes I think it should ;-) > > My "mistake" was that I had just *one* fail2ban filter for both cases: > "wrong password" and

Hi, I had an email with 58 recipients in the "To" and 13 in the "CC" Delivering it from exim to dovecot lmtp panics (see below) Panic: file smtp-address.c: line 533 (smtp_address_write): assertion failed: (smtp_char_is_qpair(*p)) # 2.3.1 (c5a5c0c82): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.devel (61b47828) # OS: Linux 2.6.32-696.23.1.el6.x86_64 x86_64 CentOS