search for: openbl

...o that now. > ... > > Anyone aware of other blocklists that are worth bocking? Because the > list.blocklist.de/lists/all.txt blocks some, but not anywhere near all. There are other RBLs that overlap with this (like CBL), but they include entries will produce false positives. There was OpenBL but that is defunct. The different lists at blocklist.de have varying efficacy: the ssh and smtp BFD detection are fairly good (they have a 90+% hit rate at my site), but the IMAP/POP BFD detection not as good (maybe 20%). However, if people start feeding IMAP/POP fail2ban data back to blocklist....

Hi has someone a script which can filter out dictionary attacks from /var/log/maillog and notify about the source-IPs? i know about fail2ban and so on, but i would like to have a mail with the IP address for two reasons and avoid fail2ban at all because it does not match in the way we maintain firewalls * add the IP to a distributed "iptables-block.sh" and distribute it to any

Hi, Since upgrading our mail servers to Postfix/Dovecot, we've seen a rather large increase in botnet brute force password attacks. I guess our old servers were too slow to suit their needs. Now, when they hit upon a valid user, it's easy to see what passwords they are trying (we've enabled auth_debug_passwords and set auth_verbose_passwords = plain). We can easily have log