search for: rbls

...n password, observing the auth_debug_passwords and auth_verbose_passwords settings, for all authentication failures? When we see certain patterns, we want to aggressively block those IPs, regardless of if it's a valid username or an unknown user. Or another option, is there any good DNS based RBLs for botnet IPs, and is there any way to tie that in to the dovecot auth system? I've been looking for botnet rbls, but what I've found so far doesn't seem to work very well. Most of the IPs that I've had to firewall don't exist in them. -- Michael Smith

Dear All, its a offtopic question but really apprecite if someone would advise n help i have been running a mil server with sendmail and have sbl-xbl.spamhaus.org as my dnsbl. i had other servers which are alredy out now that is relays.ordb.org and dsbl.org have already been out of my sendmail config. any one knows of ny other servers i could add in my sendmail config apprecite ur help

Am 02.03.2015 um 10:06 schrieb Steffen Kaiser: > If such plugin(?) is available, I would expect immediate complains, it > does not support: > > + local file lists with various sets of syntaxes > + RBLs with a fine grained response matching > + use the same RBL response for multiple match-action pairs or it could work just with no config, unconditional and in front of any authentication, frankly even without any response - connection -> RBL check -> close connection, done hence RBL...

I've been playing with weakforced, so it fills in the 'fail2ban across a cluster' niche (not to mention RBLs). It seems to work well, once you've actually read the docs :) I was curious if anyone had played with it and was *very* curious if anyone was using it in high traffic production. Getting things to 'work' versus getting them to work *and* handle a couple hundred dovecot servers is a ve...

Gents, I have added the following to /etc/mail/sendmail.mc and rebuilt it trying to control spam. I still get about 25 spam messages a day. Is there something else that can help control spam? Thanks jerry --------------------------- dnl # dnl # dnsbl - DNS based Blackhole List/Black List/Rejection list dnl # See http://www.sendmail.org/m4/features.html#dnsbl dnl # FEATURE(`dnsbl',

...AGE----- Hash: SHA1 On Mon, 2 Mar 2015, Reindl Harald wrote: > Am 02.03.2015 um 10:06 schrieb Steffen Kaiser: >> If such plugin(?) is available, I would expect immediate complains, it >> does not support: >> >> + local file lists with various sets of syntaxes >> + RBLs with a fine grained response matching >> + use the same RBL response for multiple match-action pairs > > or it could work just with no config, unconditional and therefore I wrote, that I expect complains, if this feature would work like that >...

...junk is using forged senders >> >> recently i got each day some hundret such bounces from mailservers configured by fools reply to spam with forged senders and if i could i would have gone out for beat every responsible admin straight in the face > > I may discard emails based on RBLs, but I don't want to discard emails based on statistical fllters, I prefer deliver them in the Junk folder and let the user have a chance to reclassify using dovecot_antispam. > And yes, bounce spams to (forged or not) sender is useless you *must not* discard mails - in no context - period...

Am 26.01.2015 um 08:52 schrieb Steffen Kaiser: > On Sun, 25 Jan 2015, Joseph Tam wrote: >> St?phane Cottin writes: > >>> dspam already send errors to syslog, the point here is to never loose >>> email contents. This was a wrong design, i'm now use a wrapper instead >>> ( see my previous post for details ). > >> You're stilling going to lose

Hi list, I have noted over the last week or so my DNS servers are dumping lots of messages for bogus domain lookups. Examining the postfix queue with postqueue -p: I see many (Host or domain name not found. Name service error for name=bdgiedjhea.po6e4ina.com type=MX: Host not found, try again) Jake at bdgiedjhea.po6e4ina.com My question - why does this

On 03/02/2015 02:38 AM, Oliver Welter wrote: > Guys, dovecot is open source - if you desire a feature that the upstream > programmer did not include, pay him a bounty to do so or send him a > patch to be included. Period. We can discuss and mightbe somebody will > fork if he is not willing to accept such a solutuion for any political > reason. > > I am really tired of reading

I have been using centos 6 in a virtualized system for a few months now. Took a while to batten down the hatches with postfix, rbls, and to use fail2ban correctly. The mailserver for my website(s) are located on the http server as well..an 'all in one' server. DNS servers are separated. My two sites, and their emails addresses (1 for each) have been around for 10 and 15 years respectively. One site was a business si...

...at 99% auf junk is using forged senders > > recently i got each day some hundret such bounces from mailservers configured by fools reply to spam with forged senders and if i could i would have gone out for beat every responsible admin straight in the face > I may discard emails based on RBLs, but I don't want to discard emails based on statistical fllters, I prefer deliver them in the Junk folder and let the user have a chance to reclassify using dovecot_antispam. And yes, bounce spams to (forged or not) sender is useless.

...o accept such a solutuion for any political reason. I am really tired of reading this kind of complaints on OSS lists. To make this not a "troll only" posting - it might be an suitable approach to let dovecot listen on the lo interface and put a proxy software in front, that supports RBLs. Oliver -- Protect your environment - close windows and adopt a penguin! -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4074 bytes Desc: S/MIME Cryptographic Signature URL: <http://dovecot.org/pipermail/do...

...rgs = <host>/matchpattern/action .... *** } in front of any other passdb{}. *** some sort of notation to configure IP source, matching and reaction. If such plugin(?) is available, I would expect immediate complains, it does not support: + local file lists with various sets of syntaxes + RBLs with a fine grained response matching + use the same RBL response for multiple match-action pairs + have it depended on protocol (POP3, IMAP, ManageSieve, ...) + have it depended on user (use that passdb for all-but or just-these) + have it to kick in after certain user-protocol-count-time patterns...

...can also feed back fail2ban data and crowdsource BFD >> data to them. > > Yes, I will look into that now. > ... > > Anyone aware of other blocklists that are worth bocking? Because the > list.blocklist.de/lists/all.txt blocks some, but not anywhere near all. There are other RBLs that overlap with this (like CBL), but they include entries will produce false positives. There was OpenBL but that is defunct. The different lists at blocklist.de have varying efficacy: the ssh and smtp BFD detection are fairly good (they have a 90+% hit rate at my site), but the IMAP/POP BFD de...

...ave also chinese students and > researchers all abroad. Nearly an intractable problem, especially since your users are embedded in a notoriously infested network (as someone quipped, "like picking marshmallows out from a pile of sh*t"). Some ideas: - pre-emption (using third party RBLs that targets BFD) - immediate blacklisting of known bad users/passwords (e.g. "admin", "support", extinct users, etc.) - persistent tracking storage: tracking in SQL, or or large LRU list that can reach far enough back in time. (I think Aki mentioned weakforced whi...

On 19.07.2017 02:38, Mark Moseley wrote: > I've been playing with weakforced, so it fills in the 'fail2ban across a > cluster' niche (not to mention RBLs). It seems to work well, once you've > actually read the docs :) > > I was curious if anyone had played with it and was *very* curious if anyone > was using it in high traffic production. Getting things to 'work' versus > getting them to work *and* handle a couple hundred...

Hai Alex, I use the same as in the link you posted. http://rob0.nodns4.us/postscreen.html This is used for my bases setup also. Just put all your servers (rbls) in here and copy the response lines, Like : /^zen\.spamhaus\.org$/ blocked by rbl, see http://multirbl.valli.org /^bl\.spameatingmonkey\.net$/ blocked by rbl, see http://multirbl.valli.org /^b\.barracudacentral\.org$/ blocked by rbl, see http://multirbl.valli.org And you see postfix/postscreen...

Hi I am taking part in writing an anti spam filter for my uni project. However at the moment I am not getting much spam to my mail server - running dovecot and postfix :) Do you have any suggestions for getting more? Thanks Tom

Am I the only one having trouble with this list? Since the begining of the week I have not been receiving mail from the list like I used to, is this a gmail problem? or is it subscription problem? or is something wrong with the list? anybody else using gmail having any problems?