Displaying 20 results from an estimated 4000 matches similar to: "IP drop list"
2015 Mar 01
6
IP drop list
On 03/01/2015 04:25 AM, Reindl Harald wrote:
>> I wonder if there is an easy way to provide dovecot a flat text
>> file of ipv4 #'s which should be ignored or dropped?
>>
>> I have accumulated 45,000+ IPs which routinely try dictionary
>> and 12345678 password attempts. The file is too big to create
>> firewall drops, and I don't want to compile with
2015 Mar 05
3
Fwd: Re: IP drop list
On 2015-03-02 2:02 AM, Jochen Bern wrote:
> On 03/01/2015 08:53 AM, Jim Pazarena wrote:
>> I wonder if there is an easy way to provide dovecot a flat text file of
>> ipv4 #'s which should be ignored or dropped?
>>
>> I have accumulated 45,000+ IPs which routinely try dictionary and
>> 12345678 password attempts. The file is too big to create firewall
>>
2014 Jun 17
3
RFE: dnsbl-support for dovecot
after having my own dnsbl feeded by a honeypot and even
mod_security supports it for webservers i think dovecot
sould support the same to prevent dictionary attacks from
known bad hosts, in our case that blacklist is 100%
trustable and blocks before SMTP-Auth while normal RBL's
are after SASL
i admit that i am not a C/C++-programmer, but i think
doing the DNS request and in case it has a
2015 Mar 04
1
IP drop list
On 03/04/2015 05:03 AM, Earl Killian wrote:
> I would like to reiterate Reindl Harald's point above, since subsequent
> discussion has gotten away from it. If Dovecot had DNS RBL support
> similar to Postfix, I think quite a few people would use it, and thereby
> defeat the scanners far more effectively than any other method. It is
> good that other people are suggesting things
2015 Mar 01
0
IP drop list
Am 01.03.2015 um 08:53 schrieb Jim Pazarena:
> I wonder if there is an easy way to provide dovecot a flat text file of
> ipv4 #'s which should be ignored or dropped?
>
> I have accumulated 45,000+ IPs which routinely try dictionary and
> 12345678 password attempts. The file is too big to create firewall
> drops, and I don't want to compile with wrappers *if* dovecot has
2006 Nov 21
1
QMAIL - RBLSMTP - HOW to WHITELIST
Dear Friend,
I done configuration using RBLSMTPD with WHITELIST, but I don't know it
is correct.
Please check files below are corrects.
Thanks
Adriano
=== FILE WHITELIST.DOMINIO.RBL. ====
$ttl 900
whitelist.dominio.rbl. IN SOA host1.xxxxxx.com. root.xxxxx.com. (
2006112002 ; serial;
3600 ; refresh period (1 hora);
900 ; retry time (15 minutos);
1800 ; expire tiem (30 minutos);
900 ;
2015 Mar 02
0
IP drop list
On 03/01/2015 08:53 AM, Jim Pazarena wrote:
> I wonder if there is an easy way to provide dovecot a flat text file of
> ipv4 #'s which should be ignored or dropped?
>
> I have accumulated 45,000+ IPs which routinely try dictionary and
> 12345678 password attempts. The file is too big to create firewall
> drops [...]
The inherent assumption here is that dovecot, using a
2019 Apr 12
2
Mail account brute force / harassment
On 11/04/2019 14:33, Anton Dollmaier via dovecot wrote:
>> Which is why a dnsbl for dovecot is a good idea. I do not believe the
>> agents behind these login attempts are only targeting me, hence the
>> addresses should be shared via a dnsbl.
>
> Probably there's an existing solution for both problems (subsequent
> attempts and dnsbl):
>
>>
2019 Apr 12
2
Mail account brute force / harassment
On 12/04/2019 08:42, Aki Tuomi via dovecot wrote:
> On 12.4.2019 10.34, James via dovecot wrote:
>> On 12/04/2019 08:24, Aki Tuomi via dovecot wrote:
>>
>>> Weakforced uses Lua so you can easily integrate DNSBL support into it.
>> How does this help Dovecot block?
>> A link to some documentation or example perhaps?
>>
>>
>
2015 Mar 02
0
IP drop list
Am 01.03.2015 um 23:16 schrieb Dave McGuire:
> On 03/01/2015 04:25 AM, Reindl Harald wrote:
>>> I wonder if there is an easy way to provide dovecot a flat text
>>> file of ipv4 #'s which should be ignored or dropped?
>>>
>>> I have accumulated 45,000+ IPs which routinely try dictionary
>>> and 12345678 password attempts. The file is too big to
2015 Mar 04
4
IP drop list
Am 04.03.2015 um 21:03 schrieb Dave McGuire:
> On 03/04/2015 02:12 PM, Michael Orlitzky wrote:
>>> I would like to reiterate Reindl Harald's point above, since subsequent
>>> discussion has gotten away from it. If Dovecot had DNS RBL support
>>> similar to Postfix, I think quite a few people would use it, and thereby
>>> defeat the scanners far more
2006 Oct 25
11
spam control
Gents,
I have added the following to /etc/mail/sendmail.mc and rebuilt it
trying to control spam. I still get about 25 spam messages a day.
Is there something else that can help control spam?
Thanks
jerry
---------------------------
dnl #
dnl # dnsbl - DNS based Blackhole List/Black List/Rejection list
dnl # See http://www.sendmail.org/m4/features.html#dnsbl
dnl #
FEATURE(`dnsbl',
2015 Mar 04
1
IP drop list
On 03/04/2015 09:45 PM, Dave McGuire wrote:
> On 03/04/2015 03:37 PM, Oliver Welter wrote:
>> Am 04.03.2015 um 21:03 schrieb Dave McGuire:
>>> Am 04.03.2015 um 20:12 schrieb Michael Orlitzky:
>>>> Please add [DNSBL] support to iptables instead of Dovecot. It's a waste of
>>>> effort to code it into every application that listens on the network.
2008 Jun 29
2
spam filtering with centos 5.2
In the past I've used a combination of spamhaus combined RBL's and
Spamassassin with Mailscanner as my spam recipe, but this stopped
working very well for me well over a year ago. As many of the users of
the couple small/personal mail servers I run are NOT technical people,
and use POP to read their mail, 'training' spamassassin is difficult at
best. Once upon a time, using
2008 Jan 10
2
FYI: CentOS mailserver on nixspam RBL
In case someone's using the nixspam RBL and wondering why the influx from
the CentOS mailing lists has stopped today:
http://www.dnsbl.manitu.net/lookup.php?language=en&value=72.21.40.12
Kai
--
Kai Sch?tzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
2015 Mar 02
6
IP drop list
Am 02.03.2015 um 18:56 schrieb Robert Schetterer:
> perhaps and i mean really "perhaps" go this way
>
> https://sys4.de/de/blog/2014/03/27/fighting-smtp-auth-brute-force-attacks/
>
> https://sys4.de/de/blog/2012/12/28/botnets-mit-rsyslog-und-iptables-recent-modul-abwehren/
>
> 45K+ IPs will work in a recent table
> i have them too but for smtp only like
>
>
2019 Apr 11
5
Mail account brute force / harassment
On 11/04/2019 11:43, Marc Roos via dovecot wrote:
> A. With the fail2ban solution
> - you 'solve' that the current ip is not able to access you
It is only a solution if there are subsequent attempts from the same
address. I currently have several thousand addresses blocked due to
dovecot login failures. My firewall is set to log these so I can see
that few repeat, those
2017 Jun 28
10
ransomware etc
Hi all,
Just out of curiosity: is there anything we can do, on the samba side,
to counter the recent ransomware attacks? (or limit the damage done)
I'm thinking like: limit the number of files per second a client
(workstation) is allowed to edit, or some other smart tricks..?
It would be nice if samba could be an extra layer of defense.
Something perhaps a vfs module could help with..?
2015 Mar 02
0
IP drop list
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Am 01.03.2015 um 08:53 schrieb Jim Pazarena:
> I have accumulated 45,000+ IPs which routinely try dictionary and
> 12345678 password attempts. The file is too big to create firewall
> drops,
Have you also checked ipset (http://ipset.netfilter.org/)
Its extremely powerful even with huge block lists
-----BEGIN PGP SIGNATURE-----
Version:
2008 Oct 31
4
offtopic question .. apprecyice ur help
Dear All,
its a offtopic question but really apprecite if someone would advise n help
i have been running a mil server with sendmail
and have sbl-xbl.spamhaus.org as my dnsbl.
i had other servers which are alredy out now
that is relays.ordb.org and dsbl.org have already been out of my sendmail
config.
any one knows of ny other servers i could add in my sendmail config
apprecite ur help