similar to: Recommendations on intrusion prevention/detection?

<div dir='auto'>Iptables or ipfw you always can create tables / chains and feed those with desirable IP's to ban.<div dir="auto"><br></div><div dir="auto">Something like fail2ban does. Make a big list, remove one or other IP.</div><div dir="auto"><br></div><div dir="auto">On my setup, I

Dear all, what are the key strategies for intrusion prevention and detection with dovecot, apart from installing fail2ban? It is a pity that the IMAP protocol does not support 2 factor authentication, which seems to stop 90% of intrusion attempts in their tracks. Without it, if someone has obtained your password and reads your mail without modifying it, you will hardly ever notice. Is there a

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> Can you check with `doveconf -nc /path/to/director.conf` that the values are actually set correctly? </div> <div> <br> </div> <div> Aki </div> <blockquote type="cite"> <div> On

On 2020-04-22 5:29 a.m., Johannes Rohr wrote: > Dear all, > > what are the key strategies for intrusion prevention and detection with > dovecot, apart from installing fail2ban? > It is a pity that the IMAP protocol does not support 2 factor > authentication, which seems to stop 90% of intrusion attempts in their > tracks. Without it, if someone has obtained your password and

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> <br> </div> <blockquote type="cite"> <div> On 24/12/2019 12:33 Naveen Reddy <naveenreddy99@gmail.com> wrote: </div> <div> <br> </div> <div> <br>

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> You could also try our docker images, see <a href="https://hub.docker.com/u/dovecot">https://hub.docker.com/u/dovecot</a> </div> <div> <br> </div> <div> Aki </div> <blockquote

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> Do you have !include or !try_include in director.conf? The conf.d files are not included otherwise. </div> <div> <br> </div> <div> Aki </div> <blockquote type="cite"> <div> On

> On 22. Apr 2020, at 19.14, Michael Peddemors <michael at linuxmagic.com> wrote: > The three most common attack vectors, (and attack volumes have never been higher) are: > > * Sniffed unencrypted credentials > (Assume every home wifi router and CPE equipment are compromised ;) > * Re-used passwords where data is exposed from another site's breach > (Users WANT to

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> Those plugins can be resurrected with simple `git revert`. </div> <div> <br> </div> <div> Are you planning on open sourcing your client id authetication plugin? </div> <div> <br> </div>

So I am on of the many users with qmail, and using vpopmail auth, I guess chatting with some other guys in the other mailing list we will convert to mysql driver but this is a lot of work for many people. I do understand dropping things out but a valid solutions needs to be proposed. Remo > On Mar 18, 2020, at 06:49, Michael Peddemors <michael at linuxmagic.com> wrote: > >

Am 23.06.2020 um 07:33 schrieb Bernardo Reino: > If you use postfix a "workaround" is to temporarily disable postscreen, > which IIRC is the one (rightly) complaining about the improper pipelining. > > Cheers, > Bernardo Reino No, submitting on SMTP port 25 would be the wrong step. There's submission on port 587 or submissions (formerly called smtps) on port 465

I block all my email ports except 25 from countries where I am not going to be sending or receiving email. I also block many datacenters, but blocking Digital Ocean, Vultur and AWS will get you 90%of the way there. You will need to use 587, that is no auth on 25. Again no blocking on 25, just block the other email ports. I get maybe one attempt to log into my email account a week. Yeah not as

Hi! Dovecot is now a nearly 20 year old product, and during that time it has accumulated many different features and plugins in its core repository. We are starting to gradually remove some of these parts, which are unused, untested or deprecated. We will provide advance notification before removing anything. To start, the following features are likely to be removed in next few releases of

Hi! Dovecot is now a nearly 20 year old product, and during that time it has accumulated many different features and plugins in its core repository. We are starting to gradually remove some of these parts, which are unused, untested or deprecated. We will provide advance notification before removing anything. To start, the following features are likely to be removed in next few releases of

Is 2 factor authentication possible on dovecot? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b New Brunswick Save The PRovince Vote Liberal 14 Sept!!

I'm looking for some beta testers to provide feedback on an Asterisk intrusion detection & prevention program we're releasing soon. As a quick overview, the program provides: - banning based on geographic location of source IP (Continent, country, region, city, etc) - detection and banning based on channels in use by a user - detection and banning based on rate of dialing - detection

On 2020-04-22 18:45, Sami Ketola wrote: > Actually by far the biggest source of stolen credentials is > viruses/trojans harvesting them. i tryed blacklist all ips that got passwords errors, but that ends in big shorewall blrules so i turn it over to just add whitelist into blrules where ips is known custommers that dont abuse server, that way my shorewall got alot smaller config files

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> <br> </div> <blockquote type="cite"> <div> On 22/04/2020 19:56 Benny Pedersen < <a href="mailto:me@junc.eu">me@junc.eu</a>> wrote: </div> <div> <br>

Hello, I would like to implement some kind of two factors authentication, in Dovecot. I am thinking about using the post login script, to check for unusual behaviour, like say, a different country / IP address or an unusual hour. I already wrote a simple shell script that check these factors, but now, I have some options for the following, and I need to know your opinion if this is feasible or