Loading ...
Sorry, an error occurred while loading the content.
 

Re: dictionary-attack

Expand Messages
  • Lima Union
    ... very interesting link, as I understand my postfix is not prepared for pcre thus I won t be able to use it, right? $ /usr/sbin/postconf -m btree cidr
    Message 1 of 48 , Mar 25, 2013
      On Sat, Mar 23, 2013 at 11:31 AM, Benny Pedersen <me@...> wrote:
      > Ejaz skrev den 2013-03-23 11:49:
      >
      >> How do I configure my postfix not to accept the emails which sent on
      >> invalid address?, since morning we have been noticed that there huge
      >> spam dictionary attack on our server, all originated emails are from
      >> random IPs and random from address to the invalid recipient.
      >
      >
      > pretty common, just make sure not to use catch-all in postfix, then logs and
      > count what ips abuse most or is not have there own rir listning (dynamic ips
      > should be smtp auth only)
      >
      >
      >> Thanks in advance for you kind help in regards to the control such spam
      >> emails.
      >
      >
      > are you missing http://www.hardwarefreak.com/fqrdns.pcre ? :)

      very interesting link, as I understand my postfix is not prepared for
      pcre thus I won't be able to use it, right?

      $ /usr/sbin/postconf -m
      btree
      cidr
      environ
      hash
      internal
      ldap
      nis
      proxy
      regexp
      static
      tcp
      unix

      LU
    • Benny Pedersen
      ... add permit_sasl_authenticated before fqrdns.pcre testing -- senders that put my email into body content will deliver it to my own trashcan, so if you like
      Message 48 of 48 , Apr 7, 2013
        On 2013-03-27 23:11, Matthew Hall wrote:

        > I ran into a bit of an issue trying out fqrdns.pcre as recommended
        > here in this thread. The header in the file recommended adding it
        > into
        > smtpd_client_restrictions. However if I place it there, I end up
        > rejecting mail even from SASL authenticated client devices, if they
        > also match a rule in fqrdns.pcre.

        add permit_sasl_authenticated before fqrdns.pcre testing

        --
        senders that put my email into body content will deliver it to my own
        trashcan, so if you like to get reply, dont do it
      Your message has been successfully submitted and would be delivered to recipients shortly.