Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature currently requires accessing the site using the built-in Safari browser.
If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread: CentOS2Alma discussion
Yes, they are plenty of other rules including the one Peter Debik suggested.
I tried at first with the A in uppercase. But I got that, the Bad argument '1'
Thanks
Thanks Eliamarsura, I don't use F2B, I use juggernauth firewall, so when I try to run your command, gives me this:
iptables: No chain/target/match by that name.
And if I change the -l for -a:
Bad argument `1'
He uses TONS, trust me tons of IP's, and "fresh" ones not listed in blacklists
I post here again as Peter Debik marked my past post as Resolved, but is not.
I have a kind of annoying problem, in the past, my main server IP belong to a very known domain website, they move their website/email server to a new IP range and I got their IP assigned (didn't know about this when I...
Hi Rasp, using this lines in config:
smtpd_client_restrictions = permit_mynetworks, reject_rbl_client xxxxx.xxxx, permit_sasl_authenticated
smtpd_delay_reject = no
The xxxxx.xxxx reffers to the block list, I.E.: b.barracudacentral.org
Or maybe not ;)
I figure it our in master.cf commented some lines in submission, and now, I can send email, and I can confirm 100% attacker is being blocked before SASL using the DNSBL
Nice christmas gift after months fighting with them.
Thanks @danami and have a Happy Christmas !
If I do the smtpd_delay_reject = no , then I can't send mail, got this in email client:
5.7.1 Client host rejected: Access denied
Below a fragment of maillog of how the attacker tries everytime without problem the SMTP AUTH:
Dec 24 01:14:08 sv postfix/smtps/smtpd[12538]: connect from...
Well... bad news, it works only for people trying to send mail, not for SASL AUTH/SMTP AUTH, they can still try to login without any problem being listed in the RBL/DNSBL
Hello @Peter Debik your solution works for a X time, after some hours or days, then stop working and again I need to create the rule, I guess some CRON is deleting it from Iptables or something, I did the iptables-save command, but still deletes it after X time.
I´m using CSF and Juggernauth...
Just to confirm, yes it's working :)
Log example:
NOQUEUE: reject: RCPT from unknown[XXX.XX.XX.XX]: 554 5.7.1 Service unavailable; Client host [XXX.XX.XX.XX] blocked using (RBL List)
Thanks @danami !
I did the steps before mentioned, it slow down the attempts, I still have some.
Thanks anyway for your info, don't get me wrong, I just want to know my original question:
My original question, is, "is there anyway to use DNSBL block list before SMTP AUTH attempts?"
Maybe someone have a...
Yes, but I can't enable on 465 or 587.
From the article:
"Note: Postscreen listens on port 25 only, so authenticated users from port 587 or 465 won’t be affected by Postscreen."
From the author:
"No. Postscreen only works on port 25. Port 587 is used for SMTP Auth. It’s not used for receiving...
No, doesn’t work for my needs, my problem is not spammers, it’s a hacker.
Post screen is nice working for 25 port, and spam, but not for before SMTP AUTH, that’s my problem, in SMTP AUTH attempts.