Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature currently requires accessing the site using the built-in Safari browser.
If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread: CentOS2Alma discussion
Inviting everyone to the UX test of a new security feature in the WP Toolkit For WordPress site owners, threats posed by hackers are ever-present. Because of this, we are developing a new security feature for the WP Toolkit. If the topic of WordPress website security is relevant to you, we would be grateful if you could share your experience and help us test the usability of this feature. We invite you to join us for a 1-hour online session via Google Meet. Select a convenient meeting time with our friendly UX staff here.
Well... bad news, it works only for people trying to send mail, not for SASL AUTH/SMTP AUTH, they can still try to login without any problem being listed in the RBL/DNSBL
Are you sure that you didn't just revert your changes by editing the RBL's in the Plesk interface? Plesk used to have the RBLs listed before the permit_sasl_authenticated and people complained that they could not send email when listed so they changed the order around.
If I do the smtpd_delay_reject = no , then I can't send mail, got this in email client:
5.7.1 Client host rejected: Access denied
Below a fragment of maillog of how the attacker tries everytime without problem the SMTP AUTH:
Dec 24 01:14:08 sv postfix/smtps/smtpd[12538]: connect from xxx-xxx-xxxx.xxxxx.xxxx[XXX.XXX.XXX.XXX]
Dec 24 01:14:12 sv plesk_saslauthd[12816]: listen=6, status=5, dbpath='/XXX/XXXXX/XXXXX/XXXXXX/XXXXXXX.db', keypath='/XXX/XXX/XXXXX/XXXX/XXXXXXXkey', chroot=0, unprivileged=1
Dec 24 01:14:12 sv plesk_saslauthd[12816]: privileges set to (89:89) (effective 89:89)
Dec 24 01:14:12 sv plesk_saslauthd[12816]: No such user '[email protected]' in mail authorization database
Dec 24 01:14:12 sv plesk_saslauthd[12816]: failed mail authentication attempt for user '[email protected]' (password len=9)
Dec 24 01:14:12 sv postfix/smtps/smtpd[12538]: warning: xxx-xxx-xxxx.xxxxx.xxxx[XXX.XXX.XXX.XXX]: SASL LOGIN authentication failed: authentication failure
Dec 24 01:14:12 sv postfix/smtps/smtpd[12538]: lost connection after AUTH from xxx-xxx-xxxx.xxxxx.xxxx[XXX.XXX.XXX.XXX]
Dec 24 01:14:12 sv postfix/smtps/smtpd[12538]: disconnect from xxx-xxx-xxxx.xxxxx.xxxx[XXX.XXX.XXX.XXX] ehlo=1 auth=0/1 commands=1/2
I figure it our in master.cf commented some lines in submission, and now, I can send email, and I can confirm 100% attacker is being blocked before SASL using the DNSBL
Nice christmas gift after months fighting with them.
Hi Rasp, using this lines in config:
smtpd_client_restrictions = permit_mynetworks, reject_rbl_client xxxxx.xxxx, permit_sasl_authenticated smtpd_delay_reject = no
The xxxxx.xxxx reffers to the block list, I.E.: b.barracudacentral.org
just to be sure, isn't it the same to enable it via Plesk -> Tools & Settings -> Mail Server Settings -> Turn on spam protection based on DNS blackhole lists and add your DNSBLs there?
Or is Plesk doing something different here?
When I check the /etc/postfix/main.cf, I can see a different order but don't know if that matters or not:
Just to be sure, isn't it the same to enable it via Plesk -> Tools & Settings -> Mail Server Settings -> Turn on spam protection based on DNS blackhole lists and add your DNSBLs there?
@Sebo, no. The DNSBL you configure in Plesk are used to rejected email messages from those who are listed on the DNSBLs. The configuration ChrisMonder described is used to rejected (smtp) authentication from those who are listed on the DNSBLs. Those are two different things.
So the order makes the difference here.
If I want to reject those who are listed on the DNSBLs from smtp authentication, I need to move the permit_sasl_authenticated to the end of line.
But where do I have to set the smtpd_delay_reject = no setting?
Also in main.cf or in the master.cf?
So the order makes the difference here.
If I want to reject those who are listed on the DNSBLs from smtp authentication, I need to move the permit_sasl_authenticated to the end of line.
But where do I have to set the smtpd_delay_reject = no setting?
Also in main.cf or in the master.cf?