- Nov 18, 2024
-
-
aoh authored
Currently, the script reports the following false positive. > /etc/cron.hourly/warn-too-many-smtp-login-hosts: > The following users have smtp logins from more than 20 different hosts. > Please verify that these mail accounts haven't been compromised. > > USER #UNIQUE HOSTS > ----------------------------------------- > 2513 This commit tries to adress this issue by checking if the extracted username is an empty string. The problem was that the script was matching lines similar to this, which ends with sasl_username=<name> Nov 17 00:01:51 hermod postfix/smtpd[556252]: warning: lneuilly-657-1-113-189.w82-127.abo.wanadoo.fr[82.127.41.189]: SASL PLAIN authentication failed: (reason unavailable), sasl_username=contact Hence I've also added the extra check as well !/authentication failed/ which ignores all the lines with the text "authentication failed", becase we're not interested in those.
-
- Nov 04, 2024
-
-
Joakim Tosteberg authored
-
Joakim Tosteberg authored
-
Joakim Tosteberg authored
-
- Sep 19, 2024
-
-
Joakim Tosteberg authored
-
Joakim Tosteberg authored
-
Joakim Tosteberg authored
-
Joakim Tosteberg authored
-
- May 13, 2024
-
-
Johan Busk Eriksson authored
-
- May 08, 2024
-
-
Johan Busk Eriksson authored
-
- Mar 13, 2024
-
-
Johan Busk Eriksson authored
-
- Mar 12, 2024
-
-
Johan Busk Eriksson authored
-
- Feb 01, 2024
-
-
Johan Busk Eriksson authored
-
- Jan 15, 2024
-
-
Andreas Kempe authored
This reverts commit 8d0ebad7. The analysis was premature in why the connection limit was his. Disk issues was the reason for mariadb becoming overloaded.
-
Andreas Kempe authored
The mysql database hit the maximum number of connections, making mail stop working.
-
- Jan 14, 2024
-
-
Andreas Kempe authored
The smtpd process is chrooted to storage/postfix-spool and can't access the mysql unix socket. I can't figure out how and why this is done so switch to connecting to mysql over localhost for the time being.
-
Andreas Kempe authored
-
- Jan 02, 2024
-
-
Joakim Tosteberg authored
-
- Dec 31, 2023
-
-
Joakim Tosteberg authored
-
Joakim Tosteberg authored
-
- Dec 29, 2023
-
-
Joakim Tosteberg authored
-
Joakim Tosteberg authored
-
Joakim Tosteberg authored
-
Joakim Tosteberg authored
-
- Dec 28, 2023
-
-
Joakim Tosteberg authored
smuggling from https://www.postfix.org/smtp-smuggling.html Previous config should have been mostly safe as well, but now we have a version which has smtpd_forbid_unauth_pipelining, so let's set that and also set smtpd_discard_ehlo_keywords = chunking as recommended. Let's see later on if debian backports so we get a version where we can set smtpd_forbid_bare_newline as well.
-
Joakim Tosteberg authored
-
Joakim Tosteberg authored
-
Joakim Tosteberg authored
-
- Dec 10, 2023
-
-
aoh authored
Add zabbix to WHITELIST to get rid of following invalid warning e-mails: """ Date: Sun, 10 Dec 2023 07:17:03 +0100 (CET) From: Cron Daemon <root@lysator.liu.se> To: root@lysator.liu.se Subject: Cron <root@hermod> cd / && run-parts --report /etc/cron.hourly X-Original-To: root@lysator.liu.se /etc/cron.hourly/warn-invalid-from-lysator: There has been sent mail from the following invalid Lysator addresses. This could indicate that a mail account have been compromised and is sending spam. zabbix@lysator.liu.se run-parts: /etc/cron.hourly/warn-invalid-from-lysator exited with return code 1 """ Signed-off-by:
aoh <aoh@lysator.liu.se>
- Dec 05, 2023
-
-
Joakim Tosteberg authored
-
Joakim Tosteberg authored
-
- Dec 04, 2023
-
-
Joakim Tosteberg authored
-
- Nov 11, 2023
-
-
Torbjörn Lönnemark authored
As of Debian 12 (bookworm) the debian archive keys are stored as .asc instead of as .gpg.
-
- Nov 07, 2023
-
-
Torbjörn Lönnemark authored
It has not been used in a long time, and the implementation required adding a directory in this repository for every new major OS release.
-
Torbjörn Lönnemark authored
In Debian 12, the cron resource type is not shipped with puppet by default, but is packed in the puppet-module-puppetlabs-cron-core package. To work with this Puppet setup, the global module directory has to be added to the module search path we pass to Puppet on the command line.
-
- Nov 06, 2023
-
-
Joakim Tosteberg authored
-
- Oct 11, 2023
-
-
Hugo Hörnquist authored
-
- Oct 09, 2023
-
-
Hugo Hörnquist authored
-
Hugo Hörnquist authored
Forwarding without local delivery is unexpected by everyone, and makes it harder to slowly migrate into using this mail. This will take some extra space on disk, but these users usually recieve such small volumes of mail that it shouldn't matter.
-