On Sun, 9 Feb 2025 14:01:21 -0500 Tug Williams <tug [ dot ] williams [ at ] gmail [ dot ] com> wrote: > __blocking annoying ip address__ > A few days ago postfix started getting a connection from a single IP > address, about 3x per minute. All failing. This is part of the background noise of the Internet. I don't even bother checking my logs for this sort of thing any more unless I notice a load problem on my MX host. > What is the point of flooding my server like this? I haven't enabled > AUTH from outside the server. Do they think I will make the error go > away by granting them access? They're probably scripts that dumbly keep trying, > Is this someone sticking a metaphorical fish behind a metaphorical > radiator, so the ip address becomes useless for the next user? The IP address might already be compromised by the attacker. [...] > __disable VRFY__ > By default my Gentoo setup enabled VRFY (allowing client to verify if > an email address exists). I disabled it. Why would I leave this > enabled? In what way does it benefit me? There's no benefit and no real-world SMTP client I'm aware of uses VRFY anyway. > __sendEmail__ > I installed sendEmail > (http://caspian.dotconf.net/menu/Software/SendEmail/), as I found > netcatting directly to port 25 from bash didn't work. SendEmail > works, and makes my bash script look more like a script. There seem > to be multiple tools like this. Preferences? Why wouldn't you just use /sbin/sendmail (or perhaps /usr/sbin/sendmail) which is Postfix's message submission agent? That way, if for some reason Postfix isn't listening on port 25, your email gets queued anyway. Regards, Dianne. To unsubscribe send a blank message to linux+unsubscribe [ at ] linux-ottawa [ dot ] org To get help send a blank message to linux+help [ at ] linux-ottawa [ dot ] org To visit the archives: https://lists.linux-ottawa.org