Hi
I'm trying to use blacklistd with mail/postfix, but I can't find any documentation.
I have compiled mail/postfix with blacklistd support, but it's not working.
Do I need do change the config of postfix?
The same config is running on another server with ssh without any problems.
Postfix is running in a Jail.
/etc/rc.conf
/etc/blacklistd-sockets
/etc/blacklistd.conf
/etc/pf.conf
Last but not least my maillog:
I'm trying to use blacklistd with mail/postfix, but I can't find any documentation.
I have compiled mail/postfix with blacklistd support, but it's not working.
Do I need do change the config of postfix?
The same config is running on another server with ssh without any problems.
Postfix is running in a Jail.
/etc/rc.conf
Code:
blacklistd_enable="YES"
blacklistd_flags="-r -P /etc/blacklistd-sockets -r"
/etc/blacklistd-sockets
Code:
/var/run/blacklistd.sock
/usr/jails/mailjail/var/run/blacklistd.sock
/etc/blacklistd.conf
Code:
# $FreeBSD: releng/12.0/usr.sbin/blacklistd/blacklistd.conf 336977 2018-07-31 16:39:38Z brd $
#
# Blacklist rule
# adr/mask:port type proto owner name nfail disable
[local]
#ftp stream * * * 3 24h
smtp stream * * * 3 24h
submission stream * * * 3 24h
#6161 stream tcp6 christos * 2 10m
* * * * * 3 60
# adr/mask:port type proto owner name nfail disable
[remote]
#129.168.0.0/16 * * * = * *
#6161 = = = =/24 = =
#* stream tcp * = = =
/etc/pf.conf
Code:
anchor "blacklistd/*" in on $ext_if
blacklistctl dump -bw
Code:
address/ma:port id nfail last access
Last but not least my maillog:
Code:
[…]
Apr 6 17:49:14 mailjail postfix/smtpd[57307]: connect from unknown[45.xx.xx.xx]
Apr 6 17:49:14 mailjail postfix/smtpd[57307]: lost connection after AUTH from unknown[45.xx.xx.xx]
Apr 6 17:49:14 mailjail postfix/smtpd[57307]: disconnect from unknown[45.xx.xx.xx] ehlo=1 auth=0/1 commands=1/2
Apr 6 17:53:58 mailjail postfix/smtpd[69719]: connect from unknown[45.xx.xx.xx]
Apr 6 17:53:58 mailjail postfix/smtpd[69719]: lost connection after AUTH from unknown[45.xx.xx.xx]
Apr 6 17:53:58 mailjail postfix/smtpd[69719]: disconnect from unknown[45.xx.xx.xx] ehlo=1 auth=0/1 commands=1/2
Apr 6 17:58:45 mailjail postfix/smtpd[81330]: connect from unknown[45.xx.xx.xx]
Apr 6 17:58:45 mailjail postfix/smtpd[81330]: lost connection after AUTH from unknown[45.xx.xx.xx]
Apr 6 17:58:45 mailjail postfix/smtpd[81330]: disconnect from unknown[45.xx.xx.xx] ehlo=1 auth=0/1 commands=1/2
Apr 6 18:03:42 mailjail postfix/smtpd[1298]: connect from unknown[45.xx.xx.xx]
Apr 6 18:03:42 mailjail postfix/smtpd[1298]: lost connection after AUTH from unknown[45.xx.xx.xx]
Apr 6 18:03:42 mailjail postfix/smtpd[1298]: disconnect from unknown[45.xx.xx.xx] ehlo=1 auth=0/1 commands=1/2
Apr 6 18:08:34 mailjail postfix/smtpd[6736]: connect from unknown[45.xx.xx.xx]
Apr 6 18:08:34 mailjail postfix/smtpd[6736]: lost connection after AUTH from unknown[45.xx.xx.xx]
Apr 6 18:08:34 mailjail postfix/smtpd[6736]: disconnect from unknown[45.xx.xx.xx] ehlo=1 auth=0/1 commands=1/2
Apr 6 18:13:20 mailjail postfix/smtpd[23425]: connect from unknown[45.xx.xx.xx]
Apr 6 18:13:20 mailjail postfix/smtpd[23425]: lost connection after AUTH from unknown[45.xx.xx.xx]
Apr 6 18:13:20 mailjail postfix/smtpd[23425]: disconnect from unknown[45.xx.xx.xx] ehlo=1 auth=0/1 commands=1/2
Apr 6 18:18:05 mailjail postfix/smtpd[41477]: connect from unknown[45.xx.xx.xx]
Apr 6 18:18:05 mailjail postfix/smtpd[41477]: lost connection after AUTH from unknown[45.xx.xx.xx]
Apr 6 18:18:05 mailjail postfix/smtpd[41477]: disconnect from unknown[45.xx.xx.xx] ehlo=1 auth=0/1 commands=1/2
Apr 6 18:22:47 mailjail postfix/smtpd[56875]: connect from unknown[45.xx.xx.xx]
Apr 6 18:22:47 mailjail postfix/smtpd[56875]: lost connection after AUTH from unknown[45.xx.xx.xx]
Apr 6 18:22:47 mailjail postfix/smtpd[56875]: disconnect from unknown[45.xx.xx.xx] ehlo=1 auth=0/1 commands=1/2
Apr 6 18:27:29 mailjail postfix/smtpd[68218]: connect from unknown[45.xx.xx.xx]
Apr 6 18:27:29 mailjail postfix/smtpd[68218]: lost connection after AUTH from unknown[45.xx.xx.xx]
Apr 6 18:27:29 mailjail postfix/smtpd[68218]: disconnect from unknown[45.xx.xx.xx] ehlo=1 auth=0/1 commands=1/2
Apr 6 18:32:15 mailjail postfix/smtpd[73550]: connect from unknown[45.xx.xx.xx]
Apr 6 18:32:15 mailjail postfix/smtpd[73550]: lost connection after AUTH from unknown[45.xx.xx.xx]
Apr 6 18:32:15 mailjail postfix/smtpd[73550]: disconnect from unknown[45.xx.xx.xx] ehlo=1 auth=0/1 commands=1/2
[…]