golinux | Here's the new release page https://beta.devuan.org/os/releases if anyone is interested. Thanks to mason for his excellent input. | 04:15 |
---|---|---|
Jjp137 | the link on the bottom that says "source list information" leads to a 404 | 04:20 |
plasma41 | Jjp137: I see what the problem is. /os/ in the url is repeated when it shouldn't be. | 04:25 |
plasma41 | golinux: ^^^ | 04:26 |
golinux | Thanks. I'll go fix that now. | 04:56 |
golinux | Thanks for catching it. | 04:57 |
golinux | Fixed | 05:02 |
golinux | Here's the new Free Software page for review https://beta.devuan.org/os/free-software | 08:01 |
onefang | jaromil: my mirror has been getting a botnet attacking my IMAP server for some time as well. I wonder if any more of us are getting that? | 14:39 |
mason | onefang: I run an aggressive fail2ban here. I'd recommend it. | 14:40 |
onefang | Alas after I updated to ASCII, fail2ban failed to ban. It used to work fine. Now I manually copy IPs into shorewall. | 14:41 |
mason | onefang: Ah, it's the Debian package. Debian ships a bug. | 14:41 |
onefang | I should go upstream, or a PPA somewhere? | 14:42 |
mason | onefang: Ubuntu fixes it. Half a sec and I'll find the bug. It's an easy config fix. | 14:42 |
mason | Nah, one-line config fix. | 14:42 |
onefang | Cool. | 14:42 |
mason | I just need to find it. Half a sec. | 14:42 |
mason | onefang: IIRC, it's this: https://github.com/fail2ban/fail2ban/pull/1812/files | 14:45 |
jaromil | onefang: ACK | 14:45 |
jaromil | mason: we have fail2ban as well, perhaps not aggressive enough | 14:46 |
mason | jaromil: I pushed it to "block after a single fail" which is likely more aggressive than most folks would want. | 14:46 |
jaromil | yes that would cause us some problems | 14:46 |
jaromil | golinux: sorry for not letting you know earlier. is a hell of a week | 14:47 |
onefang | There's only one user of my IMAP server, me, and I use fetchmail to access it. Block after single fail will work fine for me. | 14:47 |
mason | jaromil, onefang: It's also possible to do user certs for IMAP. E.g. https://blog.mortis.eu/blog/2017/06/dovecot-and-postfix-with-client-cert-auth.html | 14:47 |
onefang | I wonder if Courier can do that? | 14:47 |
mason | onefang: If it's just you, knockd might also be an answer. | 14:47 |
mason | Hm, don't know. I used to use Courier but I switched over some years ago. | 14:48 |
onefang | I use courier coz it does the lot. | 14:48 |
mason | jaromil: FWIW, I'm receiving devuan-dev email again today, so at least SpamCop has cleared Dyne. | 14:48 |
jaromil | yes only spamhaus is left, until tomorrow, that I know of | 14:52 |
mason | jaromil: Hm, I use zen.spamhaus.org, and they're letting you through. | 14:52 |
jaromil | ok then is some other, can't check now, but is quite terrible as is preventing me to confirm attendance to an academic award gala dinner in hannover, damn. I hope this thing won't cost me a dinner!! | 14:54 |
mason | I had to go through remediation once and it was incredibly tedious. | 14:54 |
mason | I think SORBS still lists me, but that's more a badge of honor than an impediment. | 14:55 |
jaromil | it wasn't too hard once I had a dossier of the incident ready to send | 14:56 |
mason | The tedious part was realizing how many different RBLs exist. :) | 14:57 |
mason | I had no idea before that. | 14:58 |
xinomilo | mail.dyne.org seems clean in all blacklists | 14:58 |
onefang | OK, now I await some random spammer to fall into my web. Muahahaha! | 14:59 |
mason | hah | 15:00 |
xinomilo | world's biggest spammers are eternally whitelisted.. (gmail,yahoo,hotmail/live) | 15:03 |
Generated by irclog2html.py 2.17.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!