35325.GW11377@???>
Sender: Paul Tansom <paul@???>
Envelope_from: Paul Tansom <paul@???>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Virus-Scanner: Scanned by ClamAV on mail.bitfolk.com at Tue,
25 Sep 2012 16:16:06 +0000
X-SA-Exim-Connect-IP: 78.33.48.15
X-SA-Exim-Mail-From: paul@???
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
spamd3.lon.bitfolk.com
X-Spam-Level:
X-Spam-ASN: AS8468 78.32.0.0/15
X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE
shortcircuit=no autolearn=disabled version=3.3.1
X-Spam-Report: * -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at
http://www.dnswl.org/, no * trust
* [78.33.48.15 listed in list.dnswl.org]
X-SA-Exim-Version: 4.2.1 (built Mon, 22 Mar 2010 06:51:10 +0000)
X-SA-Exim-Scanned: Yes (on mail.bitfolk.com)
Subject: Re: [bitfolk] Ubuntu 12.04 LTS Server Upgrade
X-BeenThere: users@???
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: Users of BitFolk hosting <users.lists.bitfolk.com>
List-Unsubscribe: <https://lists.bitfolk.com/mailman/options/users>,
<mailto:users-request@lists.bitfolk.com?subject=unsubscribe>
List-Archive: <http://lists.bitfolk.com/lurker/list/users.html>
List-Post: <mailto:users@lists.bitfolk.com>
List-Help: <mailto:users-request@lists.bitfolk.com?subject=help>
List-Subscribe: <https://lists.bitfolk.com/mailman/listinfo/users>,
<mailto:users-request@lists.bitfolk.com?subject=subscribe>
X-List-Received-Date: Tue, 25 Sep 2012 16:16:07 -0000
** Andy Smith <andy@???> [2012-09-25 14:53]:
> On Tue, Sep 25, 2012 at 02:48:34PM +0100, Murray Crane wrote:
> > *TL;DR*: YMMV, but upgrading worked/is working great for me
>
> Thanks for the report.
>
> If anyone is nervous about an upgrade, remember that we will be happy
> to give you a new VPS free for 2 weeks for you to migrate to:
>
> https://tools.bitfolk.com/wiki/Migrating_to_a_new_VPS
** end quote [Andy Smith]
I'm looking forward to being organised enough to take advantage of that, just
need to get my local servers sorted first - having fun with the new Dovecot 2
at the moment, it is nice (particularly the new doveadm command), but my
authentication isn't working (so the ability of doveadm to confirm that the
password I'm logging in with is valid is very nice).
--
Paul Tansom | Aptanet Ltd. |
http://www.aptanet.com/ | 023 9238 0001
Registered in England | Company No: 4905028 | Registered Office:
Crawford House, Hambledon Road, Denmead, Waterlooville, Hants, PO7 6NU
From andy@??? Tue Sep 25 22:27:17 2012
Received: from andy by mail.bitfolk.com with local (Exim 4.72)
(envelope-from <andy@???>) id 1TGdb3-0001DA-2U
for users@???; Tue, 25 Sep 2012 22:27:17 +0000
Date: Tue, 25 Sep 2012 22:27:17 +0000
From: Andy Smith <andy@???>
To: users@???
Message-ID: <20120925222716.GU3867@???>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-ripemd160;
protocol="application/pgp-signature"; boundary="uBpV+QEB5Nvvr5jc"
Content-Disposition: inline
OpenPGP: id=BF15490B; url=http://strugglers.net/~andy/pubkey.asc
X-URL: http://strugglers.net/wiki/User:Andy
User-Agent: Mutt/1.5.20 (2009-06-14)
X-Virus-Scanner: Scanned by ClamAV on mail.bitfolk.com at Tue,
25 Sep 2012 22:27:17 +0000
X-SA-Exim-Connect-IP: <locally generated>
X-SA-Exim-Mail-From: andy@???
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
spamd1.lon.bitfolk.com
X-Spam-Level:
X-Spam-ASN:
X-Spam-Status: No, score=-0.0 required=5.0 tests=NO_RELAYS shortcircuit=no
autolearn=disabled version=3.3.1
X-Spam-Report: * -0.0 NO_RELAYS Informational: message was not relayed via SMTP
X-SA-Exim-Version: 4.2.1 (built Mon, 22 Mar 2010 06:51:10 +0000)
X-SA-Exim-Scanned: Yes (on mail.bitfolk.com)
Subject: [bitfolk] Please make sure your SMTP AUTH is secure
X-BeenThere: users@???
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: Users of BitFolk hosting <users.lists.bitfolk.com>
List-Unsubscribe: <https://lists.bitfolk.com/mailman/options/users>,
<mailto:users-request@lists.bitfolk.com?subject=unsubscribe>
List-Archive: <http://lists.bitfolk.com/lurker/list/users.html>
List-Post: <mailto:users@lists.bitfolk.com>
List-Help: <mailto:users-request@lists.bitfolk.com?subject=help>
List-Subscribe: <https://lists.bitfolk.com/mailman/listinfo/users>,
<mailto:users-request@lists.bitfolk.com?subject=subscribe>
X-List-Received-Date: Tue, 25 Sep 2012 22:27:17 -0000
--uBpV+QEB5Nvvr5jc
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hello,
Today a customer's SMTP AUTH was brute-forced and as a result their
VPS was turned into a spam relay.
So, if you use SMTP AUTH to allow your users to relay through you,
please do be aware that this is being scanned for and dictionary
attacked just like SSH is, and consider what countermeasures you
will take to avoid that happening to you.
A fail2ban/denyhosts-style solution to lock out IPs with many
failures may be necessary if you can't trust your users to pick
decent passwords.
Cheers,
Andy
--=20
http://bitfolk.com/ -- No-nonsense VPS hosting
--uBpV+QEB5Nvvr5jc
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEAREDAAYFAlBiL8QACgkQIJm2TL8VSQuLfQCg+qZO12y+yf7ROZF1h3uvQ/Pp
oPAAn0evjFrpjC3N5dj47OyvZ9/1GMN7
=p2S4
-----END PGP SIGNATURE-----
--uBpV+QEB5Nvvr5jc--
From announce-bounces+users=lists.bitfolk.com@??? Thu Oct 04 04:04:20 2012
Received: from localhost ([127.0.0.1] helo=bitfolk.com)
by mail.bitfolk.com with esmtp (Exim 4.72) (envelope-from
<announce-bounces+users=lists.bitfolk.com@???>)
id 1TJcfc-0005Js-2q
for users@???; Thu, 04 Oct 2012 04:04:20 +0000
Received: from andy by mail.bitfolk.com with local (Exim 4.72)
(envelope-from <andy@???>) id 1TJcfT-0005Ik-6F
for announce@???; Thu, 04 Oct 2012 04:04:11 +0000
Date: Thu, 4 Oct 2012 04:04:10 +0000
From: Andy Smith <andy@???>
To: announce@???
Message-ID: <20121004040410.GM11377@???>
MIME-Version: 1.0
OpenPGP: id=BF15490B; url=http://strugglers.net/~andy/pubkey.asc
X-URL: h
