Summary question: is there a way to immediately ban IP's that try SMTP auth on a specific port, but not on other ports? Allow SMTP auth on listenPort2, but immediately ban any IP that *fails* SMTP auth on port 25?
We're seeing a lot of smtp auth failures from 163 dot com from many many many China Mobile ip addresses over the last couple of days. They try only 1 or 2 auths only, so not really high enough to block the IP. Almost non of our users use SMTP authentication through ASSP, and those who do all use the alternate port. (listenPort2). I have 25 listed in NoAUTHlistPorts. For the time being, I decreased MaxAUTHErrors to 1, but that means that if one of the legit users that we have sets up a new device and enters a wrong password even just once, they're banned for a bit.... Thoughts? Thanks
_______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test
