This is a general security/ports question.
Is there a way to allow incoming SMTP mail traffic but block attempts
to use SMTP AUTH (obviously as a way to probe or brute force
logins)? Are these separate ports or the same? (i.e. if I block
port 25, do I stop dovecot login attempts but also block any inbound
mail? Or are there separate ports in place?)
I'm wondering if it is possible to allow, for example, mail to
originate from a foreign IP space, but not allow that same IP space
to attempt to login via smtp auth to check for user
accounts. Obviously, I can block imap and pop3 ports, but it looks
like there are some additional ports, like 25 that may serve dual
purpose? Allowing incoming mail, but also allowing login
attempts? Is there a way to allow one and block the other?
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
