Is anybody using f2b to stop hosts doing stuff like this?
Mar 24 21:02:18 host postfix/smtps/smtpd[32910]: connect from
unknown[45.133.99.3]
Mar 24 21:02:19 host postfix/smtps/smtpd[32910]: lost connection
after UNKNOWN from unknown[45.133.99.3]
Mar 24 21:02:19 host postfix/smtps/smtpd[32910]: disconnect from
unknown[45.133.99.3]
If so, does anybody have a rule or info on how I can modify the
existing postfix rule to also block these guys after x attempts?
I have my mail server set up to not accept mail from hosts that
aren't reverse mapped anyway, but I don't know what's going on here..
probably some type of system probe, but it's not being triggered via
the normal postfix ruleset.
_______________________________________________
Fail2ban-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
