>All of these entries are using the LOGIN mech. Unless you have an >extremely old outlook express MUA (or similar) you xan and should be >using the PLAIN mech. You can eliminate all of the above attacks by >removing LOGIN from the list of mechs you accept.
Peter: I too see a lot of these so I went to try your solution. I edited /etc/sasl2/smtpd.conf It now contains: pwcheck_method: saslauthd #mech_list: plain login mech_list: plain Restarted postfix and dovecot. But now I notice I have both LOGIN and PLAIN failures, the change I made didn't have any effect that I can see. May 22 18:40:18 tn2 postfix-submission/smtpd[6125]: warning: unknown[218.67.123.202]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 22 18:40:31 tn2 postfix-submission/smtpd[6063]: warning: unknown[60.212.0.13]: SASL PLAIN authentication failed: May 22 18:40:51 tn2 postfix-submission/smtpd[6126]: warning: unknown[41.207.248.204]: SASL PLAIN authentication failed: May 22 18:41:25 tn2 postfix-submission/smtpd[6125]: warning: unknown[109.195.69.156]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 May 22 18:41:41 tn2 postfix-submission/smtpd[6063]: warning: unknown[175.196.165.155]: SASL LOGIN authentication failed: Is there some place else I need to adjust that mechs I accept? Something else I need to restart? Thanks, Scott _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
