Robert Schetterer wrote:
Am 03.03.2013 13:52, schrieb Miles Fidelman:
Folks,
Thanks for your replies re. sasl authentication. In thinking about
things, and looking at all the attacks on our mailer (repeated attempts
to authenticate and send email), it occurs to me:
Does the postfix smtpd provide any mechanisms for locking out
IP/username combinations that repeatedly fail authentication - in the
same way that human login can get locked out after n failed
authentication attempts? Seems like this might be a good countermeasure
for brute force password guessing attacks against smtpd.
Thanks,
Miles Fidelman
you may use fail2ban with postfix sasl rules against brute force
thanks!
--
In theory, there is no difference between theory and practice.
In practice, there is. .... Yogi Berra
