On 09 Jul 2016, at 19:34, Robert Schetterer <r...@sys4.de> wrote: Am 09.07.2016 um 17:07 schrieb Lefteris Tsintjelis: > Is this a good postfix way to stall attackers (besides log parsing and > fire walling)? Bots are increasing dramatically these days > > smtpd_soft_error_limit = 1 > smtpd_hard_error_limit = 1 > smtpd_error_sleep_time = 16s (or even more)
as i had that over years ... firewalling ist the best solution something like https://sys4.de/de/blog/2012/12/28/botnets-mit-rsyslog-und-iptables-recent-modul-abwehren/ https://sys4.de/de/blog/2014/03/27/fighting-smtp-auth-brute-force-attacks/ https://sys4.de/de/blog/2015/11/07/abwehr-des-botnets-pushdo-cutwail-ehlo-ylmf-pc-mit-iptables-string-recent-smtp/ additional fail2ban, but log parse was to slow at my side and for sure use postscreen if they love you , dont expect any better time with whatever solution you use, but if youre in luck its only a wave ——— They don’t just love me, they adore me but I think this is everywhere now days. I am trying to avoid firewalls but there doesn’t seem to be any other way anymore. Thank you for the links and hints