On 2021-07-30 16:49, Hadmut Danisch wrote:
(We are considering to limit smtp auth to the submission port 587 and have a blacklist for that in the firewall, but maintaining such a blacklist still requires to understand, who is attacking and how.)
i did the reverse, whitelist trusted asn numbers where i have custommers, this list is smaller then the blacklist would have being, no more problem for me, hopefully bot admins learn a thing with it
after i got this stable i disabled loging in iptables for abuse users, no more data is needed, and complains is still welcommed from port 25 to me
dovecot support weakforced policy to solve it with bigger sites then what i have resources for
https://github.com/PowerDNS/weakforced i have giving up with fail2ban