Hi
Probably fail2ban resolve your problem about brute-force auth
W dniu 25.04.2022 o 09:07, Laura Smith pisze:
------- Original Message -------
On Monday, April 25th, 2022 at 05:26, ミユナ <al...@coakmail.com> wrote:
do you know how to stop passwords from being brute-forced for a
mailserver? do you have any practical guide?
Simple. You've got two options:
a) Use strong passwords (and if you run an automated password changing system,
enforce strong passwords)
b) Use client-certificate authentication
Stuff like fail2ban is for the lazy. You should be focusing on solving the
underlying cause of the problem, i.e. using one of the two options above.
The problem with stuff like fail2ban is that you are basically playing
whack-a-mole. IP address blocking simply does not work 2022, attackers have
too many options (i.e. they can hop between cloud providers, they can use IPv6
to give them massive ranges to play with etc. etc.).
--
