My suggestion is instead extending the logic to prevent bruteforce instead.
For example:
If you run a webhosting company, use geoIP to disable logins to accounts
that do not originate from the same country as their payment method.
Since this rule are set up account-wise, you can still easily tar
Hi,
Quoting myself
The very thing I added to allow forwarding without breaking SPF /
DMARC appends the From field to the primary domain regardless of the
domain the message comes from. I've withdrawn postsrsd for now while I
look into a possibility of work around or something to replace
Hi Ram,
You are in the right track. Just add some additional logic to your
banning code so it also detects and tracks correct logins.
With this information you can easily avoid blocking legitimate IPs (with
correct logins) that are just failing to authenticate because old
and/or half configured
I am seeing a surge in the number of password attempts both at my
postfix smtp servers as well as imap servers
These attacks seem to be targetted since the attempts are made at
correct userids
At one instance I have seen mails being sent impersonating a valid
sender asking for money to be tran
