I am seeing a surge in the number of password attempts both at my
postfix smtp servers as well as imap servers
These attacks seem to be targetted since the attempts are made at
correct userids
At one instance I have seen mails being sent impersonating a valid
sender asking for money to be tran
Hi Ram,
You are in the right track. Just add some additional logic to your
banning code so it also detects and tracks correct logins.
With this information you can easily avoid blocking legitimate IPs (with
correct logins) that are just failing to authenticate because old
and/or half configured
, 2015 8:55 PM
To: Postfix users
Subject: keeping off brute force password attempts
I am seeing a surge in the number of password attempts both at my
postfix smtp servers as well as imap servers
These attacks seem to be targetted since the attempts are made at
correct userids
At one instance I have
On Sun, 13 Sep 2015 00:25:42 +0530
Ram wrote:
> I am seeing a surge in the number of password attempts both at my
> postfix smtp servers as well as imap servers
> These attacks seem to be targetted since the attempts are made at
> correct userids
I am using sshguard. It doesn't support Postfix
Niklaas Baudet von Gersdorff skrev den 2015-09-13 20:39:
Have a look here:
http://www.sshguard.net/
http://unix.stackexchange.com/questions/44483/protecting-postfix-from-bruteforce-attacks
http://www.djs.to/2013/10/1-postfix-sasl-support-for-sshguard/
fail2ban is imho only ipv4 :(
google aut
On Sun, 13 Sep 2015 21:35:56 +0200
Benny Pedersen wrote:
> fail2ban is imho only ipv4 :(
Ah, I didn't know that.
> google autofwd for replacement
>
> http://freecode.com/projects/autofwd
Thanks. This looks interesting.
--
Niklaas
