>I run a James mail server (james-server-spring-app-3.8.0). The log file shows >that the server is constantly being attacked. This is normal, the server is on >the Internet.
My experience is that there is a sharp increase on attacks on small mail servers since maybe April. This is not a James issue - I run exim/dovecot in production setup. I'd strongly suggest looking at fail2ban and this may give a pointer:- https://dmatthews.org/webmail.html#fail2ban Fortunately for me fail2ban's regex for exim is ok as is; writing regex is one of my least favourite tasks. Using James, you'll have some work to do there. As an aside, it seems more or less concurrent to this large increase in attacks, free email providers are all tying to get a phone number from you. Gmail, not so forcefully, but another foreign provider (I have these legacy accounts for testing purposes) told me there had been a hacked entry into my account and to do a password reset I now have to supply a phone number. For sure they are lying and there is no way they'll get a phone number from me :-) Online attack on anonymity? -- David Matthews m...@dmatthews.org --------------------------------------------------------------------- To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org For additional commands, e-mail: server-user-h...@james.apache.org