Dnia 24.07.2023 o godz. 19:35:28 Sebastian Nielsen via mailop pisze: > Also on the topic on mail server hacking, I would suggest to add > IP-restriction on your mail accounts. [...]
I'll add here another idea that I have implemented on my server. I don't know how easy would be to do this with Exim (as I don't know Exim), but it was pretty easy to do with Postfix. From my experience, all actual email clients first establish an IMAP connection, and then - keeping the IMAP connection active - try to send mail on submission ports. And there is a lot less password-guessing attacks on IMAP services than on submission services (that's my experience, of course YMMV). So, before allowing access to submission service, Postfix consults IMAP server (Dovecot in this case) to check if there is actually a currently existing authenticated IMAP session from that IP address. Only if such a session exists, connection is allowed and the client may proceed to authentication attempt. Otherwise, the connection is immediately rejected. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
