Tive o mesmo problema e o fail2ban resolveu o problema. E aumentei as "THREADS" do autenticador, que no caso era o dovecot.
Em 8 de abril de 2011 16:54, Julio Cesar Covolato <ju...@psi.com.br> escreveu: > Instale o fail2ban e ative o sasl para no máximo 2 erros de login/senha, e > tempo de unban pra mais de 24h. > > ----------------------------- > _ Julio Cesar Covolato > 0v0<ju...@psi.com.br> > /(_)\ F: 55-11-3129-3366 > ^ ^ PSI INTERNET > ----------------------------- > > > Em 08/04/2011 16:01, Alexandre Balistrieri escreveu: >> >> Olá a todos, >> >> Acabo de me inscrever na lista. Fiz parte da lista principal do postfix >> durante >> muito tempo e recentemente cancelei a inscrição, por participar muito >> pouco. >> >> Mas agora me vejo com um problema - novo pra mim - que vendo por alguns >> ângulos tem me parecido uma negação de serviço. >> >> Uso Linux Opensuse-10.2+Postfix2.3.2+cyrus-saslauthd-2.1.22 >> >> Meu host parece que vem sendo entupido de conexões externas vindas de >> milhares >> de IPs gerando warnings "SASL LOGIN authentication failed: authentication >> failure" e "verification failed: Name or service not known". Por conta >> disso, >> meus envios locais quase não estão acontecendo. >> >> Tenho pouco mais de uma centena de usuários dependendo desse host pra >> outgoing. Nos usuários mais urjentes tenho cadastrado um outgoing >> alternativo >> sem autenticação pra resolver o problema temporariamente enquanto tento >> descobrir uma forma de filtrar essas conexões ou descobrir por que elas >> acontecem. >> >> Alguém já passou por isso? >> >> Segue uma parte do meu maillog apenas com os warnings: >> >> guarani:/tmp # tail -f /var/log/warn >> Apr 8 16:01:03 guarani postfix/smtpd[19770]: warning: >> unknown[190.147.147.55]: >> SASL LOGIN authentication failed: authentication failure >> Apr 8 16:01:04 guarani postfix/smtpd[19509]: warning: >> unknown[200.230.51.66]: >> SASL LOGIN authentication failed: authentication failure >> Apr 8 16:01:04 guarani postfix/smtpd[19811]: warning: >> 221-155.126-70.tampabay.res.rr.com[70.126.155.221]: SASL LOGIN >> authentication >> failed: authentication failure >> Apr 8 16:01:04 guarani postfix/smtpd[19695]: warning: >> 246-46-235-201.fibertel.com.ar[201.235.46.246]: SASL LOGIN authentication >> failed: authentication failure >> Apr 8 16:01:04 guarani postfix/smtpd[19560]: warning: dsl- >> emcali-190.1.244.121.emcali.net.co[190.1.244.121]: SASL LOGIN >> authentication >> failed: authentication failure >> Apr 8 16:01:04 guarani postfix/smtpd[19585]: warning: >> 161.Red-79-157-224.dynamicIP.rima-tde.net[79.157.224.161]: SASL LOGIN >> authentication failed: authentication failure >> Apr 8 16:01:06 guarani postfix/smtpd[19542]: warning: 187.113.231.218: >> hostname 187.113.231.218.static.host.gvt.net.br verification failed: Name >> or >> service not known >> Apr 8 16:01:06 guarani postfix/smtpd[19542]: warning: >> unknown[187.113.231.218]: SASL LOGIN authentication failed: authentication >> failure >> Apr 8 16:01:06 guarani postfix/smtpd[19730]: warning: 189.107.70.37: >> hostname >> 189107070037.user.veloxzone.com.br verification failed: Name or service >> not >> known >> Apr 8 16:01:06 guarani postfix/smtpd[19876]: warning: >> 189-72-80-182.bnut3700.dsl.brasiltelecom.net.br[189.72.80.182]: SASL LOGIN >> authentication failed: authentication failure >> Apr 8 16:01:07 guarani postfix/smtpd[19546]: warning: >> unknown[187.54.193.66]: >> SASL LOGIN authentication failed: authentication failure >> Apr 8 16:01:07 guarani postfix/smtpd[19552]: warning: 187.37.166.245: >> hostname >> bb25a6f5.virtua.com.br verification failed: Name or service not known >> Apr 8 16:01:07 guarani postfix/smtpd[19552]: warning: >> unknown[187.37.166.245]: >> SASL LOGIN authentication failed: authentication failure >> Apr 8 16:01:07 guarani postfix/smtpd[19855]: warning: >> unknown[190.96.200.96]: >> SASL LOGIN authentication failed: authentication failure >> Apr 8 16:01:08 guarani postfix/smtpd[19759]: warning: >> unknown[207.6.61.2]: >> SASL LOGIN authentication failed: authentication failure >> Apr 8 16:01:09 guarani postfix/smtpd[19788]: warning: >> unknown[201.47.62.70]: >> SASL LOGIN authentication failed: authentication failure >> Apr 8 16:01:09 guarani postfix/smtpd[19666]: warning: >> 2.54.80.200.host.ifxnw.com.ar[200.80.54.2]: SASL LOGIN authentication >> failed: >> authentication failure >> Apr 8 16:01:10 guarani postfix/smtpd[19504]: warning: >> 201-27-98-60.dsl.telesp.net.br[201.27.98.60]: SASL LOGIN authentication >> failed: authentication failure >> Apr 8 16:01:11 guarani postfix/smtpd[19779]: warning: >> unknown[186.22.212.114]: >> SASL LOGIN authentication failed: authentication failure >> Apr 8 16:01:11 guarani postfix/smtpd[19794]: warning: >> unknown[187.106.238.185]: SASL LOGIN authentication failed: authentication >> failure >> Apr 8 16:01:13 guarani postfix/smtpd[19878]: warning: 189.7.36.151: >> hostname >> bd072497.virtua.com.br verification failed: Name or service not known >> Apr 8 16:01:14 guarani postfix/smtpd[19878]: warning: >> unknown[189.7.36.151]: >> SASL LOGIN authentication failed: authentication failure >> Apr 8 16:01:15 guarani postfix/smtpd[19848]: warning: 189.73.11.174: >> hostname >> 189-73-11-174.dsl.ctaje701.brasiltelecom.net.br verification failed: Name >> or >> service not known >> Apr 8 16:01:15 guarani postfix/smtpd[19848]: warning: >> unknown[189.73.11.174]: >> SASL LOGIN authentication failed: authentication failure >> Apr 8 16:01:15 guarani postfix/smtpd[19590]: warning: 177.17.77.63: >> hostname >> 177.17.77.63.static.host.gvt.net.br verification failed: Name or service >> not >> known >> Apr 8 16:01:16 guarani postfix/smtpd[19590]: warning: >> unknown[177.17.77.63]: >> SASL LOGIN authentication failed: authentication failure >> Apr 8 16:01:17 guarani postfix/smtpd[19726]: warning: >> unknown[187.112.144.243]: SASL LOGIN authentication failed: authentication >> failure >> Apr 8 16:01:17 guarani postfix/smtpd[19672]: warning: >> 189.26.201.62.dynamic.adsl.gvt.net.br[189.26.201.62]: SASL LOGIN >> authentication failed: authentication failure >> Apr 8 16:01:17 guarani postfix/smtpd[19581]: warning: >> unknown[200.81.216.184]: >> SASL LOGIN authentication failed: authentication failure >> Apr 8 16:01:17 guarani postfix/smtpd[19895]: warning: >> unknown[189.4.135.17]: >> SASL LOGIN authentication failed: authentication failure >> Apr 8 16:01:18 guarani postfix/smtpd[19776]: warning: 187.55.52.58: >> hostname >> 187-55-52-58.bnut3300.e.brasiltelecom.net.br verification failed: Name or >> service not known >> Apr 8 16:01:18 guarani postfix/smtpd[19612]: warning: >> unknown[187.9.57.67]: >> SASL LOGIN authentication failed: authentication failure >> Apr 8 16:01:18 guarani postfix/smtpd[19792]: warning: >> 200-203-39-136.paemt706.dsl.brasiltelecom.net.br[200.203.39.136]: SASL >> LOGIN >> authentication failed: authentication failure >> Apr 8 16:01:19 guarani postfix/smtpd[19776]: warning: >> unknown[187.55.52.58]: >> SASL LOGIN authentication failed: authentication failure >> Apr 8 16:01:19 guarani postfix/smtpd[19699]: warning: >> unknown[189.83.136.162]: >> SASL LOGIN authentication failed: authentication failure >> Apr 8 16:01:19 guarani postfix/smtpd[19576]: warning: >> 200-207-36-208.dsl.telesp.net.br[200.207.36.208]: SASL LOGIN >> authentication >> failed: authentication failure >> Apr 8 16:01:20 guarani postfix/smtpd[19723]: warning: >> pppclient-200165141161.redeveloz.com.br[200.165.141.161]: SASL LOGIN >> authentication failed: authentication failure >> Apr 8 16:01:20 guarani postfix/smtpd[19790]: warning: >> 189.26.110.151.dynamic.adsl.gvt.net.br[189.26.110.151]: SASL LOGIN >> authentication failed: authentication failure >> Apr 8 16:01:21 guarani postfix/smtpd[19621]: warning: 189.106.102.149: >> hostname 189106102149.user.veloxzone.com.br verification failed: Name or >> service not known >> Apr 8 16:01:22 guarani postfix/smtpd[19621]: warning: >> unknown[189.106.102.149]: SASL LOGIN authentication failed: authentication >> failure >> Apr 8 16:01:22 guarani postfix/smtpd[19532]: warning: >> unknown[190.29.172.153]: >> SASL LOGIN authentication failed: authentication failure >> Apr 8 16:01:22 guarani postfix/smtpd[19758]: warning: >> unknown[200.135.64.62]: >> SASL LOGIN authentication failed: authentication failure >> Apr 8 16:01:23 guarani postfix/smtpd[19772]: warning: >> unknown[187.76.11.162]: >> SASL LOGIN authentication failed: authentication failure >> Apr 8 16:01:24 guarani postfix/smtpd[19572]: warning: >> 201-25-68-2.gnace701.dsl.brasiltelecom.net.br[201.25.68.2]: SASL LOGIN >> authentication failed: authentication failure >> Apr 8 16:01:24 guarani postfix/smtpd[19868]: warning: 190.29.31.244: >> hostname >> static-adsl190-29-31-244.une.net.co verification failed: Name or service >> not >> known >> Apr 8 16:01:25 guarani postfix/smtpd[19868]: warning: >> unknown[190.29.31.244]: >> SASL LOGIN authentication failed: authentication failure >> Apr 8 16:01:27 guarani postfix/smtpd[19533]: warning: >> ns01.execplan.com.br[201.7.115.90]: SASL LOGIN authentication failed: >> authentication failure >> Apr 8 16:01:28 guarani postfix/smtpd[19861]: warning: 189-041-31-106.xd- >> dynamic.ctbcnetsuper.com.br[189.41.31.106]: SASL LOGIN authentication >> failed: >> authentication failure >> > _______________________________________________ > Postfix-BR mailing list > Postfix-BR@listas.softwarelivre.org > http://listas.softwarelivre.org/mailman/listinfo/postfix-br > _______________________________________________ Postfix-BR mailing list Postfix-BR@listas.softwarelivre.org http://listas.softwarelivre.org/mailman/listinfo/postfix-br
