Dnia 13.09.2023 o godz. 12:54:39 DL Neil via Postfix-users pisze: > unknown[146.247.146.134]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 > 14-0-135-011.static.pccw-hkt.com[14.0.135.11]: SASL LOGIN > authentication failed: UGFzc3dvcmQ6 > ... > > What is the setting to get rid of these dozens of false-attempts > from diverse IPaddresses, please?
Is this on port 25 or on submission? If on port 25, thn remove authentication from that port, it's not needed there. This greatly reduces the amount of password-guessing attacks. For submission ports, you may restrict access only to IP addresses your mail clients are connecting from. Unless you are Google or Microsoft ;), you probably don't have clients connecting from the whole world. Myself I'm using a solution that checks, for submission ports, if IMAP session is already active from that IP address (all normal mail clients open IMAP session and get mail first before trying to send anything) - if not, the connection is immediately rejected without even allowing the client to try AUTH. -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
