On 23 April 2012 22:28, snowie <snowie_1...@126.com> wrote: > Hello Postfix-users, > > Just curious. I got these continuous attempt to connect to email server > by my spam appliance. > Any advice ? > > Thank you and best regards. > > Snowie > > Apr 24 10:19:15 email postfix/smtpd[2232]: connect from > firewall.abc.com[192.168.0.1] > Apr 24 10:19:16 email postfix/smtpd[2159]: connect from > firewall.abc.com[192.168.0.1] > Apr 24 10:19:18 email postfix/smtpd[2141]: warning: > firewall.abc.com[192.168.0.1]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 > Apr 24 10:19:18 email postfix/smtpd[2232]: warning: > firewall.abc.com[192.168.0.1]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Happens all the time over here. By that, I mean a couple of times a week. Seems some spammers are desperate enough to try SMTP AUTH. Which can work, if you have a weak password and a known account (think postmas...@example.com/Password123 or sno...@example.net/Admin12345; etc). Time to make sure your password policy is up to date and enforced. Personally, I favour length over complexity, but you'll find different opinions on here as you will everywhere. And to be sure, complexity helps when you have physical access to the system, but length will help if you're relying on an internet protocol to make your attempts (inmho, ymmv). Simon
