On Mon 07/Apr/2014 16:01:44 +0200 li...@rhsoft.net wrote: > Am 07.04.2014 15:42, schrieb Richard Laysell: >> Apr 7 12:52:42 polyphemus postfix/smtpd[1519]: lost connection after >> AUTH from unknown[78.188.45.153] >> Apr 7 12:52:42 polyphemus postfix/smtpd[25494]: lost connection after >> AUTH from unknown[78.188.45.153] >> Apr 7 12:52:42 polyphemus postfix/smtpd[8085]: lost connection after >> >> Should I just ignore this, or is there a way of preventing/ameliorating >> this abuse in Postfix? My system seems to cope with it OK, but it >> does rather annoy me > > you can't prevent that somebody connects to your server and > the closes the connection - since the other side can't achieve > anything there is no abuse
The guy is most probably running a badly coded password cracker, so a notification to the Turkish abuse desk wouldn't hurt. I don't know a good way to automate that, though. Ale
