On 15/11/2019 12:33, Wietse Venema wrote: > Jeffrey 'jf' Lim: >>> Disabling auth does not stop them from trying; I scan my logs for the >>> string >>> "auth=0/1", and add the offending IP address to a blacklist - a >>> do-it-yourself >>> fail2ban. >>> >> >> It should. Unless they're the dumbest bots of all time, because you >> should have stopped advertising auth in your EHLO response after >> disabling. > > Some bots are stupid. My server does not announce AUTH, but that > does not stop them from trying. > > Wietse > Blacklisting miscreants (once you have spotted them) stops them from trying other probes/attacks. Allen C
- lots of connections that make no sense Fourhundred Thecat
- Re: lots of connections that make no sense Fourhundred Thecat
- Re: lots of connections that make no sense Viktor Dukhovni
- Re: lots of connections that make no sense Jeffrey 'jf' Lim
- Re: lots of connections that make no sense Fourhundred Thecat
- Re: lots of connections that make no s... Allen Coates
- Re: lots of connections that make... Dominic Raferd
- Re: lots of connections that make... Jeffrey 'jf' Lim
- Re: lots of connections that ... Wietse Venema
- Re: lots of connections t... Allen Coates
- Re: lots of connections that ... Bill Cole
- Re: lots of connections t... Jeffrey 'jf' Lim
- Re: lots of connections t... Bill Cole
- Re: lots of connections that make... @lbutlr
- Re: lots of connections that ... Allen Coates
- Re: lots of connections that make no sense Fourhundred Thecat
- Re: lots of connections that make no sense Dominic Raferd
- Re: lots of connections that make no sense Jaroslaw Rafa
- Re: lots of connections that make no sense Bill Cole
- Re: lots of connections that make no s... Jaroslaw Rafa
