On 25/12/2021 17:55, Wietse Venema wrote:
Use fail2ban etc. to lock out bad clients, whether they fail SASL requirements, rate limit requirements, or other requirements.
I used to do it with fail2ban for a while and still use it in some cases but I wanted something in-house more permanent and more efficient with better and larger IP handling capabilities so I switched to a local RBL with delay rejects off (even though I wanted the extra info when on) to reject everything as early and fast and accurate as possible.
