mail's access database with a
REJECT instruction. The dictionary attacks weren't going anywhere anyway
because these relaying IP's were listed at spamhaus, but it irritated me
that they chewed up resources and bandwidth.
I'm going to keep an eye on it, though.
On Mon, May 3, 20
ns from
> the firewall.
>
> On 03/05/2021 01:57, Kenneth Porter wrote:
> >
> > --On Sunday, May 02, 2021 6:57 PM -0400 Clive Jacques
> > wrote:
> >
> >> fail2ban notices the failures and
> >> bans the offending IP in sendmail-reject and shortly the
yeah. I've been thinking that (Postfix) is probably the better solution.
But it still bugs me that fail2ban doesn't have a built-in ability to be
more aggressive about cutting TCP connections which are obviously
malicious.
On Mon, May 3, 2021 at 10:48 AM Kenneth Porter
wrote:
> --On Monday, May
Hi all,
I've been using fail2ban for a while. Recently, I noticed a couple of IPs
which are attempting to attack our sendmail server. They connect and then
issue lots of RCPT TO commands, trying to see who will be accepted.
Sendmail rejects them because the inquiring server is listed in Spamhaus
