On Sun, 13 Sep 2015 21:35:56 +0200
Benny Pedersen wrote:
> fail2ban is imho only ipv4 :(
Ah, I didn't know that.
> google autofwd for replacement
>
> http://freecode.com/projects/autofwd
Thanks. This looks interesting.
--
Niklaas
Niklaas Baudet von Gersdorff skrev den 2015-09-13 20:39:
Have a look here:
http://www.sshguard.net/
http://unix.stackexchange.com/questions/44483/protecting-postfix-from-bruteforce-attacks
http://www.djs.to/2013/10/1-postfix-sasl-support-for-sshguard/
fail2ban is imho only ipv4 :(
google aut
On Sun, 13 Sep 2015 00:25:42 +0530
Ram wrote:
> I am seeing a surge in the number of password attempts both at my
> postfix smtp servers as well as imap servers
> These attacks seem to be targetted since the attempts are made at
> correct userids
I am using sshguard. It doesn't support Postfix
My suggestion is instead extending the logic to prevent bruteforce instead.
For example:
If you run a webhosting company, use geoIP to disable logins to accounts
that do not originate from the same country as their payment method.
Since this rule are set up account-wise, you can still easily tar
Hi Ram,
You are in the right track. Just add some additional logic to your
banning code so it also detects and tracks correct logins.
With this information you can easily avoid blocking legitimate IPs (with
correct logins) that are just failing to authenticate because old
and/or half configured
