Hi,
We have SMTPS server with SASL auth fro posting messages from external
networks (internal xtoo). Since weeks we found a lot (very big) amount of
SASL LOGIN authentication failed: authentication failure
in our logs.
Client IPs are foreigns and not real client.
1 - is it a brut force attack
On 19.02.22 12:43, Emmanuel BILLOT wrote:
We have SMTPS server with SASL auth fro posting messages from external
networks (internal xtoo). Since weeks we found a lot (very big) amount of
SASL LOGIN authentication failed: authentication failure
in our logs.
Client IPs are foreigns and not real
Im Auftrag von Emmanuel BILLOT
> Betreff: SASL hacking ?
>
> Hi,
>
> We have SMTPS server with SASL auth fro posting messages from external
> networks (internal xtoo). Since weeks we found a lot (very big) amount of
>
> SASL LOGIN authentication failed: authentication failure
>
> in our logs.
>
On 2022-02-19 at 06:43:59 UTC-0500 (Sat, 19 Feb 2022 12:43:59 +0100)
Emmanuel BILLOT
is rumored to have said:
Hi,
We have SMTPS server with SASL auth fro posting messages from external
networks (internal xtoo). Since weeks we found a lot (very big) amount
of
SASL LOGIN authentication failed
On 2/18/22 12:20, Wietse Venema wrote:
> Jaroslaw Rafa:
>> Dnia 18.02.2022 o godz. 11:17:13 Wietse Venema pisze:
>>> Starting to wonder if reject_unverified_recipient should be given
>>> more publicity.
>>
>> Definitely should. I always thought of reject_unverified_recipient only in
>> context of a
I have virtual_mailbox_maps in use with reject_unlisted_recipent and use
virtual_alias_maps to translate a validated address into a single matching
address for the corresponding dovecot user. For example:
/usr/local/etc/postfix/vmailbox
validu...@example.com whatever
/usr/local/etc/po