Northwind via Postfix-users:
> Hello list,
>
> In the last two days, my mail system (small size) met attacks.
>
> mail.log shows a lot of this stuff:
>
> May 23 06:24:29 mx postfix/smtpd[2655149]: warning:
> unknown[194.169.175.17]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
This just wastes a few CPU cycles and file system space.
> My questions are:
> 1. what's the purpose of this kind of attack? Brute force password
> cracking, or DDoS?
They want to use your machine to send spam to the Internet.
> 2. How to strengthen email system security to stop this?
Don't accept mail from home networks. For example, use "reject_dbl_client
zen.spamhaus.org". For this you must use your own DNS resolver,
not the DNSresolver from your ISP.
Wietse
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
