Wietse Venema via Postfix-users: > Northwind via Postfix-users: > > Hello list, > > > > In the last two days, my mail system (small size) met attacks. > > > > mail.log shows a lot of this stuff: > > > > May 23 06:24:29 mx postfix/smtpd[2655149]: warning: > > unknown[194.169.175.17]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 > > This just wastes a few CPU cycles and file system space. > > > My questions are: > > 1. what's the purpose of this kind of attack? Brute force password > > cracking, or DDoS? > > They want to use your machine to send spam to the Internet. > > > 2. How to strengthen email system security to stop this? > > Don't accept mail from home networks. For example, use "reject_dbl_client
Typo: this should be reject_rbl_client. > zen.spamhaus.org". For this you must use your own DNS resolver, > not the DNSresolver from your ISP. > > Wietse > _______________________________________________ > Postfix-users mailing list -- postfix-users@postfix.org > To unsubscribe send an email to postfix-users-le...@postfix.org > _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
