On Wed, Oct 23, 2024 at 10:04:06AM +0300, Ivan Ionut via Postfix-users wrote:
> Does Postfix can detect an initiated sasl login (before any failed/success).
> If so, does it have built in option or I must create a shell script or a
> custom filter in master.cf for this?
>
> P.S. I'm interesting to allow my server to receive mails from a large
> blacklisted ips, but I want to block sasl logins from this list.
You should not enable SASL on port 25. And incoming mail to port 25
will almost never attempt SASL login. Any SASL login attempts you see
on port 25 will be just attempts at brute-forcing passwords, not actual
mail deliveries.
You will then SASL login attempts only ports 465/587, if you're also
hosting submission services. You can choose to ignore these, or
configure fail2ban, ... if sufficiently motivated.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
