* Victor Duchovni <[email protected]>: > On Thu, Mar 24, 2011 at 02:07:43PM -0300, Odilo Schwade Junior wrote: > > > It is not my IP address. I don't know if it's a zombie.. I just think it may > > be.. XXX.XXX.XXX.XXX = random IPs address. Most of Brazil, Portugal > > and US as I said earlier. > > You can restrict SASL to TLS only, then perhaps fewer zombies will bother. > If you get SASL attempts from TLS-enabled zombies, just make sure your > passwords are strong enough to not succumb to easy dictionary attacks.
You can also use fail2ban to ban (iptables) clients that have X unsucessful SASL login attempts. p@rick -- All technical questions asked privately will be automatically answered on the list and archived for public access unless privacy is explicitely required and justified. saslfinger (debugging SMTP AUTH): <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
