Folks,
Thanks for your replies re. sasl authentication. In thinking about
things, and looking at all the attacks on our mailer (repeated attempts
to authenticate and send email), it occurs to me:
Does the postfix smtpd provide any mechanisms for locking out
IP/username combinations that repeatedly fail authentication - in the
same way that human login can get locked out after n failed
authentication attempts? Seems like this might be a good countermeasure
for brute force password guessing attacks against smtpd.
Thanks,
Miles Fidelman
--
In theory, there is no difference between theory and practice.
In practice, there is. .... Yogi Berra
