Am 03.03.2013 13:52, schrieb Miles Fidelman: > Folks, > > Thanks for your replies re. sasl authentication. In thinking about > things, and looking at all the attacks on our mailer (repeated attempts > to authenticate and send email), it occurs to me: > > Does the postfix smtpd provide any mechanisms for locking out > IP/username combinations that repeatedly fail authentication - in the > same way that human login can get locked out after n failed > authentication attempts? Seems like this might be a good countermeasure > for brute force password guessing attacks against smtpd. > > Thanks, > > Miles Fidelman >
you may use fail2ban with postfix sasl rules against brute force Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Joerg Heidrich
