Those lines make no harm, although they may become annoying. I guess
that an external tool like Fail2Ban can be very helpful here, but be
careful to establish an ample enough policy in the Fail2Ban service to
not block your own users if they fail to authenticate against your mail
server.
Regards,
Nicolás
El 2015-04-20 10:03, i...@itrezero.it escribió:
Good morning all!
My Postfix is logging a lot fo these:
-------------- BEGIN LOG ------------
Apr 20 10:50:35 dante postfix/smtpd[29806]: warning: hostname
totaldrama.eu does not resolve to address 94.102.53.179: Name or
service not known
Apr 20 10:50:35 dante postfix/smtpd[29806]: connect from
unknown[94.102.53.179]
Apr 20 10:50:37 dante postfix/smtpd[29806]: warning:
unknown[94.102.53.179]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
Apr 20 10:50:37 dante postfix/smtpd[29806]: disconnect from
unknown[94.102.53.179] ehlo=1 auth=0/1 quit=1 commands=2/3
-------------- ENG LOG ------------
Can I "block/reject" all this attempts of connections?
I tried with settings in main.cf (in particular client and helo
restrictions) as below, but with no results:
Thank you a lot for your help.
-FRANCESCO
------------- BEGIN MAIN.CF ----------------
myhostname = MY.HOST.IT
mydomain = HOST.IT
myorigin = $mydomain
inet_interfaces = vvv.vvv.vvv.vvv, localhost
inet_protocols = ipv4
mydestination = $myhostname, localhost.$mydomain, localhost,
$mydomain, *.$mydomain
unknown_local_recipient_reject_code = 550
mynetworks = 127.0.0.0/8, vvv.vvv.vvv.yyy/28
strict_rfc821_envelopes = yes
disable_vrfy_command = yes
smtpd_helo_required = yes
smtpd_client_restrictions =
permit_mynetworks,
reject
smtpd_helo_restrictions =
permit_mynetworks,
reject_non_fqdn_hostname,
reject_unknown_sender_domain,
reject_invalid_hostname,
reject
smtpd_sender_restrictions =
smtpd_end_of_data_restrictions =
smtp_sender_dependent_authentication = yes
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
reject_invalid_hostname,
reject_unauth_pipelining,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = /var/spool/postfix/private/auth
smtpd_sasl_authenticated_header = no
------------- END MAIN.CF ----------------
-------------------------
[1]
Questa e-mail è stata controllata per individuare virus con Avast
antivirus.
www.avast.com [1]
Links:
------
[1] http://www.avast.com/
