On 5/10/23 02:40, Peter via Postfix-users wrote:
On 8/05/23 00:27, Wietse Venema via Postfix-users wrote:
After multiple such connnections, postscreen could theoretically
decide that the client is unlikely to ever connect to the primary
MX, but by then the client will likely already have given up, and
postscreen has done no harm.
Postscreen does not have such a counting system.
This could (in theory) be done with a fail2ban (or similar tool) entry
that monitors the mail log and maintains a table with the IP addresses
to reject based on the criteria you determine. The value of this (as
you already pointed out) is questionable, though.
I do not use fail2ban to screen cases like this. It is, as noted,
probably of little value.
I *DO* use fail2ban to temporarily block IPs that are actively attacking
my SMTP port (usually trying to brute-force authentication, sometimes
attempting to relay).
--
Phil Stracchino
Babylon Communications
ph...@caerllewys.net
p...@co.ordinate.org
Landline: +1.603.293.8485
Mobile: +1.603.998.6958
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
