South Computers escribió:
Sounds like they may have gotten hit with a virus or pissed someone
off. I would block the domain from relaying & inform the customer,
possibly make them change their email account passwords if it's not a
large organization. Ask them to relay through their provider if
possible for the time being. Fail2ban would be the best solution for
the time being as previously mentioned.
The passwords are all wrong. they are all like:
mail vpopmail[31082]: vchkpw-smtp: password fail (pass: 'edos1kd9')
eduardos...@domain.com:201.82.74.70
The domain is blocked in spamdyke, unless they authenticate and bypass
the filters, so that is covered. But the smtp sessions are used
nevertheless.
I installed fail2ban (from the repos mentioned in fail2ban.org) but
cannot make it work with the smtpd. I tried with
http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg23951.html
but i think it has a conf file missing and the vpopmail is for pop3.
I also tried with
http://notes.benv.junerules.com/all/software/qmail-spamdyke-and-fail2ban/#more-539
but cannot make it work with the RBL_MATCH filter.
Any tips from satisfied fail2ban users?
Thanks!
Sergio
---------------------------------------------------------------------------------
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
---------------------------------------------------------------------------------
Please visit qmailtoaster.com for the latest news, updates, and packages.
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
