hi Gunter I'm not a James expert; I don't even use it in production, I did look at it a while back, because I'm a java programmer, but I decided that the devil you know (exim4 in my case) is better than the devil you don't. In my book, all mailexchangers being complicated beastly devils.
I still think your problem sounds like the necessity to create a regex that will match those 100 failed attempts to logon as recorded in your logs. If you can do that then fail2ban can be set to drop the connection after say 3 failed attempts. I believe I've recently seen the same problem as you. Maybe around April this year, before which there was only the trickle of spammers trying to route spam through my mailer, suddenly a huge volume of different addresses doing strange things. They just as suddenly it stopped about a week ago and I think it was thanks to fail2ban,that there were no memory issues - even my small VM managed to shrug it off. My suspicion is it's part of a drive to end internet anonymity. I only host my own mail, but I could easily be, as other people on this list do, running a little email business, without demanding real world ID of customers. So little people like you and I, offering an alternative to gmail, outlook etc, become a target - that's how I see it anyway. :-) -- David Matthews m...@dmatthews.org --------------------------------------------------------------------- To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org For additional commands, e-mail: server-user-h...@james.apache.org
