Loading ...
Sorry, an error occurred while loading the content.

Re: question re. sasl authentication - thanks and follow-up (lockouts?)

Expand Messages
  • Miles Fidelman
    Folks, Thanks for your replies re. sasl authentication. In thinking about things, and looking at all the attacks on our mailer (repeated attempts to
    Message 1 of 7 , Mar 3, 2013
    • 0 Attachment
      Folks,

      Thanks for your replies re. sasl authentication. In thinking about
      things, and looking at all the attacks on our mailer (repeated attempts
      to authenticate and send email), it occurs to me:

      Does the postfix smtpd provide any mechanisms for locking out
      IP/username combinations that repeatedly fail authentication - in the
      same way that human login can get locked out after n failed
      authentication attempts? Seems like this might be a good countermeasure
      for brute force password guessing attacks against smtpd.

      Thanks,

      Miles Fidelman

      --
      In theory, there is no difference between theory and practice.
      In practice, there is. .... Yogi Berra
    • Robert Schetterer
      ... you may use fail2ban with postfix sasl rules against brute force Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64
      Message 2 of 7 , Mar 3, 2013
      • 0 Attachment
        Am 03.03.2013 13:52, schrieb Miles Fidelman:
        > Folks,
        >
        > Thanks for your replies re. sasl authentication. In thinking about
        > things, and looking at all the attacks on our mailer (repeated attempts
        > to authenticate and send email), it occurs to me:
        >
        > Does the postfix smtpd provide any mechanisms for locking out
        > IP/username combinations that repeatedly fail authentication - in the
        > same way that human login can get locked out after n failed
        > authentication attempts? Seems like this might be a good countermeasure
        > for brute force password guessing attacks against smtpd.
        >
        > Thanks,
        >
        > Miles Fidelman
        >

        you may use fail2ban with postfix sasl rules against brute force


        Best Regards
        MfG Robert Schetterer

        --
        [*] sys4 AG

        http://sys4.de, +49 (89) 30 90 46 64
        Franziskanerstraße 15, 81669 München

        Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
        Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
        Aufsichtsratsvorsitzender: Joerg Heidrich
      • Miles Fidelman
        ... thanks! -- In theory, there is no difference between theory and practice. In practice, there is. .... Yogi Berra
        Message 3 of 7 , Mar 3, 2013
        • 0 Attachment
          Robert Schetterer wrote:
          > Am 03.03.2013 13:52, schrieb Miles Fidelman:
          >> Folks,
          >>
          >> Thanks for your replies re. sasl authentication. In thinking about
          >> things, and looking at all the attacks on our mailer (repeated attempts
          >> to authenticate and send email), it occurs to me:
          >>
          >> Does the postfix smtpd provide any mechanisms for locking out
          >> IP/username combinations that repeatedly fail authentication - in the
          >> same way that human login can get locked out after n failed
          >> authentication attempts? Seems like this might be a good countermeasure
          >> for brute force password guessing attacks against smtpd.
          >>
          >> Thanks,
          >>
          >> Miles Fidelman
          >>
          > you may use fail2ban with postfix sasl rules against brute force
          thanks!

          --
          In theory, there is no difference between theory and practice.
          In practice, there is. .... Yogi Berra
        Your message has been successfully submitted and would be delivered to recipients shortly.