Re: question re. sasl authentication - thanks and follow-up (lockouts?)
- Robert Schetterer wrote:
> Am 03.03.2013 13:52, schrieb Miles Fidelman:thanks!
>> Thanks for your replies re. sasl authentication. In thinking about
>> things, and looking at all the attacks on our mailer (repeated attempts
>> to authenticate and send email), it occurs to me:
>> Does the postfix smtpd provide any mechanisms for locking out
>> IP/username combinations that repeatedly fail authentication - in the
>> same way that human login can get locked out after n failed
>> authentication attempts? Seems like this might be a good countermeasure
>> for brute force password guessing attacks against smtpd.
>> Miles Fidelman
> you may use fail2ban with postfix sasl rules against brute force
In theory, there is no difference between theory and practice.
In practice, there is. .... Yogi Berra