On Thu, 4 Feb 2016, Tom Rivers wrote:
On 2/4/2016 4:07 PM, vendor@xxxxxxxxxxxxx wrote:
Is there something like denyhosts for sasl attacks? I'm getting tired
of stuff like this:
Jan 31 04:52:38 hope saslauthd[1333]: do_auth : auth failure:
[user=abby] [service=smtp] [realm=billoblog.com] [mech=pam] [reason=PAM
auth error]
I use fail2ban and you can configure custom filters to snag log entries of
note, create custom jails for banning the offender after X failures for X
amount of time (or indefinitely), and you can even have it maintain a
database of the IPs logged so the next time you boot it will ban all the IPs
again which also has a lifespan setting for its entries (i.e. finite of
infinite ban time).
Tom
Thanks! I just installed...
billo
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
