SASL attacks and SPAM

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



I wanted to pass this along. I'm sure it may be nothing new to most of you,
but it has greatly reduced sasl attacks and spam.

I found most of it here:
https://scottlinux.com/2011/05/26/prevent-postfix-brute-force/

I added the fail2ban rule and modified my postfix main.cf as follows:

smtpd_client_connection_rate_limit = 3
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions =
    permit_mynetworks,
    reject_non_fqdn_helo_hostname,
    reject_invalid_helo_hostname,
    permit
smtpd_sender_restrictions =
    permit_mynetworks,
    reject_non_fqdn_sender,
    reject_unknown_sender_domain,
    permit
smtpd_recipient_restrictions =
   reject_unauth_pipelining,
   reject_non_fqdn_recipient,
   reject_unknown_recipient_domain,
   permit_mynetworks,
   reject_unauth_destination,
   check_sender_access
         hash:/etc/postfix/access,
   reject_rbl_client zen.spamhaus.org,
   reject_rbl_client bl.spamcop.net,
   check_policy_service unix:postgrey/socket,
   permit
   smtpd_client_connection_count_limit = 3
   smtpd_client_message_rate_limit = 5
   smtpd_client_recipient_rate_limit = 60
   smtpd_client_event_limit_exceptions = $mynetworks
   smtpd_client_new_tls_session_rate_limit = 3
smtpd_error_sleep_time = 1s
smtpd_soft_error_limit = 10
smtpd_hard_error_limit = 20

Has knocked down all the spam and about 99% of the sasl attacks.

If anyone would like to add to this, please do so.

TIA



_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux