Re: [OT] odd network question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Fri, Aug 02, 2019 at 10:19:49AM -0400, mark wrote:
> Fred Smith wrote:
> > On Fri, Aug 02, 2019 at 09:28:23AM -0400, mark wrote:
> <MVNCH>
> > One thing I don't understand is how/why the firewall is DROPping so
> > many attempts on port 25 when it in fact has a port forward rule sending
> > port 25 on to my mailserver. How does it know, or why does it think that
> > some of them can be dropped at the outer barrier?
> >
> >> you, but thank you for taking a hundred thousand or so for all of us.
> >
> > Hey, its the least I can do for all the good guys out there! :)
> > But that doesn't mean the same dratsabs aren't hitting all the rest
> > of you too.
> >
> I'm sure they are. Are you running fail2ban?
> 
Several years back I switched from sendmail to postfix.
Not knowing what I was doing, I think I have it set to
say it will forward email following SASL authentication.
But as I had no intention of forwarding anything, I did
not set up any authentication methods.  So anyone who
tries fails to authenticate.

With fail2ban in place I get 200-500 daily SASL "fail to
authenticate" instances.  In contrast, several months ago
fail2ban either died or did not restart correctly.  This
went unnoticed for about a week.  During that time I got
10000-32000 daily "failed to authenticate".

Jon
-- 
Jon H. LaBadie                 jon@xxxxxxxxxx
 11226 South Shore Rd.          (703) 787-0688 (H)
 Reston, VA  20190              (703) 935-6720 (C)
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]


  Powered by Linux