Re: [exim] automatically blacklisting clients that fail SMTP…

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: WJCarpenter
Dátum:  
Címzett: Exim Mailing List
Tárgy: Re: [exim] automatically blacklisting clients that fail SMTP authentication

> . using fail2ban


I second the idea of using fail2ban (or something similar). It's
completely non-invasive.

It can be a slight inconvenience if you have users behind NAT firewalls
coming to your server (which includes most home routers). One clumsy
person mistyping a webmail password a couple of times looks out
everybody using that shared public IP address. OTOH, fail2ban is
tunable and is typically configured to only block the IP address for
10-20 minutes. That's enough to turn back most attacking bots (or at
least give your machine a rest) and tolerable for the false alarm cases.