Products > Security
Mailserver hacking attempts increased quite a bit
(1/1)
bingo600:
My Fail2Ban is currently banning 200+ unsuccesful maillogin attempts per day, on my server.
That's a huge increase that has occurred, during the last 2 month or so.
Nothing to do about it :--
Glad i have fail2ban installed :-+ :-+
/Bingo
bitwelder:
"maillogin" i.e. somebody trying to authenticate on it to send (likely) spam around the 'net ?
But yes, fail2ban is often quite essential if one has to keep a server exposed
madires:
A few weeks back some botnet started running a new spam method. They are performing RCPT flooding, i.e. one email with 100 receipients (random names from a list, same domain). At first I set up an increasing delay (below the TCP timeout) for each RCPT, causing the bots being kept busy for several hours. >:D Then I switched to a filter rule which responds with an error after a few failed RCPTs. Around last weekend there was an aggressive classic SPAM compaign.
Navigation
[0] Message Index
Go to full version