Products > Security

Mailserver hacking attempts increased quite a bit


My Fail2Ban is currently banning 200+ unsuccesful maillogin attempts per day, on my server.
That's a huge increase that has occurred, during the last 2 month or so.

Nothing to do about it  :--

Glad i have fail2ban installed  :-+ :-+


"maillogin" i.e. somebody trying to authenticate on it to send (likely) spam around the 'net ?

But yes, fail2ban is often quite essential if one has to keep a server exposed

A few weeks back some botnet started running a new spam method. They are performing RCPT flooding, i.e. one email with 100 receipients (random names from a list, same domain). At first I set up an increasing delay (below the TCP timeout) for each RCPT, causing the bots being kept busy for several hours. >:D Then I switched to a filter rule which responds with an error after a few failed RCPTs. Around last weekend there was an aggressive classic SPAM compaign.


[0] Message Index

There was an error while thanking
Go to full version
Powered by SMFPacks Advanced Attachments Uploader Mod