Detect and block abuse of (cracked) e-mail account 
Friday, 28 February 2014, 10:45 - Postfix Stuff, Mail stuff
Posted by Administrator
To avoid bad things(TM) caused by a cracked e-mail account on our postfix mailserver, I used the script Check Auth Log to detect abnormal high numbers of logins or logins from many different IP addresses within a certain time onto a certain account. Then the script will lock out the account. This, together with per-session limits within postfix configuration (smtpd_client_message_rate_limit, smtpd_client_recipient_rate_limit), should help to avoid or at least mitigate the damage caused by cracked accounts, i.e. SMTP server being blacklisted.

add comment ( 1231 views )   |  permalink   |  related link   |  $star_image$star_image$star_image$star_image$star_image ( 3 / 1759 )

<<First <Back | 1 | 2 | 3 | 4 | 5 | 6 | Next> Last>>