Koozali.org: home of the SME Server

Obsolete Releases => SME Server 9.x => Topic started by: Michail Pappas on May 24, 2017, 07:30:00 AM

Title: 9.2: any way to block incoming SMTP after N unsuccesful login tries?
Post by: Michail Pappas on May 24, 2017, 07:30:00 AM

Well the subject says it all. I'm looking for a way to block incoming crack login attempts. They are not very fast, 1 per 2'-3' minutes, but still it would be nice if I could somehow auto-blacklist them. I believe SSH on SME offers this functionality.

Is what I am asking already offered perhaps by some qpsmtpd plugins?

Title: Re: 9.2: any way to block incoming SMTP after N unsuccesful login tries?
Post by: guest22 on May 24, 2017, 08:17:55 AM

Maybe this can help https://wiki.contribs.org/Fail2ban

Title: Re: 9.2: any way to block incoming SMTP after N unsuccesful login tries?
Post by: Michail Pappas on May 24, 2017, 09:21:07 AM

I was hoping for a much less obtrusive change, something preferably included in the current qpsmtpd build.

Otherwise, fail2ban seems perfect for the purpose, I'll also consider it as well, thanks.

Title: Re: 9.2: any way to block incoming SMTP after N unsuccesful login tries?
Post by: Stefano on May 24, 2017, 10:45:26 AM

fail2ban exists exactly to do what you're asking for

you can customize it to wonk only with qpsmtpd and, using custom fragments, you can adapt it to your needs

give it a try