NetBSD-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: blacklistd not reacting to postfix/smtpd AUTH failures
On Fri, 7 Aug 2020, Martin Neitzel wrote:
You have to check the smtpd source to see if blacklist{,_r,_sa}
could be called at the point where the issue is logged.
Indeed the source code delivered. It suggests the notification should be
triggered when the auth attempt reach the smtpd_hard_error_limit:
if (state->error_count >= var_smtpd_hard_erlim) {
state->reason = REASON_ERROR_LIMIT;
state->error_mask |= MAIL_ERROR_PROTOCOL;
smtpd_chat_reply(state, "421 4.7.0 %s Error: too many errors",
var_myhostname);
pfilter_notify(1, vstream_fileno(state->client));
break;
}
Which I had not set in the main.cf file. After setting it to 5, failed attempts
would be sent to blacklistd:
$ postconf smtpd_hard_error_limit
smtpd_hard_error_limit = 5
$ sudo blacklistctl dump -ab|egrep '32:25'
186.159.2.57/32:25 1/3 2020/08/08 07:31:19
194.213.125.169/32:25 1/3 2020/08/08 07:17:08
185.4.44.60/32:25 1/3 2020/08/08 07:26:26
94.243.219.122/32:25 1/3 2020/08/08 07:21:28
202.40.186.26/32:25 1/3 2020/08/08 07:50:47
Maybe this should be documented...
More on connections limit http://www.postfix.org/TUNING_README.html#conn_limit
------------------------------------------------------------------------
Emile `iMil' Heitor <imil@{home.imil.net,NetBSD.org}> | https://imil.net
!DSPAM:5f2e3ea253355886372770!
Home |
Main Index |
Thread Index |
Old Index