Hans-Georg Michna <hans-georgNoEmailPlease@michna.com> writes:
My mail server, running postfix and courier-imap etc., is
continuously under attack from sources trying to brute-force email
accounts. They guess, often correctly, the email addresses and try different passwords.
So far they have been largely unsuccessful, with one sad exception,
but I am asking myself whether there is not a relatively simple
defense. Perhaps the attacking IP address could be blocked for some
time after three unsuccessful logon attempts.
Of course I keep reminding my mail users to use sufficiently complex passwords, but I cannot force them.
My server runs under Plesk, and my knowledge of Linux is superficial.
My server runs under Plesk, and my knowledge of Linux is
superficial. There is always hope, of course, that Plesk one day
improves resistance against cyberattacks.
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 295 |
Nodes: | 16 (2 / 14) |
Uptime: | 19:56:54 |
Calls: | 6,640 |
Files: | 12,188 |
Messages: | 5,325,233 |