Spam Blocking by filtering on username / id
@lbutlr
kremels at kreme.com
Tue Sep 24 17:10:58 EEST 2019
On Sep 22, 2019, at 11:29 PM, Plutocrat <plutocrat at gmail.com> wrote:
> This is probably quite an easy question, but I haven't been able to find the answer. I'm running a server where all the email addresses are in the format "user at domain.com". I've noticed that a large number of fake login attempts use the format "user" eg. reception, service, root, admin.
>
> Is it possible to prevent any such logins to these email users without an @domain.com?
Are users able to login without the @domain part?
> Or maybe ignore them. Or drop them from the logging.
As Bernd said, fail2ban will ban these Its from repeatedly trying to login, but they will still be logged.
There is also sshguard that will do the same thing.
One of these should probably be running anyway as they help mitigate issues where someone keep hammering on your system, however in the days of DDOS, they are less helpful than they used to be.
--
MEGAHAL: within my penguin lies a torrid story of hate and love.
More information about the dovecot
mailing list