Koozali.org: home of the SME Server

9.2: any way to block incoming SMTP after N unsuccesful login tries?

Offline Michail Pappas

  • *
  • 339
  • +1/-0
Well the subject says it all. I'm looking for a way to block incoming crack login attempts. They are not very fast, 1 per 2'-3' minutes, but still it would be nice if I could somehow auto-blacklist them. I believe SSH on SME offers this functionality.

Is what I am asking already offered perhaps by some qpsmtpd plugins?

guest22


Offline Michail Pappas

  • *
  • 339
  • +1/-0
I was hoping for a much less obtrusive change, something preferably included in the current qpsmtpd build.

Otherwise, fail2ban seems perfect for the purpose, I'll also consider it as well, thanks.

Offline Stefano

  • *
  • 10,836
  • +2/-0
fail2ban exists exactly to do what you're asking for

you can customize it to wonk only with qpsmtpd and, using custom fragments, you can adapt it to your needs

give it a try