Search found 1 match
- 24 Aug 2017, 00:56
- Forum: General Discussion (csf)
- Topic: saslauthd dictionary attack on sendmail
- Replies: 6
- Views: 8762
Re: saslauthd dictionary attack on sendmail
There are several slighlty different entries generated in maillog for the sendmail saslauthd authentication failures. This expression added to regex.custom.pm will quickly catch them.. It will work with or without a match on (may be forged ), MTA , MSA . and a host.domain in front of the IP address....