Hey guys,
It seems my server is getting a lot of failed SASL auth attempts via the maillog lately. This doesn't seem to be part of CSF's default configuration, so a lot of bad attempts got through!
I added a custom rule for LFD to ban these "bad SASL" people, but I highly suggest you make it part of the default csf.conf
Here is the tutorial I followed to implement the custom rules on my own server:
https://www.24k.com.sg/blog/csf-setting ... -on-centos
SASL Authentication Failure
-
- Moderator
- Posts: 1524
- Joined: 01 Oct 2008, 09:24
Re: SASL Authentication Failure
These are already detected, but you need to ensure that you have set SMTPAUTH_LOG to the log file where they are logged. In your case: /var/log/maillog and then restart csf and then lfd.