Re: postfix' blacklistd patch

Reply: Michael Grimm : "Re: postfix' blacklistd patch"
In reply to: Michael Grimm : "postfix' blacklistd patch"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Juraj Lutter <otis_at_FreeBSD.org>
Date: Tue, 24 Jan 2023 19:31:03 UTC


> On 16 Jan 2023, at 16:49, Michael Grimm <trashcan@ellael.org> wrote:
> 
> Hi,
> 
> I wonder if the following condition for triggering blacklistd is appropriate:
> 
> 
>        /* notify blacklistd of SASL authentication failure */
>        pfilter_notify(1, vstream_fileno(state->client));
>        return (-1);
>    }
> 
> If I am not mistaken blacklistd will become notified even after a 'Temporary authentication failure'. 
> 
> Has this been intended?


Yes, because even an temporary failure could be a result of a “brute force attack”.

—
Juraj Lutter
otis@FreeBSD.org