Postfix and tcpwrappers?
Ronald Klop
ronald-lists at klop.ws
Mon Jul 25 17:04:15 UTC 2016
On Mon, 25 Jul 2016 18:48:25 +0200, Karl Denninger <karl at denninger.net>
wrote:
> This may not belong in "stable", but since Postfix is one of the
> high-performance alternatives to sendmail....
>
> Question is this -- I have sshguard protecting connections inbound, but
> Postfix appears to be ignoring it, which implies that it is not paying
> attention to the hosts.allow file (and the wrapper that enables it.)
>
> Recently a large body of clowncars have been targeting my sasl-enabled
> https gateway (which I use for client machines and thus do in fact need)
> and while sshguard picks up the attacks and tries to ban them, postfix
> is ignoring the entries it makes which implies it is not linked with the
> tcp wrappers.
>
> A quick look at the config for postfix doesn't disclose an obvious
> configuration solution....did I miss it?
>
Don't know if postfix can handle tcp wrappers, but I use bruteblock [1]
for protecting connections via the ipfw firewall. I use this for ssh and
postfix.
Regards,
Ronald.
[1] http://www.freshports.org/security/bruteblock/
More information about the freebsd-stable
mailing list