ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://forum.configserver.com/

LFD isn't blocking dovecot login failures

https://forum.configserver.com/viewtopic.php?t=11697

Page 1 of 1

LFD isn't blocking dovecot login failures

Posted: 27 Feb 2020, 01:59
by ttremain
This IP is pounding one of our servers

These are from exim_mainlog:

Code: Select all

2020-02-26 17:50:18 dovecot_login authenticator failed for ([x.y.z.z]) [x.y.z.z]:49078: 535 Incorrect authentication data
2020-02-26 17:50:20 dovecot_login authenticator failed for ([x.y.z.z]) [x.y.z.z]:43772: 535 Incorrect authentication data
2020-02-26 17:50:24 dovecot_login authenticator failed for ([x.y.z.z]) [x.y.z.z]:19374: 535 Incorrect authentication data
2020-02-26 17:50:25 dovecot_login authenticator failed for ([x.y.z.z]) [x.y.z.z]:36636: 535 Incorrect authentication data
I have:
SMTPAUTH_LOG = "/var/log/maillog"
POP3D_LOG = "/var/log/maillog"
IMAPD_LOG = "/var/log/maillog"

The IP x.y.z.z doesn't seem to be in /var/log/maillog at all.

Confused. Please advise!

Re: LFD isn't blocking dovecot login failures

Posted: 21 Oct 2020, 18:45
by scrupul0us
You want:

Code: Select all

SMTPAUTH_LOG = "/var/log/exim_mainlog"
SMTPRELAY_LOG = "/var/log/exim_mainlog"
SCRIPT_LOG = "/var/log/exim_mainlog"
POP3D_LOG = "/var/log/maillog"
IMAPD_LOG = "/var/log/maillog"
...based on CentOS 7 w/cPanel
All times are UTC+01:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited