Postfix, SASL, & Fail2Ban
I recently noticed that a lot of ISPs block outgoing SMTP connections on port 25 so I made some configuration changes to my server to allow SMTP connections on port 587. I configured Postfix to listen on port 587, added a new rule to the iptables firewall to allow the traffic through, and setup port 587 to be forwarded to the web server by my router.
I also modified the Fail2Ban rules for Postfix and SASL to monitor SMTP activity. The server is already configured to refuse relay requests for domains not hosted on the server unless the user has been authenticated. The rules I have setup now will notify me if anyone tries to perform a Denial of Service or Distributed Denial of Service attack. If I notice any increased activity I will change the Fail2Ban rules to block IP addresses instead of just sending me whois-lookup notifications.
Leave a comment
You must be logged in to post a comment.