7 Dec
2012
7 Dec
'12
9:49 a.m.
On Fri, Dec 07, 2012 at 08:51:17AM +0000, Andy Smith wrote:
There'll probably be a couple more that I was
unable to find, but
that's the gist of it.
Hi.
I got hit by a dictionary attack on SMTP AUTH (well it looked like that
was how they got the login) that was then used to send out spam.
Thankfully the volume was fairly low.
My lessons:
a) SMTP AUTH actually does get attacked - keep an eye on it and use
solid passwords.
b) It's fairly easy to setup fail2ban to monitor exim.
Michael