Am Sa, den 31.07.2004 schrieb Pedro Fernandes Macedo um 20:59: > Besides firewalling this IP, nothing much..... Dont know what kind of > attack is it , but maybe limiting AUTH to secure channels can stop it > (if the attacker dont have tools that support TLS). In postfix you have > the option to only allow the use of the AUTH command if TLS is being > used. Dont know if sendmail can do the same thing though... Of course Sendmail can be configured the same way. The sendmail.mc coming with Fedora is already prepared so that this setting can easily be activated. > The only downside (which isnt in fact a downside) is that your users > will have to use TLS , but this way you gain in terms of security... > They'll have a bit of headache if your certificates are self-signed , > but that's easy to overcome that... You just have to give the users your cacert file to let it be imported as a valid and trusted CA. Saying that, it will not stop stupid or even cleverer SMTP AUTH attacks. > Pedro Macedo Alexander -- Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13 Fedora GNU/Linux Core 2 (Tettnang) kernel 2.6.6-1.435.2.3.ad.umlsmp Serendipity 21:05:58 up 2:30, 8 users, 0.06, 0.16, 0.20
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil