Date: Mon, 03 Jun 2013 19:05:01 +0200 From: Andrea Venturoli <ml@netfence.it> To: freebsd-questions@freebsd.org Cc: prehor@gmail.com Subject: Stop SMTP attack with pam_abl Message-ID: <51ACCCBD.5030305@netfence.it>
next in thread | raw e-mail | index | archive | help
Hello. I have different sendmail based servers deployed and all of them are, more or less frequently, subject to dictionary attacks. So I looked for some solution to stop them and stumbled upon pam_abl. However it does not seem to do its job; in the logs I have: > pam_abl[2398]: /usr/local/etc/pam_abl.conf: host_db=/var/db/pam_abl/hosts.db > pam_abl[2398]: /usr/local/etc/pam_abl.conf: host_purge=4h > pam_abl[2398]: /usr/local/etc/pam_abl.conf: host_rule=*:10/1h,30/1d > pam_abl[2398]: PAM_RHOST is NULL > pam_abl[2398]: In cleanup, err is 00000000 That "PAM_RHOST is NULL" looks like the culprit to me... I searched a lot for deeper documentation but came up empty. Any hint? bye & Thanks av. P.S. I'm not sticking with pam_abl if a better solution exists...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?51ACCCBD.5030305>