OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Lost Connection after AUTH - Dealing with Abuse

From: Richard Laysell (mlpostfixxiphosura.co.uk)
Date: Mon Apr 07 2014 - 08:42:34 CDT


Hello all,

What is the best way of dealing with pests like this?

Apr 7 12:52:40 polyphemus postfix/smtpd[24765]: lost connection after
AUTH from unknown[78.188.45.153]
Apr 7 12:52:41 polyphemus postfix/smtpd[9398]: lost connection after
AUTH from unknown[78.188.45.153]
Apr 7 12:52:42 polyphemus postfix/smtpd[11788]: lost connection after
AUTH from unknown[78.188.45.153]
Apr 7 12:52:42 polyphemus postfix/smtpd[1519]: lost connection after
AUTH from unknown[78.188.45.153]
Apr 7 12:52:42 polyphemus postfix/smtpd[25494]: lost connection after
AUTH from unknown[78.188.45.153]
Apr 7 12:52:42 polyphemus postfix/smtpd[8085]: lost connection after
AUTH from unknown[78.188.45.153]
Apr 7 12:52:43 polyphemus postfix/smtpd[17639]: lost connection after
AUTH from unknown[78.188.45.153]
Apr 7 12:52:43 polyphemus postfix/smtpd[20617]: lost connection after
AUTH from unknown[78.188.45.153]

And on and on and on for another hundred or so lines

Note that I don't advertise or accept 'AUTH' on this server:

250-polyphemus.xiphosura.co.uk
250-SIZE 10240000
250-ENHANCEDSTATUSCODES
250 8BITMIME
AUTH
503 5.5.1 Error: authentication not enabled

Should I just ignore this, or is there a way of preventing/ameliorating
this abuse in Postfix? My system seems to cope with it OK, but it
does rather annoy me.

I'm using Postfix 2.10.1

Regards,

Richard