| Previous | INDEX | Next |
| Thinkpad X1C - laggy touchpad after display lock screen | Installing Debian 11 on a Protectli VP2410 (Part 1) |
My email server (runs sendmail - yes, I know) has been seeing increasing attempts to guess uernames and passwords. At first, I thought this was mainly due to opening ports 587 (for mail submission using STARTTLS) and 993 (IMAP). As an experiment, I closed these two ports on the firewall, but the level of probes remained pretty much the same. It seems that the probing is against port 25, which I obviously can't close.
So, is it possible to actually disable AUTH on port 25? The confguration I've defined does not require authentication on port 25, but it's still possible for clients to request it. After a few hours (well, minutes) of internet research, I found this thread, which clued me in to the configuration change required.
The key configuration modification is to this line in the sendmail.mc file:
DAEMON_OPTIONS(`Family=inet, Name=MTA, Port=smtp, Modifiers=A')
The modifier 'A' disables authentication on port 25 (aka smtp). Once implemented, authentication attempts on port 25 dropped to zero. Hurrah!
Now, how bad will things be once I open IMAPS (993) and SUBMISSION (587) again?
| Previous | INDEX | Next |
| Thinkpad X1C - laggy touchpad after display lock screen | Installing Debian 11 on a Protectli VP2410 (Part 1) |
