Web Development Blog

24K Design Studio :: Blog :: CSF setting to catch SASL LOGIN authentication failed on CentOS
Author:
Password:
CSF setting to catch SASL LOGIN authentication failed on CentOS
11:02, 15 Apr, 2015
by James

nano /etc/csf/csf.conf

Find CUSTOM1_LOG and edit the content to:

CUSTOM1_LOG = "/var/log/maillog"

 

Add the regex to catch the failed attempts against SASL

nano /usr/local/csf/bin/regex.custom.pm

Add the below regex between "Do not edit before this point" and "Do not edit beyond this point":

if (($lgfile eq $config{CUSTOM1_LOG}) and ($line =~ /^\S+\s+\d+\s+\S+ \S+ postfix\/smtpd\[\d+\]: warning:.*\[(\d+\.\d+\.\d+\.\d+)\]: SASL [A-Z]*? authentication failed/)) {
    return ("Failed SASL login from",$1,"mysaslmatch","3","25","3600");
}

 

Restart CSF:

csf -r

Reply:
Your name:
Only visible to the author.

Tell us you are not a robot. What is captcha1captchaOcaptcha2 =

Reply
#1
qaebmpbd
05:03, 25 Nov, 2015
 
1
Reply
Your name:
Only visible to the author.

Tell us you are not a robot. What is captcha1captchaOcaptcha2 =

Reply
View the latest 5 entries.