I am running a smart host using the community edition of Surgemail. No
mailboxes. Simply forwarding inbound and outbound email from my servers
at home(registered Surgemail servers).
I am getting a lot of Auth attempts via port 25:
2023-02-20 00:09:24.80:2993407744: 535 Login not permitted domain does not exist (payroll@70.35.205.71) (70.35.205.71) 185.254.37.70
2023-02-20 00:22:00.18:2996049664: 535 Login not permitted domain does not exist (production@70.35.205.71) (70.35.205.71) 185.254.37.70
2023-02-20 00:34:35.46:2993407744: 535 Login not permitted domain does not exist (program@70.35.205.71) (70.35.205.71) 185.254.37.70
2023-02-20 00:47:09.81:2996049664: 535 Login not permitted domain does not exist (rafael@70.35.205.71) (70.35.205.71) 185.254.37.70
2023-02-20 00:59:45.80:2994464512: 535 Login not permitted domain does not exist (reception@70.35.205.71) (70.35.205.71) 185.254.37.70
2023-02-20 01:12:31.39:2994464512: 535 Login not permitted domain does not exist (remote@70.35.205.71) (70.35.205.71) 185.254.37.70
I did verify the connects are via port 25. I use a different port with auth enabled for outbound email from my servers.
Is there a way to disallow auth attempts on port 25? If someone tries to authenicate on port 25, drop them.
Thanks,
Lyle Giese
|