Monitoring SASL authenticated users
in [Postfix]
|
Prev: Stop spammers using outdated MX records.
Next: trouble on my rules check_client_access hash:/etc/postfix/acces_client
From: Patrick Ben Koetter on 24 Jun 2010 05:51 * Michael <pfml(a)nettrust.co.nz>: > On Thu, 24 Jun 2010 20:48:04 Patrick Ben Koetter wrote: > > * Stan Hoeppner <stan(a)hardwarefreak.com>: > > > Michael put forth on 6/24/2010 3:07 AM: > > > > I want to be able to monitor SASL users to get quick notification if > > > > something is out of the ordinary - like a spammer using a compromised > > > > account to send emails. > > > > > > > > What tool(s) can be used to achieve this? > > > > > > Given the nature of your requirement, you're probably not going to find a > > > Postfix tool or set of tools that will "notify" you when an account has > > > been hijacked. How would software be able to determine when a user > > > password has > > > > Maybe he will. The OP could install the policyd policy server (v1) and > > impose sender restrictions von sasl authenticated senders. > > I will look into this thanks. > > Is there a reason that v1 is better then v2 for this application? I don't know in which state v2 is in. It was supposed to become a complete rewrite and I lost trac of how far they have come. v1 worked for me. ;) p(a)rick -- All technical questions asked privately will be automatically answered on the list and archived for public access unless privacy is explicitely required and justified. saslfinger (debugging SMTP AUTH): <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
From: Michael on 24 Jun 2010 18:49
On Thu, 24 Jun 2010 21:51:55 Patrick Ben Koetter wrote: > > > Maybe he will. The OP could install the policyd policy server (v1) and > > > impose sender restrictions von sasl authenticated senders. > > > > I will look into this thanks. > > > > Is there a reason that v1 is better then v2 for this application? > > I don't know in which state v2 is in. It was supposed to become a complete > rewrite and I lost trac of how far they have come. v1 worked for me. ;) That did the trick for me and is now up and running on the client's mail server. Thanks Patrick :-) |