• Introducing WebPros Cloud - a fully managed infrastructure platform purpose-built to simplify the deployment of WebPros products !  WebPros Cloud enables you to easily deliver WebPros solutions — without the complexity of managing the infrastructure.
    Join the pilot program today!
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.

Question Intruder connected to my vm by smtp

Javi

New Pleskian
hi

Today I had to throw an intruder in my vm that was connected by smtp, how do I have to do so that it does not happen again

Thanks
 
It is common that attackers try to login to mailboxes to send spam through them, so you normally see many connects and login attempts from a variety of ip addresses. The default solution for this is to activate the Fail2Ban Postfix and Dovecot jails. They will catch failed login attempts and block attacker IPs.

However, if you found a successful login attempt by a foreign IP, you need to change the password of that mailbox.
 
thank you Peter for the answer.
with the netstat -putona command I saw the connection established with the smtp program
 
I do not believe that the intruder entered my mailbox, however with the netstate command I see that there is a connection established by the intruder with the smtp port and I do not know what consequences this connection may have
 
Back
Top