• Dear Pleskians! The Plesk Forum will be undergoing scheduled maintenance on Monday, 7th of July, at 9:00 AM UTC. The expected maintenance window is 2 hours.
    Thank you in advance for your patience and understanding on the matter.

Question Intruder connected to my vm by smtp

J

Javi

New Pleskian
hi

Today I had to throw an intruder in my vm that was connected by smtp, how do I have to do so that it does not happen again

Thanks
 
It is common that attackers try to login to mailboxes to send spam through them, so you normally see many connects and login attempts from a variety of ip addresses. The default solution for this is to activate the Fail2Ban Postfix and Dovecot jails. They will catch failed login attempts and block attacker IPs.

However, if you found a successful login attempt by a foreign IP, you need to change the password of that mailbox.
 
thank you Peter for the answer.
with the netstat -putona command I saw the connection established with the smtp program
 
I do not believe that the intruder entered my mailbox, however with the netstate command I see that there is a connection established by the intruder with the smtp port and I do not know what consequences this connection may have
 
You must log in or register to reply here.

Similar threads

C
Issue Problem with loopback in Plesk with NAT
Replies
1
Views
1K
Nikolay
Nikolay
R
Question Dist-upgrade from Ubuntu 20.04.06 LTS to Ubuntu 22 LTS (Plesk Obsidian in VPS)
Replies
2
Views
1K
rodrom
R
C
Question Recovery Plesk from Damaged Ubuntu Server VM
Replies
2
Views
899
learning_curve
learning_curve
F
Question Paymenter on a VM, plesk as nginx frontend
Replies
0
Views
620
FredrikB
F
F
Question IPv4 forwarding rule
Replies
8
Views
1K
alvarezcruz
alvarezcruz
Back
Top