diff options
| author | Joey Hess <joeyh@joeyh.name> | 2015-11-30 13:34:18 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2015-11-30 13:34:18 -0400 |
| commit | d6d63ff095e6584e5a28eb39139f1cd7e83534d3 (patch) | |
| tree | 5f6f4a94f4f73825d4c08cfc5ff252e6416445d5 /src/Propellor/Property/Postfix.hs | |
| parent | 703c08cd618ec3d0f299b1f715e0ebfb7233ea09 (diff) | |
| parent | b82390983dd285e18df43c979d909331f44a01da (diff) | |
Merge branch 'joeyconfig'
Diffstat (limited to 'src/Propellor/Property/Postfix.hs')
| -rw-r--r-- | src/Propellor/Property/Postfix.hs | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/Propellor/Property/Postfix.hs b/src/Propellor/Property/Postfix.hs index 20492dc6..356a945f 100644 --- a/src/Propellor/Property/Postfix.hs +++ b/src/Propellor/Property/Postfix.hs @@ -134,6 +134,11 @@ dedupCf ls = -- Does not configure postfix to use it; eg @smtpd_sasl_auth_enable = yes@ -- needs to be set to enable use. See -- <https://wiki.debian.org/PostfixAndSASL>. +-- +-- Password brute force attacks are possible when SASL auth is enabled. +-- It would be wise to enable fail2ban, for example: +-- +-- > Fail2Ban.jailEnabled "postfix-sasl" saslAuthdInstalled :: Property NoInfo saslAuthdInstalled = setupdaemon `requires` Service.running "saslauthd" |