All of our mail servers have now been upgraded to 22.04, and one of the things I was unaware of before upgrading to 22.04 is that postfix, the mail transport agent that we use, has changed a bunch of defaults.  This may cause some problems and I am reviewing all the settings to make sure that where the defaults have changed, we explicitly declare the settings we want rather than relying on the now incorrect defaults.

     I’ve also loosened somewhat the fail2ban restrictions on the incoming servers.  Since the primary function of fail2ban is to stop brute force password guessing attacks, and people do not authenticate to the incoming servers, it is not necessary that they be as strict.  We had some instances where outlook servers were banned for repeatedly trying to deliver mail to non-existent addresses.  This happens when spammers use very unclean old address lists.

Leave a Reply