Some days ago my Domino server exposed on the web with SMTP task was attacked by a host who tried to guess some user account for SMTP relay.It was some sort of SMTP hammering, resulting (in log.nsf) in many records like this:
“SMTP Server: Authentication failed for user ; connecting host ”
Domino resisted quite well to the attack and the relay has been denied in every instance, after seen the log I created an iptables rule to block the class C subnet of the host (just as precaution…).
Do you know if there is some way to make Domino monitor this kind of SMTP connections and send an alert (for example an email) if this happens?
I mean, the solution is quite easy, but how to get informed if something like that happens? Domino can do this?
Thanks for every suggestion