How to change default port in SMTP server

alipour66m

Verified User
Joined
Feb 22, 2013
Messages
65
Hi
My CSF shows
Code:
124.158.12.175 # lfd: (smtpauth) Failed SMTP AUTH login from 124.158.12.175 (VN/Vietnam/-): 5 in the last 3600 secs - Wed Apr 27 19:58:26 2016
168.187.78.156 # lfd: 168.187.78.156 (KW/Kuwait/-), 5 distributed smtpauth attacks on account [hudson] in the last 3600 secs - Wed Apr 27 20:11:13 2016
62.215.168.232 # lfd: 62.215.168.232 (KW/Kuwait/-), 5 distributed smtpauth attacks on account [hudson] in the last 3600 secs - Wed Apr 27 20:11:14 2016
2.176.222.1 # lfd: (pop3d) Failed POP3 login from 2.176.222.1 (IR/Iran, Islamic Republic of/-): 5 in the last 3600 secs - Wed Apr 27 20:21:10 2016
159.253.164.94 # lfd: (smtpauth) Failed SMTP AUTH login from 159.253.164.94 (GB/United Kingdom/host-94-164-253-159.as5.ldn.uk.sharedband.net): 5 in the last 3600 secs - Wed Apr 27 20:33:22 2016
203.89.165.6 # lfd: (smtpauth) Failed SMTP AUTH login from 203.89.165.6 (NZ/New Zealand/port165-6.ubs.maxnet.co.nz): 5 in the last 3600 secs - Wed Apr 27 21:20:55 2016
2.184.44.112 # lfd: 2.184.44.112 (IR/Iran, Islamic Republic of/-), 5 distributed imapd attacks on account [dawod@vatanmail.ir] in the last 3600 secs - Wed Apr 27 21:29:31 2016
54.210.37.149 # lfd: 54.210.37.149 (US/United States/ec2-54-210-37-149.compute-1.amazonaws.com), 5 distributed imapd attacks on account [dawod@vatanmail.ir] in the last 3600 secs - Wed Apr 27 21:29:31 2016
218.215.184.70 # lfd: (smtpauth) Failed SMTP AUTH login from 218.215.184.70 (AU/Australia/remote.idgroup2.com.au): 5 in the last 3600 secs - Wed Apr 27 21:30:51 2016
196.201.199.34 # lfd: (smtpauth) Failed SMTP AUTH login from 196.201.199.34 (DJ/Djibouti/mail.mscjib.dj): 5 in the last 3600 secs - Wed Apr 27 21:34:46 2016
197.231.192.62 # lfd: (smtpauth) Failed SMTP AUTH login from 197.231.192.62 (BW/Botswana/-): 5 in the last 3600 secs - Wed Apr 27 22:07:37 2016
155.12.18.50 # lfd: (smtpauth) Failed SMTP AUTH login from 155.12.18.50 (TZ/Tanzania, United Republic of/-): 5 in the last 3600 secs - Wed Apr 27 22:08:12 2016
163.172.8.19 # lfd: (smtpauth) Failed SMTP AUTH login from 163.172.8.19 (GB/United Kingdom/163-172-8-19.rev.poneytelecom.eu): 5 in the last 3600 secs - Wed Apr 27 22:17:23 2016
78.33.156.49 # lfd: (smtpauth) Failed SMTP AUTH login from 78.33.156.49 (GB/United Kingdom/78-33-156-49.static.enta.net): 5 in the last 3600 secs - Wed Apr 27 22:29:45 2016
24.55.130.47 # lfd: (smtpauth) Failed SMTP AUTH login from 24.55.130.47 (US/United States/cpe-static-reeseadvertising-rtr.cmts.brd.ptd.net): 5 in the last 3600 secs - Wed Apr 27 22:37:36 2016
2.83.86.101 # lfd: (smtpauth) Failed SMTP AUTH login from 2.83.86.101 (PT/Portugal/bl22-86-101.dsl.telepac.pt): 5 in the last 3600 secs - Wed Apr 27 22:41:07 2016
75.156.206.98 # lfd: (smtpauth) Failed SMTP AUTH login from 75.156.206.98 (CA/Canada/d75-156-206-98.abhsia.telus.net): 5 in the last 3600 secs - Wed Apr 27 22:41:27 2016
190.244.171.181 # lfd: (smtpauth) Failed SMTP AUTH login from 190.244.171.181 (AR/Argentina/181-171-244-190.fibertel.com.ar): 5 in the last 3600 secs - Wed Apr 27 22:59:50 2016
76.72.160.132 # lfd: (smtpauth) Failed SMTP AUTH login from 76.72.160.132 (US/United States/-): 5 in the last 3600 secs - Wed Apr 27 23:18:19 2016
Is changing default port in SMTP server a good solution?
Is there a better way not to allow these kind of attacks?
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
5,021
Location
Maastricht
Als long as CSF/LFD detects and (temp)blocks them, I wouldn't worry about it. These are normal attacks.
It's never a good idea to change ports which were agreed to use in RFC's. So no, it's not a good idea to change the default smtp server port.
 
Top