Thanks Ed

I will disable POP and see if that helps.

If I understand correctly, I need to allow inbound SMTP on port 25 to get mail from other MXs.

I think that:

g_ssl_require_login - IP wildcard of connections fur users needing to use SSL

This setting forces all matching IP addresses to use SSL for any action that requires a user login. eg: POP, IMAP and SMTP authentication but not plain SMTP. So this is ideal if you want all users to use SSL but still want email to come in from non SSL SMTP servers.

Syntax: g_ssl_require_login string

... if set to "*" should force everyone to use a secure login.

Neil

Hi,

Go to the mail services page and put  disabled  on any ports you don't want surge to answer on.

There are a couple other settings for the SMTP and it depends on how you want that to work.  I'd be careful with that because not all servers relaying to you are going to use SSL.

--Ed

On 01/25/2017 01:04 PM, Neil Herber (nospam) wrote:

My server is getting hammered by POP login attempts.

I want to force all my real clients to use SSL IMAP only. What settings
do I need to:

1) force authenticated SSL logins for IMAP

2) completely ignore any POP logins (or force SSL if ignoring is a bad idea)

3) force authenticated SSL logins for SMTP

Any other suggestions to get rid of these pests welcome.

Note: I thought I had already set things up to force SSL, but I keep
getting these failed log messages:

25 10:49:03.66:6852: xx-client-xx: pop: SSL required for ip (115.211.174.66) xx-client-xx

Neil


--
Neil Herber

--
Neil Herber