I wanted to pass this along. I'm sure it may be nothing new to most of you, but it has greatly reduced sasl attacks and spam. I found most of it here: https://scottlinux.com/2011/05/26/prevent-postfix-brute-force/ I added the fail2ban rule and modified my postfix main.cf as follows: smtpd_client_connection_rate_limit = 3 smtpd_delay_reject = yes smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, permit smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, permit smtpd_recipient_restrictions = reject_unauth_pipelining, reject_non_fqdn_recipient, reject_unknown_recipient_domain, permit_mynetworks, reject_unauth_destination, check_sender_access hash:/etc/postfix/access, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, check_policy_service unix:postgrey/socket, permit smtpd_client_connection_count_limit = 3 smtpd_client_message_rate_limit = 5 smtpd_client_recipient_rate_limit = 60 smtpd_client_event_limit_exceptions = $mynetworks smtpd_client_new_tls_session_rate_limit = 3 smtpd_error_sleep_time = 1s smtpd_soft_error_limit = 10 smtpd_hard_error_limit = 20 Has knocked down all the spam and about 99% of the sasl attacks. If anyone would like to add to this, please do so. TIA