[tlug] defending a personal server from attacks

[Hector Akamine <akamine@example.com>]

Hello,

I had the following in a logwatch log in a server I have connected to the internet

--------------------- postfix Begin ------------------------ 
...
 
 SASL Authentication failed from: 1 Host(s), 398 
Time(s)
 ....
 Too many errors in SMTP 
commands dialog: 1 Command(s), 290 Time(s)
 ...
 ---------------------- 
postfix End ------------------------- 


Checking at the /var/log/maillog, have these messages repeated lots of times:

postfix/smtpd[310]: warning: 201.190.67.65: hostname adsl-201-190-67-65.une.net.co verification failed: Name or service not known
 postfix/smtpd[310]: connect from unknown[201.190.67.65]
 postfix/smtpd[310]: warning: unknown[201.190.67.65]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
 last message repeated 12 times
 last message repeated 7 times
 postfix/smtpd[310]: too many errors after AUTH from unknown[201.190.67.65]
 postfix/smtpd[310]: disconnect from unknown[201.190.67.65]

from the time of the logs (not shown) this attack lasted several hours. Yesterday logs show something similar going on from several hours, but from a different IP.

What would be the recommended way to protect from this? manually modify the firewall (iptables) to block the attacker IP address(es)? Can this can be reported somewhere?
As this is a personal (hosted) server, I am not able to use expensive software/hw/tools.

Thank you,
Hector