[Dovecot] No tcp wrappers, other ideas to help stop brute force attacks?

David Rees drees76 at gmail.com
Wed Aug 30 22:46:27 EEST 2006

I'm looking for a way to deny access to dovecot from certain IP
addresses, basically to help prevent brute force attacks on the

Right now I'm using denyhosts which scans /var/log/secure for
authentication failures which then can add an entry to
/etc/hosts.deny, but since dovecot doesn't have tcp wrappers support,
that doesn't do anything.

It doesn't look like I can run dovecot run xinetd.

Any other ideas to help protect dovecot from brute force attacks? I
don't think pam can help, can it?

Otherwise I need to figure out a way to have denyhosts trigger
iptables rules or something, or maybe there's another application that
will work?


More information about the dovecot mailing list