[Dovecot] No tcp wrappers, other ideas to help stop brute force attacks?
ka at pacific.net
Wed Aug 30 23:42:46 EEST 2006
fail2ban looks interesting too, but doesn't appear to allow
whitelisting? That could be bad..
David Rees wrote:
> I'm looking for a way to deny access to dovecot from certain IP
> addresses, basically to help prevent brute force attacks on the
> Right now I'm using denyhosts which scans /var/log/secure for
> authentication failures which then can add an entry to
> /etc/hosts.deny, but since dovecot doesn't have tcp wrappers support,
> that doesn't do anything.
> It doesn't look like I can run dovecot run xinetd.
> Any other ideas to help protect dovecot from brute force attacks? I
> don't think pam can help, can it?
> Otherwise I need to figure out a way to have denyhosts trigger
> iptables rules or something, or maybe there's another application that
> will work?
More information about the dovecot