[Dovecot] No tcp wrappers, other ideas to help stop brute force attacks?
Amon Ott
ao at rsbac.org
Fri Sep 1 10:23:49 EEST 2006
On Donnerstag 31 August 2006 20:42, David Rees wrote:
> On 8/30/06, David Rees <drees76 at gmail.com> wrote:
> I had 2 people email me privately for the configuration, you can
find
> my fail2ban.conf here:
>
http://drees76.blogspot.com/2006/08/fail2ban-dovecot-and-brute-force.html
Thanks a lot, I was one of them. In the meantime I figured it out
myself, turning on Dovecot's auth_verbose to get more info.
The major difference to your config is that I put a limit to the
iptables logging rule with " -m limit --limit 6/m" so that following
attempts cannot flood the log.
After quite a few tests I am happy with fail2ban, it already catched
one attempt on one and four on another server last night.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
More information about the dovecot
mailing list