[Dovecot] Dovecot under brute force attack - nice attacker
Timo Sirainen
tss at iki.fi
Thu Jun 4 19:23:05 EEST 2009
On Thu, 2009-06-04 at 18:13 +0200, henry ritzlmayr wrote:
> > > Question:
> > > Is there any way to close the connection after the
> > > first wrong user/pass combination. So an attacker would be forced
> > > to reopen it?
> >
> > I think the growing delay is a better idea.
>
> The Idea is good but I guess an option to just disconnect the attacker
> wouldn't hurt in the config file?
Yes, more settings in config file does hurt. There are way too many of
them already. But passdb could perhaps return "disconnect" field if
authentication failed..
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20090604/5c483682/attachment.bin
More information about the dovecot
mailing list