[Dovecot] Limit login attempts per connection?

tomas at tuxteam.de tomas at tuxteam.de
Thu Mar 4 07:51:40 EET 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, Mar 03, 2010 at 03:39:28PM -0500, Tony Nelson wrote:
> Dovecot allows a large number of login attempts per connection.  I'd 
> like to reduce that number to, say, 1, and let my firewall keep the 
> ducks at bay,

If the firewall is the one to do the job, I'd recommend an external
application like fail2ban. It watches the logs and bans IP addresses
with too many failures -- the nice thing is that it's able to cover all
applications listening on external ports. You can define patterns in
log files to which it has to react (but it comes with a good set of
pre-defined patterns -- at least on popular GNU/Linux distros).

>               but I can't find anything in /etc/dovecot.conf or by 
> googling.  How do I do it?  Do I need to patch the source?

I don't know about such a setting (but I don't know everything about
Dovecot either!). Anyway, then it'd still the Dovecot process dealing
with the rouge login attempts -- it seems better to keep them at the
firewall level with the approach above.

Regards
- -- tomás
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFLj0psBcgs9XrR2kYRAnamAJ91pD60iJp8UDz/mwpoFE9cpHpdswCdGCYu
Mj5he6OOYtP7wWbBWhUmiXQ=
=QCJ2
-----END PGP SIGNATURE-----


More information about the dovecot mailing list