[Dovecot] Limit login attempts per connection?

Tony Nelson tonynelson at georgeanelson.com
Fri Mar 5 01:42:55 EET 2010


On 10-03-03 23:01:58, Stan Hoeppner wrote:
> Tony Nelson put forth on 3/3/2010 2:39 PM:
> > Dovecot allows a large number of login attempts per connection.  
> > I'd like to reduce that number to, say, 1, and let my firewall keep 
> > the ducks at bay, but I can't find anything in /etc/dovecot.conf or 
> > by googling.  How do I do it?  Do I need to patch the source?
> > 
> > dovecot-1.1.10-1.x86_64 on CentOS 5.4
> 
> Can you tell us more about these unwanted login attempts?  Are you
> merely trying to stop Chinese et al hacker woodpeckering on your 
> IMAP/POP port(s) or something else?

Crackers, yes.  They're just the sort one doesn't want getting in to 
one's system, and the fewer tries they get the better.  But the reason 
is not important.

Looking at the source, I see that there are no options.  It tarpits a 
bit, but currently has no limit on the number of attempts.  I'll see 
what I can do.

-- 
____________________________________________________________________
TonyN.:'                       <mailto:tonynelson at georgeanelson.com>
      '                              <http://www.georgeanelson.com/>


More information about the dovecot mailing list