[Dovecot] Limit login attempts per connection?

Tony Nelson tonynelson at georgeanelson.com
Wed Mar 10 20:47:16 EET 2010


On 10-03-10 07:09:45, Marcus Rueckert wrote:
> On 2010-03-09 21:07:42 -0800, Terry Barnum wrote:
> > > On Fri, 05.03.2010 at 09:44:35 +0000, Ed W <lists at wildgooses.com>
> > > wrote:
> > >> I would be all in favour of a setting like this because it's
> > >> easier to configure than fail2ban...
> > 
> > There's also denyhosts. <http://denyhosts.sourceforge.net/>
> 
> http://snowman.net/projects/ipt_recent/
 ...
> really nice iptables module

Unlike fail2ban and denyhosts, using the recent module needs dovecot
to close the connection upon authentication failure, as iptables only 
(normally) comes in to play for new connections, so it only really 
works with a patch like mine.

If you are using the recent module, you probably should also get 
Alexander Zangerl's pam_recent pam module, so that successful logins 
aren't counted against the IP.

-- 
____________________________________________________________________
TonyN.:'                       <mailto:tonynelson at georgeanelson.com>
      '                              <http://www.georgeanelson.com/>


More information about the dovecot mailing list