[Dovecot] need to block user by IP address (tried denyhosts, xinetd, iptables etc)
Tom
tom at limepepper.co.uk
Wed Nov 10 04:53:31 EET 2010
Hi,
I am kind of restricted to using packaged versions of software due to
company policy, and we have f12 on our mail server with
dovecot-1.2.15-2.fc12.i686 package.
we have recently had some brute force attacks on the pop3 and imapd and
this results in many processes being used for login attempts.
Our dovecot is hosted on a Virtual Private Server which restricts access
to IPTABLEs and also make a limit on the number of processes that can be
running
So I can't restrict the attackers IP addresses via IPTABLES, as we don't
have access to that. I can't really patch dovecot as we are reliant on
the distro packages.
I spent some time trying to get dovecot to run under xinetd but had no
luck, and I read some reports that it was not possible using recent
versions.
I was hoping some advice on what avenue I should proceed with to
automatically block brute force attacks on the dovecot server, (that
dont use iptables)
Thanks,
Tom
More information about the dovecot
mailing list