[Dovecot] limiting number of incorrect logins per connection

Timo Sirainen tss at iki.fi
Fri Aug 26 19:28:40 EEST 2011


On 26.8.2011, at 18.27, Allan Cassaro wrote:

> If you substitute (create a wrap to) the "imap-login" binary with an script?
> The script can create a "fail attempt/ip" file into home dir and return ok
> or not to dovecot main process based on this information.

imap-login is typically chrooted and running with nonprivileged account that can't access user's home dir. I guess you could change those, but wrapping imap-login won't help because you don't know the username at that point..

Either auth or anvil process could do something like this.



More information about the dovecot mailing list