[Dovecot] limiting number of login attempts from same ip
Nikolaos Milas
nmilas at noa.gr
Tue Jun 14 10:25:36 EEST 2011
On 14/6/2011 1:12 πμ, Tom Hendrikx wrote:
> On 13/06/11 23:49, Jürgen Obermann wrote:
>> I admit that fail2ban can stop this attack, but we have solaris and not
>> linux and therefore the actions fail3ban wants to start are not available.
>>
> If fail2ban itself can run on your box, then that's the way to go.
>
>
I would like to add that, although fail2ban is great and we are using it
for a long time, it doesn't support IPv6; now that our servers (we are
using CentOS 5.6 x86_64) and networks are IPv6 enabled, this is a
problem (but hopefully IPv6-based attacks should not be very common
yet). We have not implemented a solution for protecting pop3/imap over
IPv6 yet, but I have recently found this article:
http://www.roedie.nl/tag/fail2ban/ which suggests autofwd:
http://freshmeat.net/projects/autofwd which might provide a good
solution. It seems versatile and supports IPv6.
If anybody has done or can do an implementation on Linux (using iptables
AND ip6tables) for pop3/imap, pop3s/imaps and share it, it will be most
welcome and very useful.
This is a Linux tool, so I can't suggest anything for Solaris or other
systems. Nevertheless, finding a solution for Linux is still significant!
Nick
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5632 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20110614/70d9c913/attachment.bin>
More information about the dovecot
mailing list