[Dovecot] Any way to let dovecot block pop3 attempts?
Noel
noeldude at gmail.com
Fri May 10 17:11:47 EEST 2013
On 5/10/2013 8:36 AM, Gilles Chauvin wrote:
> On Friday 10 May 2013 09:17:28 Steve Campbell wrote:
>> But I believe fail2ban uses iptables, and I don't run a local firewall
>> on the server. I'd prefer not to use a separate server to inject
>> firewall rules on the border firewall. I might be wrong about fail2ban,
>> though.
>>
>> I was hoping there was a file for pop and imap in dovecot similar to the
>> smtp "access" file in sendmail (which is what I use, BTW)
> Yes, Fail2Ban uses iptables. I don't think there is another way (using
> Dovecot itself) to block a remote host since Fail2Ban is documented on
> Dovecot' wiki: http://wiki2.dovecot.org/HowTo/Fail2Ban (it looks like one of
> the best way to achieve this).
>
>
> Gilles.
Although Fail2Ban uses iptables by default, it's pretty easy to
define a different action, such as the old fashioned but still
effective null route the offending IP, or if you build dovecot with
tcp wrapper support, Fail2Ban can add the IP to hosts.deny.
Of course, you can block with null routes or hosts.deny manually,
but better to let the computer do the work.
-- Noel Jones
More information about the dovecot
mailing list