dictionary attack defense
Reindl Harald
h.reindl at thelounge.net
Tue Oct 21 22:02:20 UTC 2014
Am 21.10.2014 um 23:28 schrieb Cliff Hayes:
> Does dovecot have any dictionary attack defenses yet?
> In the past I have had to implement defense from outside dovecot, but
> since dovecot is at the front lines and therefore is the first to know
> I'm hoping by now there is something we can set. For example, a limit
> on access failures per minut/hour/day or some such. If not why not?
no - but you can set "auth_failure_delay = 5" and limit new connections
per IP to something around 40 per 5 minutes and 100 per 30 minutes which
stops many of them or at least limit the amount of tries dramatically
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20141022/2ccfc3b2/attachment-0001.sig>
More information about the dovecot
mailing list