dictionary attack defense

Reindl Harald h.reindl at thelounge.net
Tue Oct 21 22:02:20 UTC 2014



Am 21.10.2014 um 23:28 schrieb Cliff Hayes:
> Does dovecot have any dictionary attack defenses yet?
> In the past I have had to implement defense from outside dovecot, but
> since dovecot is at the front lines and therefore is the first to know
> I'm hoping by now there is something we can set.  For example, a limit
> on access failures per minut/hour/day or some such.  If not why not?

no - but you can set "auth_failure_delay = 5" and limit new connections 
per IP to something around 40 per 5 minutes and 100 per 30 minutes which 
stops many of them or at least limit the amount of tries dramatically



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20141022/2ccfc3b2/attachment-0001.sig>


More information about the dovecot mailing list