dictionary attack defense
Anders Wegge Keller
wegge at wegge.dk
Tue Oct 21 23:16:45 UTC 2014
On Wed, 22 Oct 2014 01:12:02 +0200
Benny Pedersen <me at junc.eu> wrote:
> On October 22, 2014 12:57:34 AM Anders Wegge Keller <wegge at wegge.dk> wrote:
>
> > On Tue, 21 Oct 2014 16:28:46 -0500
> > Cliff Hayes <chayes at afo.net> wrote:
> > > Does dovecot have any dictionary attack defenses yet?
> > In my opinion, fail2ban is the right strategy to deal with a dictionary
> > attack.
>
> Fokus should just be reversed to allow ip ranges not deny ip ranges
Even if you have the luxury of not having users accessing their mail from
all over the world, you still need to defend against a breach of safety on a
legitimate users machine. Even in a strongly restricted corporate
environment.
--
//Wegge
More information about the dovecot
mailing list