IP drop list
Benny Pedersen
me at junc.eu
Mon Mar 2 10:10:55 UTC 2015
On March 2, 2015 10:15:22 AM Tobi <tobster at brain-force.ch> wrote:
> > I have accumulated 45,000+ IPs which routinely try dictionary and
> > 12345678 password attempts. The file is too big to create firewall
> > drops,
> Have you also checked ipset (http://ipset.netfilter.org/)
> Its extremely powerful even with huge block lists
this is only usefull if real user have more then +45000 ips, and it why its
not denynets in dovecot
using xtables geoip here, and could let fail2ban create xtable csv datafile
that can be included in xtable build, then just use geoip firewall rule to
allow in all other ips if thats the goal of allow many ips default
but i just default allow pr user country, all other is denyed connection
More information about the dovecot
mailing list