Log authentication attempts

Aki Tuomi aki.tuomi at dovecot.fi
Mon Jun 12 20:27:49 EEST 2017


You might be interested on using https://github.com/PowerDNS/weakforced which is intended for deterring brute force attacks on clustered setups.

Logging auth attemps with auth policy API requires you run some web service that will perform the logging.

Aki

> On June 12, 2017 at 5:58 PM "j.emerlik" <j.emerlik at gmail.com> wrote:
> 
> 
> I need to save that to database because I have more then one mail server
> and them must share each other failed login attempts information.
> I'll try check how Dovecot Authentication Policy works.
> 
> --JAcek
> 
> 2017-06-12 16:50 GMT+02:00 Leonardo Rodrigues <leolistas at solutti.com.br>:
> 
> > Em 12/06/17 09:39, j.emerlik escreveu:
> >
> >> Failed login attempts information may be useful in the
> >> fight with bruteforce attacks.
> >>
> >>
> >     fail2ban is your friend, it can analyze the logs, no need for saving
> > that on database.
> >
> >
> > --
> >
> >
> >         Atenciosamente / Sincerily,
> >         Leonardo Rodrigues
> >         Solutti Tecnologia
> >         http://www.solutti.com.br
> >
> >         Minha armadilha de SPAM, NÃO mandem email
> >         gertrudes at solutti.com.br
> >         My SPAMTRAP, do not email it
> >


More information about the dovecot mailing list