Mail account brute force / harassment
mj
lists at merit.unu.edu
Fri Apr 12 13:14:49 EEST 2019
Hi,
What we do is: use https://github.com/trick77/ipset-blacklist to block
IPs (from various existing blacklists) at the iptables level using an ipset.
That way, the known bad IPs never even talk to dovecot, but are dropped
immediately. We have the feeling it helps a lot.
MJ
On 4/12/19 10:27 AM, James via dovecot wrote:
> On 12/04/2019 08:42, Aki Tuomi via dovecot wrote:
>> On 12.4.2019 10.34, James via dovecot wrote:
>>> On 12/04/2019 08:24, Aki Tuomi via dovecot wrote:
>>>
>>>> Weakforced uses Lua so you can easily integrate DNSBL support into it.
>>> How does this help Dovecot block?
>>> A link to some documentation or example perhaps?
>>>
>>>
>> https://wiki.dovecot.org/Authentication/Policy
>>
>> You can configure weakforced to return status -1 when DNSBL matches,
>> which causes the user authentication to fail before any other processing
>> happens.
>
> Thank you. I will study this - although I dispute your "easily"!
>
>
>
> James.
>
More information about the dovecot
mailing list