Hi,
I saw that thread already, however it does not offer any solution that can be applied to dovecot directly. That thread has also been asleep for well over a year. It couldnt be that hard for the author to implement this function. It would only require a few lines of code.
----- Reply message ----- From: "Robert Schetterer" robert@schetterer.org Date: Fri, Aug 26, 2011 17:59 Subject: [Dovecot] limiting number of incorrect logins per connection To: dovecot@dovecot.org
Am 26.08.2011 09:25, schrieb Alex:
Hi Guys,
Running Dovecot 2 on my server. It is regularly getting dictionary auth attacked. What I have noticed is that once connected to a pop3/imap login session, you can send endless incorrect usernames+passwords attempts. This is a problem for me... I use fail2ban to try and stop these script kiddies. The problem is that fail2ban detects the bad auths, firewalls the IP, however, since it's an "established" session, the attacker can keep authing away... It's only on a subsequent (new) connection that the firewalling will take effect.
Why is there no configuration option such as "max auth attempts per connection"? This would be useful, so once the limit is reached, the connection is dropped.
is there a patch/workaround?
there where equal questions in the past i.e read http://comments.gmane.org/gmane.mail.imap.dovecot/46204
-- Best Regards
MfG Robert Schetterer
Germany/Munich/Bavaria