On 2022-05-23 20:11, Lloyd Zusman wrote:
I'm running dovecot 2.2.13 under Debian 8.
I'd like to force an immediate TCP socket disconnect after any imap login attempt that fails.
Right now, if invalid credentials are supplied during an imap login, the client can keep retrying logins with different credentials. However, I want to prevent that from occurring by causing the socket connection to be closed as soon as there is any failed login attempt.
I haven't been able to find any dovecot configuration setting which could control this behavior, but I'm hoping that I just missed something.
Thank you very much for any suggestions.
-- hippoman@gmail.com Take a hippopotamus to lunch today.
Hi there,
Try CSF firewall. Make sure to enable Login Failure Detection and Max Retries Per X Minutes, and notice with such option set, it will permenantly block the IP addresses that exceeds maximum login failures in the specified interval.
Anyhow, my personal recommendation in terms of security, its to use web mail and limit login attempts per minutes and for higher security, setup a VPN and disallow access to the web mail except through the VPN.
Good luck.
Zakaia.