22 Sep
2011
22 Sep
'11
11:39 p.m.
Quoting Alex other@ahhyes.net:
It [fail2ban] is a great tool. Unfortunately dovecot allows infinate
incorrect logins during a single session. When fail2ban has
firewalled the ip its pointless as the rule only affects new
sessions, not established ones. I am disappointed that the author of
dovecot has no interest in adding a feature that closes the session
after x auth failures. It would certainly make tools like fail2ban
more effective.
If that is a big issue for you, you could always have fail2ban add a
dummy route:
For example: route add $IP gw 127.0.0.1
Rick