Am 05.03.2015 um 20:23 schrieb @lbutlr:
On 04 Mar 2015, at 21:46 , Jim Pazarena <dovecot@paz.bz> wrote:
On 2015-03-02 2:02 AM, Jochen Bern wrote:
On 03/01/2015 08:53 AM, Jim Pazarena wrote:
I wonder if there is an easy way to provide dovecot a flat text file of ipv4 #'s which should be ignored or dropped?
I have accumulated 45,000+ IPs which routinely try dictionary and 12345678 password attempts. The file is too big to create firewall drops [...]
The inherent assumption here is that dovecot, using a "flat file", will be able to process the block list more effectively than the firewall, which is a tool written for the *purpose* but supposedly unable to even *try* due to the list's size. That sounds ... counterintuitive.
I am the original poster and just came back to this thread. When the first couple replies were "fail2ban" I lost interest.
Why? Fail2ban is simple to install, simple to setup, and then (and here’s the best part) then you never have to look at it again.
I like fail2ban, but related to its design it is slow, i.e it was never fast enough to drop massive smtp botnets in time at one of my servers.
Best Regards MfG Robert Schetterer
-- [*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein