On 5/10/2013 8:36 AM, Gilles Chauvin wrote:
But I believe fail2ban uses iptables, and I don't run a local firewall on the server. I'd prefer not to use a separate server to inject firewall rules on the border firewall. I might be wrong about fail2ban, though.
I was hoping there was a file for pop and imap in dovecot similar to the smtp "access" file in sendmail (which is what I use, BTW) Yes, Fail2Ban uses iptables. I don't think there is another way (using Dovecot itself) to block a remote host since Fail2Ban is documented on Dovecot' wiki: http://wiki2.dovecot.org/HowTo/Fail2Ban (it looks like one of
On Friday 10 May 2013 09:17:28 Steve Campbell wrote: the best way to achieve this).
Gilles.
Although Fail2Ban uses iptables by default, it's pretty easy to define a different action, such as the old fashioned but still effective null route the offending IP, or if you build dovecot with tcp wrapper support, Fail2Ban can add the IP to hosts.deny.
Of course, you can block with null routes or hosts.deny manually, but better to let the computer do the work.
-- Noel Jones