On Sat, 8 Dec 2007, Peter Hessler wrote:
There are a couple of jerks that are tying to dictionary attack my email server, and one of the vectors is pop3/imap logins. Something I would like to do in dovecot, but can't seem to find, is the ability to disconnect after a certain number of errors. The vast majority of my users (i.e. me) don't hand-type POP3 or IMAP transactions, but when we do, we know how to spell things properly.
Another suggestion via PAM:
"pam_shield blocks IPs" http://www.ka.sara.nl/home/walter/pam%5Fshield/README.txt describes http://www.ka.sara.nl/home/walter/pam%5Fshield/ .
I still think that fail2ban is a better approach.
-- Asheesh.
-- Sendmail may be safely run set-user-id to root. -- Eric Allman, "Sendmail Installation Guide"