On Sun, 2009-06-21 at 16:34 -0700, listmail wrote:
Hi,
I've just started using Dovecot (v1.1.14), and I'm noticing a lot of dictionary attacks. I searched through the documentation and the mailing list archives hoping to find support for tcp_wrappers (hosts.deny) support.
People seem to be using fail2ban commonly to prevent that.
I did find some suggested patches in the list from last year, but as far as I can tell, there is no support in the released versions.
http://dovecot.org/patches/1.1/tcp-wrappers.patch should work.
Is this implemented and undocumented, or just unimplemented? I would be surprised to find it unimplemented in such an otherwise sophisticated project.
http://www.dovecot.org/list/dovecot/2006-April/012476.html pretty much explains why it isn't there. Now that v2.0 is in a kind of usable state, I suppose I should finally implement it.