Am 11.04.2019 um 12:28 schrieb Odhiambo Washington via dovecot <dovecot@dovecot.org>:



On Thu, 11 Apr 2019 at 13:24, Marc Roos via dovecot <dovecot@dovecot.org> wrote:


Say for instance you have some one trying to constantly access an
account


Has any of you made something creative like this:

* configure that account to allow to login with any password
* link that account to something like /dev/zero that generates infinite
amount of messages
  (maybe send an archive of virusses?)
* transferring TB's of data to this harassing client.

I think it would be interesting to be able to do such a thing.


Instead of being evil, just use fail2ban to address this problem :-)  

fail2ban is a good solution. I don't see any benefits in granting access to pop/imap as well.
On the other hand if you to this with smtp, your service is probably abused for sending spam
which you could use to train your spam filters :-)

Best regards
Gerald