On 23 Sep 2019, at 8.29, Plutocrat via dovecot dovecot@dovecot.org wrote:
This is probably quite an easy question, but I haven't been able to find the answer. I'm running a server where all the email addresses are in the format "user@domain.com". I've noticed that a large number of fake login attempts use the format "user" eg. reception, service, root, admin.
Is it possible to prevent any such logins to these email users without an @domain.com? Or maybe ignore them. Or drop them from the logging.
P.
you can add username_filter = *@domain.com
or deny-passdb before actual passdb with username_filter = !*@domain.com
https://doc.dovecot.org/configuration_manual/authentication/password_databas... https://doc.dovecot.org/configuration_manual/authentication/password_databas...
feature has existed since dovecot 2.2.30
Sami