Hi,
I am kind of restricted to using packaged versions of software due to company policy, and we have f12 on our mail server with dovecot-1.2.15-2.fc12.i686 package.
we have recently had some brute force attacks on the pop3 and imapd and this results in many processes being used for login attempts.
Our dovecot is hosted on a Virtual Private Server which restricts access to IPTABLEs and also make a limit on the number of processes that can be running
So I can't restrict the attackers IP addresses via IPTABLES, as we don't have access to that. I can't really patch dovecot as we are reliant on the distro packages.
I spent some time trying to get dovecot to run under xinetd but had no luck, and I read some reports that it was not possible using recent versions.
I was hoping some advice on what avenue I should proceed with to automatically block brute force attacks on the dovecot server, (that dont use iptables)
Thanks,
Tom