3 Jun
2010
3 Jun
'10
2:13 p.m.
You could use fail2ban, see also: http://wiki.dovecot.org/HowTo/Fail2Ban
So I guess the result would be to the login process become unresponsive, right? I am not sure this would be what I want. The desired behaviour for me would be to reject the connection even if the password becomes correct after several failures. I realise this would not help under DoS scenarios (in which I think fail2ban is targetting). I will give it a try, of course, but I was wondering if another approach is possible. Generally speaking, it would be really nice if Dovecot itself had such options.