On 17 October 2011 12:10, Tom Pawlowski tompru@jla.rutgers.edu wrote:
Take a look at:
http://hg.dovecot.org/dovecot-2.0/file/962df5d9413a/src/auth/auth-request.c
on line 536. That's the auth service catching illegal characters and rejecting the attempt. It'll happen with or without a valid user. So, working as it should.
As for spammers trying to brute force valid logins, yep, pretty common. Higher rate of success if they can mail from a known good server and account.
Okay, thanks for that. That's the info/reassurance I was after. In the meantime I've update fail2ban to take care of it. You're right about the higher rate of success, I've just never seen a spammer try it before - usually their resources are better spend just sending the mail. But it's good to know that dovecot will trap and block the illegal Chars :)
Thanks.
Simon