On 9/1/2013 2:59 PM, Noel wrote:
On 9/1/2013 10:00 AM, Charles Marcus wrote: ...
Wonder if there's a way to leverage Stan Hoeppner's most excellent botnet killer to reject AUTHs from the same types of clients before they even try?
The objective of Stan's list is to reject dynamic hosts, because the overwhelming majority of dynamic hosts trying to send via SMTP are zombies.
Yep.
For dovecot, the situation is quite different. Blocking all dynamic IPs would be an obvious mistake.
Yep.
Unfortunately the hosts we want to block at the public SMTP port are the same hosts that are your typical legitimate IMAP clients.
To do something similar to Postscreen with Dovecot would require Timo writing code similar to Postscreen that would look for IMAP protocol violations or similar signs that the client is a bot and not a legit MUA.
But given that Dovecot is designed for inherently greater client parallelism (thousands) than Postfix smtpd (100), I don't think anyone is rejecting clients due to running out of auth process slots taken by bots.
As others have suggested this seems a log clutter issue, nothing more.
-- Stan