30 Aug
2006
30 Aug
'06
10:46 p.m.
I'm looking for a way to deny access to dovecot from certain IP addresses, basically to help prevent brute force attacks on the server.
Right now I'm using denyhosts which scans /var/log/secure for authentication failures which then can add an entry to /etc/hosts.deny, but since dovecot doesn't have tcp wrappers support, that doesn't do anything.
It doesn't look like I can run dovecot run xinetd.
Any other ideas to help protect dovecot from brute force attacks? I don't think pam can help, can it?
Otherwise I need to figure out a way to have denyhosts trigger iptables rules or something, or maybe there's another application that will work?
-Dave