On 6/3/2010 7:13 AM, Greg Pearson wrote:
You could use fail2ban, see also: http://wiki.dovecot.org/HowTo/Fail2Ban
So I guess the result would be to the login process become unresponsive, right? I am not sure this would be what I want. The desired behaviour for me would be to reject the connection even if the password becomes correct after several failures. I realise this would not help under DoS scenarios (in which I think fail2ban is targetting). I will give it a try, of course, but I was wondering if another approach is possible. Generally speaking, it would be really nice if Dovecot itself had such options.
You don't have to use iptables to block it, with fail2ban. You can have fail2ban change the entry in your Mysql table, if you have an "active" field on the table for each user, to not active and, when the ban period you set is up, fail2ban can change the active field back to active.
this should cause the mail client to say "your account is either locked or not active"
E-mail me if you want help with this.
Jerrale