Hi there,
I've had a look through the wiki and a quick look through the source for penalty configurations (dovecot 2.0.9) but I've not found anything to do with configuration options for this functionality. I'm basically wanting to disable a particular host/subnet from the penalty setup. In our case we have some webmail servers that do get attacked however most of the traffic is legitimate so I'd rather that the user experience was faster (ie not having a few seconds of delay on login) than that we slowed down attacks from them.
On a similar note; is it possible to do the per-ip login limit in the auth level rather than the imap/pop level? I ask this as we've just implemented a proxy setup whereby we have two frontend proxy servers that then dispatch to backend servers specified in the database. So, the backend servers do the actual imap/pop sessions however we now don't see the remote ip addresses so it becomes difficult to limit abusive users.
The 'doveadm who'/process listing code also doesn't work on the proxy servers even though dovecot knows who logged in and forwards the connection through to the backend servers.
None of these features/suggestions are show-stoppers; dovecot is a great program however they're more suggestions of ways it would be useful for us to improve the software.
Thanks,
Mark