On 03/04/2015 03:37 PM, Oliver Welter wrote:
I would like to reiterate Reindl Harald's point above, since subsequent discussion has gotten away from it. If Dovecot had DNS RBL support similar to Postfix, I think quite a few people would use it, and thereby defeat the scanners far more effectively than any other method. It is good that other people are suggesting things that will work today, but in terms of what new feature would be the best solution, I can't think of one better than a DNS RBL.
Please add this support to iptables instead of Dovecot. It's a waste of effort to code it into every application that listens on the network.
<head explodes>
Would you care to integrate it into IOS on my Cisco as well?
There are things connected to the Internet that aren't PCs running Linux, you know. It may be hard to accept, but that's the way it is.
I assume your dovecot runs on some kind of *nix
Of course. I run it under Solaris.
so there should be some sort of netfilter available which you can put in front of your listening ports.
There is. But I already have a firewall, running on bulletproof hardware that doesn't depend on spinning disks. I don't want to add ANOTHER firewall when I already have a perfectly good one. Besides, my mail server is built for...serving mail. Not being a firewall.
-Dave-- Dave McGuire, AK4HZ/3 New Kensington, PA