On 25/07/11 20:05, tonjg wrote:
I'm using dovecot 1.1.8 on a raq4 server running centos 4.8 Is it possible to set a time delay between all dovecot pop3-logins? say 20 - 30 seconds for example? My reason is I want to thwart the constant login attempts from hackers hunting for an open relay. It's no good blocking the ip address because every hack attempt comes in from a different address. I'm the only user on the server so no-one else would be affected by such a delay. Thanks for any pointers
Hi,
dovecot 2.x has an automatic backoff system (see auth_failure_delay config option).
When you're not interested in upgrading, an external tool like fail2ban can block the ip adresses for you automatically. And if you are the only user, you could also just open up your firewall for your personal ip addresses, and block access for the rest of the world.
-- Regards, Tom