Hi Everyone,
Before I begin, I'd just like to mention: I love dovecot. Thank you :)
Anyway, today I had 8000 login attempts to my dovecot server in an hour before blocking the IP with my firewall.
After googling, I didn't see very much discussion on the topic. There was some mention of blocksshd which was supposed to support dovecot in the next release (but doesn't appear to) and also fail2ban. While a script that parses logfiles will work, I'm not sure that this is the best way to go about handling repeated authentication failure.
Would it not be best built into dovecot? Are there any plans for this?
I agree, it would be great to have this built into dovecot. Spammers are getting more creative all the time and are not above using brute force to steal passwords to send spam.
Matt