[Dovecot] pop3 rate limit
Hi,
we have customers with Exchange servers that are polling for new mail every minute with dozens of pop3 accounts. I am looking for a mechanism to rate limit this per user. So what I am looking for is a way to block users from polling, if a user asks for new mail more than every 5 minutes (for example).
Is this possible? Can this be achieved within Dovecot or does it need external scripting? (I thought about fail2ban, but also want IPv6 support)
Thanks in advance
-Christian Rößner
-- [*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Am 28.12.2013 14:05, schrieb Christian Rößner:
Hi,
we have customers with Exchange servers that are polling for new mail every minute with dozens of pop3 accounts. I am looking for a mechanism to rate limit this per user. So what I am looking for is a way to block users from polling, if a user asks for new mail more than every 5 minutes (for example).
Is this possible? Can this be achieved within Dovecot or does it need external scripting? (I thought about fail2ban, but also want IPv6 support)
Hi Christian, i have about 1000 pop3 logins per minute, with little tuning dovecot has no problem with it
but however you may use iptables recent, but for sure its not optimal cause of nat
and/or grep login timestamps syslog and echo in deny list
http://wiki2.dovecot.org/Authentication/RestrictAccess
perhaps fail2ban can be configured to do equal actions
Thanks in advance
-Christian Rößner
-- [*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
Best Regards MfG Robert Schetterer
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJSwSjZAAoJEP8jBObu0LlE1n0IALpzRi2k7QaDkILMthMcRZwz K7ukF0EVZmtGUt8uFJiEW1hWyyWRM3F5/KCwK7d39mTA+fEo54GhoAzrQrJkomnO z+N3qWUj8MbKNx6vNbMH6b6qpSPKIPr913Al2vhxQ4Mp2EYI/630Xu1GuVVCzWyI cUURYWFwNBNwExzzphYgKS8V1MU6EBt1g/ElaYY0uVwH0m3f8kxmLNbaswuQ5pga dczxDtcIzMCsK/bxoSot8SKpSmNOkLEexBM5rb8UWKmHXFym1vTdHQHf/gYsAuv2 7ePsUcG3JCQO5pfi6q6psFDFTodXNttS89Np+0tdwVLqoSZ3DA3rdpknjnQALXQ= =cYCD -----END PGP SIGNATURE-----
participants (2)
-
Christian Rößner
-
Robert Schetterer