Catch all for dovecot authentication?
Hi
I'm aware that there are several good reasons not to do what I want, but in my use-case it would be an interesting feature. So please no discussions about the reasonableness
I have some spamtrap SMTP servers (postfix). Currently SMTP AUTH is disabled. But as I daily have thousands of AUTH tries I thought it would be nice to be able to accept any AUTH request from postfix in dovecot.
Is something like this possible with dovecot? If so any good description available on how to achieve?
Thanks
--
tobi
On 23.5.2019 10.12, Tobi via dovecot wrote:
Hi
I'm aware that there are several good reasons not to do what I want, but in my use-case it would be an interesting feature. So please no discussions about the reasonableness
I have some spamtrap SMTP servers (postfix). Currently SMTP AUTH is disabled. But as I daily have thousands of AUTH tries I thought it would be nice to be able to accept any AUTH request from postfix in dovecot.
Is something like this possible with dovecot? If so any good description available on how to achieve?
Thanks
--
tobi
You could try this in dovecot.
passdb {
driver = static
args = nopassword
}
Aki
I have the same, create your own dns blacklist. And have fail2ban add entries to it. The only problem I have on CentOS6 is that you need to combine log files for this, but it should be do-able.
But I am also for this option, maybe it can be done via this userdb, specify an account where auth is not necessary. I would like to redirect sometimes a user to a 5GB garbage messages mailbox. Or if someone has collection of emails with virusses, available to download?
-----Original Message----- From: Tobi via dovecot [mailto:dovecot@dovecot.org] Sent: donderdag 23 mei 2019 9:12 To: dovecot@dovecot.org Subject: Catch all for dovecot authentication?
Hi
I'm aware that there are several good reasons not to do what I want, but in my use-case it would be an interesting feature. So please no discussions about the reasonableness
I have some spamtrap SMTP servers (postfix). Currently SMTP AUTH is disabled. But as I daily have thousands of AUTH tries I thought it would be nice to be able to accept any AUTH request from postfix in dovecot.
Is something like this possible with dovecot? If so any good description available on how to achieve?
Thanks
--
tobi
On 23 May 2019, at 01:44, Marc Roos via dovecot dovecot@dovecot.org wrote:
I would like to redirect sometimes a user to a 5GB garbage messages mailbox.
So you want to setup a service where random spammer/hacker can trivially DDOS your system?
How many simultaneous 5GB streams can you handle? How much will your bandwidth bill be if you send 5GB a million times in a month?
-- Over 3,500 gay marriages and, what, no hellfire? I was promise hellfire. And riots. What gives? -- Mark Morford
No, And you incorrectly assume, that I am not taking such things into account.
But I can excuse this type of reply, due to the mere fact that IT is saturated with "dumb fucks" (like to quote Zuckerberg). Don't the Americans have a nice saying for this "Assumption is the mother of all fuckups". If I am writing I want to send a user 5GB, I want to send a user 5GB.
-----Original Message----- From: @lbutlr via dovecot [mailto:dovecot@dovecot.org] Sent: donderdag 23 mei 2019 10:06 To: @lbutlr via dovecot Subject: Re: Catch all for dovecot authentication?
On 23 May 2019, at 01:44, Marc Roos via dovecot dovecot@dovecot.org wrote:
I would like to redirect sometimes a user to a 5GB garbage messages mailbox.
So you want to setup a service where random spammer/hacker can trivially DDOS your system?
How many simultaneous 5GB streams can you handle? How much will your bandwidth bill be if you send 5GB a million times in a month?
-- Over 3,500 gay marriages and, what, no hellfire? I was promise hellfire. And riots. What gives? -- Mark Morford
Marc,
as stated by Aki
passdb { driver = static args = nopassword }
works fine and does what I want: accept any SMTP AUTH :-) In my setup postfix has a catch-all anyway, so I can return home=/dev/null in userdb
Saw the first tries on my server already. Just took 5min after enabling SMTP AUTH :-)
@Aki: thanks a lot
Have a good one
--
tobi
Am 23.05.19 um 09:44 schrieb Marc Roos:
I have the same, create your own dns blacklist. And have fail2ban add entries to it. The only problem I have on CentOS6 is that you need to combine log files for this, but it should be do-able.
But I am also for this option, maybe it can be done via this userdb, specify an account where auth is not necessary. I would like to redirect sometimes a user to a 5GB garbage messages mailbox. Or if someone has collection of emails with virusses, available to download?
-----Original Message----- From: Tobi via dovecot [mailto:dovecot@dovecot.org] Sent: donderdag 23 mei 2019 9:12 To: dovecot@dovecot.org Subject: Catch all for dovecot authentication?
Hi
I'm aware that there are several good reasons not to do what I want, but in my use-case it would be an interesting feature. So please no discussions about the reasonableness
I have some spamtrap SMTP servers (postfix). Currently SMTP AUTH is disabled. But as I daily have thousands of AUTH tries I thought it would be nice to be able to accept any AUTH request from postfix in dovecot.
Is something like this possible with dovecot? If so any good description available on how to achieve?
Thanks
--
tobi
participants (4)
-
@lbutlr
-
Aki Tuomi
-
Marc Roos
-
Tobi