[Dovecot] avoiding DoS
Noel Butler
noel.butler at ausics.net
Fri Sep 4 00:59:18 EEST 2009
On Thu, 2009-09-03 at 11:07 -0400, David Halik wrote:
> Hi,
>
> I was just looking for some advice on avoiding getting DoS'd from brute
> force log in attempts. We came in this morning to find that one of our
> Solaris 9 dovecot severs had wedged overnight due to a brute force
> connection attempt to pop3 from Brasil. In the span of about 15 seconds
> we received 342 connection auth attempts from the same IP:
> Dovecot finally wedged silently and without complaint, becoming
> completely unresponsive. I had to kill -9 it this morning in order to
You have bigger problems then Dovecot if that caused it to cease
responding.
Haven't touched solaris in years, but doesnt ipfilter allow for rate
limiting number of connections, like Linux's iptables?
More information about the dovecot
mailing list