[Dovecot] Feature request: usernames and passwords

Leonardo Rodrigues leolistas at solutti.com.br
Wed Jul 21 16:18:16 EEST 2010


Em 21/07/2010 10:08, Martijn de Munnik escreveu:
>
>>    the original message says about bot brute-force attacks, but we 
>> can be facing REAL brute-force attacks against a specific account 
>> .... and i think that some features to help mitigate those could 
>> indeed be interesting. And if those features exists, they could 
>> surely help on those brute-force attacks coming from dumb bots as well.
>>
>>    it wont solve the username=password specific case, but could help 
>> on real or bot brute-force attacks.
>>
>>    what do you think on that Timo ?
>
> Have a look at fail2ban, this is exactly what you need.


     no, fail2ban is not exactly what i need. fail2ban is FAR from 
acchieving what i wrote ...

     yes, fail2ban can ban an IP after wrong trials ..... but simply 
banning the IP (and maybe not the IP/username combination) can be a 
problem for companies that have lots of computers and access through 
NAT, ie, a single internet IP address. fail2ban also cannot slow down 
replies for wrong username/password combinations.

     fail2ban is a nice add-on for any system, but having something done 
by the daemon and not by some third-party log analyzer can make things 
MUCH smarter and MUCH more flexible.

     thanks for your tip, i already use fail2ban ... but that's far from 
acchieving some more flexible rules that can be done when the daemon has 
some anti-brute-force features.

-- 


	Atenciosamente / Sincerily,
	Leonardo Rodrigues
	Solutti Tecnologia
	http://www.solutti.com.br

	Minha armadilha de SPAM, NÃO mandem email
	gertrudes at solutti.com.br
	My SPAMTRAP, do not email it






More information about the dovecot mailing list