[Dovecot] limiting number of incorrect logins per connection
alex@ahhyes.net
alex at ahhyes.net
Fri Aug 26 11:39:35 EEST 2011
Hi,
I saw that thread already, however it does not offer any solution that can be applied to dovecot directly. That thread has also been asleep for well over a year. It couldnt be that hard for the author to implement this function. It would only require a few lines of code.
----- Reply message -----
From: "Robert Schetterer" <robert at schetterer.org>
Date: Fri, Aug 26, 2011 17:59
Subject: [Dovecot] limiting number of incorrect logins per connection
To: <dovecot at dovecot.org>
Am 26.08.2011 09:25, schrieb Alex:
> Hi Guys,
>
> Running Dovecot 2 on my server. It is regularly getting dictionary auth
> attacked. What I have noticed is that once connected to a pop3/imap
> login session, you can send endless incorrect usernames+passwords
> attempts. This is a problem for me... I use fail2ban to try and stop
> these script kiddies. The problem is that fail2ban detects the bad
> auths, firewalls the IP, however, since it's an "established" session,
> the attacker can keep authing away... It's only on a subsequent (new)
> connection that the firewalling will take effect.
>
> Why is there no configuration option such as "max auth attempts per
> connection"? This would be useful, so once the limit is reached, the
> connection is dropped.
>
> is there a patch/workaround?
>
there where equal questions in the past
i.e read
http://comments.gmane.org/gmane.mail.imap.dovecot/46204
--
Best Regards
MfG Robert Schetterer
Germany/Munich/Bavaria
More information about the dovecot
mailing list