[Dovecot] limiting number of incorrect logins per connection
Timo Sirainen
tss at iki.fi
Fri Aug 26 19:28:40 EEST 2011
On 26.8.2011, at 18.27, Allan Cassaro wrote:
> If you substitute (create a wrap to) the "imap-login" binary with an script?
> The script can create a "fail attempt/ip" file into home dir and return ok
> or not to dovecot main process based on this information.
imap-login is typically chrooted and running with nonprivileged account that can't access user's home dir. I guess you could change those, but wrapping imap-login won't help because you don't know the username at that point..
Either auth or anvil process could do something like this.
More information about the dovecot
mailing list