[Dovecot] script to detect dictionary attacks

Reindl Harald h.reindl at thelounge.net
Sat Apr 6 15:59:24 EEST 2013



Am 06.04.2013 14:52, schrieb Benny Pedersen:
> Reindl Harald skrev den 2013-04-06 14:43:
> 
>> has to do what with IMAP/POP3 Logins?
> 
> patch / hack it to dovecot

f**k yourself

>> but nobody speaks about postfix
> and nobody use sql logs

are you drunken or what has this to do with sql logs?

i am using both, so what
the question was a already present script instead write my own

so if you have nothing to say better shut up

>> i speak about a simple way to get a notify of the brute-forcing IP
>> and the both are MANUAL tasks i do since virtually forever
> 
> if it was simple, others have writed it already

and that was the question

> http://wiki.dovecot.org/HowTo/Fail2Ban

the question was a script to parse maillog and simüply notify
and NOT fail2ban or whatever long-living process and NOT directly
touch iptables, iptables-config is distributed with a inhosue solution
accros the whole infrastructure

> note that it works on dovecot 1.x aswell, no need to upgrade :)

keep your silly smilies for yourself

[root at mail:~]$ rpm -q dovecot
dovecot-2.1.16-4.fc17.20130405.rh.x86_64

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20130406/190d31bb/attachment.bin>


More information about the dovecot mailing list