[Dovecot] dnsbl feature for dovecot
Robert Schetterer
rs at sys4.de
Wed Jul 3 10:26:12 EEST 2013
Am 03.07.2013 04:11, schrieb Stan Hoeppner:
> On 7/2/2013 8:32 PM, Professa Dementia wrote:
>> On 7/2/2013 6:21 PM, John Fawcett wrote:
>>> dnsbl's are a popular method to prevent listed ips from making
>>> connections to mta software.
>>>
>>> cf. postscreen_dnsbl_sites in postfix
>>>
>>> Would it be possible to introduce such a feature in dovecot, so that
>>> connections can be denied
>>> based on a dnsbl lookup (where the precise dnsbls used are configurable)?
>>>
>>> John
>>>
>>
>> Let's back up a bit. This does not seem like a feature that Dovecot needs.
>>
>> Rather, what problem are you trying to solve? Maybe there is an
>> existing or better way to accomplish it.
>
> Based on John's recent thread on postfix-users on the same general
> subject, I'd guess he's trying to stop rouge/malicious connections.
>
so perhaps fail2ban might help, or construct something out of syslog and
iptables recent, or use dovecot deny etc
http://wiki2.dovecot.org/HowTo/Fail2Ban
http://wiki2.dovecot.org/Authentication/RestrictAccess
http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets
only german, but code should understandable anyway for new coding ideas
http://sys4.de/de/blog/2012/12/28/botnets-mit-rsyslog-und-iptables-recent-modul-abwehren/
usually fail2ban is enough for brute force pop3/imap, but blocking ips
is a problem ever with nat clients
Best Regards
MfG Robert Schetterer
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein
More information about the dovecot
mailing list