[Dovecot] dnsbl feature for dovecot

Robert Schetterer rs at sys4.de
Wed Jul 3 10:26:12 EEST 2013

Am 03.07.2013 04:11, schrieb Stan Hoeppner:
> On 7/2/2013 8:32 PM, Professa Dementia wrote:
>> On 7/2/2013 6:21 PM, John Fawcett wrote:
>>> dnsbl's are a popular method to prevent listed ips from making
>>> connections to mta software.
>>> cf. postscreen_dnsbl_sites in postfix
>>> Would it be possible to introduce such a feature in dovecot, so that
>>> connections can be denied
>>> based on a dnsbl lookup (where the precise dnsbls used are configurable)?
>>> John
>> Let's back up a bit.  This does not seem like a feature that Dovecot needs.
>> Rather, what problem are you trying to solve?  Maybe there is an
>> existing or better way to accomplish it.
> Based on John's recent thread on postfix-users on the same general
> subject, I'd guess he's trying to stop rouge/malicious connections.

so perhaps fail2ban might help, or construct something out of syslog and
iptables recent, or use dovecot deny etc


only german, but code should understandable anyway for new coding ideas


usually fail2ban is enough for brute force pop3/imap, but blocking ips
is a problem ever with nat clients

Best Regards
MfG Robert Schetterer

[*] sys4 AG

http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München

Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein

More information about the dovecot mailing list