[Dovecot] dnsbl feature for dovecot
John Fawcett
john.ml at erba.tv
Wed Jul 3 21:27:06 EEST 2013
On 03/07/13 18:44, Benny Pedersen wrote:
> Timo Sirainen skrev den 2013-07-03 03:27:
>
>> You're talking about IMAP/POP3 connections?
>> Possible, yeah .. possibly even without code changes by using
>> tcpwrappers.
>
> why is it needed ?
>
> setup fail2ban to manange xtables-addons geoip csv files from abusers,
> then use this csv file as A0 list in iptables, end result is low
> memory footprint, it should not be a dovecot solotion
>
I would not see fail2ban as the only solution. On the mta I use both
dnsbl and fail2ban and both help in their own ways to reduce/limit
unwanted connections.
I wouldn't consider adding large numbers of rules to iptables but I
would consider querying a dnsbl which contained large numbers of ips,
since the management of the data is then off the server.
John
More information about the dovecot
mailing list