[Dovecot] Logging passwords on auth failure/dealing with botnets

[Charles Marcus]

On 2013-08-30 7:55 PM, Joseph Tam <jtam.home at gmail.com> wrote:
> Michael Smith writes:
>
>> We're already running fail2ban, but it doesn't seem that effective
>> against botnets, when they only do one attempt per IP.
>
> Yeah, distributed BFDs are tough to block unless you can characterize
> the clients well.

Wonder if there's a way to leverage Stan Hoeppner's most excellent 
botnet killer to reject AUTHs from the same types of clients before they 
even try?

Stan?

-- 

Best regards,

*/Charles/*