[Dovecot] Logging passwords on auth failure/dealing with botnets

Charles Marcus CMarcus at Media-Brokers.com
Sun Sep 1 18:00:17 EEST 2013

On 2013-08-30 7:55 PM, Joseph Tam <jtam.home at gmail.com> wrote:
> Michael Smith writes:
>> We're already running fail2ban, but it doesn't seem that effective
>> against botnets, when they only do one attempt per IP.
> Yeah, distributed BFDs are tough to block unless you can characterize
> the clients well.

Wonder if there's a way to leverage Stan Hoeppner's most excellent 
botnet killer to reject AUTHs from the same types of clients before they 
even try?



Best regards,


More information about the dovecot mailing list