dictionary attack defense
Anders Wegge Keller
wegge at wegge.dk
Tue Oct 21 22:57:34 UTC 2014
On Tue, 21 Oct 2014 16:28:46 -0500
Cliff Hayes <chayes at afo.net> wrote:
> Does dovecot have any dictionary attack defenses yet?
> In the past I have had to implement defense from outside dovecot, but
> since dovecot is at the front lines and therefore is the first to know
> I'm hoping by now there is something we can set. For example, a limit
> on access failures per minut/hour/day or some such. If not why not?
In my opinion, fail2ban is the right strategy to deal with a dictionary
attack. Instead of adding a layer of attack detection and handling onto
every outward facing service running on your server, you can centralize the
detection and blocking at one place.
More information about the dovecot