dictionary attack defense

Anders Wegge Keller wegge at wegge.dk
Tue Oct 21 22:57:34 UTC 2014

On Tue, 21 Oct 2014 16:28:46 -0500
Cliff Hayes <chayes at afo.net> wrote:

> Does dovecot have any dictionary attack defenses yet?
> In the past I have had to implement defense from outside dovecot, but 
> since dovecot is at the front lines and therefore is the first to know 
> I'm hoping by now there is something we can set.  For example, a limit 
> on access failures per minut/hour/day or some such.  If not why not?

 In my opinion, fail2ban is  the right strategy to deal with a dictionary
attack. Instead of adding a layer of attack detection and handling onto
every outward facing service running on your server, you can centralize the
detection and blocking at one place.


More information about the dovecot mailing list