IP drop list

Oliver Welter mail at oliwel.de
Mon Mar 2 07:38:39 UTC 2015 

Am 01.03.2015 um 23:16 schrieb Dave McGuire:
> On 03/01/2015 04:25 AM, Reindl Harald wrote:
>>> I wonder if there is an easy way to provide dovecot a flat text
>>> file of ipv4 #'s which should be ignored or dropped?
>>>
>>> I have accumulated 45,000+ IPs which routinely try dictionary
>>> and 12345678 password attempts. The file is too big to create
>>> firewall drops, and I don't want to compile with wrappers *if*
>>> dovecot has an easy ability to do this. If dovecot could parse a
>>> flat text file of IPs and drop connections it would sure put a
>>> dent in these attempts.
>>
>> hence i asked month ago for RBL support because such lists are easy
>> to feed into http://www.corpit.ru/mjt/rbldnsd.html - sadly i got no
>> reply than use fail2ban and what not irrelevant if there is already
>> a local dnsbl
>>
>> i guess for a C-programmer it takes not much more than 10 minutens
>> include a config option to list rbl servers and close connections
>> absed on the DNS responses
>
>    I've been asking for this off-and-on for years, and people
> immediately parrot back "just use fail2ban".  I think fail2ban is a
> nice idea and all, but that suggestion assumes that I use iptables (I
> don't), I run firewalls on my servers (I don't; I run them on routers)
> and that I run Linux on my mail server (I don't).
>
>    The other side of this equation, Postfix, has had this capability
> for years.  Why it hasn't been added to dovecot is a mystery.  It's
> the only thing (really, the ONLY thing!) that I dislike about dovecot.
>
Guys, dovecot is open source - if you desire a feature that the upstream 
programmer did not include, pay him a bounty to do so or send him a 
patch to be included. Period. We can discuss and mightbe somebody will 
fork if he is not willing to accept such a solutuion for any political 
reason.

I am really tired of reading this kind of complaints on OSS lists.

To make this not a "troll only" posting - it might be an suitable 
approach to let dovecot listen on the lo interface and put a proxy 
software in front, that supports RBLs.

Oliver
-- 
Protect your environment -  close windows and adopt a penguin!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4074 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20150302/39534877/attachment-0001.p7s>

More information about the dovecot mailing list