IP drop list

Reindl Harald h.reindl at thelounge.net
Thu Mar 5 19:34:52 UTC 2015



Am 05.03.2015 um 20:23 schrieb @lbutlr:
> On 04 Mar 2015, at 21:46 , Jim Pazarena <dovecot at paz.bz> wrote:
>> On 2015-03-02 2:02 AM, Jochen Bern wrote:
>>> On 03/01/2015 08:53 AM, Jim Pazarena wrote:
>>>> I wonder if there is an easy way to provide dovecot a flat text file of
>>>> ipv4 #'s which should be ignored or dropped?
>>>>
>>>> I have accumulated 45,000+ IPs which routinely try dictionary and
>>>> 12345678 password attempts. The file is too big to create firewall
>>>> drops [...]
>>>
>>> The inherent assumption here is that dovecot, using a "flat file", will
>>> be able to process the block list more effectively than the firewall,
>>> which is a tool written for the *purpose* but supposedly unable to even
>>> *try* due to the list's size. That sounds ... counterintuitive.
>>
>> I am the original poster and just came back to this thread. When the
>> first couple replies were "fail2ban" I lost interest.
>
> Why? Fail2ban is simple to install, simple to setup, and then (and here’s the best part) then you never have to look at it again

fail2ban is simple to install and to setup?

*lol* yes if you have 99% out-of-the-box distribution configurations, 
igave it a try not so long ago and honestly the whole config snippets 
and log-parsing is a mess where i call it insane to give that stuff root 
permissions even on my private testserver

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20150305/db6fc888/attachment.sig>


More information about the dovecot mailing list