IP drop list
Robert Schetterer
rs at sys4.de
Thu Mar 5 21:18:20 UTC 2015
Am 05.03.2015 um 20:23 schrieb @lbutlr:
> On 04 Mar 2015, at 21:46 , Jim Pazarena <dovecot at paz.bz> wrote:
>> On 2015-03-02 2:02 AM, Jochen Bern wrote:
>>> On 03/01/2015 08:53 AM, Jim Pazarena wrote:
>>>> I wonder if there is an easy way to provide dovecot a flat text file of
>>>> ipv4 #'s which should be ignored or dropped?
>>>>
>>>> I have accumulated 45,000+ IPs which routinely try dictionary and
>>>> 12345678 password attempts. The file is too big to create firewall
>>>> drops [...]
>>>
>>> The inherent assumption here is that dovecot, using a "flat file", will
>>> be able to process the block list more effectively than the firewall,
>>> which is a tool written for the *purpose* but supposedly unable to even
>>> *try* due to the list's size. That sounds ... counterintuitive.
>>
>> I am the original poster and just came back to this thread. When the
>> first couple replies were "fail2ban" I lost interest.
>
> Why? Fail2ban is simple to install, simple to setup, and then (and here’s the best part) then you never have to look at it again.
>
I like fail2ban, but related to its design it is slow, i.e it was never
fast enough to drop massive smtp botnets in time at one of my servers.
Best Regards
MfG Robert Schetterer
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein
More information about the dovecot
mailing list