ot: how to block persistent same invalid account, different IPs
Marcus Rueckert
darix at opensu.se
Fri Dec 22 20:10:06 EET 2017
On 2017-12-22 13:23, Jeff Abrahamson wrote:
> fail2ban isn't really the right tool to fight massive DDOS attacks.
> On the other hand, you don't seem to have that problem, so things work
> out maybe.
>
> It's cleaner to know the future and ban the right things at the right
> times, but is there real harm from people trying bad logins from
> different IP's and you just wait for fail2ban to block each one? Your
> log snippet covers 151 minutes, even fail2ban would normally have
> unjailed ip's after that much time.
https://wiki2.dovecot.org/Authentication/Policy
https://github.com/PowerDNS/weakforced
works much better imho.
More information about the dovecot
mailing list