under some kind of attack
mj
lists at merit.unu.edu
Wed Jul 19 13:38:44 EEST 2017
Hi Joseph,
On 07/18/2017 11:10 PM, Joseph Tam wrote:
>> However, it seems almost all IPs are different, and I don't think I can
>> keep the above settings permanently.
>
> Why not? Limited by firewall rules overload? You could probably use
> a persistent DB, can't you?
I meant: keep the "block after the first failed attempt" setting. People
need the chance to change their password, so I have increased it to two.
> You can also use a third party RBL that specialized in brute forcers like
> blocklist.de. You can also feed back fail2ban data and crowdsource BFD
> data to them.
Yes, I will look into that now.
Thanks!
More information about the dovecot
mailing list