under another kind of attack
Robert Schetterer
rs at sys4.de
Sun Jul 30 08:59:03 EEST 2017
Am 29.07.2017 um 20:29 schrieb mj:
> Hi Doug,
>
> On 07/29/2017 07:44 PM, Doug Barton wrote:
>> Instead, take a look at the fail2ban scenarios in this thread, which
>> solve the actual problem with a precision tool, instead of a hammer.
>
> I have implemented (most of) those as well, and additionally choose to
> also block certain countries. It helps tremendously.
>
> MJ
You can only use strict geoip blocking as long as your users do not travel
so this is not a solution in most cases.
But you can use
geoip in an "anomal filter" which compares more informations
i.e a user is recent logged in germany so normally he dont want to be
logged in from china at the same time, additional count bad logins
using some magic formula and he will blocked auto etc, this will prevent
hacking and abuse accounts too.
Best Regards
MfG Robert Schetterer
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein
More information about the dovecot
mailing list