Mail account brute force / harassment

Gerald Galster list+dovecot at gcore.biz
Thu Apr 11 13:35:20 EEST 2019



> Am 11.04.2019 um 12:28 schrieb Odhiambo Washington via dovecot <dovecot at dovecot.org>:
> 
> 
> 
> On Thu, 11 Apr 2019 at 13:24, Marc Roos via dovecot <dovecot at dovecot.org <mailto:dovecot at dovecot.org>> wrote:
> 
> 
> Say for instance you have some one trying to constantly access an 
> account
> 
> 
> Has any of you made something creative like this:
> 
> * configure that account to allow to login with any password
> * link that account to something like /dev/zero that generates infinite 
> amount of messages
>   (maybe send an archive of virusses?)
> * transferring TB's of data to this harassing client.
> 
> I think it would be interesting to be able to do such a thing.
> 
> 
> Instead of being evil, just use fail2ban to address this problem :-)  


fail2ban is a good solution. I don't see any benefits in granting access to pop/imap as well.
On the other hand if you to this with smtp, your service is probably abused for sending spam
which you could use to train your spam filters :-)

Best regards
Gerald

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20190411/9585b89c/attachment.html>


More information about the dovecot mailing list