Mail account brute force / harassment
Odhiambo Washington
odhiambo at gmail.com
Thu Apr 11 15:16:17 EEST 2019
All your approaches are not well thought out.
The best solutions are always the simplest ones.
KISS principle dictates so.
On Thu, 11 Apr 2019 at 15:01, Marc Roos <M.Roos at f1-outsourcing.eu> wrote:
>
> How long have we been using the current strategy? Do we have less or
> more abuse clouds operating?
>
> "Let the others bother with their own problems." is a bit narrow minded
> view. If every one on this mailing list would have this attitude, there
> would be no single answer to your question.
>
>
> -----Original Message-----
> From: Odhiambo Washington [mailto:odhiambo at gmail.com]
> Sent: donderdag 11 april 2019 12:54
> To: Marc Roos
> Cc: dovecot
> Subject: Re: Mail account brute force / harassment
>
> Marc,
>
> There is a strategy loosely referred to as "choose your battles well"
> :-)
> If you can, hack the server and dump the 500GB - you'll be using
> resources transferring the 500GB as the other server receives it. Two
> servers wasting resources because you think you are punishing an
> offender!
>
>
> On Thu, 11 Apr 2019 at 13:43, wrote:
>
>
> Please do not assume anything other than what is written, it is a
> hypothetical situation
>
>
> A. With the fail2ban solution
> - you 'solve' that the current ip is not able to access you
> - it will continue bothering other servers and admins
> - you get the next abuse host to give a try.
>
> B. With 500GB dump
> - the owner of the attacking server (probably hacked) will notice
> it
> will be forced to take action.
>
>
> If abuse clouds are smart (most are) they would notice that
> attacking my
> servers, will result in the loss of abuse nodes, hence they will
> not
> bother me anymore.
>
> If every one would apply strategy B, the abuse problem would get
> less.
> Don't you agree??
>
>
>
>
>
>
> -----Original Message-----
> From: Odhiambo Washington
> Sent: donderdag 11 april 2019 12:28
> To: Marc Roos
> Cc: dovecot
> Subject: Re: Mail account brute force / harassment
>
>
>
> On Thu, 11 Apr 2019 at 13:24, Marc Roos via dovecot
> <dovecot at dovecot.org> wrote:
>
>
>
>
> Say for instance you have some one trying to constantly
> access an
> account
>
>
> Has any of you made something creative like this:
>
> * configure that account to allow to login with any
> password
> * link that account to something like /dev/zero that
> generates
> infinite
> amount of messages
> (maybe send an archive of virusses?)
> * transferring TB's of data to this harassing client.
>
> I think it would be interesting to be able to do such a
> thing.
>
>
>
>
> Instead of being evil, just use fail2ban to address this problem
> :-)
>
> --
>
> Best regards,
> Odhiambo WASHINGTON,
> Nairobi,KE
> +254 7 3200 0004/+254 7 2274 3223
> "Oh, the cruft.", grep ^[^#] :-)
>
>
>
>
>
>
> --
>
> Best regards,
> Odhiambo WASHINGTON,
> Nairobi,KE
> +254 7 3200 0004/+254 7 2274 3223
> "Oh, the cruft.", grep ^[^#] :-)
>
>
>
--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", grep ^[^#] :-)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20190411/a21566bd/attachment.html>
More information about the dovecot
mailing list