Mail account brute force / harassment

Odhiambo Washington odhiambo at gmail.com
Thu Apr 11 15:16:17 EEST 2019


All your approaches are not well thought out.
The best solutions are always the simplest ones.
KISS principle dictates so.

On Thu, 11 Apr 2019 at 15:01, Marc Roos <M.Roos at f1-outsourcing.eu> wrote:

>
> How long have we been using the current strategy? Do we have less or
> more abuse clouds operating?
>
> "Let the others bother with their own problems." is a bit narrow minded
> view. If every one on this mailing list would have this attitude, there
> would be no single answer to your question.
>
>
> -----Original Message-----
> From: Odhiambo Washington [mailto:odhiambo at gmail.com]
> Sent: donderdag 11 april 2019 12:54
> To: Marc Roos
> Cc: dovecot
> Subject: Re: Mail account brute force / harassment
>
> Marc,
>
> There is a strategy loosely referred to as "choose your battles well"
> :-)
> If you can, hack the server and dump the 500GB - you'll be using
> resources transferring the 500GB as the other server receives it. Two
> servers wasting resources because you think you are punishing an
> offender!
>
>
> On Thu, 11 Apr 2019 at 13:43,  wrote:
>
>
>         Please do not assume anything other than what is written, it is a
>         hypothetical situation
>
>
>         A. With the fail2ban solution
>            - you 'solve' that the current ip is not able to access you
>            - it will continue bothering other servers and admins
>            - you get the next abuse host to give a try.
>
>         B. With 500GB dump
>          - the owner of the attacking server (probably hacked) will notice
> it
>         will be forced to take action.
>
>
>         If abuse clouds are smart (most are) they would notice that
> attacking my
>         servers, will result in the loss of abuse nodes, hence they will
> not
>         bother me anymore.
>
>         If every one would apply strategy B, the abuse problem would get
> less.
>         Don't you agree??
>
>
>
>
>
>
>         -----Original Message-----
>         From: Odhiambo Washington
>         Sent: donderdag 11 april 2019 12:28
>         To: Marc Roos
>         Cc: dovecot
>         Subject: Re: Mail account brute force / harassment
>
>
>
>         On Thu, 11 Apr 2019 at 13:24, Marc Roos via dovecot
>         <dovecot at dovecot.org> wrote:
>
>
>
>
>                 Say for instance you have some one trying to constantly
> access an
>                 account
>
>
>                 Has any of you made something creative like this:
>
>                 * configure that account to allow to login with any
> password
>                 * link that account to something like /dev/zero that
> generates
>         infinite
>                 amount of messages
>                   (maybe send an archive of virusses?)
>                 * transferring TB's of data to this harassing client.
>
>                 I think it would be interesting to be able to do such a
> thing.
>
>
>
>
>         Instead of being evil, just use fail2ban to address this problem
> :-)
>
>         --
>
>         Best regards,
>         Odhiambo WASHINGTON,
>         Nairobi,KE
>         +254 7 3200 0004/+254 7 2274 3223
>         "Oh, the cruft.", grep ^[^#] :-)
>
>
>
>
>
>
> --
>
> Best regards,
> Odhiambo WASHINGTON,
> Nairobi,KE
> +254 7 3200 0004/+254 7 2274 3223
> "Oh, the cruft.", grep ^[^#] :-)
>
>
>

-- 
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft.", grep ^[^#] :-)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20190411/a21566bd/attachment.html>


More information about the dovecot mailing list