Mail account brute force / harassment
James
list at xdrv.co.uk
Thu Apr 11 16:25:44 EEST 2019
On 11/04/2019 12:49, Marc Roos via dovecot wrote:
> Yes indeed, we have already own dnsbl's for smtp and ssh/ftp access. How
> do you have one setup for dovecot connections?
Two answers:
1. I wrote my own very simple implementation but it does not share other
people's data. Sharing the key to viability so it is/was a pointless
exercise. Without sharing a hacker gets at least one free shot per
server per address. With sharing it is closer to one per address and
less with honeypots.
2. I said "dnsbl for dovecot is a good idea", an idea. When this was
raised previously we were told it was not needed and it can all be done
with tcp wrappers, fail2ban and allow_nets.
https://dovecot.org/list/dovecot/2013-July/091236.html
https://dovecot.org/list/dovecot/2014-June/096662.html
More information about the dovecot
mailing list