Mail account brute force / harassment

James list at xdrv.co.uk
Thu Apr 11 16:25:44 EEST 2019


On 11/04/2019 12:49, Marc Roos via dovecot wrote:
> Yes indeed, we have already own dnsbl's for smtp and ssh/ftp access. How
> do you have one setup for dovecot connections?

Two answers:

1. I wrote my own very simple implementation but it does not share other 
people's data.  Sharing the key to viability so it is/was a pointless 
exercise.  Without sharing a hacker gets at least one free shot per 
server per address.  With sharing it is closer to one per address and 
less with honeypots.


2. I said "dnsbl for dovecot is a good idea", an idea.  When this was 
raised previously we were told it was not needed and it can all be done 
with tcp wrappers, fail2ban and allow_nets.

https://dovecot.org/list/dovecot/2013-July/091236.html
https://dovecot.org/list/dovecot/2014-June/096662.html



More information about the dovecot mailing list