Mail account brute force / harassment

Jean-Daniel Dupas jddupas at xooloo.com
Fri Apr 12 18:05:54 EEST 2019



> Le 11 avr. 2019 à 12:23, Marc Roos via dovecot <dovecot at dovecot.org> a écrit :
> 
> 
> 
> Say for instance you have some one trying to constantly access an 
> account
> 
> 
> Has any of you made something creative like this:
> 
> * configure that account to allow to login with any password
> * link that account to something like /dev/zero that generates infinite 
> amount of messages
>  (maybe send an archive of virusses?)
> * transferring TB's of data to this harassing client.
> 
> I think it would be interesting to be able to do such a thing.

As long as you have infinite bandwidth, that may be fun, but it is not the case for most people operating a mail server I think.

For theses clients, I simply have fail2ban and DROP packages of blocked IP (I prefer to DROP because I don't want to waste resources responding that the connection is refused).



More information about the dovecot mailing list