banning, was Re: Non-user logins?
Dave McGuire
mcguire at neurotica.com
Sat Jan 8 16:22:30 UTC 2022
On 1/8/22 8:26 AM, dc-ml at dvl.werbittewas.de wrote:
>> trying to mess with other peoples' stuff. I run fail2ban to catch those
>> log entries and block the source IP address for a month on the first
>> failed login. At any one time I have between 12,000 and 15,000
>
> well, I don't know how _your_ users are connected to the internet, but
> in germany most people has at least daily changing IPs out of larger
> pools (when connected via xDSL) or even sometimes shares ip-addresses
> with others (when connected via tv-cable or mobile - having a private
> network-address, which is natted), so it's possible to get/use an IP,
> which was used before by some script-kiddies...
Obviously. However, my users are nearly all on static IP addresses.
> btw.: setting up a new mail-client and making any mistake by reading it
> from old install or writing it into new install also leads to a
> months-blocking with above restrictive handling...
> (any may drive this user mad)
Again, "obviously". May mail server is not new; I was not the OP on
this thread who came here looking for help.
> so anyone, who has no experience with blocking should be really careful
> with it.
That's good advice for everything, not just blocking. My first
experience with blocking was on a Cisco AGS in 1994, buddy. Not a n00b.
-Dave
--
Dave McGuire, AK4HZ
New Kensington, PA
More information about the dovecot
mailing list