Hi, I'm strugling to find some documentation on dovecot's anvil service and/or its penalties (that can be checked with doveadm penalty) ... but i'm not finding anything on that. is there any documentation on anvil/penalties that i should check other than a few messages on the mailing list archive ? thanks ! -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, N?O mandem email gertrudes at solutti.com.br My SPAMTRAP, do not email it
On Tue, 2011-12-13 at 09:39 -0200, Leonardo Rodrigues wrote:> I'm strugling to find some documentation on dovecot's anvil service > and/or its penalties (that can be checked with doveadm penalty) ... but > i'm not finding anything on that. > > is there any documentation on anvil/penalties that i should check > other than a few messages on the mailing list archive ?Nope. Basically: * Each failed attempt doubles the penalty for next login attempt from that specific IP * Penalty is maxed out at 30 seconds * Each successful login (after waiting for penalty) will clear the penalty for that IP * You can disable the penalty entirely with: service anvil { unix_listener anvil-auth-penalty { mode = 0 } } I don't really like this penalty stuff. Maybe it's better than nothing, maybe not. Maybe there's a better way to do it. Not very useful for IPv6.