Wilberth Perez
2012-Feb-23 22:33 UTC
[Dovecot] How to limit max number of connections for ip address
Hi List: Does any one , knows if is possible configure dovecot for limit max number of connections for IP address? I would like to prevent future fork-bombing attacks for pop3 and imap login process in my email server. Our dovecot version is : 1.2.10 Thanks, Wilberth. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2570 bytes Desc: Firma criptogr??fica S/MIME URL: <http://dovecot.org/pipermail/dovecot/attachments/20120223/eff4251e/attachment-0004.bin>
Timo Sirainen
2012-Feb-23 23:21 UTC
[Dovecot] How to limit max number of connections for ip address
On 24.2.2012, at 0.33, Wilberth Perez wrote:> Does any one , knows if is possible configure dovecot for limit max > number of connections for IP address? > > I would like to prevent future fork-bombing attacks for pop3 and imap > login process in my email server. > > Our dovecot version is : 1.2.10There is mail_max_userip_connections setting which limits IP+username combination. Typically that should be enough to prevent fork bombing, because users normally don't have more than one account. Or you mean when some IP keeps connecting even without actually loggin in? http://wiki.dovecot.org/LoginProcess has some settings related to this, which should normally be quite helpful if the limits are right.