Hi I'm aware that there are several good reasons not to do what I want, but in my use-case it would be an interesting feature. So please no discussions about the reasonableness I have some spamtrap SMTP servers (postfix). Currently SMTP AUTH is disabled. But as I daily have thousands of AUTH tries I thought it would be nice to be able to accept any AUTH request from postfix in dovecot. Is something like this possible with dovecot? If so any good description available on how to achieve? Thanks -- tobi
On 23.5.2019 10.12, Tobi via dovecot wrote:> Hi > > I'm aware that there are several good reasons not to do what I want, but > in my use-case it would be an interesting feature. So please no > discussions about the reasonableness > > I have some spamtrap SMTP servers (postfix). Currently SMTP AUTH is > disabled. But as I daily have thousands of AUTH tries I thought it would > be nice to be able to accept any AUTH request from postfix in dovecot. > > Is something like this possible with dovecot? If so any good description > available on how to achieve? > > Thanks > > -- > > tobiYou could try this in dovecot. passdb { ? driver = static ? args = nopassword } Aki
I have the same, create your own dns blacklist. And have fail2ban add entries to it. The only problem I have on CentOS6 is that you need to combine log files for this, but it should be do-able. But I am also for this option, maybe it can be done via this userdb, specify an account where auth is not necessary. I would like to redirect sometimes a user to a 5GB garbage messages mailbox. Or if someone has collection of emails with virusses, available to download? -----Original Message----- From: Tobi via dovecot [mailto:dovecot at dovecot.org] Sent: donderdag 23 mei 2019 9:12 To: dovecot at dovecot.org Subject: Catch all for dovecot authentication? Hi I'm aware that there are several good reasons not to do what I want, but in my use-case it would be an interesting feature. So please no discussions about the reasonableness I have some spamtrap SMTP servers (postfix). Currently SMTP AUTH is disabled. But as I daily have thousands of AUTH tries I thought it would be nice to be able to accept any AUTH request from postfix in dovecot. Is something like this possible with dovecot? If so any good description available on how to achieve? Thanks -- tobi
On 23 May 2019, at 01:44, Marc Roos via dovecot <dovecot at dovecot.org> wrote:> I would like to redirect sometimes a user to a 5GB garbage messages mailbox.So you want to setup a service where random spammer/hacker can trivially DDOS your system? How many simultaneous 5GB streams can you handle? How much will your bandwidth bill be if you send 5GB a million times in a month? -- Over 3,500 gay marriages and, what, no hellfire? I was promise hellfire. And riots. What gives? -- Mark Morford
Marc, as stated by Aki> passdb { > driver = static > args = nopassword >}works fine and does what I want: accept any SMTP AUTH :-) In my setup postfix has a catch-all anyway, so I can return home=/dev/null in userdb Saw the first tries on my server already. Just took 5min after enabling SMTP AUTH :-) @Aki: thanks a lot Have a good one -- tobi Am 23.05.19 um 09:44 schrieb Marc Roos:> > I have the same, create your own dns blacklist. And have fail2ban add > entries to it. The only problem I have on CentOS6 is that you need to > combine log files for this, but it should be do-able. > > But I am also for this option, maybe it can be done via this userdb, > specify an account where auth is not necessary. I would like to redirect > sometimes a user to a 5GB garbage messages mailbox. Or if someone has > collection of emails with virusses, available to download? > > > > -----Original Message----- > From: Tobi via dovecot [mailto:dovecot at dovecot.org] > Sent: donderdag 23 mei 2019 9:12 > To: dovecot at dovecot.org > Subject: Catch all for dovecot authentication? > > Hi > > I'm aware that there are several good reasons not to do what I want, but > in my use-case it would be an interesting feature. So please no > discussions about the reasonableness > > I have some spamtrap SMTP servers (postfix). Currently SMTP AUTH is > disabled. But as I daily have thousands of AUTH tries I thought it would > be nice to be able to accept any AUTH request from postfix in dovecot. > > Is something like this possible with dovecot? If so any good description > available on how to achieve? > > Thanks > > -- > > tobi > > >