similar to: Auto-blocking faulty login attempts

Dave McGuire writes: >> http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets >> >> then setup fail2ban to manage extrafields > > Now that's a very interesting idea, thank you! I will investigate this. If you don't expect yor firewall to handle 45K+ IPs, I'm not how you expect dovecot will handle a comma separated string with 45K+ entries any

After I activated disabling POP3 for one of my users (not user 'jos'), the following is in my logfile: Dec 3 16:03:33 webrz dovecot: IMAP(jos): Disconnected Dec 3 16:03:36 webrz dovecot: IMAP(jos): Disconnected in IDLE Dec 3 16:03:36 webrz dovecot: IMAP(jos): file ioloop.c: line 22 (io_add): assertion failed: (fd >= 0) Dec 3 16:03:36 webrz dovecot: child 74197 (imap) killed with

Can someone explain how I can create message rules to use with this version of Dovecot? I specially switched to this version because it supports then Pigeonhole Sieve. I would like to volunteer to contribute as a volunteer when someone would like to create a html driven user interface that provides a user friendly configuration interface and would make such configuration a piece of cake. --

With my iMap client, I use various mail rules to move specific email to the right mail folders. Downside of that is that is this mailclient is not online, all email is stuck in my inbox, which makes reading email by mobile phone kind of chaotic. I have seen several Pigeonhole Sieve examples, but I would like to know if there is a nub solution (I am not a programmer) to run filters when they

Hi, Thanks for the quick follow-ups! Much appreciated. After posting this, I immediately started working on fail2ban. And between my initial posting and now, fail2ban already blocked 114 IPs. I have fail2ban with maxretry=1 and bantime=1800 However, it seems almost all IPs are different, and I don't think I can keep the above settings permanently. Robert, your iptables suggestions are

I have blocked some pop3 user sessions: Dec 8 00:03:38 xxxxxx pop3-login: Disconnected: user=<johndoe> Is there a way of sending a message to a user that constantly tries to establish a block pop3 session? Example: From: noreply at mysite.com Subject: Your POP3 session Message: Hello, Your POP3 session is blocked; please contact systemmanagement -- -------------- next part

Am 02.03.2015 um 18:56 schrieb Robert Schetterer: > perhaps and i mean really "perhaps" go this way > > https://sys4.de/de/blog/2014/03/27/fighting-smtp-auth-brute-force-attacks/ > > https://sys4.de/de/blog/2012/12/28/botnets-mit-rsyslog-und-iptables-recent-modul-abwehren/ > > 45K+ IPs will work in a recent table > i have them too but for smtp only like > >

Hi has someone a script which can filter out dictionary attacks from /var/log/maillog and notify about the source-IPs? i know about fail2ban and so on, but i would like to have a mail with the IP address for two reasons and avoid fail2ban at all because it does not match in the way we maintain firewalls * add the IP to a distributed "iptables-block.sh" and distribute it to any

Hi, We have been using Dovecot 1.0 to serve Maildir format over IMAPs to a client with an office of around 30 people, and a remote office of 10, all using Outlook 2003. While users in the base office (location of server) are not having issues with the server users in the remote office are often having problems with Outlook freezing, or not being able to connect. The dovecot log shows them logging

Can someone tell me how I can upgrade from Dovecot 1.x to 2.x best? thanks for your reply, Jos Chrispijn

Should I migrate to v2 or are there no significant pro's on this migration? Thanks! -- Best regards, Jos Chrispijn --- Artificial intelligence is no match for natural stupidity

Thank you for your reply. One questionthough, if you add a mount point how do you know what user to move ? On 9/23/20 7:35 PM, Manuel Delgado wrote: > Hi Adrian, > > It depends much on your site configuration. > > In our case, we have several mount points and we distribute our user > mailboxes using username hash (%N)[1] and limit this hash to the > number of mount

Hi all, It seems we are under some kind of password guessing attack: > Jul 18 21:33:33 auth: Info: ldap(username1,103.6.223.61,<W7wLl5xUfABnBt89>): invalid credentials (given password: 1q2w3e4r5t) > Jul 18 21:34:16 auth: Info: ldap(username1,221.4.61.180,<89WnmZxUrADdBD20>): invalid credentials (given password: 1q2w3e4r5t) > Jul 18 21:36:13 auth: Info:

Hi everyone, I want to ask if any of you has done a migration from a single storage to multiple back-end storages and what is the best strategy for folder hashing that you use. Using something like %H or %M how do you predict where the mail will end up in order to move the existing folders ? Thank you ! -- Best regards, Adrian Minta

Also you should probably use dovecot director to ensure same user sessions end up on same server, as it's not supported to access same user on different backends in this scenario. Aki > On 10/01/2020 19:49 Adrian Minta <adrian.minta at gmail.com> wrote: > > > > Hello, > > you need to "clone" the first server, change the ip address, mount the same

Hello, is it possible to use Last Login Plugin with mysql instead of redis ? http://wiki2.dovecot.org/Plugins/LastLogin .-- Best regards, Adrian Minta

Hello, I would like to host my mails and I would like to retrieve my existing mailbox content from my ISP My ISP ====== I don't have root access on the server The server seem to use Dovecot according to the banner. My machine ========== I have root access on the server I use Dovecot 2.2.21 I use Maildir I read this page multiple times but it's not clear to me

Howdy, I'd like an adive on what to use. I have sql users, and i want to have the lastlogin of them, what is the native option for this: * Using last_login plugin which will give me the last login? * Use postlogin for imap and pop3n which will give me besides lastlogin the IP and protocol? Thanks in advanced, -------------- next part -------------- An HTML attachment was

On 07/25/2017 07:54 AM, mj wrote: > Since we implemented country blocking, Please don't do that. Balkanizing the Internet doesn't really benefit anyone, and makes innovation a lot more difficult. Instead, take a look at the fail2ban scenarios in this thread, which solve the actual problem with a precision tool, instead of a hammer. Doug

On 24.02.2015 20:29, Reindl Harald wrote: > > > don't allow senders which you would not receive mail for - period > Seems interesting, at least until the bots adapt to this. Any idea how could this be implemented ? -- Best regards, Adrian Minta