similar to: IP drop list

Am 03.03.2015 um 12:40 schrieb Dave McGuire: > On 03/02/2015 09:41 PM, Joseph Tam wrote: >>>>>> then setup fail2ban to manage extrafields >>>>> >>>>> Now that's a very interesting idea, thank you! I will investigate >>>>> this. >>>> >>>> If you don't expect yor firewall to handle 45K+ IPs, I'm

Dave McGuire writes: >> http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets >> >> then setup fail2ban to manage extrafields > > Now that's a very interesting idea, thank you! I will investigate this. If you don't expect yor firewall to handle 45K+ IPs, I'm not how you expect dovecot will handle a comma separated string with 45K+ entries any

On 03/02/2015 09:41 PM, Joseph Tam wrote: >>>>> then setup fail2ban to manage extrafields >>>> >>>> Now that's a very interesting idea, thank you! I will investigate >>>> this. >>> >>> If you don't expect yor firewall to handle 45K+ IPs, I'm not how you >>> expect dovecot will handle a comma separated

On 03/02/2015 05:34 AM, Joseph Tam wrote: >>> http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets >>> >>> then setup fail2ban to manage extrafields >> >> Now that's a very interesting idea, thank you! I will investigate this. > > If you don't expect yor firewall to handle 45K+ IPs, I'm not how you > expect dovecot will

On 03/01/2015 04:25 AM, Reindl Harald wrote: >> I wonder if there is an easy way to provide dovecot a flat text >> file of ipv4 #'s which should be ignored or dropped? >> >> I have accumulated 45,000+ IPs which routinely try dictionary >> and 12345678 password attempts. The file is too big to create >> firewall drops, and I don't want to compile with

On 03/04/2015 09:45 PM, Dave McGuire wrote: > On 03/04/2015 03:37 PM, Oliver Welter wrote: >> Am 04.03.2015 um 21:03 schrieb Dave McGuire: >>> Am 04.03.2015 um 20:12 schrieb Michael Orlitzky: >>>> Please add [DNSBL] support to iptables instead of Dovecot. It's a waste of >>>> effort to code it into every application that listens on the network.

Am 04.03.2015 um 21:03 schrieb Dave McGuire: > On 03/04/2015 02:12 PM, Michael Orlitzky wrote: >>> I would like to reiterate Reindl Harald's point above, since subsequent >>> discussion has gotten away from it. If Dovecot had DNS RBL support >>> similar to Postfix, I think quite a few people would use it, and thereby >>> defeat the scanners far more

Am 02.03.2015 um 11:34 schrieb Joseph Tam: > Dave McGuire writes: > >>> http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets >>> >>> then setup fail2ban to manage extrafields >> >> Now that's a very interesting idea, thank you! I will investigate this. > > If you don't expect yor firewall to handle 45K+ IPs, I'm not how

Hey folks. One feature I'd really like to see in dovecot is the ability to point it at a database (with a configurable query) and have it allow or deny a connection based on looking up the source IP address in that database. I run Postfix, and I've got it configured to use a database server for its smtpd_client_restrictions checks. Ideally I'd like to point dovecot at

G'day All, I am new to dovecot. I've run across the "allow_net" to restrict access on what seems like a per user basis. Is the a way to global limit access to one or more networks? Marcus O.

On 03/01/2015 06:34 PM, Benny Pedersen wrote: >> The other side of this equation, Postfix, has had this capability >> for years. Why it hasn't been added to dovecot is a mystery. It's >> the only thing (really, the ONLY thing!) that I dislike about dovecot. > > http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets > > then setup fail2ban to

Hello people, I am using now qmail in cluster with LDAP + Interscan Messaging Security Suite from Trendmicro. I need to develop a new solution with: - postfix - dovecot - anti-spam - anti-malware. I am thankful any help or suggestion for anti-spam and anti-malware. Thanks in advance! -- :) cumprimentos ---------------------- Jos? Lu?s Faria Network Eng./Administrador de

On 11/04/2019 11:43, Marc Roos via dovecot wrote: > A. With the fail2ban solution > - you 'solve' that the current ip is not able to access you It is only a solution if there are subsequent attempts from the same address. I currently have several thousand addresses blocked due to dovecot login failures. My firewall is set to log these so I can see that few repeat, those

On March 2, 2015 10:50:59 PM Dave McGuire <mcguire at neurotica.com> wrote: > On 03/02/2015 05:34 AM, Joseph Tam wrote: > >>> http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets its not a big hint its not called denynets is it ? > I myself just want a mechanism to deny certain IP addresses when I > spot them, regardless of the implementation. But

I wonder if there is an easy way to provide dovecot a flat text file of ipv4 #'s which should be ignored or dropped? I have accumulated 45,000+ IPs which routinely try dictionary and 12345678 password attempts. The file is too big to create firewall drops, and I don't want to compile with wrappers *if* dovecot has an easy ability to do this. If dovecot could parse a flat text file of

> > I use postfx 2.3.5 + dovecot (pop3/imap/lda/auth daemon for postfix) rc15. > > root at post /etc/postfix# grep dovecot main.cf > smtpd_sasl_type = dovecot > virtual_transport = dovecot > dovecot_destination_recipient_limit = 1 > > root at post /etc/dovecot# grep password_query dovecot-sql.conf > password_query = SELECT mail as user, cryptp as password, >

On 03/03/2015 11:03 PM, Earl Killian wrote: > On 2015/3/2 10:03, Reindl Harald wrote: >> >> that is all nice >> >> but the main benefit of RBL's is always ignored: >> >> * centralized >> * no log parsing at all >> * honeypot data are "delivered" to any host >> * it's cheap >> * it's easy to maintain >> * it

Am 02.03.2015 um 18:56 schrieb Robert Schetterer: > perhaps and i mean really "perhaps" go this way > > https://sys4.de/de/blog/2014/03/27/fighting-smtp-auth-brute-force-attacks/ > > https://sys4.de/de/blog/2012/12/28/botnets-mit-rsyslog-und-iptables-recent-modul-abwehren/ > > 45K+ IPs will work in a recent table > i have them too but for smtp only like > >

Gents, I have added the following to /etc/mail/sendmail.mc and rebuilt it trying to control spam. I still get about 25 spam messages a day. Is there something else that can help control spam? Thanks jerry --------------------------- dnl # dnl # dnsbl - DNS based Blackhole List/Black List/Rejection list dnl # See http://www.sendmail.org/m4/features.html#dnsbl dnl # FEATURE(`dnsbl',

On 11/04/2019 14:33, Anton Dollmaier via dovecot wrote: >> Which is why a dnsbl for dovecot is a good idea. I do not believe the >> agents behind these login attempts are only targeting me, hence the >> addresses should be shared via a dnsbl. > > Probably there's an existing solution for both problems (subsequent > attempts and dnsbl): > >>