similar to: Dovecot blacklist?

Or you can implement a policy server yourself. :)The protocol is not complicated, json over http. See?https://wiki.dovecot.org/Auth/Policy ---Aki TuomiDovecot oy -------- Original message --------From: Aki Tuomi <aki.tuomi at dovecot.fi> Date: 21/05/2018 19:13 (GMT+02:00) To: Marc Perkel <marc at perkel.com>, dovecot at dovecot.org Subject: Re: Dovecot blacklist?

https://github.com/PowerDNS/weakforced cn be used for this. ---Aki TuomiDovecot oy -------- Original message --------From: Marc Perkel <marc at perkel.com> Date: 21/05/2018 19:09 (GMT+02:00) To: dovecot at dovecot.org Subject: Dovecot blacklist? Just wondering if there is an easy way to have dovecot do a blacklist lookup as a negative authentication so that if the IP is on a blacklist

After upgrading to 2.31 I'm getting this error. Not sure what I'm doing wrong. No (No signatures could be verified because the chain contains only one certificate and it is not self signed.) ssl = yes ssl_cert = </etc/exim/certs/ctyme.com.crt ssl_key = </etc/exim/certs/ctyme.com.key ssl_ca = </etc/exim/certs/ca.crt local mail.ctyme.com { ? protocol imap { ??? ssl_cert =

does anyone know of a linux module (maybe similar to fail2ban) that could be installed which would monitor email logs (sign ins) and alert the user to any suspicious activity on their account? i suspect it would need to log geo location, device type and ip address to a database. it seems like a module like this would be very useful and should exist already? thanks in advance

> On 22. Apr 2020, at 19.14, Michael Peddemors <michael at linuxmagic.com> wrote: > The three most common attack vectors, (and attack volumes have never been higher) are: > > * Sniffed unencrypted credentials > (Assume every home wifi router and CPE equipment are compromised ;) > * Re-used passwords where data is exposed from another site's breach > (Users WANT to

I would like to have a list of IPs (hacker list) that I can do a lookup on so that if anyone tries to authenticate to dovecot they always fail if they are on my list. I have the list - and the list is available as a DNS blacklist. I'd like to have it work with both local IP lists or RBL lookup. The idea is so hackers from known IP addresses never succeed. If Dovecot provides the feature

Hello, given the 2015 revision date, I was curious if anyone can confirm https://wiki2.dovecot.org/Timeouts is still accurate where the 'before login' IMAP timeout remains hard coded? We're having an issue where blocks of IP's from China and similar locations are crawling IP ranges trying common login credentials, and hanging the connections open in the process. We have clients

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> <br> </div> <blockquote type="cite"> <div> On 22/04/2020 19:56 Benny Pedersen < <a href="mailto:me@junc.eu">me@junc.eu</a>> wrote: </div> <div> <br>

We have dovecot-1:2.3.3-1.fc29.x86_64 running on Fedora 29. I'd like to test wforce, from https://github.com/PowerDNS/weakforced. I see instructions at the Authentication policy support page, https://wiki2.dovecot.org/Authentication/Policy I see the Required Minimum Configuration: auth_policy_server_url = http://example.com:4001/ auth_policy_hash_nonce = localized_random_string But when I

On 11/04/2019 14:33, Anton Dollmaier via dovecot wrote: >> Which is why a dnsbl for dovecot is a good idea. I do not believe the >> agents behind these login attempts are only targeting me, hence the >> addresses should be shared via a dnsbl. > > Probably there's an existing solution for both problems (subsequent > attempts and dnsbl): > >>

> Am 11.04.2019 um 12:43 schrieb Marc Roos via dovecot <dovecot at dovecot.org>: > > Please do not assume anything other than what is written, it is a > hypothetical situation > > > A. With the fail2ban solution > - you 'solve' that the current ip is not able to access you > - it will continue bothering other servers and admins > - you get the

So Timo, Have you considered the idea of storing all the email in a MySQL database? Seems to me that MySQL could somplify all the backend stuff that everyone struggles with and with replication one could create very massive and reliable systems. What would it take to use MySQL that way?

On Thu, 11 Apr 2019 at 13:24, Marc Roos via dovecot <dovecot at dovecot.org> wrote: > > > Say for instance you have some one trying to constantly access an > account > > > Has any of you made something creative like this: > > * configure that account to allow to login with any password > * link that account to something like /dev/zero that generates infinite

Hi, For the upcoming 2.3 development, I'd like to re-suggest this: It seems the use of login_trusted_networks is overloaded. Example: * It's used for indicating which hosts you trust to provide XCLIENT remote IP's. (like a proxy) * It's used for indicating from which hosts you trust logins enough to disable auth penalty. (like in a webmail) Often these two uses cases have a

I've made a preliminary auth policy server in Perl - and it sort of works (mostly) - but I've got some questions on "proper" implementation. It appears the communication is HTTP based - is the intent to talk to a "proper" webserver, or is a simple dedicated daemon appropriate (which is what I made)? Should connections be maintained, or terminated after each

Hello. Is still true that mail_max_userip_connections cannot be overriden in userdb query? Want lower global and raise for some logins. https://www.dovecot.org/pipermail/dovecot/2017-July/108520.html -- Arkadiusz Mi?kiewicz, arekm / ( maven.pl | pld-linux.org )

On 11/04/2019 11:43, Marc Roos via dovecot wrote: > A. With the fail2ban solution > - you 'solve' that the current ip is not able to access you It is only a solution if there are subsequent attempts from the same address. I currently have several thousand addresses blocked due to dovecot login failures. My firewall is set to log these so I can see that few repeat, those

No, it's entirely my own. If all you want to do is write client IP addresses to a database then your script will probably fit in 20 lines of code or so. On 10/20/2017 05:04 PM, j.emerlik wrote: > Which one policy server are you using ? > Someone from that list : http://www.postfix.org/addon.html > > 2017-10-20 16:53 GMT+02:00 Gedalya <gedalya at gedalya.net>: > >>

Is it possible to filter out logins by country (I would like to limit dovecot instance users to log in only from specific countries)??? Anvar?Kuchkartaev? anvar at anvartay.com?

Here's some thoughts I'd like to throw out there. I know it's not standard IMAP protocol but someone has to try new ideas first and I want to see what people (Timo) think of this. IMAP establishes a connection between the client and the server. Wouldn't it be great if it could be a conduit to let custom Thunderbird plugins talk to custom server application over the IMAP