> Anyway, today I had 8000 login attempts to my dovecot server in an > hour before blocking the IP with my firewall. > > After googling, I didn't see very much discussion on the topic. There > was some mention of blocksshd which was supposed to support dovecot in > the next release (but doesn't appear to) and also fail2ban. While a > script that parses logfiles will work, I'm not sure that this is the > best way to go about handling repeated authentication failure.
Cursory scan in the FreeBSD ports tree: bruteblock for ipfw bruteforceblocker for pf mostly aimed at ssh or ftp brute force blocking ... -bryan bradsby DIR Capnet Texas State Government Net NOC: 512-475-2432 877-472-4848
