Hi, I saw that thread already, however it does not offer any solution that can be applied to dovecot directly. That thread has also been asleep for well over a year. It couldnt be that hard for the author to implement this function. It would only require a few lines of code.
----- Reply message ----- From: "Robert Schetterer" <rob...@schetterer.org> Date: Fri, Aug 26, 2011 17:59 Subject: [Dovecot] limiting number of incorrect logins per connection To: <dovecot@dovecot.org> Am 26.08.2011 09:25, schrieb Alex: > Hi Guys, > > Running Dovecot 2 on my server. It is regularly getting dictionary auth > attacked. What I have noticed is that once connected to a pop3/imap > login session, you can send endless incorrect usernames+passwords > attempts. This is a problem for me... I use fail2ban to try and stop > these script kiddies. The problem is that fail2ban detects the bad > auths, firewalls the IP, however, since it's an "established" session, > the attacker can keep authing away... It's only on a subsequent (new) > connection that the firewalling will take effect. > > Why is there no configuration option such as "max auth attempts per > connection"? This would be useful, so once the limit is reached, the > connection is dropped. > > is there a patch/workaround? > there where equal questions in the past i.e read http://comments.gmane.org/gmane.mail.imap.dovecot/46204 -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria
