On 17 October 2011 12:10, Tom Pawlowski <tom...@jla.rutgers.edu> wrote: > Take a look at: > > http://hg.dovecot.org/dovecot-2.0/file/962df5d9413a/src/auth/auth-request.c > > on line 536. That's the auth service catching illegal characters and > rejecting the attempt. It'll happen with or without a valid user. So, > working as it should. > > As for spammers trying to brute force valid logins, yep, pretty common. > Higher rate of success if they can mail from a known good server and > account.
Okay, thanks for that. That's the info/reassurance I was after. In the meantime I've update fail2ban to take care of it. You're right about the higher rate of success, I've just never seen a spammer try it before - usually their resources are better spend just sending the mail. But it's good to know that dovecot will trap and block the illegal Chars :) Thanks. Simon
