On 6/17/2014 7:16 PM, Reindl Harald wrote: > after having my own dnsbl feeded by a honeypot and even > mod_security supports it for webservers i think dovecot > sould support the same to prevent dictionary attacks from > known bad hosts, in our case that blacklist is 100% > trustable and blocks before SMTP-Auth while normal RBL's > are after SASL > > i admit that i am not a C/C++-programmer, but i think > doing the DNS request and in case it has a result block > any login attemt should be not too complex > > setup a own honeypot and feed rbldnsd with the sources > is quite easy and in case of a own, trustable RBL where > no foreigners report somebody by mistake it's relieable > and scales well over many machines and services as long > services supporting it > > mod_security: > http://blog.inliniac.net/2007/02/23/blocking-comment-spam-using-modsecurity-and-realtime-blacklists/ >
There are some Dovecot developments in that area: http://www.dovecot.org/talks/berlin-20140513.pptx.pdf (page 22) Regards, Stephan.
