On 03/01/2015 04:25 AM, Reindl Harald wrote:
>> I wonder if there is an easy way to provide dovecot a flat text
>> file of ipv4 #'s which should be ignored or dropped?
>>
>> I have accumulated 45,000+ IPs which routinely try dictionary
>> and 12345678 password attempts. The file is too big to create
>> firewall drops, and I don't want to compile with wrappers *if*
>> dovecot has an easy ability to do this. If dovecot could parse a
>> flat text file of IPs and drop connections it would sure put a
>> dent in these attempts.
>
> hence i asked month ago for RBL support because such lists are easy
> to feed into http://www.corpit.ru/mjt/rbldnsd.html - sadly i got no
> reply than use fail2ban and what not irrelevant if there is already
> a local dnsbl
>
> i guess for a C-programmer it takes not much more than 10 minutens
> include a config option to list rbl servers and close connections
> absed on the DNS responses
I've been asking for this off-and-on for years, and people
immediately parrot back "just use fail2ban". I think fail2ban is a
nice idea and all, but that suggestion assumes that I use iptables (I
don't), I run firewalls on my servers (I don't; I run them on routers)
and that I run Linux on my mail server (I don't).
The other side of this equation, Postfix, has had this capability
for years. Why it hasn't been added to dovecot is a mystery. It's
the only thing (really, the ONLY thing!) that I dislike about dovecot.
-Dave
--
Dave McGuire, AK4HZ/3
New Kensington, PA
