On Tue, 18 Jul 2017, dovecot-requ...@dovecot.org wrote:
Thanks for the quick follow-ups! Much appreciated. After posting this, I immediately started working on fail2ban. And between my initial posting and now, fail2ban already blocked 114 IPs. I have fail2ban with maxretry=1 and bantime=1800 However, it seems almost all IPs are different, and I don't think I can keep the above settings permanently.
Why not? Limited by firewall rules overload? You could probably use a persistent DB, can't you? You can also use a third party RBL that specialized in brute forcers like blocklist.de. You can also feed back fail2ban data and crowdsource BFD data to them. Joseph Tam <jtam.h...@gmail.com>
