I block all my email ports except 25 from countries where I am not going to be sending or receiving email. I also block many datacenters, but blocking Digital Ocean, Vultur and AWS will get you 90%of the way there. You will need to use 587, that is no auth on 25. Again no blocking on 25, just block the other email ports.
I get maybe one attempt to log into my email account a week. Yeah not as good as 2FA but it isn't a research project either. Just a little firewall programming. I get the CIDRs from bgp.he.net. I am assuming this is a personal server. A bit extreme, but you could set up a VPN on a VPS and only allow that IP to send and receive email. Original Message From: li...@luigirosa.com Sent: January 7, 2020 12:29 AM To: dovecot@dovecot.org Subject: Re: 2FA for Dovecot Kees de Jong wrote on 06/01/2020 12:58: > My goal is to protect my mail account with 2FA, which isn't a crazy > idea in 2020. Therefore, I would like to know the possibilities of > configuring 2FA for Dovecot. Use an authentication backend that supports 2FA, such as oAuth: https://wiki.dovecot.org/PasswordDatabase/oauth2 -- Ciao, luigi / +--[Luigi Rosa]-- \
