> On 22/04/2020 15:29 Johannes Rohr <johan...@rohr.org> wrote: > > > Dear all, > > what are the key strategies for intrusion prevention and detection with > dovecot, apart from installing fail2ban? > It is a pity that the IMAP protocol does not support 2 factor > authentication, which seems to stop 90% of intrusion attempts in their > tracks. Without it, if someone has obtained your password and reads your > mail without modifying it, you will hardly ever notice. > > Is there a reasonable way of detecting and preventing logins from > unusual IP ranges? Or are there other strategies you would recommend? > > Cheers, > > Johannes
One suggestion is to use dovecot's auth policy feature, which works with e.g. weakforced to apply such restrictions. Aki
