On 22/04/2020 19:56 Benny Pedersen < m...@junc.eu> wrote:
On 2020-04-22 18:45, Sami Ketola wrote:
Actually by far the biggest source of stolen credentials isviruses/trojans harvesting them.i tryed blacklist all ips that got passwords errors, but that ends inbig shorewall blrules so i turn it over to just add whitelist intoblrules where ips is known custommers that dont abuse server, that waymy shorewall got alot smaller config files to read and no kids fromoutside can abuse logins that way, now i have maked php script thatmonitors where abusers is from without give them access to abused ports
and i have seen the trojans or malware reveal strong passwords looseaswell, the battle is only as strong as users using email programs
so for now i see no fails on logins anymore from the only whitelistedasn range of trusted custommers ips
i just hope there would be free simple policy server for doevecot notonly for dovecot oy
we are in same boat all, dont let it sink
You mean https://github.com/PowerDNS/weakforced ?
--- Aki Tuomi
