> On Apr 20, 2023, at 02:04, Odhiambo Washington <odhia...@gmail.com> wrote: > > > > On Thu, Apr 20, 2023 at 9:08 AM Doug Hardie <bc...@lafn.org > <mailto:bc...@lafn.org>> wrote: >> Are there any plans to interface to blacklistd? >> >> -- Doug > > Hi Doug, > > Since blacklistd uses PF, you can already use fail2ban or sshguard > <https://www.sshguard.net/> to achieve the same thing you are after. > Given that blacklistd is just an intermediary like fail2ban, is there a real > need for dovecot interfacing with it?
Fail2ban and sshguard are log scanners. They are a very inelegant approach that requires a lot of horsepower to scan logs that are not designed for scanning, but for human reading. Log formats tend to change with time thus necessitating updates to the scanners. Blacklistd places a very short set of code to send a small packet to a socket when the decision is made to deny access. There is no real delay in the actual blocking. Scanning large logs in a high traffic environment is expensive. For a product that is intended for high volume environments I find it interesting that a log scanning solution would be appropriate. -- Doug
_______________________________________________ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
