recent versions of denyhosts offer protection for dovecot imap if
enabled by scanning logs and adding firewall rules as well as hosts.deny
rules.
that may help
On 17/11/2023 10:18, Nick Lockheart wrote:
My original reason for asking was, in addition to setting up a new mail server,
there was a topic that came up about port scanning.
My thought was, if the only people that need email services on ports 587 and
993 are employees, there might be a way to close down access to those ports to
reasonable ranges that employees might actually use.
If ranges are assigned to organizations, and you knew that you only wanted
phone access, couldn't you enter the IP ranges assigned to T-Mobile, AT&T, etc
as a firewall rule to allow, else deny?
DENY Fail2Ban IPs
ALLOW US Based Consumer ISPs
ALLOW Our Office
DENY others
That seems like it would reduce the number of people that could try to brute
force your IMAP/SMTP logins.
Toronto 416.642.7266
Main 1.866.411.7266
Fax 1.888.892.7266
Email p...@scom.ca
On 2023-11-16 5:31 p.m., Jochen Bern wrote:
On 16.11.23 16:56, Paul Kudla wrote:
the ip that triggered all this says it is
allocated from NL
(Neatherlands) but physicaly exists in Hawii ?
As someone working for a LIR, let me clarify a couple
things:
IPs get assigned to organizations. The registered contacts
may well be
that organization's main offices on one continent while the
hardware
actually using those addresses is located someplace
different - and the
users whose traffic gets its public IP from that hardware
could well be
in a third.
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
