On 2/22/23 12:32, Jaroslaw Rafa via mailop wrote:
I have also one more idea. Remember the old "POP-before-SMTP"
approach from the times there was no SMTP AUTH yet? I have observed
that the password-cracking bots are heavily attacking submission
services, while relatively very rarely trying to login to IMAP
service. On the other hand, any regular email client first does
IMAP login to get the mailbox index, and then after the user tries
to send a message, authenticates to submission service. So one
might simply reject *any* password on submission service, if there
is no recent successful IMAP login to the same account from the
same IP address.
Nice idea.
I would want to check that it works for users like me who
download messages to a local machine (eg with fetchmail).
We might be more likely to write before reading.
Do confirm that the submission port remains open to machine/user pairs
as long as an IMAP connection is using IDLE.
On Wed, 22 Feb 2023, Giovanni Bechis via mailop wrote:
this would not work for me, on my servers ~6% of imap logins are
from bots.
*Successful* IMAP logins ?
--
Andrew C. Aitchison Kendal, UK
and...@aitchison.me.uk
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
