Dňa 30. mája 2024 18:23:25 UTC používateľ Michael Peddemors via mailop <mailop@mailop.org> napísal:
>I am sure there are many others that are dedicated to strictly AUTHentication >abuse.. The key is to be able to do the check at all levels of authentication, >whether by using an RBL, or static lists.. I hope, that it isn't problem to promote own software here... Two or three years ago i was target of a lot of leaked passwords attempts (it was XMPP passwords, but they tried it as email), i was looking into weakforced solution for dovecot, but i meet multiple problems with it, thus i did my own dovecot's auth daemon, its initial intent was to check RBLs, but over time it evolved to count success login IPs (to detect account compromise) and GeoIP block (per user). Any one can use it (GPL licensed) from my git repo https://git.slavino.sk/dovepolicy.git/ It is in Python (flask app) + redis, i use it for my dovecot (and exim authed via dovecot). I cannot tell about performance, my user base is low, but works well for me and in spikes it was blocking ~800 IPs daily (+ normal user logins). In conjunction with fail2ban it was very success and most attempts are now gone for more months. It is not in state of full app (one click install), some manual steps are required to setup it and only some features are manageable by CLI interface, thus not intended for not experienced users, but i use it in git HEAD state. Hope it will be useful for someone... regards -- Slavko https://www.slavino.sk/ _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
