On 15/07/2021 20.03, Gerald Galster wrote:
I have a better idea:
Have a function for whitelisting IPs, possible /24's or similiar, where a
login to roundcube or other webmail client (with 2FA) will add the IP onto a
whitelist for that account.
You could do that with fail2ba
it all together.
Original Message
From: sebast...@sebbe.eu
Sent: July 15, 2021 11:26 AM
To: dovecot@dovecot.org
Reply-to: dovecot@dovecot.org
Subject: Sv: Sv: function for whitelisting IPs
Yeah the idea was to use roundcube or other web service to add kind of "auth
> I run a personal email server. I can't emphasize enough how geofencing has
> reduced the useless hacking on my email server. I only leave port 25 open to
> the world. I use port 587.
Unfortunately that's not an option for commercial mailservers. You have to be
open to communicate with the wor
sprungligt meddelande-
Från: dovecot-boun...@dovecot.org För lists
Skickat: den 15 juli 2021 20:09
Till: 'Mailing List'
Ämne: Re: Sv: function for whitelisting IPs
I run a personal email server. I can't emphasize enough how geofencing has
reduced the useless hacking on my email
I have found that dynamic IP blocking programs such as sshguard or
fail2ban
are a CPU burden since that table needs to be refreshed as new IPs are
added
or removed so I have stopped using them.
Have you seen ipset?
https://ipset.netfilter.org/
It is built for dynamically adding/remove IP's fr
dCube.
Original Message
From: sebast...@sebbe.eu
Sent: July 15, 2021 3:55 AM
To: dovecot@dovecot.org
Reply-to: dovecot@dovecot.org
Subject: Sv: function for whitelisting IPs
Most such functions would need to be custom.
You need to write a custom login script, which also accepts the user&#x
> Do you have any examples of such a function and how/where it is used ?
>I have a better idea:
> Have a function for whitelisting IPs, possible /24's or similiar, where a
> login to roundcube or other webmail client (with 2FA) will add the IP onto a
> whitelist fo
On 15/07/2021 12:05, White, Daniel E. (GSFC-770.0)[NICS] wrote:
The custom login script -- in Dovecot or Roundcube or … ?
Is there any documentation for such scripting ?
https://doc.dovecot.org/configuration_manual/authentication/auth_policy/
It uses an http interface so it is easy to impleme
ry.
That reduces the attack surface greatly.
-Ursprungligt meddelande-
Från: dovecot-boun...@dovecot.org För White,
Daniel E. (GSFC-770.0)[NICS]
Skickat: den 15 juli 2021 12:21
Till: Dovecot Mailing List
Ämne: function for whitelisting IPs
Sebastian,
Do y
sprungligt meddelande-
Från: dovecot-boun...@dovecot.org För White,
Daniel E. (GSFC-770.0)[NICS]
Skickat: den 15 juli 2021 12:21
Till: Dovecot Mailing List
Ämne: function for whitelisting IPs
Sebastian,
Do you have any examples of such a function and how/where it is used ?
-Origin
dialog and tell the user to just correct
password in settings.
Some clients even go as long as requiring the user to delete the account
with wrong password and set up a new connection.
So no, it cannot be relied upon.
I have a better idea:
Have a function for whitelisting IPs, po
11 matches
Mail list logo
