[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Dovecot configuration issues for IMAP/POP3 (squeeze)

David Guntner grabbed a keyboard and wrote:
[Lots of fail2ban stuff]

Well, holy cow!  That's what I get for starting a conversation. :-)  I'm
not the type to just ask a question or answer replies and just sit there
waiting, I start mucking around and googling more and stuff.  Just
discovered that fail2ban has *multiport* support for iptables - it can
be set up to filter chains control more than one port with a single
filter command.

I further discovered that the Dovecot website itself has filter and jail
rules for fail2ban to work with its log entries.

So yea, if I can set up a filter rule that says something along the
lines of "if you see this, block traffic for that IP address on the
following ports...", that will do the trick!  Yay! :-)

Now, if I can just figure out a way to get Dovecot to close the
connection when there's too many bad attempts....  I'll have to do some
more testing; maybe the fail2ban chain through iptables will close an
existing connection as was suggested might be the case in another reply....

Ooooh, the possibilities! :-D


Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: