Hello, It seems good !
For such purpose I use this kind of rules iptables -P INPUT DROP ... iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT ... iptables -A INPUT -m state --state NEW -p TCP --dport 110 --syn -m limit --limit 3/s --limit-burst 3 -j ACCEPT ... iptables -A INPUT -i lo -s 0.0.0.0/0 -d 0.0.0.0/0 -j ACCEPT ... iptables -A INPUT -m state --state NEW -j DROP If more than 3 connection/sec on POP3 port, drop the packet (in fact the real rule is "drop everything except if less than 3/sec on POP3 port" ) -----Original Message----- From: John Stile [mailto:j...@stilen.com] Sent: jeudi 6 septembre 2012 08:04 To: vchkpw@inter7.com Subject: [vchkpw] [SPAM] block vpopmail brute force Has anyone experienced people trying to brute force vpopmail? I'm sick of it, so I cron'ed a little script others might enjoy. http://stilen.com/scripts/perl/vpopmail_fail2drop.pl Feedback appreciated. !DSPAM:50484d0434211692219258!
