Hello!
I am using fail2ban (http://www.fail2ban.org/wiki/index.php/Main_Page). Maybe it is useful for you, too. Best, Harti On 06 Sep 12, Thibault Richard wrote: > Hello, > > It seems good ! > > For such purpose I use this kind of rules > > iptables -P INPUT DROP > ... > iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT > ... > iptables -A INPUT -m state --state NEW -p TCP --dport 110 --syn -m limit > --limit 3/s --limit-burst 3 -j ACCEPT > ... > iptables -A INPUT -i lo -s 0.0.0.0/0 -d 0.0.0.0/0 -j ACCEPT > ... > iptables -A INPUT -m state --state NEW -j DROP > > > If more than 3 connection/sec on POP3 port, drop the packet (in fact the real > rule is "drop everything except if less than 3/sec on POP3 port" ) > > > -----Original Message----- > From: John Stile [mailto:j...@stilen.com] > Sent: jeudi 6 septembre 2012 08:04 > To: vchkpw@inter7.com > Subject: [vchkpw] [SPAM] block vpopmail brute force > > Has anyone experienced people trying to brute force vpopmail? > > I'm sick of it, so I cron'ed a little script others might enjoy. > > http://stilen.com/scripts/perl/vpopmail_fail2drop.pl > > Feedback appreciated. > > > > > > > > > > !DSPAM:5048545334212031748905!