On the theory that the dictionary attacks on my POP3 and IMAP ports came from hosts that were "frustrated" by the ability of the program "denyhosts" to thwart attacks on ssh ports, I converted the "hosts.deny" list produced by "denyhosts" (using a word processor) to the format required by makedat and have been using that host list to turn away attacks on the POP3 and IMAP ports with couriertcpd. In the past 24 hours the heavy stream of "LOGIN FAILED" log entries (since I began using the technique) has been cut to zero.
There has otherwise been no sign in the logs that couriertcpd is active, however, as apparently a host rejection is not in the "error" category that couriertcpd is set up to log. Normal client logins appear to have not been affected. Thanks to all who have made suggestions... ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
