Am 03.07.2013 04:11, schrieb Stan Hoeppner: > On 7/2/2013 8:32 PM, Professa Dementia wrote: >> On 7/2/2013 6:21 PM, John Fawcett wrote: >>> dnsbl's are a popular method to prevent listed ips from making >>> connections to mta software. >>> >>> cf. postscreen_dnsbl_sites in postfix >>> >>> Would it be possible to introduce such a feature in dovecot, so that >>> connections can be denied >>> based on a dnsbl lookup (where the precise dnsbls used are configurable)? >>> >>> John >>> >> >> Let's back up a bit. This does not seem like a feature that Dovecot needs. >> >> Rather, what problem are you trying to solve? Maybe there is an >> existing or better way to accomplish it. > > Based on John's recent thread on postfix-users on the same general > subject, I'd guess he's trying to stop rouge/malicious connections. >
so perhaps fail2ban might help, or construct something out of syslog and iptables recent, or use dovecot deny etc http://wiki2.dovecot.org/HowTo/Fail2Ban http://wiki2.dovecot.org/Authentication/RestrictAccess http://wiki2.dovecot.org/PasswordDatabase/ExtraFields/AllowNets only german, but code should understandable anyway for new coding ideas http://sys4.de/de/blog/2012/12/28/botnets-mit-rsyslog-und-iptables-recent-modul-abwehren/ usually fail2ban is enough for brute force pop3/imap, but blocking ips is a problem ever with nat clients Best Regards MfG Robert Schetterer -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Axel von der Ohe, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
