I am seeing this pattern now very often. 
Every weekend someone tries to gain unauthorized access to the my imap
servers by trying random username / passwords 

Yesterday by afternoon someone had tried half a million times on my
servers from I have written to the abuse contact
address ... not that I expect any reply anyway

I would like to configure cyrus such a way that if there are 10 failed
logins from an ip address in 10 minutes and no successful logins just
block the IP address.  ( Or inject the ip into my firewall ) 

Is there something similar already available


Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Reply via email to