Hi,
On Monday 05 October 2015 04:19 PM, Laura Creighton wrote: > I think that Aditya Jain's problem is that he (she?) He :) > doesn't understand that fail2ban takes a look at where the attackers > are coming from and bans _their_ Host from connecting. He thought > it worked by making his host unconnectable, which of course will not > work. I know how it works, I also use it in some places. The concern that I have is that most of the requests that my list receives come from very few organizations. This leaves me with a very small number of client IP addresses. If I block a particular IP address because some disgruntled person from the organization is trying to brute force, it will block access for other legitimate users from that organization (because they have only one IP dedicated to browsing traffic). That is why I was looking for something that can look at the username/email and block request or show captcha if number of failed attempts cross a certain limit, at application(mailman) level. I think this is sounding more like a feature request. Thanks & Regards Aditya Jain ------------------------------------------------------ Mailman-Users mailing list [email protected] https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
