On Oct 17, 2015, at 1:45 AM, Jayesh Shinde <[email protected]> wrote: > Many spammer are trying to hack password for doing many authentication with > pop3 + imap + smtp services. on server Fail2ban has been added , but its > blocking hacker IPs after certain interval and not in real time. Which is > the actual issue. > > I am looking for some real-time blocking where that particular spammer IP + > email id must get block.
You can’t do “real time” blocking because then anyone who miskeys a password will be banned. Fail2ban works very well with default settings. > 1) If server receive the wrong password , then is it possible to introduce > the delay of say 5-10 seconds to sender client ? So that spammer will do less > attempt? You could look into a tarpit milter that works with postfix. I don’t know of one, but Google is your friend. > 2) After given wrong password attempt more than 3 time , the particular "IP > + email id" must get block for next 5-10 min. fail2ban should do that. > And then need to unblock after that. And that. -- You know, Rick, I have many a friend in Casablanca, but somehow, just because you despise me, you are the only one I trust.
