> I _do_ use fail2ban. > However -- as I wrote -- it can be circumvented. > > Maybe you missed my first post. See > http://article.gmane.org/gmane.mail.postfix.user/254364
You are right, I missed the first one. I’m sorry for the noise. In your case, the functionality would need to be inside Postfix’s smtpd. A simple counter in the connection record and a check to see if the set limit is exceeded, all memory based. However, as far as I know it is not implemented. That would be an easy patch, around ten lines of code. If you write a clean patch it might make it into Postfix itself. However, brute forcing usernames and passwords with just dozens of attempts before Fail2Ban kicks in is not a big problem in my opinion. I tried looking up the docs, but I didn’t find any mention how long an unsuccessful session can last. Maybe we’ll see attempts that keep the connection open forever trying to crack accounts. Then someone will implement a fix, if you won’t ;-) -- Cheers Petri GSM +358 400 505 939
