It seems good !

For such purpose I use this kind of rules

iptables -P INPUT DROP
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -m state --state NEW -p TCP --dport 110 --syn -m limit 
--limit 3/s --limit-burst 3 -j ACCEPT
iptables -A INPUT -i lo -s -d -j ACCEPT
iptables -A INPUT -m state --state NEW -j DROP

If more than 3 connection/sec on POP3 port, drop the packet (in fact the real 
rule is "drop everything except if less than 3/sec on POP3 port" )

-----Original Message-----
From: John Stile [mailto:j...@stilen.com] 
Sent: jeudi 6 septembre 2012 08:04
To: vchkpw@inter7.com
Subject: [vchkpw] [SPAM] block vpopmail brute force

Has anyone experienced people trying to brute force vpopmail?  

I'm sick of it, so I cron'ed a little script others might enjoy.


Feedback appreciated.


Reply via email to