On Apr 7, 2008, at 5:02 PM, Charles Marcus wrote:
Hey folks. One feature I'd really like to see in dovecot is the
ability to point it at a database (with a configurable query) and
have it allow or deny a connection based on looking up the source
IP address in that database.
Is there any reason to do this at the application layer rather
than the network layer for Dovecot?
I agree...
Fail2ban is perfect for this...
Hi! Thank you for your suggestion. I agree that fail2ban is Very
Good Stuff, but not for my application. For a lone Linux box on the
end of a DSL pipe that does everything including its own firewalling,
it's clearly the right thing. My application, on the other hand,
involves a sizeable cluster of Solaris machines that do nothing
handle nothing but mail, with centralized configuration management,
and the firewall is elsewhere. What you suggested would be ideal
advice for many (maybe even most) applications, but in thise case I
"really do" want specifically what I asked for. :)
-Dave
--
Dave McGuire
Port Charlotte, FL
