On 10-03-04 00:51:40, to...@tuxteam.de wrote: > On Wed, Mar 03, 2010 at 03:39:28PM -0500, Tony Nelson wrote: > > Dovecot allows a large number of login attempts per connection. > > I'd like to reduce that number to, say, 1, and let my firewall keep > > the ducks at bay, > > If the firewall is the one to do the job, I'd recommend an external > application like fail2ban. It watches the logs and bans IP addresses > with too many failures -- the nice thing is that it's able to cover > all applications listening on external ports. You can define patterns > in log files to which it has to react (but it comes with a good set > of pre-defined patterns -- at least on popular GNU/Linux distros).
I already have something that works with any program secure enough not to allow unlimited login attempts. Using fail2ban might work if I configure it enough to sever existing connections. > > but I can't find anything in /etc/dovecot.conf or by > > googling. How do I do it? Do I need to patch the source? > > I don't know about such a setting (but I don't know everything about > Dovecot either!). Anyway, then it'd still the Dovecot process dealing > with the rouge login attempts -- it seems better to keep them at the > firewall level with the approach above. Yes, and I'm going to use the firewall -- once I can get Dovecot to limit the number of login attempts per connection. Looking at the source, I see that there are no options. It tarpits a bit, but currently has no limit on the number of attempts. I'll see what I can do. -- ____________________________________________________________________ TonyN.:' <mailto:tonynel...@georgeanelson.com> ' <http://www.georgeanelson.com/>