On 11/04/2019 12:49, Marc Roos via dovecot wrote:
Yes indeed, we have already own dnsbl's for smtp and ssh/ftp access. How
do you have one setup for dovecot connections?
Two answers:
1. I wrote my own very simple implementation but it does not share other
people's data. Sharing the key to viability so it is/was a pointless
exercise. Without sharing a hacker gets at least one free shot per
server per address. With sharing it is closer to one per address and
less with honeypots.
2. I said "dnsbl for dovecot is a good idea", an idea. When this was
raised previously we were told it was not needed and it can all be done
with tcp wrappers, fail2ban and allow_nets.
https://dovecot.org/list/dovecot/2013-July/091236.html
https://dovecot.org/list/dovecot/2014-June/096662.html