> On 23 Sep 2019, at 8.29, Plutocrat via dovecot <dovecot@dovecot.org> wrote: > > This is probably quite an easy question, but I haven't been able to find the > answer. I'm running a server where all the email addresses are in the format > "u...@domain.com". I've noticed that a large number of fake login attempts > use the format "user" eg. reception, service, root, admin. > > Is it possible to prevent any such logins to these email users without an > @domain.com? Or maybe ignore them. Or drop them from the logging. > > P.
you can add username_filter = *@domain.com or deny-passdb before actual passdb with username_filter = !*@domain.com https://doc.dovecot.org/configuration_manual/authentication/password_databases_passdb/ <https://doc.dovecot.org/configuration_manual/authentication/password_databases_passdb/> feature has existed since dovecot 2.2.30 Sami