On 12/01/2026 22:59, Michael Peddemors via dovecot wrote:
On 2026-01-09 18:04, Joseph Tam via dovecot wrote:
102/189 (54%) were listed by at least one of the RBLs, with the
following stats
RBL hits rate rate (>0 hits)
(col#1) bl.blocklist.de 93 49% 91%
(col#2) auth.spamrats.com 52 28% 51%
(col#3) xbl.spamhaus.org 19 10% 19%
Forgot one caveat, try to avoid larger RBL's that list dynamic IPs as
well, while it might be tempting to try to stop all the 'bot'
activity, bots' are not the biggest threat, and are easier to stop..
blocking DUL IPs too will only get you complaints..
It's the real bad actors that RBL's help for IMAP Auth protection ;)
Oh, and watch the increasing number of residential 'proxies'.. and do
you REALLY want people logging in through VPN's? You want to know who
is accessing your customer email accounts.
An even bigger threat, those people who still allow POP 110, or IMAP
143, be nice if that was deprecated in dovecot and every other mail
platform.. SSL/TLS only..
Have a great and safe 2026 everyone!
Hi Michael
I personally disabled pop3 but I would still leave it in the software in
case people still find a need for it. I also use IMAP port 143 with
STARTTLS so it should be ok.
Dovecot setting (2.3 at least) disable_plaintext_auth = yes should stop
people authenticating over a non secure connection and that is the default.
It is an interesting point about VPNs. I have some experience of bad
actors over VPNs. If I could block VPNs I would do it. Is there a list
of VPN ips somewhere?
best regards
John
_______________________________________________
dovecot mailing list -- [email protected]
To unsubscribe send an email to [email protected]
