Re: [Dovecot] How to limit max number of connections for ip address
Hi Timo: My question was because constantly we received brute force attack from some of ip address which uses pop3 service to affect dovecot's login proccess. For example: Error: Temporary failure in creating login processes, slowing down for now pop3-login: Info: Aborted login (auth failed, 1 attempts): user=admin, method=PLAIN, rip=A.B.C.D, Info: Aborted login (auth failed, 1 attempts): user=useradmin, method=PLAIN, rip=A.B.C.D, lip=X.Y.Z.A pop3-login: Info: Aborted login (auth failed, 1 attempts): user=admin123, method=PLAIN, rip=A.B.C.D, lip=X.Y.Z.A pop3-login: Info: Aborted login (auth failed, 1 attempts): user=administrator, method=PLAIN, rip=A.B.C.D, lip=X.Y.Z.A pop3-login: Info: Aborted login (auth failed, 1 attempts): user=adm, method=PLAIN, rip=A.B.C.D, lip=X.Y.Z.A auth(default): Info: shadow(best,A.B.C.D): unknown user dovecot: Error: pipe() failed: Too many open files dovecot: Error: Temporary failure in creating login processes, slowing down for now In the log above from dovecto.log file, we observed a lot of conections from IP address A.B.C.D to our email server with ip address X.Y.Z.A using pop3 login process. Is possible prevent this type of attacks with any dovecot option (maybe limit the number of max connections from one ip address or maybe upgrading my dovecot version)? Thanks for you help and time. Wilberth. El 23/02/2012 05:21 p.m., Timo Sirainen escribió: On 24.2.2012, at 0.33, Wilberth Perez wrote: Does any one , knows if is possible configure dovecot for limit max number of connections for IP address? I would like to prevent future fork-bombing attacks for pop3 and imap login process in my email server. Our dovecot version is : 1.2.10 There is mail_max_userip_connections setting which limits IP+username combination. Typically that should be enough to prevent fork bombing, because users normally don't have more than one account. Or you mean when some IP keeps connecting even without actually loggin in? http://wiki.dovecot.org/LoginProcess has some settings related to this, which should normally be quite helpful if the limits are right. smime.p7s Description: Firma criptográfica S/MIME
[Dovecot] How to limit max number of connections for ip address
Hi List: Does any one , knows if is possible configure dovecot for limit max number of connections for IP address? I would like to prevent future fork-bombing attacks for pop3 and imap login process in my email server. Our dovecot version is : 1.2.10 Thanks, Wilberth. smime.p7s Description: Firma criptográfica S/MIME
[Dovecot] Problem after upgrade dovecot v2.0.8
Hello, upgrade Dovecot from v1.2.10 to v2.0.8, after build a new configuration file following instructions of http://wiki2.dovecot.org/Upgrading/2.0 run dovecot I get this: auth: Error: Fatal: Dovecot version mismatch: Master is v2.0.8, dovecot-auth is v1.2.10 (if you don't care, set version_ignore=yes) log: Error: service(auth): child 3389 returned error 89 (Fatal failure) master: Error: service(auth): command startup failed, throttling Did any SSL configuration is missing? I am currently authenticating with dovecot and postfix. Any knows , how could i solved this problem? Thanks.
[Dovecot] Dovecot 2.0.8 don´t recognize aut h user format
My configuration file have this lines: # doveconf | grep user auth_anonymous_username = anonymous auth_master_user_separator = auth_socket_path = auth-userdb auth_ssl_username_from_cert = no auth_username_chars = abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ auth_username_format = %Lu -(in version 1.2.10 this work fine) auth_username_translation = default_internal_user = dovecot default_login_user = dovenull director_user_expire = 15 mins login_log_format_elements = user=%u method=%m rip=%r lip=%l mpid=%e %c mail_max_userip_connections = 10 in this new version, my user authentication fails: Debug: shadow(wpe...@mydomain,1.2.3.4): lookup Info: shadow(wpe...@mydomain,1.2.3.4): unknown user auth: Debug: client out: FAIL 2 user=wpe...@mydomain in my server only exists the user wperez, but dovecot uses the user wpe...@mydomain in this new version auth format changes? Thank you.
[Dovecot] how configure dovecot for not case sensitive login
Any knows how can say to dovecot that Login = user and Login = User are the same? Thanks.
Re: [Dovecot] how configure dovecot for not case sensitive login
On what parameter of dovecot could configure those variables ? Regards . wilberth. El 19/07/2010 10:40 a.m., Pascal Volk escribió: On 07/19/2010 05:36 PM Wilberth Perez wrote: Any knows how can say to dovecot that Login = user and Login = User are the same? Thanks. %Lu see also: http://wiki.dovecot.org/Variables Regards, Pascal
[Dovecot] How to Upgrade to dovecot 2.0rc2 from dovecot 1.x
Hi: Exists some instructions for /upgrade dovecot/ v1./2 to dovecot v2.0rc2 ? Cheers. /
[Dovecot] Problems with Dovecot + imaptest
Hi everyone: I´m trying to install imaptest on my server with Solaris 10, however i´m found in this moment with some instalations problems. Anyone knows what libraries need have installed ? ./configure --with-dovecot=/opt/setup/dovecot-1.2.10 make Error: make all-recursive make[1]: Entering directory `/opt/setup/imaptest-20100630' Making all in src make[2]: Entering directory `/opt/setup/imaptest-20100630/src' if gcc -DHAVE_CONFIG_H -I. -I. -I.. -MT checkpoint.o -MD -MP -MF .deps/checkpoint.Tpo -c -o checkpoint.o checkpoint.c; \ then mv -f .deps/checkpoint.Tpo .deps/checkpoint.Po; else rm -f .deps/checkpoint.Tpo; exit 1; fi checkpoint.c:3:17: lib.h: No such file or directory checkpoint.c:4:17: str.h: No such file or directory checkpoint.c:5:19: array.h: No such file or directory checkpoint.c:6:24: mail-types.h: No such file or directory In file included from checkpoint.c:7: settings.h:4:21: network.h: No such file or directory In file included from checkpoint.c:7: settings.h:40: error: syntax error before ARRAY_TYPE settings.h:40: warning: no semicolon at end of struct or union settings.h:46: error: syntax error before random_states settings.h:46: warning: data definition has no type or storage class settings.h:47: error: syntax error before no_tracking settings.h:47: warning: data definition has no type or storage class settings.h:51: error: syntax error before '}' token In file included from checkpoint.c:8: mailbox.h:4:29: seq-range-array.h: No such file or directory In file included from checkpoint.c:8: mailbox.h:13: error: syntax error before struct mailbox.h:13: warning: data definition has no type or storage class mailbox.h:18: error: syntax error before uoff_t mailbox.h:18: warning: no semicolon at end of struct or union mailbox.h:22: error: syntax error before sent_date mailbox.h:22: warning: data definition has no type or storage class mailbox.h:25: error: syntax error before headers mailbox.h:25: warning: data definition has no type or storage class mailbox.h:28: error: syntax error before const mailbox.h:28: warning: data definition has no type or storage class mailbox.h:32: error: syntax error before uint32_t mailbox.h:32: warning: no semicolon at end of struct or union mailbox.h:37: error: syntax error before ref0_timeout mailbox.h:37: warning: data definition has no type or storage class mailbox.h:39: error: syntax error before internaldate mailbox.h:39: warning: data definition has no type or storage class mailbox.h:48: error: syntax error before ':' token mailbox.h:69: error: syntax error before uint64_t mailbox.h:69: warning: no semicolon at end of struct or union mailbox.h:72: error: syntax error before '*' token mailbox.h:72: warning: data definition has no type or storage class mailbox.h:81: error: syntax error before '}' token mailbox.h:82: error: syntax error before struct mailbox.h:82: warning: data definition has no type or storage class mailbox.h:100: error: syntax error before struct mailbox.h:100: warning: data definition has no type or storage class mailbox.h:107: error: syntax error before uint64_t mailbox.h:107: warning: no semicolon at end of struct or union mailbox.h:110: error: syntax error before struct mailbox.h:110: warning: data definition has no type or storage class mailbox.h:112: warning: parameter names (without types) in function declaration mailbox.h:112: warning: data definition has no type or storage class mailbox.h:114: error: syntax error before messages mailbox.h:114: warning: data definition has no type or storage class mailbox.h:137: error: syntax error before time_t mailbox.h:137: warning: no semicolon at end of struct or union mailbox.h:140: error: syntax error before struct mailbox.h:140: warning: data definition has no type or storage class mailbox.h:141: error: syntax error before struct mailbox.h:141: warning: data definition has no type or storage class mailbox.h:144: error: syntax error before expunged_uids mailbox.h:144: warning: data definition has no type or storage class mailbox.h:150: error: syntax error before ':' token mailbox.h:151: error: syntax error before ':' token mailbox.h:152: error: syntax error before ':' token mailbox.h:153: error: syntax error before ':' token mailbox.h:154: error: syntax error before ':' token mailbox.h:163: error: syntax error before uint64_t mailbox.h:163: warning: no semicolon at end of struct or union mailbox.h:168: error: syntax error before keywords mailbox.h:168: warning: data definition has no type or storage class mailbox.h:171: warning: parameter names (without types) in function declaration mailbox.h:171: warning: data definition has no type or storage class mailbox.h:173: error: syntax error before messages mailbox.h:173: warning: data definition has no type or storage class mailbox.h:177: error: syntax error before ':' token mailbox.h:178: error: syntax error before ':' token mailbox.h:191: error: syntax error before mailbox_view_save_offline_cache mailbox.h:191:
Re: [Dovecot] Problems with Dovecot + imaptest
Hi Timo: Yes, My Path /opt/setup/dovecot-1.2.10 contains Dovecot's sources. So, I can´t use imaptest with dovecot 1.210 ? Cheers . wilberth. El 14/07/2010 10:43 a.m., Timo Sirainen escribió: On Wed, 2010-07-14 at 10:22 -0500, Wilberth Perez wrote: Hi everyone: I´m trying to install imaptest on my server with Solaris 10, however i´m found in this moment with some instalations problems. Anyone knows what libraries need have installed ? ./configure --with-dovecot=/opt/setup/dovecot-1.2.10 Does /opt/setup/dovecot-1.2.10 contain Dovecot's sources? Anyway, imaptest nowadays requires v2.0's sources (oops, the wiki is wrong, fixing now).