[Dovecot] feature request: deny IP address via database
mcguire at neurotica.com
Tue Apr 8 06:51:36 EEST 2008
On Apr 7, 2008, at 5:02 PM, Charles Marcus wrote:
>>> Hey folks. One feature I'd really like to see in dovecot is the
>>> ability to point it at a database (with a configurable query) and
>>> have it allow or deny a connection based on looking up the source
>>> IP address in that database.
>> Is there any reason to do this at the application layer rather
>> than the network layer for Dovecot?
> I agree...
> Fail2ban is perfect for this...
Hi! Thank you for your suggestion. I agree that fail2ban is Very
Good Stuff, but not for my application. For a lone Linux box on the
end of a DSL pipe that does everything including its own firewalling,
it's clearly the right thing. My application, on the other hand,
involves a sizeable cluster of Solaris machines that do nothing
handle nothing but mail, with centralized configuration management,
and the firewall is elsewhere. What you suggested would be ideal
advice for many (maybe even most) applications, but in thise case I
"really do" want specifically what I asked for. :)
Port Charlotte, FL
More information about the dovecot