[Dovecot] need to block user by IP address (tried denyhosts, xinetd, iptables etc)

Tom tom at limepepper.co.uk
Wed Nov 10 04:53:31 EET 2010


I am kind of restricted to using packaged versions of software due to 
company policy, and we have f12 on our mail server with 
dovecot-1.2.15-2.fc12.i686 package.

we have recently had some brute force attacks on the pop3 and imapd and 
this results in many processes being used for login attempts.

Our dovecot is hosted on a Virtual Private Server which restricts access 
to IPTABLEs and also make a limit on the number of processes that can be 

So I can't restrict the attackers IP addresses via IPTABLES, as we don't 
have access to that. I can't really patch dovecot as we are reliant on 
the distro packages.

I spent some time trying to get dovecot to run under xinetd but had no 
luck, and I read some reports that it was not possible using recent 

I was hoping some advice on what avenue I should proceed with to 
automatically block brute force attacks on the dovecot server, (that 
dont use iptables)



More information about the dovecot mailing list