Dovecot Auth Tries Spam
Silvio Siefke
siefke_listen at web.de
Mon Jul 7 13:22:45 UTC 2014
Hello,
i more and more become this messages in logs:
Jul 6 20:43:56 ks3374456 dovecot: auth: Error: passwd-file(jean at proxy.silviosiefke.com,213.130.118.102): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory
Jul 6 21:35:32 ks3374456 dovecot: auth: Error: passwd-file(jennifer at proxy.silviosiefke.com,41.160.109.28): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory
Jul 6 21:35:38 ks3374456 dovecot: auth: Error: passwd-file(jennifer at proxy.silviosiefke.com,41.160.109.28): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory
Jul 6 21:35:44 ks3374456 dovecot: auth: Error: passwd-file(jennifer at proxy.silviosiefke.com,41.160.109.28): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory
Jul 6 22:27:13 ks3374456 dovecot: auth: Error: passwd-file(jack at proxy.silviosiefke.com,203.113.206.105): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory
Jul 6 22:27:20 ks3374456 dovecot: auth: Error: passwd-file(jack at proxy.silviosiefke.com,203.113.206.105): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory
Jul 6 22:27:26 ks3374456 dovecot: auth: Error: passwd-file(jack at proxy.silviosiefke.com,203.113.206.105): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory
Jul 6 22:36:49 ks3374456 dovecot: auth: Error: passwd-file(eric at proxy.silviosiefke.com,41.21.178.38): stat(/var/vmail/auth.d/proxy.silviosiefke.com/passwd) failed: No such file or directory
I understand not, because i have set dovecot so it launched only on my
vpn ips. Give there a way to underbind this tries? I have installed
fail2ban. Maybe im stupid, because this help not or i has set wrong
entrys.
<dovecot>
service imap-login {
inet_listener imap {
address = 10.8.0.1
port = 12520
}
inet_listener imaps {
address = 10.8.0.1
port = 12550
}
}
</dovecot>
<fail2ban>
[dovecot]
enabled = true
filter = dovecot
action = iptables-multiport[name=dovecot, port="pop3,pop3s,imap,imaps,submission,465,sieve", protocol=tcp]
logpath = /var/log/mail.log
[dovecot-auth]
enabled = true
filter = dovecot
action = iptables-multiport[name=dovecot-auth, port="12520,12550,submission,465,sieve", protocol=tcp]
logpath = /var/log/mail.log
</fail2ban>
Thanks for help & Nice day
Silvio
More information about the dovecot
mailing list