limit pop login per user and per minute
Mark Moseley
moseleymark at gmail.com
Fri Mar 23 00:25:01 EET 2018
On Thu, Mar 22, 2018 at 1:41 PM, Joseph Tam <jtam.home at gmail.com> wrote:
> On Thu, 22 Mar 2018, Markus Eckerl wrote:
>
> The problem is, that he misconfigured the servers of these customers. In
>> detail: their servers are trying to fetch email every 2 - 5 seconds. For
>> every email address.
>>
>> In the past I contacted the technician and told him about his mistake.
>> He was not very helpful and simply told me that he is doing the same
>> configuration since several years at all of his customer servers.
>> Without problems. It is up to me to fix my problem myself.
>>
>
> Seems to me you're bending over backwards to fix someone else's problem,
> and what you really need is an "attitude adjustment" tool for obnoxious
> clients who use your service like they're the only ones that matter.
>
> Apart from what others can suggest (I think dovecot allows delegation
> of usage to a separate policyd service), you can perhaps use firewall
> throttling e.g.
>
> https://making.pusher.com/per-ip-rate-limiting-with-iptables/
>
> It can't do it per user, but perhaps it is better to set a global limit
> and let your downstream client better manage and conserve a limited
> resource.
>
>
Might be a good use of the new authpolicy stuff. You could run a local
weakforced with 1 minute windows and break auth for certain IPs that do
more than one login per minute.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20180322/f2486a66/attachment.html>
More information about the dovecot
mailing list