Access Control for POP3 / IMAP
Huaqing Zheng
huasome at gmail.com
Thu Feb 8 16:11:43 EST 2007
On 2/8/07, Martin Schwartz <martin.schwartz at java-info.de> wrote:
> Hello,
>
> it seems some guy wants to hijack POP/IMAP accounts from time to time;
> trying out passwords by brute force. I'm not sure about the best way to
> handle this.
>
> - do you know of a (cyrus or non cyrus) way to block or slow down the
> access for an IP / username after n insuccessful login attempts?
Check out fail2ban. It's a script that sits and looks at the logs of
your choice for failed access attempts and then adds iptable rules to
block IP addresses for a period of time based on number of fail access
attempts. Should be fairly easy to configure it to look at your cyrus
log and block brute force attacks.
--
Huaqing Zheng
Beer and Code Wrangler at Large
More information about the Cyrus-sasl
mailing list