It seems there was some kind of attack against dovecot on my server
(CentOS-5.5) with a hundred or so logwatch entries like:
=========================================
**Unmatched Entries**
dovecot-auth: pam_succeed_if(dovecot:auth):
error retrieving information about user admin
dovecot-auth: pam_succeed_if(dovecot:auth):
error retrieving information about user webmaster
=========================================
I googled for this, and it seems quite a common occurrence.
Basically, I'm wondering whether this is best met
at the dovecot level, or at my firewall?
I'm running shorewall, and I see advice
to impose a time-interval between successive attempts like these,
but I'm not sure of the best way to do this?
--
Timothy Murphy
e-mail: gayleard /at/ eircom.net
tel: +353-86-2336090, +353-1-2842366
s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
