For wrong auth , how to block IP or introduce delay for sender in real time ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


Hello all  ,

I am having mailserver with centos 6.3 + cyrus-imad + postfix + ldap
We are using cyrus-sasl-2.1.23-13.el6.x86_64  with 'PAM' Mechanism .

Many spammer are trying to hack password for doing many authentication  with pop3 + imap + smtp  services.
on server Fail2ban hass been  added , but its blocking hacker IPs after certain interval  and not in real time.  Which is the actual issue.

I am looking for some real-time blocking where that particular  spammer IP + email id must get block  .

I believe this issue is very common with other too ,  is there any option in 'saslauthd'  /  postfix  / cyrus-imapd for below requirement ?

1)  If server receive the wrong password , then is it possible to introduce the delay of say 5-10 seconds to sender client ? So that spammer will do less attempt ?
2)  After given wrong password attempt more than 3 time , the particular "IP + email id" must get block for next 5-10 min.
And then need to unblock after  that. 
3) I check PAM-ABL , but its not working for
'saslauthd'' with pop / imap / smtp . Because I came to know that 'saslauthd'' is not getting IP of source . 
How to pass  source IP to
"saslauthd''  along with email id , password and relam .  Is there any patch available for this ?

Please suggest

Jayesh Shinde

[Index of Archives]     [Info Cyrus]     [Squirrel Mail]     [Linux Media]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux