>> An other way to catch clients that are misbehaving is to count nr of >> entries for user_deny for that user in the log file. The client that >> is misbehaving is always at the head of the list. > > We have a plan to keep the count in the cyrus.index header and > make it available via an annotation(metadata). > > https://bugzilla.cyrusimap.org/show_bug.cgi?id=3562 How are people looking at this now? It's clear that in my situation it's causing issues... I was thinking to maybe use fail2ban to block the users to make to many log entries with user_deny. But after looking at fail2ban it needs a hostname in the logline. Which the logged messages doesn't have. Although I could say the username is the hostname I think. An other option would be to coble something together with logstash/statsd and graphite I think... Any other easier solution anybody can think of? Thanks, -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Rudy Gevaert e-mail: Rudy.Gevaert@xxxxxxxx Directie ICT, Afdeling Infrastructuur Groep Systemen tel: +32 9 264 4750 Universiteit Gent fax: +32 9 264 4994 Krijgslaan 281, gebouw S9, 9000 Gent, Belgie www.UGent.be -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- ---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
