Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.mail.misc > #859

Re: Brute-forcing email accounts

Show all headers | View raw

>>>>> Hans-Georg Michna <hans-georgNoEmailPlease@michna.com> writes:

 > My mail server, running postfix and courier-imap etc., is
 > continuously under attack from sources trying to brute-force email
 > accounts.  They guess, often correctly, the email addresses and try
 > different passwords.

 > So far they have been largely unsuccessful, with one sad exception,
 > but I am asking myself whether there is not a relatively simple
 > defense.  Perhaps the attacking IP address could be blocked for some
 > time after three unsuccessful logon attempts.

	As stated, this problem looks like something Fail2ban can help
	you with.  See http://www.fail2ban.org/.

 > Of course I keep reminding my mail users to use sufficiently complex
 > passwords, but I cannot force them.

	Actually, you can.  For example, if your ESMTPSA and IMAPS
	services use PAM for authentication, you can configure it to
	check the new password with pam_cracklib and disallow the change
	if Cracklib says it's "weak."

 > My server runs under Plesk, and my knowledge of Linux is superficial.

	JFTR, I have no knowledge of Plesk whatsoever myself, so if
	there's anything specific to it, I'd hardly be of any help.

[...]

-- 
FSF associate member #7257  58F8 0F47 53F5 2EB2 F6A5  8916 3013 B6A0 230E 334A

Back to comp.mail.misc | Previous | Next — Previous in thread | Next in thread | Find similar

Thread

Brute-forcing email accounts Hans-Georg Michna <hans-georgNoEmailPlease@michna.com> - 2016-10-07 12:56 +0200
  Re: Brute-forcing email accounts Ivan Shmakov <ivan@siamics.net> - 2016-10-07 11:13 +0000
  Re: Brute-forcing email accounts Bruce Esquibel <bje@ripco.com> - 2016-10-07 21:40 +0000
  Re: Brute-forcing email accounts Hans-Georg Michna <hans-georgNoEmailPlease@michna.com> - 2016-10-10 18:32 +0200

csiph-web