on 11-21-2008 11:53 AM Scott Silva spake the following: > on 11-20-2008 5:31 PM Kai Schaetzl spake the following: >> Scott Silva wrote on Thu, 20 Nov 2008 16:03:04 -0800: >> >>> CentOS 4 comes with a very OLD version of dovecot. >>> If you are using dovecot, you can get a much newer version at atrpms.net. >>> The upgrade might be all you need to fix it. >> The dovecot in CentOS 5 exhibits the same problem when hammered by >> dictionary attacks. Is the atrpms version newer? >> >> Kai >> > You can get 1.0.15 which is the recent stable for the 1.0 series, and you can > get 1.1.16 which has many new improvements over 1.0, and is the current stable > branch. I think the 1.1 branch has some changes to the auth code that might > help. Read the dovecot wiki for the steps you need to follow to upgrade, > especially if you want to go back. > > I really recommend you at least go to the 1.0 branch instead of the 0.99 beta > in CentOS 4. The indexing improvements alone are worth it. > Another option is something like fail2ban, and have it drop the connections and add a firewall rule when you get too many bad attempts on that port. Fail2ban can read the logs and act for you before it gets too bad. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't!!!! -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 250 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20081121/70f51a1c/attachment-0005.sig>