Dovecot High Load (brute force?)

Felipe Quiroz Sandoval

• September 14, 2016 12:18

- Removed Please Attach Images to Your Posts - I dont not how to deal with this. Thousand of process: /usr/local/cpanel/bin/dovecot-wrap /usr/libexec/dovecot/checkpassword-reply the only way to stop the server down was this command: pkill -f checkpassword-reply what can i do?

• 

  rpvw

  • September 14, 2016 17:51

  Most probably a brute force against dovecot CSF might help mitigate some of these attacks The following thread might be of some use: Brute force against dovecot

  0
• 

  Felipe Quiroz Sandoval

  • September 14, 2016 19:49

  thanks, but i configure csf with all bruteforce option enabled and nothing

  0
• 

  rpvw

  • September 14, 2016 20:20

  The only other suggestion I can make is to revise yourConfigure Dovecot - Documentation - cPanel Documentation

  0
• 

  cPanelMichael

  • September 22, 2016 14:43

  Hello Did you notice login attempts in the /var/log/maillog file when this was happening? That's a quick way of determining if it's a brute force attack causing the issue. Thank you.

  0

Please sign in to leave a comment.