I don’t know of any vpopmail configuration for this but what I use for attacks like this is CSF/LFD (ConfigServer Firewall/ Login Failure Detection). I’m not familiar at all with BFD (Brute Force Detection) from R-fx Networks, but it may help in a similiar way…
I set it up to block failed authentication attempts on certain services, POP3 can be configured. It will watch the logs and block the offending IP after a certain amount of failed attempts within a given amount of time. Usually setting it to block the IP after 8-10 failed logins within the hour is enough to help with those types of attacks.
Hi
I have Brute Force Detection for ssh & ftp, will have another look if it can be used for vpopmail.
LFD looks good will take a look at that today.
Thank you for your reply, appreciated