[Dovecot] SQL/LDAP Lockouts?

Paul Reilly pareilly at tcd.ie
Thu Dec 9 23:20:21 EET 2004


> This sounds like something that should go in a pam module.
>
Yep - indeed.
If your system supports pam of course :)

> Then again, the convention net.wisdom at least -used- to be that this
> was a bad idea, because it became an easy DOS attack.
>
I take your point. But at the same time if there's no lockout mechanism
a brute force attack will eventually guess the passwords.

Paul



More information about the dovecot mailing list