Suggestion: Split login_trusted_networks
20 Jun
2014
20 Jun
'14
10:01 a.m.
Hi,
It seems the use of login_trusted_networks is overloaded.
Example:
- It's used for indicating which hosts you trust to provide XCLIENT remote IP's.
- It's used for indicating from which hosts you trust logins enough to disable auth penalty. (like in a webmail)
However... trustwise, this is trusting two different entities. The first case you put trust in the host. In the second case, you actually put trust in the user which uses the webmail (unless of course the webmail it self implements auth-penalties).
So you can't have one set of hosts which you trust for XCLIENT and another set of hosts you trust for not being the origin of brute force attacks.
/Peter
3839
Age (days ago)
3839
Last active (days ago)
0 comments
1 participants
participants (1)
-
Peter Mogensen