[Dovecot] SQL/LDAP Lockouts?
Ben Beuchler
insyte at emt-p.org
Fri Dec 10 19:29:42 EET 2004
On Fri, Dec 10, 2004 at 08:56:03AM -0800, Dan Stromberg wrote:
> 1) If you get a good auth, you're in
> 2) If you get a bad auth, or the response takes more than n
> milliseconds/seconds, try the next password
Is there any reason to make tarpitting logic non-persistent? It seems a
robust implementation would keep track of IPs that have failed logins.
Removing the record, of course, at the first successful login.
-Ben
--
Ben Beuchler There is no spoon.
insyte at emt-p.org -- The Matrix
More information about the dovecot
mailing list