ENXF NET
Administrator
Staff member
Administrator
Moderator
+Lifetime VIP+
S.V.I.P.S Member
S.V.I.P Member
V.I.P Member
Collaborate
Registered
- Joined
- Nov 13, 2018
- Messages
- 23,608
- Points
- 823
I'm running a LAMP VPS with AlmaLinux 8 and Apache, and I've installed a mail server using Postfix and Dovecot. Everything works fine for sending and receiving emails. However, I noticed that an intruder can establish a connection to Dovecot (e.g., using openssl s_client -connect mail.domain.com:993) and then brute force the username and password with unlimited attempts within the same live session.
Is there a configuration in Dovecot to terminate the current live session after 3 failed...
Read more
Continue reading...
Is there a configuration in Dovecot to terminate the current live session after 3 failed...
Read more
Continue reading...