Re: [IMail Forum] AAaa! dictionary lock-out bug

Travis Rabe Mon, 31 Jul 2006 09:08:54 -0700

And what if one of them get their password stolen/hacked/misused? What if there network is compromised? It is either fail safe and fail not so safe. What would you prefer to happen if not fail safe?

Travis

On 7/31/06, Oblio <[EMAIL PROTECTED]> wrote:

Ok, how did this get over-looked in development?  I have an
*authenticated* user who's trying to send a message to another user
in the same domain, but the recipient doesn't exist.  After my [hard
error limit] number of failures, the server locks out their IP,
effectively blocking any mail from anyone in the domain (165 users)!  Oops?

I'm all for protecting against dictionary attacks, but shouldn't we
be a little more forgiving to *authenticated local users*???

To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/

--
Regards,
Travis Rabe
[EMAIL PROTECTED]

Re: [IMail Forum] AAaa! dictionary lock-out bug

Reply via email to