On 13-02-07 11:43 AM, Ben wrote:
Slightly off topic, but an alternative to fail2ban is, I believe,
password policy overlay for ldap (if using ldap for auth). I allows a
limit on max login attempts within a set time period among other
features This sas the advantage of locking the account at the source so
it works on sogo, imap, smtp tls, etc, et
It depends on your needs I guess.
With fail2ban you block the ip or do some arbitrary processing with the
ip, with password policy you lock the account (which can mean that
anyone can lock any account - DoS).
--
Jean Raby
[email protected] :: +1.514.447.4918 (x120) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
(www.packetfence.org)
--
[email protected]
https://inverse.ca/sogo/lists
