Markus Stumpf([EMAIL PROTECTED])@2001.04.24 19:47:37 +0000:
> On Tue, Apr 24, 2001 at 11:48:09AM +0700, Kittiwat Manosuthi wrote:
> > Anybody know how to delay failed authentication attempts to prevent
> > brute force pwd cracking on POP3 server using qmail & vpopmail?
>
> IMHO not out of the box.
> But you surely could construct something in checkpassword that uses
> a (process independent) ip related counter and just as you use POP after SMTP
> to enable relaying you could add
> <ip>:deny
> lines to your tcpserver control file.
maybe add it to tcpserver?
okay, it would have to have a scoreboard or whatever you might call it
and so fopen() is invoked (maybe) too often... comments?
/k
--
> "What's the best part of getting a blowjob? Five minutes of silence."
KR433/KR11-RIPE -- http://www.webmonster.de -- ftp://ftp.webmonster.de
[Key] [KeyID---] [Created-] [Fingerprint-------------------------------------]
GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 BF46
