Hi, On Thu, 2004-02-12 at 01:21, knom wrote: > I finished the Patch forqmail-pop3d which doesn't allow more then xx logins > every yy seconds.
Please see my post to the sourceforge tracker [874660]. Can we see the patch anywhere? > If you log in more often then eg. 10 times in 5 minutes you get an error > message which says, that you have to wait xx minutes until relogin. > Thats quite good against pop3 bruteforcing, I think ! - and, not to nitpick - but imho it's a bad idea to show the timeout. It would be a handy tool for DOS'ers. They could easily optimize the attack specific to your site. /Anders
