[ postfixadmin-Feature Requests-3413280 ] Limit Failed AUTH attempts?
Brought to you by:
christian_boltz,
gingerdog
Menu
▾
▴
[ postfixadmin-Feature Requests-3413280 ] Limit Failed AUTH attempts?
|
From: SourceForge.net <no...@so...> - 2011-09-23 11:47:52
|
Feature Requests item #3413280, was opened at 2011-09-23 07:47 Message generated for change (Tracker Item Submitted) made by libertytrek You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937967&aid=3413280&group_id=191583 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: None Group: None Status: Open Resolution: None Priority: 5 Private: No Submitted By: Charles (libertytrek) Assigned to: Nobody/Anonymous (nobody) Summary: Limit Failed AUTH attempts? Initial Comment: I searched and didn't see an existing Feature Request for this, but may have missed something... Is it feasible/possible to add a function in postfixadmin that would temporarily lock out a user account after a configured number of AUTH attempt failures within a specifid time period? For example, consider a hack attempt on a specific users account - I'd like to be able to lock out a users account for, say, 5 minutes, after 3 failed AUTH attempts. So, after 3 failed attempts (bad password, any attempt to log in to that users account gets a TEMPFAIL for 5 minutes, then it will allow up to 3 more tries. Even better would be a way to lock it out permanently after 3 failed cycles on the same day. Anyway, not sure this is doable in postfixadmin, but it sure would add a large extra layer of security. Or... does anyone know if this is possible with fail2ban already? ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937967&aid=3413280&group_id=191583 |
