Security risk of POP3 & IMAP protocols

Alain Williams addw at
Fri Feb 13 10:30:46 EST 2009

[23~On Fri, Feb 13, 2009 at 03:21:06PM +0000, Ian Eiloart wrote:
> --On 13 February 2009 14:35:43 +0000 Alain Williams <addw at> 
> wrote:
> >That got me thinking ....
> >I rate limit ssh connections to try to prevent dictionary attacks (3
> >attempts/3 minutes/IP address). If I were to do the same with IMAP would
> >that cause problems with some clients, ie are there some clients that to
> >many connect/disconnects ?
> Yes. Anything that opens a bunch of mailboxes at the same time might be 
> doing way more than that. You should be measuring "failed attempts", not 
> "attempts".

Yes, but I do the rate limiting with iptables (Linux firewall).
I don't know how to feedback failed attempts to iptables.

Alain Williams
Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer.
+44 (0) 787 668 0256
Parliament Hill Computers Ltd. Registration Information:
Past chairman of UKUUG:
#include <std_disclaimer.h>

More information about the Info-cyrus mailing list