Security risk of POP3 & IMAP protocols
Alain Williams
addw at phcomp.co.uk
Fri Feb 13 10:30:46 EST 2009
[23~On Fri, Feb 13, 2009 at 03:21:06PM +0000, Ian Eiloart wrote:
>
>
> --On 13 February 2009 14:35:43 +0000 Alain Williams <addw at phcomp.co.uk>
> wrote:
>
> >That got me thinking ....
> >I rate limit ssh connections to try to prevent dictionary attacks (3
> >attempts/3 minutes/IP address). If I were to do the same with IMAP would
> >that cause problems with some clients, ie are there some clients that to
> >many connect/disconnects ?
>
> Yes. Anything that opens a bunch of mailboxes at the same time might be
> doing way more than that. You should be measuring "failed attempts", not
> "attempts".
Yes, but I do the rate limiting with iptables (Linux firewall).
I don't know how to feedback failed attempts to iptables.
--
Alain Williams
Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer.
+44 (0) 787 668 0256 http://www.phcomp.co.uk/
Parliament Hill Computers Ltd. Registration Information: http://www.phcomp.co.uk/contact.php
Past chairman of UKUUG: http://www.ukuug.org/
#include <std_disclaimer.h>
More information about the Info-cyrus
mailing list