cyrus sasl Password lock after n failed attempts

[Dan White]

On 10/12/12 10:21 +0530, Ram wrote:
>Hi
>I am using cyrus saslauthd with pam_ldap for authentication.
>
>Off late I have seen lots of attempts at getting in weak weak passwords.
>Is there a way I can implement password lock out  within cyrus if there
>are more than n consecutive bad attempts

I am not aware of a sasl specific way to lock out accounts automatically.

If your ldap server is OpenLDAP, see slapo-ppolicy(5). Other approaches
include logcheck, pam_tally, and (linux specific):

http://www.debian-administration.org/articles/187

-- 
Dan White