I'm running a LAMP VPS with AlmaLinux 8 and Apache, and I've installed a mail server using Postfix and Dovecot. Everything works fine for sending and receiving emails. However, I noticed that an intruder can establish a connection to Dovecot (e.g., using openssl s_client -connect mail.domain.com:993) and then brute force the username and password with unlimited attempts within the same live session.
Is there a configuration in Dovecot to terminate the current live session after 3 failed...
Read more
Читать далее...
Is there a configuration in Dovecot to terminate the current live session after 3 failed...
Read more
Читать далее...
