Autor: Dzmitry Shykuts Data: Para: exim-users Assunto: Re: [exim] Make auth unsuccessful with some conditions
31.03.2023 11:20, Odhiambo Washington via Exim-users : > What server resources are you saving with selective authentication?
The goal is not to conserve server resources but to prevent hackers from
guessing passwords. Even if the hacker enters the correct user password,
if that user is not in the exceptions, the hacker will not know if he
entered the correct password. There are about 1000 users on my server,
but only 20 can send mail from the Internet.
Recently, the number of password guessing attempts has increased. Yes, I
have fail2ban installed, but security requires even more stringent measures.
In my configuration, for some reason, the server_condition for PLAIN
does not work, but for CRAM_MD5 it does. And the condition seems to be
simple. It's possible, of course, rewrite everything without a dovecot
driver, but if everything worked as it should, then it looks more
aesthetically pleasing and is much easier to understand.