[imp] "horde imp" lock out after x failed login attempts

Jan Schneider jan at horde.org
Mon Sep 12 15:50:35 UTC 2016 

Zitat von Michael Martinell <michael.martinell at itctel.com>:

> Zitat von Michael Martinell <michael.martinell at itctel.com>:
>
>>> -----Original Message-----
>>> From: imp [mailto:imp-bounces at lists.horde.org] On Behalf Of Andy
>>> Dorman
>>> Sent: Thursday, September 08, 2016 4:35 PM
>>> To: imp at lists.horde.org
>>> Subject: Re: [imp] "horde imp" lock out after x failed login attempts
>>>
>>> On 09/08/2016 03:53 PM, Michael Martinell wrote:
>>>> We have ours configured to use imp for authentication.  Count bad
>>>> logins is checked.  Login_block_count is 5.  Login_block_time is 5.
>>>>  Login_block is checked.
>>>>
>>>> It does not lock the user out even after several bad attempts.
>>>>
>>>> Michael Martinell
>>>> Internet Systems Technician
>>>> Interstate Telecommunications Coop., Inc.
>>>>
>>>> -----Original Message-----
>>>> From: imp [mailto:imp-bounces at lists.horde.org] On Behalf Of Arjen de
>>>> Korte
>>>> Sent: Thursday, September 08, 2016 3:44 PM
>>>> To: imp at lists.horde.org
>>>> Subject: Re: [imp] "horde imp" lock out after x failed login
>>>> attempts
>>>>
>>>> Citeren Michael Martinell <michael.martinell at itctel.com>:
>>>>
>>>>> We are looking for a way to lock a user out of webmail after a
>>>>> configurable amount of failed login attempts.  Preferably this
>>>>> would redirect the user to a different web page directing them to
>>>>> call support.  I am unable to locate this information anywhere in
>>>>> the documentation.  What options exist that would support this?
>>>>
>>>> See the 'Authentication' tab in the Horde configuration. It will
>>>> allow you to set limits on failed logins and how long to block users
>>>> after this limit has been exceeded.
>>>>
>>>>> Michael Martinell
>>>>> Internet Systems Technician
>>>>>
>>>
>>> What do your logs say when this happens?
>>>
>>> This is what I see in the logs when I put in the wrong password.
>>> Sep  9 08:03:40 www001 HORDE: [imp] [login] Mail server denied
>>> authentication. [pid 14232 on line 730 of
>>> "/usr/local/www/sites/horde5.itctel.com/imp/lib/Imap.php"]
>>> Sep  9 08:03:40 www001 HORDE: [horde] FAILED LOGIN for itc_mmartinell
>>> to horde (75.102.161.136) [pid 14232 on line 199 of
>>> "/usr/local/www/sites/horde5.itctel.com/login.php"]
>>>
>>>
>>> I can try it with the wrong password as many times as I want, but it
>>> never seems to lock it out.  As soon as I put in the correct
>>> password, I immediately get logged in.  It does not appear to be
>>> locking the account for 5 minutes after 5 failed retries.
>>>
>>> In this case I failed to login 10 times, receiving the above message
>>> every time.  As soon as I put in the correct password I immediately
>>> logged in without error.
>>>
>>> Sep  9 08:04:32 www001 HORDE: [imp] Login success for itc_mmartinell
>>> (75.102.161.136) to {imap://mail001.internal.itctel.com/} [pid 14223
>>> on line 157 of
>>> "/usr/local/www/sites/horde5.itctel.com/imp/lib/Auth.php"]
>>
>> Do you have the History and Lock systems configured and working?
>>
>> --
>> Jan Schneider
>> The Horde Project
>> http://www.horde.org/
>>
>> --
>> imp mailing list
>> Frequently Asked Questions: http://wiki.horde.org/FAQ To unsubscribe,
>> mail: imp-unsubscribe at lists.horde.org
>>
>> I am not sure where the documentation for these settings are at.
>> Where are the instructions for this?
>>
>> Here is what I have:
>>
>> From Imp conf.php
>> $conf['maillog']['driver'] = 'history';
>>
>>
>> From Horde conf.php
>> $conf['auth']['params']['app'] = 'imp'; $conf['auth']['driver'] =
>> 'application'; $conf['auth']['params']['count_bad_logins'] = true;
>> $conf['auth']['params']['login_block'] = true;
>> $conf['auth']['params']['login_block_count'] = 5;
>> $conf['auth']['params']['login_block_time'] = 5;
>> $conf['signup']['allow'] = false;
>
> See the 'history' and 'lock' settings in Horde's conf.php.
>
> --
> Jan Schneider
> The Horde Project
> http://www.horde.org/
>
> --
> imp mailing list
> Frequently Asked Questions: http://wiki.horde.org/FAQ To  
> unsubscribe, mail: imp-unsubscribe at lists.horde.org
>
>
> Horde conf.php
> $conf['lock']['params']['driverconfig'] = 'horde';
> $conf['lock']['driver'] = 'Sql';
>
> $conf['history']['params']['driverconfig'] = 'horde';
> $conf['history']['driver'] = 'Sql';

Looks good, it should work. Please create a ticket on bugs.horde.org.

-- 
Jan Schneider
The Horde Project
http://www.horde.org/

More information about the imp mailing list