I'm running the latest version of ASSP and I've possibly spotted a bug; some clients try authenticating with "PLAIN" login, fail, retry using the "LOGIN" mechanism and succeed, here's a log snippet
info: authentication - plain is used info: authentication (PLAIN) realms - foruser:[email protected], user:[email protected] [SMTP Error] 535 Authentication failed. Restarting authentication process. info: authentication - login is used info: authentication (LOGIN) realms - user:[email protected] authenticated to 192.0.2.1 now, the problem is that (apparently) after the successful authentication ASSP does not reset the "failed login count" for the sending IP, so, if the client sends a number of messages, after a while ASSP locks out the IP due to "too many auth failures"; now this sounds like a bug to me, since, after the IP successfully authenticates, its "fail count" should be reset to zero ------------------------------------------------------------------------------ _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
