I like to follow along here so I can learn from others'
experiences...just what are dovecot and pam?
At 2007-04-15 11:49, you wrote:
>So, if PAM is causing this then we should be able to duplicate this with any
>other services as well. We have others reported dic attacks on ssh and maybe
>I am wrong, but I don't think that the servers experience the same behaviour
>after as with dovecot, true not necessarily the same exactly.
>
>So the question for me at least is this a dovecot issue or a PAM issue?
>
>It can be one or the other or a combination of both perhaps, but we should
>be able to duplicate it to identify the problem and perhaps aim for a
>solution.
>
>IMHO anyway...
>
>
>-----Original Message-----
>From: Brian N. Smith [mailto:brian (at mark) nuonce.net]
>Sent: Saturday, April 14, 2007 10:52 PM
>To: coba-e (at mark) bluequartz.org
>Subject: [coba-e:09569] Re: Dovecot/POP3 Flood
>
> > If PAM is the issue why we don't see this behavior with other services
> > as well?
>
>Apache - Doesn't use it
>Sendmail - Doesn't use it normal (maybe for SMTP-Auth, but that is it) DNS -
>Doesn't use it MySQL - Doesn't use it Proftpd - Uses it.
>Dovecot - Uses it
>SSH - Uses i
Brent Epp
mailto:brent (at mark) pdcweb.net