Can't login to Dovecot during distributed imap login attack

rch7

• April 21, 2021 18:40

Can't login to Dovecot, e.g. from Cpanel "Check Mail" link to Roundcube, when distributed imap/pop3 login attack is going on. The question isn't about attack mitigation, but how to prevent it to from locking out imap login with correct password for the same email account at least temporary. Is it some standard PAM setup issue? Contents /etc/pam.d/dovecot are: #%PAM-1.0 auth required pam_nologin.so auth include system-auth account include system-auth session include system-auth CentOS 7.9.2009 Cpanel v94.0.4

• 

  cPRex Jurassic Moderator

  • April 22, 2021 13:41

  Hey there! This is more likely a cPHulk issue if you have that tool enabled on the system: cPHulk Brute Force Protection | cPanel & WHM Documentation Can you check that area and see if that is what you're experiencing?

  0
• 

  rch7

  • April 23, 2021 02:22

  Thank you it should be the issue

  0

Please sign in to leave a comment.