Pegasus Mail & Mercury

Would be nice if this was available in the server modules to thwart dictionary attacks like so:

17:43:14.765: >> AUTH LOGIN<cr><lf>
17:43:14.792: << 334 VXNlcm5hbWU6<cr><lf>
17:43:15.613: >> d2VibWFzdGVy<cr><lf>
17:43:15.613: << 334 UGFzc3dvcmQ6<cr><lf>
17:43:16.425: >> IUAjJCVeJio=<cr><lf>
17:43:16.425: << 501 Authentication failed - bad user or password.<cr><lf>
17:43:17.378: >> AUTH LOGIN<cr><lf>
17:43:17.404: << 334 VXNlcm5hbWU6<cr><lf>
17:43:18.213: >> d2VibWFzdGVy<cr><lf>
17:43:18.213: << 334 UGFzc3dvcmQ6<cr><lf>
17:43:18.028: >> OTEx<cr><lf>
17:43:18.028: << 501 Authentication failed - bad user or password.<cr><lf>
17:43:19.835: >> AUTH LOGIN<cr><lf>
17:43:19.839: << 334 VXNlcm5hbWU6<cr><lf>
17:43:20.643: >> d2VibWFzdGVy<cr><lf>
17:43:20.643: << 334 UGFzc3dvcmQ6<cr><lf>
17:43:21.447: >> OTEx<cr><lf>
17:43:21.447: << 501 Authentication failed - bad user or password.<cr><lf>
17:43:22.478: >> AUTH LOGIN<cr><lf>
17:43:22.567: << 334 VXNlcm5hbWU6<cr><lf>
17:43:23.369: >> d2VibWFzdGVy<cr><lf>
17:43:23.369: << 334 UGFzc3dvcmQ6<cr><lf>
17:43:24.191: >> OTExMTE=<cr><lf>
17:43:24.191: << 501 Authentication failed - bad user or password.<cr><lf>
17:43:24.998: >> AUTH LOGIN<cr><lf>
17:43:24.000: << 334 VXNlcm5hbWU6<cr><lf>
17:43:25.810: >> d2VibWFzdGVy<cr><lf>
17:43:25.810: << 334 UGFzc3dvcmQ6<cr><lf>
17:43:26.610: >> OTExMTE=<cr><lf>
17:43:26.610: << 501 Authentication failed - bad user or password.<cr><lf>

and it is still going!

Have added the ip to the Connection Control list but an automatic option would be nice!

 

Has been implemented in MercuryS, MercuryP and MercuryI modules of the upcoming v4.6x release, looks like

554 Too many failed RCPT commands - terminating connection.