> On 16 Jan 2023, at 16:49, Michael Grimm <trash...@ellael.org> wrote:
>
> Hi,
>
> I wonder if the following condition for triggering blacklistd is appropriate:
>
>
> /* notify blacklistd of SASL authentication failure */
> pfilter_notify(1, vstream_fileno(state->client));
> return (-1);
> }
>
> If I am not mistaken blacklistd will become notified even after a 'Temporary
> authentication failure'.
>
> Has this been intended?
Yes, because even an temporary failure could be a result of a “brute force
attack”.
—
Juraj Lutter
o...@freebsd.org
