Hello SOGo team, I'm seeing several POST /SOGo/so/passwordRecoveryEnabled requests, coming from multiple IPs from the internal network. These average about 5 to 10 requests per minute. There is no indication of malicious activity, as only this endpoint is contacted and it comes from several internal IPs, which makes me suspect this is caused by the way this software functions. I looked up this issue online, including other threads on the mailing list but found nothing so far, anyone has a clue on what might be happening?
Thank you. Best regards, Joaquim Antonio
