I'm having a problem where a user's account it's being locked because of multiple failed login attempts. What I have done in other systems is to rename the user to something else, and create an alias with the old email address. This way, the attacker trying to brute-force the password guessing using the email alias will never succeed. The problem with Zimbra is that the system accepts the user password even if using the aliases as username. Is there a way to disable this behavior? Any other suggestion in mind?
Thank you in advance
Discuss your pilot or production implementation with other Zimbra admins or our engineers.
1 post • Page 1 of 1
Who is online
Users browsing this forum: sheshman and 40 guests