• General
  • Account lockouts - how to check? hot to clear?

I'm wondering how could one see if any account is locked-out? ...and how can this lockout be cleared?
I see nothing in DOCs nor forums (search for "lock", "lockout"... produces no useful results)

I noticed few different "lockout settings" for different protocols (web, imap...) but...
how are this lockouts enforced? Is there a way to check if a user (and protocol) is locked out? And how to clear such a situation?
Could something like fail2ban be used to "network block" access in case of detected brute-force attacks?
Any suggestions/links where i can find more info on this subject related to Grommunio?

Thanks!

Yeah... I'm also trying to put grommunio server(s) "behind stuff" with various degrees of "success"... but this login/lockout part is kinda "relevant" to Grommunio as forcing some "unrelated/standalone" authentication "in front" is rather problematic (other than relying on 40x/5xx HTTP(s) responses only, especially for non http protocols)

Yeah... source-digging is something for (nonexistent) spare time... so always resorting to "temporary" quick fixes 😉

fail2ban is "nice" on the network level... and the ip can be (easily) unbanned but on Grommunio side... I see no flags/alerts/checkboxes which could be checked or cleared...
And the problems arise when the user at the end starts complaining about "mail not working again"... with no easy way to "solve the issue"...

13 days later

user_filter has its list in memory only, so a process restart will reset it. Ideally, f2b should be used, but the log messages would need improvement e.g. to report X-Forwarded-For addresses

    jengelh
    Thanks for the details!

    Soo.... it's "all or nothing" only? Restart the service to "purge" the whole list?
    There is no way to see/check the actual list or remove some records? Some API or something (socket message)?

    © 2020-2024 grommunio GmbH. All rights reserved. | https://grommunio.com | Data Protection | Legal notice